Re: [PATCH v2 09/13] lkdtm/stackleak: rework boundary management

From: Kees Cook
Date: Wed May 04 2022 - 15:08:11 EST

Next message: Paolo Bonzini: "Re: [PATCH] KVM: x86/mmu: Do not create SPTEs for GFNs that exceed host.MAXPHYADDR"
Previous message: Christian Schoenebeck: "Re: 9p EBADF with cache enabled (Was: 9p fs-cache tests/benchmark (was: 9p fscache Duplicate cookie detected))"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Apr 27, 2022 at 06:31:24PM +0100, Mark Rutland wrote:
> There are a few problems with the way the LKDTM STACKLEAK_ERASING test
> manipulates the stack pointer and boundary values:
>
> * It uses the address of a local variable to determine the current stack
> pointer, rather than using current_stack_pointer directly. As the
> local variable could be placed anywhere within the stack frame, this
> can be an over-estimate of the true stack pointer value.
>
> * Is uses an estiamte of the current stack pointer as the upper boundary
> when scanning for poison, even though prior functions could have used
> more stack (and may have updated current->lowest stack accordingly).
>
> * A pr_info() call is made in the middle of the test. As the printk()
> code is out-of-line and will make use of the stack, this could clobber
> poison and/or adjust current->lowest_stack. It would be better to log
> the metadata after the body of the test to avoid such problems.

Yeah, I noticed this too when I was testing the v1 series. I started
cleaning it up, but your version is much better. :)

--
Kees Cook

Next message: Paolo Bonzini: "Re: [PATCH] KVM: x86/mmu: Do not create SPTEs for GFNs that exceed host.MAXPHYADDR"
Previous message: Christian Schoenebeck: "Re: 9p EBADF with cache enabled (Was: 9p fs-cache tests/benchmark (was: 9p fscache Duplicate cookie detected))"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]