[PATCH 6/7] lkdtm: crash on overwriting protected pmalloc var
Igor Stoppa
igor.stoppa at huawei.com
Wed Mar 7 13:18:16 UTC 2018
On 06/03/18 19:20, J Freyensee wrote:
> On 2/28/18 12:06 PM, Igor Stoppa wrote:
[...]
>> void __init lkdtm_perms_init(void);
>> void lkdtm_WRITE_RO(void);
>> void lkdtm_WRITE_RO_AFTER_INIT(void);
>> +void lkdtm_WRITE_RO_PMALLOC(void);
>
> Does this need some sort of #ifdef too?
Not strictly. It's just a function declaration.
As long as it is not used, the linker will not complain.
The #ifdef placed around the use and definition is sufficient, from a
correctness perspective.
But it's a different question if there is any standard in linux about
hiding also the declaration.
I am not very fond of #ifdefs, so when I can I try to avoid them.
>> + pr_info("attempting bad pmalloc write at %p\n", i);
>> + *i = 0;
>
> OK, now I'm on the right version of this patch series, same comment
> applies. I don't get the local *i assignment at the end of the
> function, but seems harmless.
Because that's the whole point of the function: prove that pmalloc
protection works (see the message in the pr_info one line above).
The function is supposed to do:
* create a pool
* allocate memory from it
* protect it
* try to alter it (and crash)
*i = 0; performs the last step
--
igor
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list