* [PATCH] lkdtm: Prevent the compiler from optimising lkdtm_CORRUPT_STACK()
@ 2016-11-15 7:02 Michael Ellerman
2016-11-15 17:27 ` Kees Cook
0 siblings, 1 reply; 3+ messages in thread
From: Michael Ellerman @ 2016-11-15 7:02 UTC (permalink / raw)
To: keescook; +Cc: linux-kernel
At least on powerpc with GCC 6, the compiler is smart enough to optimise
lkdtm_CORRUPT_STACK() into an empty function that just returns.
If we print the buffer after we've written to it that prevents the
compiler from optimising away data and the memset().
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
---
drivers/misc/lkdtm_bugs.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/misc/lkdtm_bugs.c b/drivers/misc/lkdtm_bugs.c
index 182ae1894b32..30e62dd7e7ca 100644
--- a/drivers/misc/lkdtm_bugs.c
+++ b/drivers/misc/lkdtm_bugs.c
@@ -80,7 +80,8 @@ noinline void lkdtm_CORRUPT_STACK(void)
/* Use default char array length that triggers stack protection. */
char data[8];
- memset((void *)data, 0, 64);
+ memset((void *)data, 'a', 64);
+ pr_info("Corrupted stack with '%16s'...\n", data);
}
void lkdtm_UNALIGNED_LOAD_STORE_WRITE(void)
--
2.7.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] lkdtm: Prevent the compiler from optimising lkdtm_CORRUPT_STACK()
2016-11-15 7:02 [PATCH] lkdtm: Prevent the compiler from optimising lkdtm_CORRUPT_STACK() Michael Ellerman
@ 2016-11-15 17:27 ` Kees Cook
2016-11-15 18:27 ` Greg KH
0 siblings, 1 reply; 3+ messages in thread
From: Kees Cook @ 2016-11-15 17:27 UTC (permalink / raw)
To: Greg KH; +Cc: LKML, Michael Ellerman
On Mon, Nov 14, 2016 at 11:02 PM, Michael Ellerman <mpe@ellerman.id.au> wrote:
> At least on powerpc with GCC 6, the compiler is smart enough to optimise
> lkdtm_CORRUPT_STACK() into an empty function that just returns.
Sneaky. Thanks!
> If we print the buffer after we've written to it that prevents the
> compiler from optimising away data and the memset().
>
> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Acked-by: Kees Cook <keescook@chromium.org>
Greg, can you add this to the drivers/misc?
-Kees
> ---
> drivers/misc/lkdtm_bugs.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/misc/lkdtm_bugs.c b/drivers/misc/lkdtm_bugs.c
> index 182ae1894b32..30e62dd7e7ca 100644
> --- a/drivers/misc/lkdtm_bugs.c
> +++ b/drivers/misc/lkdtm_bugs.c
> @@ -80,7 +80,8 @@ noinline void lkdtm_CORRUPT_STACK(void)
> /* Use default char array length that triggers stack protection. */
> char data[8];
>
> - memset((void *)data, 0, 64);
> + memset((void *)data, 'a', 64);
> + pr_info("Corrupted stack with '%16s'...\n", data);
> }
>
> void lkdtm_UNALIGNED_LOAD_STORE_WRITE(void)
> --
> 2.7.4
>
--
Kees Cook
Nexus Security
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] lkdtm: Prevent the compiler from optimising lkdtm_CORRUPT_STACK()
2016-11-15 17:27 ` Kees Cook
@ 2016-11-15 18:27 ` Greg KH
0 siblings, 0 replies; 3+ messages in thread
From: Greg KH @ 2016-11-15 18:27 UTC (permalink / raw)
To: Kees Cook; +Cc: LKML, Michael Ellerman
On Tue, Nov 15, 2016 at 09:27:47AM -0800, Kees Cook wrote:
> On Mon, Nov 14, 2016 at 11:02 PM, Michael Ellerman <mpe@ellerman.id.au> wrote:
> > At least on powerpc with GCC 6, the compiler is smart enough to optimise
> > lkdtm_CORRUPT_STACK() into an empty function that just returns.
>
> Sneaky. Thanks!
>
> > If we print the buffer after we've written to it that prevents the
> > compiler from optimising away data and the memset().
> >
> > Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
>
> Acked-by: Kees Cook <keescook@chromium.org>
>
> Greg, can you add this to the drivers/misc?
Now added, thanks.
greg k-h
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-11-15 18:26 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-11-15 7:02 [PATCH] lkdtm: Prevent the compiler from optimising lkdtm_CORRUPT_STACK() Michael Ellerman
2016-11-15 17:27 ` Kees Cook
2016-11-15 18:27 ` Greg KH
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).