lkdtm updates for v5.17-rc1

- Fix printk() usage during recursion (Ard Biesheuvel) - Fix rodata section to actually have contents (Christophe Leroy) - Add notes about lkdtm_kernel_info usage (Kees Cook) - Avoid stack-entropy selftest when LKDTM is disabled (Misono Tomohiro) -----BEGIN PGP SIGNATURE----- iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAmG700YWHGtlZXNjb29r QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJpF5EAC0yBZgDvhyfPq+gR7iKPUHQO/b O1vD7CL4FcP3C57JSwzeAMPDNYpK/gvOoIOJy6/k7fSNPSK86haboB1W+1y4blgn rNny4SSiPv8HEJj+DYxsRklstiGEwwJP9gIXRakbnWmLvU97A8ogPCVghTFQp8WM lUo05DBDYp3A17F623FPaMT0A7hJzfqkR9A2L6NiiJTt7JF5Cgjx3S+EIya7DGVv 4+n4T4KUKLxyFMR5fjW8gziIE4bUqtdzruS17wR6Gl6xiokVezdOtP7r3MeCQ3Wa lJL5RzobLI6/4AJni/2ivPnX88NSnyGLDf8zq360DEbys0jaaorHGaMpLeULiSVZ RhRWCH4lKLJ56+uBSMAUgHJJmkq1q4psp9jz8pjfTiSqHaFomTJ0JYpj8eQn8BQq 8ilQrGcNhbetRZZz1Mjc9tyEqkYtb2EgNkzUkUuf11MpcmDkZqhWodfdENCeiRBM MCZj7KzufEETH/CYL96Dcy5matvG2jhhCX3hvC7HruTsnI+P7iaPLIlWXUO7HqfF AulKHmP2B0jZ+p1sWWcNg/nvTHUb8g6IeQWjsy1SarAAkWmB3HXDgXAgrKescYfY 4sjNRmu3oNq7eKz0bREfPRlgIsF9Wt7XRH88NEYcK2xuUx19bHE7NThnn9QNN9Z5 /paTQgIhJYN+PURibg== =JLZP -----END PGP SIGNATURE----- Merge tag 'lkdtm-v5.17-rc1' of https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux into char-misc-next Kees writes: lkdtm updates for v5.17-rc1 - Fix printk() usage during recursion (Ard Biesheuvel) - Fix rodata section to actually have contents (Christophe Leroy) - Add notes about lkdtm_kernel_info usage (Kees Cook) - Avoid stack-entropy selftest when LKDTM is disabled (Misono Tomohiro) * tag 'lkdtm-v5.17-rc1' of https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: selftest/lkdtm: Skip stack-entropy test if lkdtm is not available lkdtm: Fix content of section containing lkdtm_rodata_do_nothing() lkdtm: avoid printk() in recursive_loop() lkdtm: Note that lkdtm_kernel_info should be removed in the future
2021-12-17 10:06:21 +01:00 · 2021-12-17 10:06:21 +01:00 · 3953831982
--- a/drivers/misc/lkdtm/Makefile
+++ b/drivers/misc/lkdtm/Makefile
@ -20,7 +20,7 @@ CFLAGS_REMOVE_rodata.o		+= $(CC_FLAGS_LTO)

 OBJCOPYFLAGS :=
 OBJCOPYFLAGS_rodata_objcopy.o	:= \
-			--rename-section .noinstr.text=.rodata,alloc,readonly,load
+			--rename-section .noinstr.text=.rodata,alloc,readonly,load,contents
 targets += rodata.o rodata_objcopy.o
 $(obj)/rodata_objcopy.o: $(obj)/rodata.o FORCE
 	$(call if_changed,objcopy)
--- a/drivers/misc/lkdtm/bugs.c
+++ b/drivers/misc/lkdtm/bugs.c
@ -41,20 +41,22 @@ static DEFINE_SPINLOCK(lock_me_up);
 * Make sure compiler does not optimize this function or stack frame away:
 * - function marked noinline
 * - stack variables are marked volatile
- * - stack variables are written (memset()) and read (pr_info())
- * - function has external effects (pr_info())
- * */
+ * - stack variables are written (memset()) and read (buf[..] passed as arg)
+ * - function may have external effects (memzero_explicit())
+ * - no tail recursion possible
+ */
 static int noinline recursive_loop(int remaining)
 {
 	volatile char buf[REC_STACK_SIZE];
+	volatile int ret;

 	memset((void *)buf, remaining & 0xFF, sizeof(buf));
-	pr_info("loop %d/%d ...\n", (int)buf[remaining % sizeof(buf)],
-		recur_count);
 	if (!remaining)
-		return 0;
+		ret = 0;
 	else
-		return recursive_loop(remaining - 1);
+		ret = recursive_loop((int)buf[remaining % sizeof(buf)] - 1);
+	memzero_explicit((void *)buf, sizeof(buf));
+	return ret;
 }

 /* If the depth is negative, use the default, otherwise keep parameter. */
--- a/drivers/misc/lkdtm/core.c
+++ b/drivers/misc/lkdtm/core.c
@ -212,7 +212,11 @@ module_param(cpoint_count, int, 0644);
 MODULE_PARM_DESC(cpoint_count, " Crash Point Count, number of times the "\
 				"crash point is to be hit to trigger action");

-/* For test debug reporting. */
+/*
+ * For test debug reporting when CI systems provide terse summaries.
+ * TODO: Remove this once reasonable reporting exists in most CI systems:
+ * https://lore.kernel.org/lkml/CAHk-=wiFvfkoFixTapvvyPMN9pq5G-+Dys2eSyBa1vzDGAO5+A@mail.gmail.com
+ */
 char *lkdtm_kernel_info;

 /* Return the crashtype number or NULL if the name is invalid */
--- a/tools/testing/selftests/lkdtm/stack-entropy.sh
+++ b/tools/testing/selftests/lkdtm/stack-entropy.sh
@ -4,13 +4,27 @@
 # Measure kernel stack entropy by sampling via LKDTM's REPORT_STACK test.
 set -e
 samples="${1:-1000}"
+TRIGGER=/sys/kernel/debug/provoke-crash/DIRECT
+KSELFTEST_SKIP_TEST=4
+
+# Verify we have LKDTM available in the kernel.
+if [ ! -r $TRIGGER ] ; then
+	/sbin/modprobe -q lkdtm || true
+	if [ ! -r $TRIGGER ] ; then
+		echo "Cannot find $TRIGGER (missing CONFIG_LKDTM?)"
+	else
+		echo "Cannot write $TRIGGER (need to run as root?)"
+	fi
+	# Skip this test
+	exit $KSELFTEST_SKIP_TEST
+fi

 # Capture dmesg continuously since it may fill up depending on sample size.
 log=$(mktemp -t stack-entropy-XXXXXX)
 dmesg --follow >"$log" & pid=$!
 report=-1
 for i in $(seq 1 $samples); do
-        echo "REPORT_STACK" >/sys/kernel/debug/provoke-crash/DIRECT
+        echo "REPORT_STACK" > $TRIGGER
 	if [ -t 1 ]; then
 		percent=$(( 100 * $i / $samples ))
 		if [ "$percent" -ne "$report" ]; then