|
Message-ID: <6378e63e-174f-642e-d319-1d121b74d3d7@huawei.com> Date: Wed, 7 Mar 2018 15:18:16 +0200 From: Igor Stoppa <igor.stoppa@...wei.com> To: J Freyensee <why2jjj.linux@...il.com>, <david@...morbit.com>, <willy@...radead.org>, <keescook@...omium.org>, <mhocko@...nel.org> CC: <labbott@...hat.com>, <linux-security-module@...r.kernel.org>, <linux-mm@...ck.org>, <linux-kernel@...r.kernel.org>, <kernel-hardening@...ts.openwall.com> Subject: Re: [PATCH 6/7] lkdtm: crash on overwriting protected pmalloc var On 06/03/18 19:20, J Freyensee wrote: > On 2/28/18 12:06 PM, Igor Stoppa wrote: [...] >> void __init lkdtm_perms_init(void); >> void lkdtm_WRITE_RO(void); >> void lkdtm_WRITE_RO_AFTER_INIT(void); >> +void lkdtm_WRITE_RO_PMALLOC(void); > > Does this need some sort of #ifdef too? Not strictly. It's just a function declaration. As long as it is not used, the linker will not complain. The #ifdef placed around the use and definition is sufficient, from a correctness perspective. But it's a different question if there is any standard in linux about hiding also the declaration. I am not very fond of #ifdefs, so when I can I try to avoid them. >> + pr_info("attempting bad pmalloc write at %p\n", i); >> + *i = 0; > > OK, now I'm on the right version of this patch series, same comment > applies. I don't get the local *i assignment at the end of the > function, but seems harmless. Because that's the whole point of the function: prove that pmalloc protection works (see the message in the pr_info one line above). The function is supposed to do: * create a pool * allocate memory from it * protect it * try to alter it (and crash) *i = 0; performs the last step -- igor
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.