From e22aa9d781a27a961581c57442911309fb86a48e Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Fri, 24 Mar 2017 10:51:25 -0700 Subject: lkdtm: add bad USER_DS test This adds CORRUPT_USER_DS to check that the get_fs() test on syscall return (via __VERIFY_PRE_USERMODE_STATE) still sees USER_DS. Since trying to deal with values other than USER_DS and KERNEL_DS across all architectures in a safe way is not sensible, this sets KERNEL_DS, but since that could be extremely dangerous if the protection is not present, it also raises SIGKILL for current, so that no matter what, the process will die. A successful test will be visible with a BUG(), like all the other LKDTM tests. Signed-off-by: Kees Cook Signed-off-by: Greg Kroah-Hartman --- drivers/misc/lkdtm_core.c | 1 + 1 file changed, 1 insertion(+) (limited to 'drivers/misc/lkdtm_core.c') diff --git a/drivers/misc/lkdtm_core.c b/drivers/misc/lkdtm_core.c index b9a4cd4a9b68..42d2b8e31e6b 100644 --- a/drivers/misc/lkdtm_core.c +++ b/drivers/misc/lkdtm_core.c @@ -199,6 +199,7 @@ struct crashtype crashtypes[] = { CRASHTYPE(OVERFLOW), CRASHTYPE(CORRUPT_LIST_ADD), CRASHTYPE(CORRUPT_LIST_DEL), + CRASHTYPE(CORRUPT_USER_DS), CRASHTYPE(CORRUPT_STACK), CRASHTYPE(UNALIGNED_LOAD_STORE_WRITE), CRASHTYPE(OVERWRITE_ALLOCATION), -- cgit