Thread (32 messages) 32 messages, 4 authors, 2018-03-06

Re: [PATCH 6/7] lkdtm: crash on overwriting protected pmalloc var

From: J Freyensee <hidden>
Date: 2018-03-06 17:08:30
Also in: linux-security-module, lkml


On 3/6/18 9:05 AM, J Freyensee wrote:
quoted
A  +#ifdef CONFIG_PROTECTABLE_MEMORY
+void lkdtm_WRITE_RO_PMALLOC(void)
+{
+A A A  struct gen_pool *pool;
+A A A  int *i;
+
+A A A  pool = pmalloc_create_pool("pool", 0);
+A A A  if (unlikely(!pool)) {
+A A A A A A A  pr_info("Failed preparing pool for pmalloc test.");
+A A A A A A A  return;
+A A A  }
+
+A A A  i = (int *)pmalloc(pool, sizeof(int), GFP_KERNEL);
+A A A  if (unlikely(!i)) {
+A A A A A A A  pr_info("Failed allocating memory for pmalloc test.");
+A A A A A A A  pmalloc_destroy_pool(pool);
+A A A A A A A  return;
+A A A  }
+
+A A A  *i = INT_MAX;
+A A A  pmalloc_protect_pool(pool);
+
+A A A  pr_info("attempting bad pmalloc write at %p\n", i);
+A A A  *i = 0;
Opps, disregard this, this is the last series of this patch series, not 
the most recent one :-(.


Seems harmless, but I don't get why *i local variable needs to be set 
to 0 at the end of this function.


Otherwise,

Reviewed-by: Jay Freyensee <redacted>
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help