lkdtm/stackleak: avoid spurious failure

The lkdtm_STACKLEAK_ERASING() test scans for a contiguous block of
poison values between the low stack bound and the stack pointer, and
fails if it does not find a sufficiently large block.

This can happen legitimately if the scan the low stack bound, which
could occur if functions called prior to lkdtm_STACKLEAK_ERASING() used
a large amount of stack. If this were to occur, it means that the erased
portion of the stack is smaller than the size used by the scan, but does
not cause a functional problem

In practice this is unlikely to happen, but as this is legitimate and
would not result in a functional problem, the test should not fail in
this case.

Remove the spurious failure case.

Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Cc: Alexander Popov <alex.popov@linux.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20220427173128.2603085-9-mark.rutland@arm.com
This commit is contained in:
Mark Rutland 2022-04-27 18:31:23 +01:00 committed by Kees Cook
parent 77cf2b6dee
commit 4130a61ceb

View File

@ -53,13 +53,6 @@ void lkdtm_STACKLEAK_ERASING(void)
found = 0;
}
if (found <= check_depth) {
pr_err("FAIL: the erased part is not found (checked %lu bytes)\n",
i * sizeof(unsigned long));
test_failed = true;
goto end;
}
pr_info("the erased part begins after %lu not poisoned bytes\n",
(i - found) * sizeof(unsigned long));