lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 2 Jan 2020 02:26:39 +0300
From:   Alexander Popov <alex.popov@...ux.com>
To:     Kees Cook <keescook@...omium.org>
Cc:     Arnd Bergmann <arnd@...db.de>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        linux-kernel@...r.kernel.org, notify@...nel.org
Subject: Re: [PATCH v1 1/1] lkdtm/stackleak: Make the stack erasing test more
 verbose

On 31.12.2019 01:46, Kees Cook wrote:
> On Tue, Dec 31, 2019 at 01:20:24AM +0300, Alexander Popov wrote:
>> On 30.12.2019 21:37, Kees Cook wrote:
>>> Hi! I try to keep the "success" conditions for LKDTM tests to be a
>>> system exception, so doing "BUG" on a failure is actually against the
>>> design. So, really, a test harness needs to know to check dmesg for the
>>> results here. It almost looks like this check shouldn't live in LKDTM,
>>> but since it feels like other LKDTM tests, I'm happy to keep it there
>>> for now.
>>
>> Do you mean that you will apply this patch?
> 
> Sorry for my confusing reply! I meant that I don't want to apply the
> patch, but I'm find to leave the stackleak check in LKDTM.

Kees, I think I see a solution.

Would you agree if I use dump_stack() instead of BUG() in case of test failure?
That would provide enough info for debugging and would NOT break your design.

Thanks,
Alexander

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