|
|
Subscribe / Log in / New account

Kernel security: beyond bug fixing

Kernel security: beyond bug fixing

Posted Nov 6, 2015 17:42 UTC (Fri) by BenHutchings (subscriber, #37955)
In reply to: Kernel security: beyond bug fixing by thestinger
Parent article: Kernel security: beyond bug fixing

Linux 4.3 added emulation of PAN on ARMv7 (CONFIG_CPU_SW_DOMAIN_PAN), again based on memory domains. It's even enabled by default. Unfortunately it's not compatible with LPAE.

to post comments

Kernel security: beyond bug fixing

Posted Nov 6, 2015 18:50 UTC (Fri) by kees (subscriber, #27264) [Link]

Yeah, I'm glad to see that working. For people that want to see what their kernels protect against, check out CONFIG_LKDTM, which creates /sys/kernel/debug/provoke-crash/DIRECT. Just echo into it to test various things (like EXEC_USERSPACE to check your SMEP or PXN):

# cat /sys/kernel/debug/provoke-crash/DIRECT
Available crash types:
PANIC
BUG
WARNING
EXCEPTION
LOOP
OVERFLOW
CORRUPT_STACK
UNALIGNED_LOAD_STORE_WRITE
OVERWRITE_ALLOCATION
WRITE_AFTER_FREE
SOFTLOCKUP
HARDLOCKUP
SPINLOCKUP
HUNG_TASK
EXEC_DATA
EXEC_STACK
EXEC_KMALLOC
EXEC_VMALLOC
EXEC_USERSPACE
ACCESS_USERSPACE
WRITE_RO
WRITE_KERN
# echo EXEC_USERSPACE > /sys/kernel/debug/provoke-crash/DIRECT
[2594952.708824] lkdtm: Performing direct entry EXEC_USERSPACE
[2594952.708852] lkdtm: attempting ok execution at ffffffffad5b2422
[2594952.708878] lkdtm: attempting bad execution at 00007f739d328000
[2594952.708907] unable to execute userspace code (SMEP?) (uid: 0)
[2594952.708920] BUG: unable to handle kernel paging request at 00007f739d328000
[2594952.708939] IP: [<00007f739d328000>] 0x7f739d328000
[2594952.708958] PGD 254a3f067 PUD 2732b0067 PMD 255bba067 PTE 248510067
[2594952.708981] Oops: 0011 [#1] SMP


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds