aboutsummaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
authorArjan van de Ven <arjan@linux.intel.com>2008-07-11 08:09:55 -0400
committerIngo Molnar <mingo@elte.hu>2008-07-11 14:32:58 -0400
commitaa92db14270b79f0f91a9060b547a46f9e2639da (patch)
tree576da2534db939abe8c71a02e3ac4fbe4833037e /kernel
parent5ce001b0e56638c726270d4f9e05d46d4250dfbb (diff)
stackprotector: better self-test
check stackprotector functionality by manipulating the canary briefly during bootup. far more robust than trying to overflow the stack. (which is architecture dependent, etc.) Signed-off-by: Ingo Molnar <mingo@elte.hu>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/panic.c13
1 files changed, 5 insertions, 8 deletions
diff --git a/kernel/panic.c b/kernel/panic.c
index 6729e3f4ebcb..28153aec7100 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
@@ -347,22 +347,18 @@ static noinline void __stack_chk_test_func(void)
347 if ((unsigned long)__builtin_return_address(0) == 347 if ((unsigned long)__builtin_return_address(0) ==
348 *(((unsigned long *)&foo)+1)) { 348 *(((unsigned long *)&foo)+1)) {
349 printk(KERN_ERR "No -fstack-protector-stack-frame!\n"); 349 printk(KERN_ERR "No -fstack-protector-stack-frame!\n");
350 return;
351 } 350 }
352#ifdef CONFIG_FRAME_POINTER 351#ifdef CONFIG_FRAME_POINTER
353 /* We also don't want to clobber the frame pointer */ 352 /* We also don't want to clobber the frame pointer */
354 if ((unsigned long)__builtin_return_address(0) == 353 if ((unsigned long)__builtin_return_address(0) ==
355 *(((unsigned long *)&foo)+2)) { 354 *(((unsigned long *)&foo)+2)) {
356 printk(KERN_ERR "No -fstack-protector-stack-frame!\n"); 355 printk(KERN_ERR "No -fstack-protector-stack-frame!\n");
357 return;
358 } 356 }
359#endif 357#endif
360 barrier(); 358 if (current->stack_canary != *(((unsigned long *)&foo)+1))
361 if (current->stack_canary == *(((unsigned long *)&foo)+1))
362 *(((unsigned long *)&foo)+1) = 0;
363 else
364 printk(KERN_ERR "No -fstack-protector canary found\n"); 359 printk(KERN_ERR "No -fstack-protector canary found\n");
365 barrier(); 360
361 current->stack_canary = ~current->stack_canary;
366} 362}
367 363
368static int __stack_chk_test(void) 364static int __stack_chk_test(void)
@@ -373,7 +369,8 @@ static int __stack_chk_test(void)
373 if (__stack_check_testing) { 369 if (__stack_check_testing) {
374 printk(KERN_ERR "-fstack-protector-all test failed\n"); 370 printk(KERN_ERR "-fstack-protector-all test failed\n");
375 WARN_ON(1); 371 WARN_ON(1);
376 } 372 };
373 current->stack_canary = ~current->stack_canary;
377 return 0; 374 return 0;
378} 375}
379/* 376/*