linux-kernel - [PATCH] selftests/x86/mm: fixup nx_stack test stability with SA

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite for Android: free password hash cracker in your pocket

[<prev] [next>] [day] [month] [year] [list]

Date: Fri, 15 Dec 2023 12:45:57 +0300
From: Alexey Dobriyan <adobriyan@...il.com>
To: Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>,
	Borislav Petkov <bp@...en8.de>,
	Dave Hansen <dave.hansen@...ux.intel.com>
Cc: linux-kernel@...r.kernel.org, "H. Peter Anvin" <hpa@...or.com>
Subject: [PATCH] selftests/x86/mm: fixup nx_stack test stability with
 SA_ONSTACK

I forgot that using sigaltstack(2) requires opt-in with SA_ONSTACK.

If userspace stack is NX, then the test continues to work and
reports PASS.

If there is kernel bug and some pages of userspace stack are executable,
then test can be derailed because signal stack frame contents will pass
as random instruction with unpredictable consequences.

Signed-off-by: Alexey Dobriyan <adobriyan@...il.com>
---

 tools/testing/selftests/x86/nx_stack.c |   34 ++++++++++++++++-----------------
 1 file changed, 17 insertions(+), 17 deletions(-)

--- a/tools/testing/selftests/x86/nx_stack.c
+++ b/tools/testing/selftests/x86/nx_stack.c
@@ -160,10 +160,25 @@ static void sigtrap(int _, siginfo_t *__, void *uc_)
 
 int main(void)
 {
+	{
+		/*
+		 * We don't know now much stack SIGSEGV handler uses.
+		 * Bump this by 1 page every time someone complains,
+		 * or rewrite it in assembly.
+		 */
+		const size_t len = SIGSTKSZ;
+		void *p = mmap(NULL, len, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
+		assert(p != MAP_FAILED);
+		stack_t ss = {};
+		ss.ss_sp = p;
+		ss.ss_size = len;
+		int rv = sigaltstack(&ss, NULL);
+		assert(rv == 0);
+	}
 	{
 		struct sigaction act = {};
 		sigemptyset(&act.sa_mask);
-		act.sa_flags = SA_SIGINFO;
+		act.sa_flags = SA_SIGINFO|SA_ONSTACK;
 		act.sa_sigaction = &sigsegv;
 		int rv = sigaction(SIGSEGV, &act, NULL);
 		assert(rv == 0);
@@ -171,7 +186,7 @@ int main(void)
 	{
 		struct sigaction act = {};
 		sigemptyset(&act.sa_mask);
-		act.sa_flags = SA_SIGINFO;
+		act.sa_flags = SA_SIGINFO|SA_ONSTACK;
 		act.sa_sigaction = &sigtrap;
 		int rv = sigaction(SIGTRAP, &act, NULL);
 		assert(rv == 0);
@@ -188,21 +203,6 @@ int main(void)
 		rv = setrlimit(RLIMIT_STACK, &rlim);
 		assert(rv == 0);
 	}
-	{
-		/*
-		 * We don't know now much stack SIGSEGV handler uses.
-		 * Bump this by 1 page every time someone complains,
-		 * or rewrite it in assembly.
-		 */
-		const size_t len = SIGSTKSZ;
-		void *p = mmap(NULL, len, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
-		assert(p != MAP_FAILED);
-		stack_t ss = {};
-		ss.ss_sp = p;
-		ss.ss_size = len;
-		int rv = sigaltstack(&ss, NULL);
-		assert(rv == 0);
-	}
 	make_stack1();
 	/*
 	 * Unreachable, but if _this_ INT3 is ever reached, it's a bug somewhere.