Received: by 10.223.185.116 with SMTP id b49csp1219903wrg;
        Wed, 21 Feb 2018 14:25:41 -0800 (PST)
X-Google-Smtp-Source: AH8x226qsi2sM9yk/oTG0oVE3nSuMZvLKAgrlNJ6Sx2204qOrjlFyoMYdAXEA3L2qQ7wH9vMTmWa
X-Received: by 2002:a17:902:a5c5:: with SMTP id t5-v6mr4610179plq.160.1519251941395;
        Wed, 21 Feb 2018 14:25:41 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1519251941; cv=none;
        d=google.com; s=arc-20160816;
        b=PfsPErfDx+mJIgvrjJMrbEv7zHNnVBELm3Jq18prdYAU5ZIXE5f7wZ5QodF+YaydRN
         sTTxFFEtoCEzG0tzv0uScFEQczsA0Ye91xq9vPAuaYkMIAOTAkKW8IX5lRvQBZ42q7/r
         6YjeRbRG/ln4C842iuvG8NT8LaXidGH2B9Z8bCneQvLhbg0oLUmOmscHg6AiI93NSmnW
         ESZ5ktwJ71hUMlDa8jDWf9IZM5SZ/XZ4+DgJRI0qnXmEy7BXkpxxJ6D6fNsCW2MaZ7QQ
         errlLRpmwIJWQjNtQHtwIMXUoKoejKP8YmvuePc+qKtRyCmufxUM/s+f1QH0Ist4NwbP
         cIEw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature:dkim-signature
         :arc-authentication-results;
        bh=Wo+kXFYqhbdcohQqURSKyC3b9doTwKo1/7oUeciALDc=;
        b=LAumkVS8YCzzi4aBnd9ys0i7xdB4mVg22TEuX+OE0y9TrI2qqs1PfmVCeLsWX3mq27
         Eo6jWa1oaLvSPsiPylGQ1b5dCFFfDa7Q6qZz0+HVcmGkYvINYmCFaqkCobIcT1Ahr5vb
         rqKnPxQXKTyNXg80qbZumz/aYg8qy9I44pw59n+qIwOqbh6SnbgsB2s8mNiHPeswIPb5
         Iiy9Zb9Xm2fbQSxqz9gYgzVnh3EQ33G5YVZy+geLRewtpey2fRQDVkAYscN5Jbf00XZN
         7EQ4oFm5qw0adrIyputR5JxDiiCDIUC3BOVF22tB/gkYrlwKjtawS0gAG4+ht+pxhUhT
         2xgA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@google.com header.s=20161025 header.b=B70RrIaA;
       dkim=fail header.i=@chromium.org header.s=google header.b=TPdLN+J2;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id a12si11518358pgv.672.2018.02.21.14.25.26;
        Wed, 21 Feb 2018 14:25:41 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@google.com header.s=20161025 header.b=B70RrIaA;
       dkim=fail header.i=@chromium.org header.s=google header.b=TPdLN+J2;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751327AbeBUWYq (ORCPT <rfc822;xuyizhaos@gmail.com> + 99 others);
        Wed, 21 Feb 2018 17:24:46 -0500
Received: from mail-vk0-f43.google.com ([209.85.213.43]:42054 "EHLO
        mail-vk0-f43.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750811AbeBUWYn (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 21 Feb 2018 17:24:43 -0500
Received: by mail-vk0-f43.google.com with SMTP id y127so1958900vky.9
        for <linux-kernel@vger.kernel.org>; Wed, 21 Feb 2018 14:24:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=Wo+kXFYqhbdcohQqURSKyC3b9doTwKo1/7oUeciALDc=;
        b=B70RrIaAYlY60WijEHp+Fh/k9vwyrY+xu0V7swzTGM5d9zSIRrAIWfXMkIV8kJ/h2C
         Ldgz7FM5m7dlVTtsnULjNJDV+d0nwDyDoaeLNKIsJjvfKlWQJkltIQPFsPbtoq+B5UFu
         dwE4SsVNV2FD9VZzs4rpLXDFIuO90sxQuLkBHH7Lz/H1xzUcgb75rhDK3gZTI+edCcgt
         IEeOs9nr4iunminlb8ylBoaqUycylpGrSsYr13stum5oFQWCjEwP/resVYGc8Jx0QXjd
         DTHiOsiHLDBJZi0TNQ69gQNblXRbWPtzF3W3BlPVG5NRU7L2H/Ll+DuXljhHIvFAlmTz
         eorg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=Wo+kXFYqhbdcohQqURSKyC3b9doTwKo1/7oUeciALDc=;
        b=TPdLN+J2ZVqsKP8K1Y0QNtidrFXbnEkv6mHtGa9pKSv5cxDvupM3mseLS0l8ElsTFR
         tPQnumpjo3B0ZXJPRSYlOm1lnii1rXjTgHOTG4q2ron60kWltOrRA2DS8hvrc6HqEbHr
