[PATCH 6/7] lkdtm: crash on overwriting protected pmalloc var

J Freyensee why2jjj.linux at gmail.com
Tue Mar 6 17:08:30 UTC 2018



On 3/6/18 9:05 AM, J Freyensee wrote:
>
>>   +#ifdef CONFIG_PROTECTABLE_MEMORY
>> +void lkdtm_WRITE_RO_PMALLOC(void)
>> +{
>> +    struct gen_pool *pool;
>> +    int *i;
>> +
>> +    pool = pmalloc_create_pool("pool", 0);
>> +    if (unlikely(!pool)) {
>> +        pr_info("Failed preparing pool for pmalloc test.");
>> +        return;
>> +    }
>> +
>> +    i = (int *)pmalloc(pool, sizeof(int), GFP_KERNEL);
>> +    if (unlikely(!i)) {
>> +        pr_info("Failed allocating memory for pmalloc test.");
>> +        pmalloc_destroy_pool(pool);
>> +        return;
>> +    }
>> +
>> +    *i = INT_MAX;
>> +    pmalloc_protect_pool(pool);
>> +
>> +    pr_info("attempting bad pmalloc write at %p\n", i);
>> +    *i = 0;
>

Opps, disregard this, this is the last series of this patch series, not 
the most recent one :-(.



> Seems harmless, but I don't get why *i local variable needs to be set 
> to 0 at the end of this function.
>
>
> Otherwise,
>
> Reviewed-by: Jay Freyensee <why2jjj.linux at gmail.com>
>

--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html



More information about the Linux-security-module-archive mailing list