aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorArjan van de Ven2008-07-11 05:09:55 -0700
committerIngo Molnar2008-07-11 20:32:58 +0200
commitaa92db14270b79f0f91a9060b547a46f9e2639da (patch)
tree576da2534db939abe8c71a02e3ac4fbe4833037e
parent5ce001b0e56638c726270d4f9e05d46d4250dfbb (diff)
stackprotector: better self-test
check stackprotector functionality by manipulating the canary briefly during bootup. far more robust than trying to overflow the stack. (which is architecture dependent, etc.) Signed-off-by: Ingo Molnar <mingo@elte.hu>
-rw-r--r--kernel/panic.c13
1 files changed, 5 insertions, 8 deletions
diff --git a/kernel/panic.c b/kernel/panic.c
index 6729e3f4ebcb..28153aec7100 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
@@ -347,22 +347,18 @@ static noinline void __stack_chk_test_func(void)
if ((unsigned long)__builtin_return_address(0) ==
*(((unsigned long *)&foo)+1)) {
printk(KERN_ERR "No -fstack-protector-stack-frame!\n");
- return;
}
#ifdef CONFIG_FRAME_POINTER
/* We also don't want to clobber the frame pointer */
if ((unsigned long)__builtin_return_address(0) ==
*(((unsigned long *)&foo)+2)) {
printk(KERN_ERR "No -fstack-protector-stack-frame!\n");
- return;
}
#endif
- barrier();
- if (current->stack_canary == *(((unsigned long *)&foo)+1))
- *(((unsigned long *)&foo)+1) = 0;
- else
+ if (current->stack_canary != *(((unsigned long *)&foo)+1))
printk(KERN_ERR "No -fstack-protector canary found\n");
- barrier();
+
+ current->stack_canary = ~current->stack_canary;
}
static int __stack_chk_test(void)
@@ -373,7 +369,8 @@ static int __stack_chk_test(void)
if (__stack_check_testing) {
printk(KERN_ERR "-fstack-protector-all test failed\n");
WARN_ON(1);
- }
+ };
+ current->stack_canary = ~current->stack_canary;
return 0;
}
/*