[PATCH 0/3] lkdtm: fixes for v4.8-rc1

[PATCH 0/3] lkdtm: fixes for v4.8-rc1

[Kees Cook]

Hi Greg!

As requested, here's a patch series for 3 small fixes for lkdtm for v4.8
(instead of as a pull request).

Thanks!

-Kees

----------------------------------------------------------------
Kees Cook (2):
      lkdtm: fix false positive warning from -Wmaybe-uninitialized
      lkdtm: Fix targets for objcopy usage

Michael Ellerman (1):
      lkdtm: Mark lkdtm_rodata_do_nothing() notrace

 drivers/misc/Makefile         | 3 ++-
 drivers/misc/lkdtm_rodata.c   | 2 +-
 drivers/misc/lkdtm_usercopy.c | 2 +-
 3 files changed, 4 insertions(+), 3 deletions(-)

[PATCH 1/3] lkdtm: fix false positive warning from -Wmaybe-uninitialized

[Kees Cook]

The variable in use here doesn't matter (it's just used to exercise taking
up stack space), but this changes its use to pass its address instead,
to avoid a compiler warning:

drivers/misc/lkdtm_usercopy.c:54:15: warning: 'bad_stack' may be used uninitialized in this function [-Wmaybe-uninitialized]

Reported-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 drivers/misc/lkdtm_usercopy.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/misc/lkdtm_usercopy.c b/drivers/misc/lkdtm_usercopy.c
index 5a3fd76eec27..5525a204db93 100644
--- a/drivers/misc/lkdtm_usercopy.c
+++ b/drivers/misc/lkdtm_usercopy.c
@@ -49,7 +49,7 @@ static noinline void do_usercopy_stack(bool to_user, bool bad_frame)
 
 	/* This is a pointer to outside our current stack frame. */
 	if (bad_frame) {
-		bad_stack = do_usercopy_stack_callee((uintptr_t)bad_stack);
+		bad_stack = do_usercopy_stack_callee((uintptr_t)&bad_stack);
 	} else {
 		/* Put start address just inside stack. */
 		bad_stack = task_stack_page(current) + THREAD_SIZE;
-- 
2.7.4

[PATCH 2/3] lkdtm: Fix targets for objcopy usage

[Kees Cook]

The targets for lkdtm's objcopy were missing which caused them to always
be rebuilt. This corrects the problem.

Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 drivers/misc/Makefile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/misc/Makefile b/drivers/misc/Makefile
index 4387ccb79e64..7410c6d9a34d 100644
--- a/drivers/misc/Makefile
+++ b/drivers/misc/Makefile
@@ -69,5 +69,6 @@ OBJCOPYFLAGS :=
 OBJCOPYFLAGS_lkdtm_rodata_objcopy.o := \
 			--set-section-flags .text=alloc,readonly \
 			--rename-section .text=.rodata
-$(obj)/lkdtm_rodata_objcopy.o: $(obj)/lkdtm_rodata.o
+targets += lkdtm_rodata.o lkdtm_rodata_objcopy.o
+$(obj)/lkdtm_rodata_objcopy.o: $(obj)/lkdtm_rodata.o FORCE
 	$(call if_changed,objcopy)
-- 
2.7.4

[PATCH 3/3] lkdtm: Mark lkdtm_rodata_do_nothing() notrace

[Kees Cook]

From: Michael Ellerman <mpe@ellerman.id.au>

lkdtm_rodata_do_nothing() is an empty function which is generated in
order to test the non-executability of rodata.

Currently if function tracing is enabled then an mcount callsite will be
generated for lkdtm_rodata_do_nothing(), and it will appear in the list
of available functions for function tracing (available_filter_functions).

Given it's purpose purely as a test function, it seems preferable for
lkdtm_rodata_do_nothing() to be marked notrace, so it doesn't appear as
traceable.

This also avoids triggering a linker bug on powerpc:

  https://sourceware.org/bugzilla/show_bug.cgi?id=20428

When the linker sees code that needs to generate a call stub, eg. a
branch to mcount(), it assumes the section is executable and
dereferences a NULL pointer leading to a linker segfault. Marking
lkdtm_rodata_do_nothing() notrace avoids triggering the bug because the
function contains no other function calls.

Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 drivers/misc/lkdtm_rodata.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/misc/lkdtm_rodata.c b/drivers/misc/lkdtm_rodata.c
index 166b1db3969f..3564477b8c2d 100644
--- a/drivers/misc/lkdtm_rodata.c
+++ b/drivers/misc/lkdtm_rodata.c
@@ -4,7 +4,7 @@
  */
 #include "lkdtm.h"
 
-void lkdtm_rodata_do_nothing(void)
+void notrace lkdtm_rodata_do_nothing(void)
 {
 	/* Does nothing. We just want an architecture agnostic "return". */
 }
-- 
2.7.4

Re: [PATCH 0/3] lkdtm: fixes for v4.8-rc1

[Greg Kroah-Hartman]

On Fri, Aug 05, 2016 at 02:25:50PM -0700, Kees Cook wrote:
> Hi Greg!
> 
> As requested, here's a patch series for 3 small fixes for lkdtm for v4.8
> (instead of as a pull request).
> 
> Thanks!

Sorry for the delay.

I think I'm all caught up on lkdtm patches now, right?  If not, can you
please resend anything that I have missed?

thanks,

greg k-h

Re: [PATCH 0/3] lkdtm: fixes for v4.8-rc1

[Kees Cook]

On Wed, Aug 31, 2016 at 7:15 AM, Greg Kroah-Hartman
<gregkh@linuxfoundation.org> wrote:
> On Fri, Aug 05, 2016 at 02:25:50PM -0700, Kees Cook wrote:
>> Hi Greg!
>>
>> As requested, here's a patch series for 3 small fixes for lkdtm for v4.8
>> (instead of as a pull request).
>>
>> Thanks!
>
> Sorry for the delay.
>
> I think I'm all caught up on lkdtm patches now, right?  If not, can you
> please resend anything that I have missed?

I think Linus may have taken some of these already; please
double-check, but yes, that's it for lkdtm on v4.8. Thanks!

-Kees

-- 
Kees Cook
Nexus Security

Re: [PATCH 0/3] lkdtm: fixes for v4.8-rc1

[Greg Kroah-Hartman]

On Wed, Aug 31, 2016 at 10:46:00AM -0400, Kees Cook wrote:
> On Wed, Aug 31, 2016 at 7:15 AM, Greg Kroah-Hartman
> <gregkh@linuxfoundation.org> wrote:
> > On Fri, Aug 05, 2016 at 02:25:50PM -0700, Kees Cook wrote:
> >> Hi Greg!
> >>
> >> As requested, here's a patch series for 3 small fixes for lkdtm for v4.8
> >> (instead of as a pull request).
> >>
> >> Thanks!
> >
> > Sorry for the delay.
> >
> > I think I'm all caught up on lkdtm patches now, right?  If not, can you
> > please resend anything that I have missed?
> 
> I think Linus may have taken some of these already; please
> double-check, but yes, that's it for lkdtm on v4.8. Thanks!

Yes, he took 2, only one applied to my local tree.

thanks,

greg k-h