linux/drivers/misc/lkdtm/stackleak.c
Linus Torvalds 6f9b5ed8ca Char / Misc / Other smaller driver subsystem updates for 5.19-rc1
Here is the large set of char, misc, and other driver subsystem updates
 for 5.19-rc1.  The merge request for this has been delayed as I wanted
 to get lots of linux-next testing due to some late arrivals of changes
 for the habannalabs driver.
 
 Highlights of this merge are:
 	- habanalabs driver updates for new hardware types and fixes and
 	  other updates
 	- IIO driver tree merge which includes loads of new IIO drivers
 	  and cleanups and additions
 	- PHY driver tree merge with new drivers and small updates to
 	  existing ones
 	- interconnect driver tree merge with fixes and updates
 	- soundwire driver tree merge with some small fixes
 	- coresight driver tree merge with small fixes and updates
 	- mhi bus driver tree merge with lots of updates and new device
 	  support
 	- firmware driver updates
 	- fpga driver updates
 	- lkdtm driver updates (with a merge conflict, more on that
 	  below)
 	- extcon driver tree merge with small updates
 	- lots of other tiny driver updates and fixes and cleanups, full
 	  details in the shortlog.
 
 All of these have been in linux-next for almost 2 weeks with no reported
 problems.
 
 Note, there are 3 merge conflicts when merging this with your tree:
 	- MAINTAINERS, should be easy to resolve
 	- drivers/slimbus/qcom-ctrl.c, should be straightforward
 	  resolution
 	- drivers/misc/lkdtm/stackleak.c, not an easy resolution.  This
 	  has been noted in the linux-next tree for a while, and
 	  resolved there, here's a link to the resolution that Stephen
 	  came up with and that Kees says is correct:
 	  	https://lore.kernel.org/r/20220509185344.3fe1a354@canb.auug.org.au
 
 I will be glad to provide a merge point that contains these resolutions
 if that makes things any easier for you.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCYpnkbA8cZ3JlZ0Brcm9h
 aC5jb20ACgkQMUfUDdst+ylOrgCggbbAFwESBY9o2YfpG+2VOLpc0GAAoJgY1XN8
 P/gumbLEpFvoBZ5xLIW8
 =KCgk
 -----END PGP SIGNATURE-----

Merge tag 'char-misc-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc

Pull char / misc / other smaller driver subsystem updates from Greg KH:
 "Here is the large set of char, misc, and other driver subsystem
  updates for 5.19-rc1. The merge request for this has been delayed as I
  wanted to get lots of linux-next testing due to some late arrivals of
  changes for the habannalabs driver.

  Highlights of this merge are:

   - habanalabs driver updates for new hardware types and fixes and
     other updates

   - IIO driver tree merge which includes loads of new IIO drivers and
     cleanups and additions

   - PHY driver tree merge with new drivers and small updates to
     existing ones

   - interconnect driver tree merge with fixes and updates

   - soundwire driver tree merge with some small fixes

   - coresight driver tree merge with small fixes and updates

   - mhi bus driver tree merge with lots of updates and new device
     support

   - firmware driver updates

   - fpga driver updates

   - lkdtm driver updates (with a merge conflict, more on that below)

   - extcon driver tree merge with small updates

   - lots of other tiny driver updates and fixes and cleanups, full
     details in the shortlog.

  All of these have been in linux-next for almost 2 weeks with no
  reported problems"

* tag 'char-misc-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (387 commits)
  habanalabs: use separate structure info for each error collect data
  habanalabs: fix missing handle shift during mmap
  habanalabs: remove hdev from hl_ctx_get args
  habanalabs: do MMU prefetch as deferred work
  habanalabs: order memory manager messages
  habanalabs: return -EFAULT on copy_to_user error
  habanalabs: use NULL for eventfd
  habanalabs: update firmware header
  habanalabs: add support for notification via eventfd
  habanalabs: add topic to memory manager buffer
  habanalabs: handle race in driver fini
  habanalabs: add device memory scrub ability through debugfs
  habanalabs: use unified memory manager for CB flow
  habanalabs: unified memory manager new code for CB flow
  habanalabs/gaudi: set arbitration timeout to a high value
  habanalabs: add put by handle method to memory manager
  habanalabs: hide memory manager page shift
  habanalabs: Add separate poll interval value for protocol
  habanalabs: use get_task_pid() to take PID
  habanalabs: add prefetch flag to the MAP operation
  ...
2022-06-03 11:36:34 -07:00

