From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2A55AC5519F for ; Wed, 18 Nov 2020 20:02:39 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 7FAF8246C0 for ; Wed, 18 Nov 2020 20:02:38 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="TLIJt22h" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 7FAF8246C0 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=chromium.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id A9A156B0036; Wed, 18 Nov 2020 15:02:37 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id A49A56B005C; Wed, 18 Nov 2020 15:02:37 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 939666B005D; Wed, 18 Nov 2020 15:02:37 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0131.hostedemail.com [216.40.44.131]) by kanga.kvack.org (Postfix) with ESMTP id 6846C6B0036 for ; Wed, 18 Nov 2020 15:02:37 -0500 (EST) Received: from smtpin01.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay03.hostedemail.com (Postfix) with ESMTP id 0CC858249980 for ; Wed, 18 Nov 2020 20:02:37 +0000 (UTC) X-FDA: 77498611554.01.shake97_14162a82733c Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin01.hostedemail.com (Postfix) with ESMTP id D5DAD1004EC4E for ; Wed, 18 Nov 2020 20:02:36 +0000 (UTC) X-HE-Tag: shake97_14162a82733c X-Filterd-Recvd-Size: 5515 Received: from mail-pg1-f194.google.com (mail-pg1-f194.google.com [209.85.215.194]) by imf48.hostedemail.com (Postfix) with ESMTP for ; Wed, 18 Nov 2020 20:02:36 +0000 (UTC) Received: by mail-pg1-f194.google.com with SMTP id j19so1971755pgg.5 for ; Wed, 18 Nov 2020 12:02:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=H+tmepDnq6DBc68vTahmHQnx6N0Pdc/Kk4lEzoMPqek=; b=TLIJt22hJMxwAyYp7eCk44Jn/nQmii447dioukzZNOwnB/HGBCBxwpjvahSlHkpCbY 2mAWCW2R4D7onpZOsurPBeg0BN5X2oz7nndc1ER9chHZPBfp0cV+JLQHtq87/ekKWCVL UDOU9NTQoNwUHleihcvSX2wH8EmSSCEDbCVMg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=H+tmepDnq6DBc68vTahmHQnx6N0Pdc/Kk4lEzoMPqek=; b=dAfAJ687/HDngc5L/rMQEFbbLMUu2oH1A+WuAKpGmQ3+yqwRDQ7IhoA2PGNF6lonJg lDM0G0RCUZJ5gGw3yaF2D7sI/VdQUFSxrUcipDdJgCocOgTepCyXSdW97ePBI5AgIi1i ijrNb3i8RKXrdZ7ZzXjxjEXCD647xJun9asnkCFCWm2mAlZvShNIJF2hOhuiPefWGZbp tpFFI1DDZSTjKnrqe5/pZSqOTBHrlvAjvF+clGFVVcEI2fqHExfW1p/lZYuyjzZVy2f4 EeAhpwLu/hTPhZTJyrAEYwNPFLeNl18rIMd3mHrUWBmzPUvu7N62K+j+J3FbOvyLc+iW fUsQ== X-Gm-Message-State: AOAM530oFYlmrK5QDBHLyldJAALKux6jvB3oqzbXf7LglWBvcfKae5l6 H0H7U2Fy22U+u+Y0EYdRHIhvKQ== X-Google-Smtp-Source: ABdhPJyux3EiuAWxVk5az8ePfzPNMAe2MjTHT/rgToYWfrkEyrXaXeaaSWzsSHQvU4wbZ7YvVjrKYA== X-Received: by 2002:a17:90a:1b6f:: with SMTP id q102mr663689pjq.9.1605729755040; Wed, 18 Nov 2020 12:02:35 -0800 (PST) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id t9sm3272357pjq.46.2020.11.18.12.02.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Nov 2020 12:02:33 -0800 (PST) Date: Wed, 18 Nov 2020 12:02:32 -0800 From: Kees Cook To: laniel_francis@privacyrequired.com Cc: akpm@linux-foundation.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, dja@axtens.net Subject: Re: [PATCH v5 4/5] Add new file in LKDTM to test fortified strscpy. Message-ID: <202011181201.59B1B947A@keescook> References: <20201118110731.15833-1-laniel_francis@privacyrequired.com> <20201118110731.15833-5-laniel_francis@privacyrequired.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20201118110731.15833-5-laniel_francis@privacyrequired.com> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, Nov 18, 2020 at 12:07:30PM +0100, laniel_francis@privacyrequired.com wrote: > From: Francis Laniel > > This new test ensures that fortified strscpy has the same behavior than vanilla > strscpy (e.g. returning -E2BIG when src content is truncated). > Finally, it generates a crash at runtime because there is a write overflow in > destination string. > > Signed-off-by: Francis Laniel > Reviewed-by: Kees Cook > --- > drivers/misc/lkdtm/Makefile | 1 + > drivers/misc/lkdtm/core.c | 1 + > drivers/misc/lkdtm/fortify.c | 82 +++++++++++++++++++++++++ > drivers/misc/lkdtm/lkdtm.h | 3 + > tools/testing/selftests/lkdtm/tests.txt | 1 + > 5 files changed, 88 insertions(+) > create mode 100644 drivers/misc/lkdtm/fortify.c > > diff --git a/drivers/misc/lkdtm/Makefile b/drivers/misc/lkdtm/Makefile > index c70b3822013f..d898f7b22045 100644 > --- a/drivers/misc/lkdtm/Makefile > +++ b/drivers/misc/lkdtm/Makefile > @@ -10,6 +10,7 @@ lkdtm-$(CONFIG_LKDTM) += rodata_objcopy.o > lkdtm-$(CONFIG_LKDTM) += usercopy.o > lkdtm-$(CONFIG_LKDTM) += stackleak.o > lkdtm-$(CONFIG_LKDTM) += cfi.o > +lkdtm-$(CONFIG_LKDTM) += fortify.o > > KASAN_SANITIZE_stackleak.o := n > KCOV_INSTRUMENT_rodata.o := n > diff --git a/drivers/misc/lkdtm/core.c b/drivers/misc/lkdtm/core.c > index b8c51a633fcc..3c0a67f072c0 100644 > --- a/drivers/misc/lkdtm/core.c > +++ b/drivers/misc/lkdtm/core.c > @@ -175,6 +175,7 @@ static const struct crashtype crashtypes[] = { > CRASHTYPE(USERCOPY_KERNEL), > CRASHTYPE(STACKLEAK_ERASING), > CRASHTYPE(CFI_FORWARD_PROTO), > + CRASHTYPE(FORTIFIED_STRSCPY), > #ifdef CONFIG_X86_32 > CRASHTYPE(DOUBLE_FAULT), > #endif > diff --git a/drivers/misc/lkdtm/fortify.c b/drivers/misc/lkdtm/fortify.c > new file mode 100644 > index 000000000000..790d46591bf5 > --- /dev/null > +++ b/drivers/misc/lkdtm/fortify.c > @@ -0,0 +1,82 @@ > +// SPDX-License-Identifier: GPL-2.0 > +/* > + * Copyright (c) 2020 Francis Laniel > + * > + * Add tests related to fortified functions in this file. > + */ > +#include > +#include > +#include "lkdtm.h" Ah, I just noticed one small nit here during build testing: lkdtm.h needs to be included first to get the correct pr_fmt to avoid a warning: In file included from drivers/misc/lkdtm/fortify.c:9: drivers/misc/lkdtm/lkdtm.h:5: warning: "pr_fmt" redefined 5 | #define pr_fmt(fmt) "lkdtm: " fmt -Kees -- Kees Cook