Re: [PATCH 1/2] selftests/lkdtm: add config and turn off CFI_FORWARD_PROTO

From: Muhammad Usama Anjum
Date: Tue Mar 08 2022 - 06:17:24 EST

Next message: Maxime Ripard: "Re: (subset) [PATCH] drm/bridge: nxp-ptn3460: switch to devm_drm_of_get_bridge"
Previous message: Jarkko Sakkinen: "Re: [PATCH RFC v2 1/3] mm: Add f_op->populate() for populating memory outside of core mm"
Next in thread: Kees Cook: "Re: [PATCH 1/2] selftests/lkdtm: add config and turn off CFI_FORWARD_PROTO"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Reminder!

On 2/28/22 12:06 PM, Muhammad Usama Anjum wrote:
> Hi,
>
> Any thoughts?
>
> On 2/18/22 1:56 AM, Muhammad Usama Anjum wrote:
>> Add config options which are needed for LKDTM sub-tests.
>> STACKLEAK_ERASING test needs GCC_PLUGIN_STACKLEAK config.
>> READ_AFTER_FREE and READ_BUDDY_AFTER_FREE tests need
>> INIT_ON_FREE_DEFAULT_ON config.
>>
>> CFI_FORWARD_PROTO always fails as there is no active CFI system of some
>> kind. Turn it off for now by default until proper support.
>>
>> Cc: Kees Cook <keescook@xxxxxxxxxxxx>
>> Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
>> Fixes: 46d1a0f03d66 ("selftests/lkdtm: Add tests for LKDTM targets")
>> Signed-off-by: Muhammad Usama Anjum <usama.anjum@xxxxxxxxxxxxx>
>> ---
>> tools/testing/selftests/lkdtm/config | 2 ++
>> tools/testing/selftests/lkdtm/tests.txt | 2 +-
>> 2 files changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/tools/testing/selftests/lkdtm/config b/tools/testing/selftests/lkdtm/config
>> index 46f39ee762086..adc9fa60057c5 100644
>> --- a/tools/testing/selftests/lkdtm/config
>> +++ b/tools/testing/selftests/lkdtm/config
>> @@ -2,8 +2,10 @@ CONFIG_LKDTM=y
>> CONFIG_DEBUG_LIST=y
>> CONFIG_SLAB_FREELIST_HARDENED=y
>> CONFIG_FORTIFY_SOURCE=y
>> +CONFIG_GCC_PLUGIN_STACKLEAK=y
>> CONFIG_HARDENED_USERCOPY=y
>> CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT=y
>> +CONFIG_INIT_ON_FREE_DEFAULT_ON=y
>> CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y
>> CONFIG_UBSAN=y
>> CONFIG_UBSAN_BOUNDS=y
>> diff --git a/tools/testing/selftests/lkdtm/tests.txt b/tools/testing/selftests/lkdtm/tests.txt
>> index 6b36b7f5dcf96..aa947b0ce1eeb 100644
>> --- a/tools/testing/selftests/lkdtm/tests.txt
>> +++ b/tools/testing/selftests/lkdtm/tests.txt
>> @@ -72,7 +72,7 @@ USERCOPY_STACK_FRAME_FROM
>> USERCOPY_STACK_BEYOND
>> USERCOPY_KERNEL
>> STACKLEAK_ERASING OK: the rest of the thread stack is properly erased
>> -CFI_FORWARD_PROTO
>> +#CFI_FORWARD_PROTO
>> FORTIFIED_STRSCPY
>> FORTIFIED_OBJECT
>> FORTIFIED_SUBOBJECT

Next message: Maxime Ripard: "Re: (subset) [PATCH] drm/bridge: nxp-ptn3460: switch to devm_drm_of_get_bridge"
Previous message: Jarkko Sakkinen: "Re: [PATCH RFC v2 1/3] mm: Add f_op->populate() for populating memory outside of core mm"
Next in thread: Kees Cook: "Re: [PATCH 1/2] selftests/lkdtm: add config and turn off CFI_FORWARD_PROTO"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]