[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <201611160036.8vibDrnK%fengguang.wu@intel.com>
Date: Wed, 16 Nov 2016 00:25:05 +0800
From: kbuild test robot <lkp@...el.com>
To: Michael Ellerman <mpe@...erman.id.au>
Cc: kbuild-all@...org, keescook@...omium.org,
kernel-hardening@...ts.openwall.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] lkdtm: Add tests for LIST_POISON and ZERO_SIZE_PTR
Hi Michael,
[auto build test WARNING on char-misc/char-misc-testing]
[also build test WARNING on v4.9-rc5]
[cannot apply to next-20161115]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]
url: https://github.com/0day-ci/linux/commits/Michael-Ellerman/lkdtm-Add-tests-for-LIST_POISON-and-ZERO_SIZE_PTR/20161115-235441
config: i386-randconfig-x007-201646 (attached as .config)
compiler: gcc-6 (Debian 6.2.0-3) 6.2.0 20160901
reproduce:
# save the attached .config to linux build tree
make ARCH=i386
All warnings (new ones prefixed by >>):
drivers/misc/lkdtm_bugs.c: In function 'test_poison_ptr':
>> drivers/misc/lkdtm_bugs.c:178:9: warning: large integer implicitly truncated to unsigned type [-Woverflow]
*ptr = 0xdeadbeefabcd1234;
^~~~~~~~~~~~~~~~~~
vim +178 drivers/misc/lkdtm_bugs.c
162 }
163
164 /*
165 * Creating a mapping and adding mmap_min_addr to the value is cheating
166 * in a way. But it simulates the case where an attacker is able to
167 * cause an access at a small offset from the base value, leading to a
168 * user space access. If an arch doesn't define CONFIG_ILLEGAL_POINTER_VALUE
169 * then it's likely this will work in the absence of other protections.
170 */
171 ptr = mmap_min_addr + base;
172
173 pr_info("attempting read of %s %p\n", desc, ptr);
174 val = *ptr;
175 pr_info("FAIL: Was able to read %s! Got 0x%lx\n", desc, val);
176
177 pr_info("attempting write of %s %p\n", desc, ptr);
> 178 *ptr = 0xdeadbeefabcd1234;
179 pr_info("FAIL: Was able to write %s! Now = 0x%lx\n", desc, *ptr);
180
181 vm_munmap(uaddr, PAGE_SIZE);
182 }
183
184 void lkdtm_ACCESS_LIST_POISON(void)
185 {
186 test_poison_ptr(LIST_POISON1, "LIST_POISON");
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
Download attachment ".config.gz" of type "application/gzip" (24141 bytes)
Powered by blists - more mailing lists