145 lines
4.8 KiB
C

// SPDX-License-Identifier: GPL-2.0
/*
* This code tests that the current task stack is properly erased (filled
* with STACKLEAK_POISON).
*
* Authors:
* Alexander Popov <alex.popov@linux.com>
* Tycho Andersen <tycho@tycho.ws>
*/
#include "lkdtm.h"
#include <linux/stackleak.h>
#if defined(CONFIG_GCC_PLUGIN_STACKLEAK)
/*
* Check that stackleak tracks the lowest stack pointer and erases the stack
* below this as expected.
*
* To prevent the lowest stack pointer changing during the test, IRQs are
* masked and instrumentation of this function is disabled. We assume that the
* compiler will create a fixed-size stack frame for this function.
*
* Any non-inlined function may make further use of the stack, altering the
* lowest stack pointer and/or clobbering poison values. To avoid spurious
* failures we must avoid printing until the end of the test or have already
* encountered a failure condition.
*/
static void noinstr check_stackleak_irqoff(void)
{
const unsigned long task_stack_base = (unsigned long)task_stack_page(current);
const unsigned long task_stack_low = stackleak_task_low_bound(current);
const unsigned long task_stack_high = stackleak_task_high_bound(current);
const unsigned long current_sp = current_stack_pointer;
const unsigned long lowest_sp = current->lowest_stack;
unsigned long untracked_high;
unsigned long poison_high, poison_low;
bool test_failed = false;
/*
* Check that the current and lowest recorded stack pointer values fall
* within the expected task stack boundaries. These tests should never
* fail unless the boundaries are incorrect or we're clobbering the
* STACK_END_MAGIC, and in either casee something is seriously wrong.
*/
if (current_sp < task_stack_low || current_sp >= task_stack_high) {
pr_err("FAIL: current_stack_pointer (0x%lx) outside of task stack bounds [0x%lx..0x%lx]\n",
current_sp, task_stack_low, task_stack_high - 1);
test_failed = true;
goto out;
}
if (lowest_sp < task_stack_low || lowest_sp >= task_stack_high) {
pr_err("FAIL: current->lowest_stack (0x%lx) outside of task stack bounds [0x%lx..0x%lx]\n",
lowest_sp, task_stack_low, task_stack_high - 1);
test_failed = true;
goto out;
}
/*
* Depending on what has run prior to this test, the lowest recorded
* stack pointer could be above or below the current stack pointer.
* Start from the lowest of the two.
*
* Poison values are naturally-aligned unsigned longs. As the current
* stack pointer might not be sufficiently aligned, we must align
* downwards to find the lowest known stack pointer value. This is the
* high boundary for a portion of the stack which may have been used
* without being tracked, and has to be scanned for poison.
*/
untracked_high = min(current_sp, lowest_sp);
untracked_high = ALIGN_DOWN(untracked_high, sizeof(unsigned long));
/*
* Find the top of the poison in the same way as the erasing code.
*/
poison_high = stackleak_find_top_of_poison(task_stack_low, untracked_high);
/*
* Check whether the poisoned portion of the stack (if any) consists
* entirely of poison. This verifies the entries that
* stackleak_find_top_of_poison() should have checked.
*/
poison_low = poison_high;
while (poison_low > task_stack_low) {
poison_low -= sizeof(unsigned long);
if (*(unsigned long *)poison_low == STACKLEAK_POISON)
continue;
pr_err("FAIL: non-poison value %lu bytes below poison boundary: 0x%lx\n",
poison_high - poison_low, *(unsigned long *)poison_low);
test_failed = true;
}
pr_info("stackleak stack usage:\n"
" high offset: %lu bytes\n"
" current: %lu bytes\n"
" lowest: %lu bytes\n"
" tracked: %lu bytes\n"
" untracked: %lu bytes\n"
" poisoned: %lu bytes\n"
" low offset: %lu bytes\n",
task_stack_base + THREAD_SIZE - task_stack_high,
task_stack_high - current_sp,
task_stack_high - lowest_sp,
task_stack_high - untracked_high,
untracked_high - poison_high,
poison_high - task_stack_low,
task_stack_low - task_stack_base);
out:
if (test_failed) {
pr_err("FAIL: the thread stack is NOT properly erased!\n");
} else {
pr_info("OK: the rest of the thread stack is properly erased\n");
}
}
static void lkdtm_STACKLEAK_ERASING(void)
{
unsigned long flags;
local_irq_save(flags);
check_stackleak_irqoff();
local_irq_restore(flags);
}
#else /* defined(CONFIG_GCC_PLUGIN_STACKLEAK) */
static void lkdtm_STACKLEAK_ERASING(void)
{
if (IS_ENABLED(CONFIG_HAVE_ARCH_STACKLEAK)) {
pr_err("XFAIL: stackleak is not enabled (CONFIG_GCC_PLUGIN_STACKLEAK=n)\n");
} else {
pr_err("XFAIL: stackleak is not supported on this arch (HAVE_ARCH_STACKLEAK=n)\n");
}
}
#endif /* defined(CONFIG_GCC_PLUGIN_STACKLEAK) */
static struct crashtype crashtypes[] = {
CRASHTYPE(STACKLEAK_ERASING),
};
struct crashtype_category stackleak_crashtypes = {
.crashtypes = crashtypes,
.len = ARRAY_SIZE(crashtypes),
};