From: Kevin Hilman <khilman@kernel.org>
To: Kees Cook <keescook@chromium.org>
Cc: info@kernelci.org,
Russell King - ARM Linux <linux@arm.linux.org.uk>,
Laura Abbott <labbott@fedoraproject.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will.deacon@arm.com>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
LKML <linux-kernel@vger.kernel.org>,
Linux-MM <linux-mm@kvack.org>, Laura Abbott <labbott@redhat.com>,
Shuah Khan <shuahkh@osg.samsung.com>,
Tyler Baker <tyler.baker@linaro.org>
Subject: Re: [PATCH] arm: Use kernel mm when updating section permissions
Date: Fri, 06 Nov 2015 13:06:30 -0800 [thread overview]
Message-ID: <7h8u6ahm7d.fsf@deeprootsystems.com> (raw)
In-Reply-To: <CAGXu5j+U-Q2R1Hw4qSPpFUKz3xyYrASGc5buMJTSy0K-3mWHBA@mail.gmail.com> (Kees Cook's message of "Fri, 6 Nov 2015 12:28:58 -0800")
Kees Cook <keescook@chromium.org> writes:
> On Fri, Nov 6, 2015 at 12:11 PM, Kevin Hilman <khilman@kernel.org> wrote:
>> On Fri, Nov 6, 2015 at 11:12 AM, Kees Cook <keescook@chromium.org> wrote:
>>
>> [...]
>>
>>> Hi Kevin and Kernel CI folks,
>>>
>>> Could lkdtm get added to the kernel-CI workflows? Extracting and
>>> validating Oops details when poking lkdtm would be extremely valuable
>>> for these cases. :)
>>
>> Yeah, we can add that.
>>
>> What arches should we expect this to be working on? For starters
>
> This is a great question. ;) They're a mix of CONFIG and hardware
> feature specific, so probably they should be run on all architectures
> and we can figure out what's missing in each case.
>
> Everything built with CONFIG_DEBUG_RODATA should pass these:
>
> WRITE_RO
> WRITE_KERN
> EXEC_DATA
> EXEC_STACK
> EXEC_KMALLOC
> EXEC_VMALLOC
>
> But architectures without CONFIG_DEBUG_RODATA should be shamed. ;)
>
> Passing EXEC_USERSPACE requires SMEP on x86, and PXN on arm64.
> Passing ACCESS_USERSPACE rquires SMAP on x86, and PAN on arm64.
>
> The recent PAN emulation CONFIG_CPU_SW_DOMAIN_PAN on non-LPAE arm
> should cover ACCESS_USERSPACE too, and maybe EXEC_USERSPACE, but I
> haven't taken a close look.
A quick test on arm32 and both ACCESS_ and EXEC_USERSPACE tests pass
(meaning they trigger the WARNs).
> It might be useful, frankly, to test everything in lkdtm.
So I gave this a quick spin on an ARM board (qcom-apq8064-ifc6410)
using a dumb script[1] (for now avoiding the tests that cause a lockup
so I can test multiple features without a reboot.) Seems like most of
them are producing a failure.
However, this got me to thinking that one should probably write a
kselftest for this feature, and catch quite a few issues with the ones
that don't cause a hard lockup. One would just need to be a bit smarter
than my script and do something to trap SIG* (or the parent catching
SIGCHLD) in order to be able to help determine failure, then grab the
dmesg and log it.
Having these test integrated into kselftest, and maintained along with
the the kernel features would be *way* better than trying to maintain a
set of tests in kernel CI for this feature, since right now we're
working just building/running all the selftests automatically.
What do you think about coming up with a kselftest for this stuff? At
least the non-lockup stuff?
I'm not volunteering to write up the kselftest, but I will guarantee
that it get run on a broad range of boards once it exists. :)
Kevin
[1]
#!/bin/sh
crash_test_dummy() {
echo $1> /sys/kernel/debug/provoke-crash/DIRECT
}
# Find all the tests that don't lockup
TESTS=$(cat /sys/kernel/debug/provoke-crash/DIRECT |grep -v types| grep -v LOCK |grep -v PANIC)
for test in $TESTS; do
echo "Performing test: $test"
crash_test_dummy $test &
sleep 1
done
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2015-11-06 21:06 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-05 1:00 Laura Abbott
2015-11-05 1:06 ` Kees Cook
2015-11-05 1:13 ` Kees Cook
2015-11-05 9:46 ` Russell King - ARM Linux
2015-11-05 16:20 ` Laura Abbott
2015-11-05 16:27 ` Russell King - ARM Linux
2015-11-06 1:05 ` Laura Abbott
2015-11-06 1:15 ` Kees Cook
2015-11-06 18:44 ` Laura Abbott
2015-11-06 19:08 ` Kees Cook
2015-11-06 19:12 ` Kees Cook
2015-11-06 20:11 ` Kevin Hilman
2015-11-06 20:28 ` Kees Cook
2015-11-06 21:06 ` Kevin Hilman [this message]
2015-11-06 21:19 ` Kees Cook
2015-11-06 22:37 ` Kevin Hilman
2015-11-06 23:05 ` Kevin Hilman
2015-11-06 23:47 ` Kees Cook
2015-11-06 20:46 ` Russell King - ARM Linux
2015-11-06 23:41 ` Laura Abbott
2015-11-06 23:49 ` Kees Cook
2015-11-07 0:20 ` Laura Abbott
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7h8u6ahm7d.fsf@deeprootsystems.com \
--to=khilman@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=info@kernelci.org \
--cc=keescook@chromium.org \
--cc=labbott@fedoraproject.org \
--cc=labbott@redhat.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux@arm.linux.org.uk \
--cc=shuahkh@osg.samsung.com \
--cc=tyler.baker@linaro.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox