| David Brazdil | 0f672f6 | 2019-12-10 10:32:29 +0000 | [diff] [blame] | 1 | // SPDX-License-Identifier: GPL-2.0 |
| 2 | /* |
| 3 | * This code tests that the current task stack is properly erased (filled |
| 4 | * with STACKLEAK_POISON). |
| 5 | * |
| 6 | * Authors: |
| 7 | * Alexander Popov <alex.popov@linux.com> |
| 8 | * Tycho Andersen <tycho@tycho.ws> |
| 9 | */ |
| 10 | |
| 11 | #include "lkdtm.h" |
| 12 | #include <linux/stackleak.h> |
| 13 | |
| 14 | void lkdtm_STACKLEAK_ERASING(void) |
| 15 | { |
| 16 | unsigned long *sp, left, found, i; |
| 17 | const unsigned long check_depth = |
| 18 | STACKLEAK_SEARCH_DEPTH / sizeof(unsigned long); |
| Olivier Deprez | 157378f | 2022-04-04 15:47:50 +0200 | [diff] [blame^] | 19 | bool test_failed = false; |
| David Brazdil | 0f672f6 | 2019-12-10 10:32:29 +0000 | [diff] [blame] | 20 | |
| 21 | /* |
| 22 | * For the details about the alignment of the poison values, see |
| 23 | * the comment in stackleak_track_stack(). |
| 24 | */ |
| 25 | sp = PTR_ALIGN(&i, sizeof(unsigned long)); |
| 26 | |
| 27 | left = ((unsigned long)sp & (THREAD_SIZE - 1)) / sizeof(unsigned long); |
| 28 | sp--; |
| 29 | |
| 30 | /* |
| 31 | * One 'long int' at the bottom of the thread stack is reserved |
| 32 | * and not poisoned. |
| 33 | */ |
| 34 | if (left > 1) { |
| 35 | left--; |
| 36 | } else { |
| 37 | pr_err("FAIL: not enough stack space for the test\n"); |
| Olivier Deprez | 157378f | 2022-04-04 15:47:50 +0200 | [diff] [blame^] | 38 | test_failed = true; |
| 39 | goto end; |
| David Brazdil | 0f672f6 | 2019-12-10 10:32:29 +0000 | [diff] [blame] | 40 | } |
| 41 | |
| 42 | pr_info("checking unused part of the thread stack (%lu bytes)...\n", |
| 43 | left * sizeof(unsigned long)); |
| 44 | |
| 45 | /* |
| 46 | * Search for 'check_depth' poison values in a row (just like |
| 47 | * stackleak_erase() does). |
| 48 | */ |
| 49 | for (i = 0, found = 0; i < left && found <= check_depth; i++) { |
| 50 | if (*(sp - i) == STACKLEAK_POISON) |
| 51 | found++; |
| 52 | else |
| 53 | found = 0; |
| 54 | } |
| 55 | |
| 56 | if (found <= check_depth) { |
| Olivier Deprez | 157378f | 2022-04-04 15:47:50 +0200 | [diff] [blame^] | 57 | pr_err("FAIL: the erased part is not found (checked %lu bytes)\n", |
| David Brazdil | 0f672f6 | 2019-12-10 10:32:29 +0000 | [diff] [blame] | 58 | i * sizeof(unsigned long)); |
| Olivier Deprez | 157378f | 2022-04-04 15:47:50 +0200 | [diff] [blame^] | 59 | test_failed = true; |
| 60 | goto end; |
| David Brazdil | 0f672f6 | 2019-12-10 10:32:29 +0000 | [diff] [blame] | 61 | } |
| 62 | |
| Olivier Deprez | 157378f | 2022-04-04 15:47:50 +0200 | [diff] [blame^] | 63 | pr_info("the erased part begins after %lu not poisoned bytes\n", |
| David Brazdil | 0f672f6 | 2019-12-10 10:32:29 +0000 | [diff] [blame] | 64 | (i - found) * sizeof(unsigned long)); |
| 65 | |
| 66 | /* The rest of thread stack should be erased */ |
| 67 | for (; i < left; i++) { |
| 68 | if (*(sp - i) != STACKLEAK_POISON) { |
| Olivier Deprez | 157378f | 2022-04-04 15:47:50 +0200 | [diff] [blame^] | 69 | pr_err("FAIL: bad value number %lu in the erased part: 0x%lx\n", |
| 70 | i, *(sp - i)); |
| 71 | test_failed = true; |
| David Brazdil | 0f672f6 | 2019-12-10 10:32:29 +0000 | [diff] [blame] | 72 | } |
| 73 | } |
| 74 | |
| Olivier Deprez | 157378f | 2022-04-04 15:47:50 +0200 | [diff] [blame^] | 75 | end: |
| 76 | if (test_failed) { |
| 77 | pr_err("FAIL: the thread stack is NOT properly erased\n"); |
| 78 | dump_stack(); |
| 79 | } else { |
| 80 | pr_info("OK: the rest of the thread stack is properly erased\n"); |
| 81 | } |
| David Brazdil | 0f672f6 | 2019-12-10 10:32:29 +0000 | [diff] [blame] | 82 | } |