xref: /openbmc/linux/drivers/misc/lkdtm/stackleak.c (revision b830f94f)
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * This code tests that the current task stack is properly erased (filled
4  * with STACKLEAK_POISON).
5  *
6  * Authors:
7  *   Alexander Popov <alex.popov@linux.com>
8  *   Tycho Andersen <tycho@tycho.ws>
9  */
10 
11 #include "lkdtm.h"
12 #include <linux/stackleak.h>
13 
14 void lkdtm_STACKLEAK_ERASING(void)
15 {
16 	unsigned long *sp, left, found, i;
17 	const unsigned long check_depth =
18 			STACKLEAK_SEARCH_DEPTH / sizeof(unsigned long);
19 
20 	/*
21 	 * For the details about the alignment of the poison values, see
22 	 * the comment in stackleak_track_stack().
23 	 */
24 	sp = PTR_ALIGN(&i, sizeof(unsigned long));
25 
26 	left = ((unsigned long)sp & (THREAD_SIZE - 1)) / sizeof(unsigned long);
27 	sp--;
28 
29 	/*
30 	 * One 'long int' at the bottom of the thread stack is reserved
31 	 * and not poisoned.
32 	 */
33 	if (left > 1) {
34 		left--;
35 	} else {
36 		pr_err("FAIL: not enough stack space for the test\n");
37 		return;
38 	}
39 
40 	pr_info("checking unused part of the thread stack (%lu bytes)...\n",
41 					left * sizeof(unsigned long));
42 
43 	/*
44 	 * Search for 'check_depth' poison values in a row (just like
45 	 * stackleak_erase() does).
46 	 */
47 	for (i = 0, found = 0; i < left && found <= check_depth; i++) {
48 		if (*(sp - i) == STACKLEAK_POISON)
49 			found++;
50 		else
51 			found = 0;
52 	}
53 
54 	if (found <= check_depth) {
55 		pr_err("FAIL: thread stack is not erased (checked %lu bytes)\n",
56 						i * sizeof(unsigned long));
57 		return;
58 	}
59 
60 	pr_info("first %lu bytes are unpoisoned\n",
61 				(i - found) * sizeof(unsigned long));
62 
63 	/* The rest of thread stack should be erased */
64 	for (; i < left; i++) {
65 		if (*(sp - i) != STACKLEAK_POISON) {
66 			pr_err("FAIL: thread stack is NOT properly erased\n");
67 			return;
68 		}
69 	}
70 
71 	pr_info("OK: the rest of the thread stack is properly erased\n");
72 	return;
73 }
74