diff options
author | Kees Cook <keescook@chromium.org> | 2014-01-23 15:54:38 -0800 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2014-01-23 16:36:57 -0800 |
commit | 3e2a4c183ace8708c69f589505fb82bb63010ade (patch) | |
tree | e201c3d60f39bbe3ba5026417d454553ad2fe073 /lib/Kconfig.debug | |
parent | 93e9ef83f40603535ffe6b60498149e75f33aa8f (diff) | |
download | kernel-common-3e2a4c183ace8708c69f589505fb82bb63010ade.tar.gz kernel-common-3e2a4c183ace8708c69f589505fb82bb63010ade.tar.bz2 kernel-common-3e2a4c183ace8708c69f589505fb82bb63010ade.zip |
test: check copy_to/from_user boundary validation
To help avoid an architecture failing to correctly check kernel/user
boundaries when handling copy_to_user, copy_from_user, put_user, or
get_user, perform some simple tests and fail to load if any of them
behave unexpectedly.
Specifically, this is to make sure there is a way to notice if things
like what was fixed in commit 8404663f81d2 ("ARM: 7527/1: uaccess:
explicitly check __user pointer when !CPU_USE_DOMAINS") ever regresses
again, for any architecture.
Additionally, adds new "user" selftest target, which loads this module.
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'lib/Kconfig.debug')
-rw-r--r-- | lib/Kconfig.debug | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug index 7e37a36b6913..e0e2eebf7ab3 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -1609,6 +1609,19 @@ config TEST_MODULE If unsure, say N. +config TEST_USER_COPY + tristate "Test user/kernel boundary protections" + default n + depends on m + help + This builds the "test_user_copy" module that runs sanity checks + on the copy_to/from_user infrastructure, making sure basic + user/kernel boundary testing is working. If it fails to load, + a regression has been detected in the user/kernel memory boundary + protections. + + If unsure, say N. + source "samples/Kconfig" source "lib/Kconfig.kgdb" |