drivers/misc/lkdtm/stackleak.c

   1 // SPDX-License-Identifier: GPL-2.0
   2 /*
   3  * This code tests that the current task stack is properly erased (filled
   4  * with STACKLEAK_POISON).
   5  *
   6  * Authors:
   7  *   Alexander Popov <alex.popov@linux.com>
   8  *   Tycho Andersen <tycho@tycho.ws>
   9  */
  10
  11 #include "lkdtm.h"
  12 #include <linux/stackleak.h>
  13
  14 void lkdtm_STACKLEAK_ERASING(void)
  15 {
  16         unsigned long *sp, left, found, i;
  17         const unsigned long check_depth =
  18                         STACKLEAK_SEARCH_DEPTH / sizeof(unsigned long);
  19         bool test_failed = false;
  20
  21         /*
  22          * For the details about the alignment of the poison values, see
  23          * the comment in stackleak_track_stack().
  24          */
  25         sp = PTR_ALIGN(&i, sizeof(unsigned long));
  26
  27         left = ((unsigned long)sp & (THREAD_SIZE - 1)) / sizeof(unsigned long);
  28         sp--;
  29
  30         /*
  31          * One 'long int' at the bottom of the thread stack is reserved
  32          * and not poisoned.
  33          */
  34         if (left > 1) {
  35                 left--;
  36         } else {
  37                 pr_err("FAIL: not enough stack space for the test\n");
  38                 test_failed = true;
  39                 goto end;
  40         }
  41
  42         pr_info("checking unused part of the thread stack (%lu bytes)...\n",
  43                                         left * sizeof(unsigned long));
  44
  45         /*
  46          * Search for 'check_depth' poison values in a row (just like
  47          * stackleak_erase() does).
  48          */
  49         for (i = 0, found = 0; i < left && found <= check_depth; i++) {
  50                 if (*(sp - i) == STACKLEAK_POISON)
  51                         found++;
  52                 else
  53                         found = 0;
  54         }
  55
  56         if (found <= check_depth) {
  57                 pr_err("FAIL: the erased part is not found (checked %lu bytes)\n",
  58                                                 i * sizeof(unsigned long));
  59                 test_failed = true;
  60                 goto end;
  61         }
  62
  63         pr_info("the erased part begins after %lu not poisoned bytes\n",
  64                                 (i - found) * sizeof(unsigned long));
  65
  66         /* The rest of thread stack should be erased */
  67         for (; i < left; i++) {
  68                 if (*(sp - i) != STACKLEAK_POISON) {
  69                         pr_err("FAIL: bad value number %lu in the erased part: 0x%lx\n",
  70                                                                 i, *(sp - i));
  71                         test_failed = true;
  72                 }
  73         }
  74
  75 end:
  76         if (test_failed) {
  77                 pr_err("FAIL: the thread stack is NOT properly erased\n");
  78                 dump_stack();
  79         } else {
  80                 pr_info("OK: the rest of the thread stack is properly erased\n");
  81         }
  82 }