Re: [PATCH] lkdtm/bugs: Avoid ifdefs for DOUBLE_FAULT
From: Andy Lutomirski
Date: Wed Nov 27 2019 - 16:25:33 EST
> On Nov 27, 2019, at 11:19 AM, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>
> ïLKDTM test visibility shouldn't change, so remove the ifdefs on
> DOUBLE_FAULT and make sure test failure doesn't crash the system.
>
> Link: https://lore.kernel.org/lkml/20191127184837.GA35982@xxxxxxxxx
> Fixes: b09511c253e5 ("lkdtm: Add a DOUBLE_FAULT crash type on x86")
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
> ---
> applies on top of tip/x86/urgent
> ---
> drivers/misc/lkdtm/bugs.c | 8 +++++---
> drivers/misc/lkdtm/core.c | 4 +---
> drivers/misc/lkdtm/lkdtm.h | 2 --
> 3 files changed, 6 insertions(+), 8 deletions(-)
>
> diff --git a/drivers/misc/lkdtm/bugs.c b/drivers/misc/lkdtm/bugs.c
> index a4fdad04809a..22f5293414cc 100644
> --- a/drivers/misc/lkdtm/bugs.c
> +++ b/drivers/misc/lkdtm/bugs.c
> @@ -342,9 +342,9 @@ void lkdtm_UNSET_SMEP(void)
> #endif
> }
>
> -#ifdef CONFIG_X86_32
> void lkdtm_DOUBLE_FAULT(void)
> {
> +#ifdef CONFIG_X86_32
> /*
> * Trigger #DF by setting the stack limit to zero. This clobbers
> * a GDT TLS slot, which is okay because the current task will die
> @@ -373,6 +373,8 @@ void lkdtm_DOUBLE_FAULT(void)
> asm volatile ("movw %0, %%ss; addl $0, (%%esp)" ::
> "r" ((unsigned short)(GDT_ENTRY_TLS_MIN << 3)));
>
> - panic("tried to double fault but didn't die\n");
> -}
> + pr_err("FAIL: tried to double fault but didn't die!\n");
> +#else
> + pr_err("FAIL: this test is only available on 32-bit x86.\n");
> #endif
> +}
Iâm not familiar with the userspace tooling, but this seems unfortunate. The first FAIL is âthe test case screwed up, and itâs a bug.â The second FAIL is ânot applicable to this system.â
ISTM simply not exposing the test on systems that donât support makes sense. Can you clarify?