         MJnlolBJ+Y3fV9Of/OMFkLYg/1ToS3734hVZ8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
         :date:message-id:subject:to:cc;
        bh=Wo+kXFYqhbdcohQqURSKyC3b9doTwKo1/7oUeciALDc=;
        b=XT6FVRBvdrmex7Vw2yTiJiWnjbd55j8AXPnFMvNDgVNizmU1B3+wEwdFUzbOJ3w3vN
         vGD48cpicoU7FOHFg87MR99KP4VpL72mAFMp+Jpj8+krc+E/d+8Tu31FbQVyyb1a0yqI
         Ogs+WFrZFv7MttjM9J+R6j8TxhvogtZf8CPDEiSTRE/f7J3A7h1Utog4r56//otZ9+i9
         z37PVPhi39urPTC9GHxgKsDFtds4qh8bmJgBav4KiW96KuyFKLLTuuHibcrTr8TCyYPZ
         wzgtWSWI2PLXVnvpsXUhXE46wxSngOgOTVaZdv10d0dwQ6+i7siDTES6RFEgoGGGDafc
         gcXw==
X-Gm-Message-State: APf1xPDZ8+XhPV9wKPaZq5N7oP793pAeid46hHD0ps21aCe/24ybK2W5
        hVnRMS/I4gybBy633GoiWXcWARn/duXyeWlDW6uS2w==
X-Received: by 10.31.228.199 with SMTP id b190mr3542179vkh.84.1519251882881;
 Wed, 21 Feb 2018 14:24:42 -0800 (PST)
MIME-Version: 1.0
Received: by 10.31.242.140 with HTTP; Wed, 21 Feb 2018 14:24:42 -0800 (PST)
In-Reply-To: <bd11826b-f3c1-be03-895c-85c08a149045@huawei.com>
References: <20180212165301.17933-1-igor.stoppa@huawei.com>
 <20180212165301.17933-6-igor.stoppa@huawei.com> <CAGXu5j+ZZkgLzsxcwAYgyu=A=11Fkeuj+F_8gCUAbXDmjWFdeg@mail.gmail.com>
 <bd11826b-f3c1-be03-895c-85c08a149045@huawei.com>
From:   Kees Cook <keescook@chromium.org>
Date:   Wed, 21 Feb 2018 14:24:42 -0800
X-Google-Sender-Auth: LLnroS9k8MPf9ANkgEu23KSd2a8
Message-ID: <CAGXu5j+ivd0Ys++6hqCjkipx8RFKTAmWf+KbtxEwT3SECD5C6A@mail.gmail.com>
Subject: Re: [PATCH 5/6] Pmalloc: self-test
To:     Igor Stoppa <igor.stoppa@huawei.com>
Cc:     Matthew Wilcox <willy@infradead.org>,
        Randy Dunlap <rdunlap@infradead.org>,
        Jonathan Corbet <corbet@lwn.net>,
        Michal Hocko <mhocko@kernel.org>,
        Laura Abbott <labbott@redhat.com>,
        Jerome Glisse <jglisse@redhat.com>,
        Christoph Hellwig <hch@infradead.org>,
        Christoph Lameter <cl@linux.com>,
        linux-security-module <linux-security-module@vger.kernel.org>,
        Linux-MM <linux-mm@kvack.org>,
        LKML <linux-kernel@vger.kernel.org>,
        Kernel Hardening <kernel-hardening@lists.openwall.com>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Feb 20, 2018 at 8:40 AM, Igor Stoppa <igor.stoppa@huawei.com> wrote:
>
> On 13/02/18 01:43, Kees Cook wrote:
>> On Mon, Feb 12, 2018 at 8:53 AM, Igor Stoppa <igor.stoppa@huawei.com> wrote:
>
> [...]
>
>>> +obj-$(CONFIG_PROTECTABLE_MEMORY_SELFTEST) += pmalloc-selftest.o
>>
>> Nit: self-test modules are traditionally named "test_$thing.o"
>> (outside of the tools/ directory).
>
> ok
>
> [...]
>
>> I wonder if lkdtm should grow a test too, to validate the RO-ness of
>> the allocations at the right time in API usage?
>
> sorry for being dense ... are you proposing that I do something to
> lkdtm_rodata.c ? An example would probably help me understand.

It would likely live in lkdtm_perms.c (or maybe lkdtm_heap.c). Namely,
use the pmalloc API and then attempt to write to a read-only variable
in the pmalloc region (to prove that the permission adjustment
actually happened). Likely a good example is
lkdtm_WRITE_RO_AFTER_INIT().

-Kees

-- 
Kees Cook
Pixel Security