# git rev-parse -q --verify 7efd182a94e167c2cb0187009ae1fffa8c485e97^{commit} 7efd182a94e167c2cb0187009ae1fffa8c485e97 already have revision, skipping fetch # git checkout -q -f -B kisskb 7efd182a94e167c2cb0187009ae1fffa8c485e97 # git clean -qxdf # < git log -1 # commit 7efd182a94e167c2cb0187009ae1fffa8c485e97 # Author: Christophe Leroy # Date: Wed Oct 13 17:09:54 2021 +0200 # # lkdtm: Add a test for function descriptors protection # # Add WRITE_OPD to check that you can't modify function # descriptors. # # Gives the following result when function descriptors are # not protected: # # lkdtm: Performing direct entry WRITE_OPD # lkdtm: attempting bad 16 bytes write at c00000000269b358 # lkdtm: FAIL: survived bad write # lkdtm: do_nothing was hijacked! # # Looks like a standard compiler barrier() is not enough to force # GCC to use the modified function descriptor. Had to add a fake empty # inline assembly to force GCC to reload the function descriptor. # # Signed-off-by: Christophe Leroy # Acked-by: Kees Cook # < /opt/cross/kisskb/korg/gcc-11.1.0-nolibc/aarch64-linux/bin/aarch64-linux-gcc --version # < /opt/cross/kisskb/korg/gcc-11.1.0-nolibc/aarch64-linux/bin/aarch64-linux-ld --version # < git log --format=%s --max-count=1 7efd182a94e167c2cb0187009ae1fffa8c485e97 # < make -s -j 80 ARCH=arm64 O=/kisskb/build/chleroy_arm64-defconfig_arm64-gcc11 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-11.1.0-nolibc/aarch64-linux/bin/aarch64-linux- defconfig # < make -s -j 80 ARCH=arm64 O=/kisskb/build/chleroy_arm64-defconfig_arm64-gcc11 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-11.1.0-nolibc/aarch64-linux/bin/aarch64-linux- help # make -s -j 80 ARCH=arm64 O=/kisskb/build/chleroy_arm64-defconfig_arm64-gcc11 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-11.1.0-nolibc/aarch64-linux/bin/aarch64-linux- olddefconfig # make -s -j 80 ARCH=arm64 O=/kisskb/build/chleroy_arm64-defconfig_arm64-gcc11 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-11.1.0-nolibc/aarch64-linux/bin/aarch64-linux- Completed OK # rm -rf /kisskb/build/chleroy_arm64-defconfig_arm64-gcc11 # Build took: 0:08:14.957822