diff options
author | Sascha Hauer <s.hauer@pengutronix.de> | 2024-01-23 08:43:10 +0100 |
---|---|---|
committer | Sascha Hauer <s.hauer@pengutronix.de> | 2024-01-23 08:43:10 +0100 |
commit | c3e2a96606318aa5fe5e2ee197ae89e5a1ed9a8e (patch) | |
tree | bfc480e79476d40a9af2c3b63c5e0b741ecebf30 /lib | |
parent | 5c3624e39bca790b03081f629d2b5d35018b8e63 (diff) | |
parent | f9c6eb75f5640065694611dde159b5d3feca12ab (diff) | |
download | barebox-c3e2a96606318aa5fe5e2ee197ae89e5a1ed9a8e.tar.gz barebox-c3e2a96606318aa5fe5e2ee197ae89e5a1ed9a8e.tar.xz |
Merge branch 'for-next/misc'
Diffstat (limited to 'lib')
-rw-r--r-- | lib/Kconfig.hardening | 10 | ||||
-rw-r--r-- | lib/Makefile | 1 | ||||
-rw-r--r-- | lib/list_debug.c | 68 |
3 files changed, 79 insertions, 0 deletions
diff --git a/lib/Kconfig.hardening b/lib/Kconfig.hardening index 7f74d0d98a..28be42a274 100644 --- a/lib/Kconfig.hardening +++ b/lib/Kconfig.hardening @@ -1,5 +1,15 @@ menu "Hardening options" +config BUG_ON_DATA_CORRUPTION + bool "Trigger a BUG when data corruption is detected" + select DEBUG_LIST + help + Select this option if barebox should BUG when it encounters + data corruption in its memory structures when they get checked + for validity. + + If unsure, say N. + config STACK_GUARD_PAGE bool "Place guard page to catch stack overflows" depends on ARM && MMU diff --git a/lib/Makefile b/lib/Makefile index 38204c8273..853d8870fe 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -71,6 +71,7 @@ obj-$(CONFIG_FONTS) += fonts/ obj-$(CONFIG_BAREBOX_LOGO) += logo/ obj-y += reed_solomon/ obj-$(CONFIG_RATP) += ratp.o +obj-$(CONFIG_DEBUG_LIST) += list_debug.o obj-y += list_sort.o obj-y += refcount.o obj-y += int_sqrt.o diff --git a/lib/list_debug.c b/lib/list_debug.c new file mode 100644 index 0000000000..7de4c709a3 --- /dev/null +++ b/lib/list_debug.c @@ -0,0 +1,68 @@ +/* + * Copyright 2006, Red Hat, Inc., Dave Jones + * Released under the General Public License (GPL). + * + * This file contains the linked list validation for DEBUG_LIST. + */ + +#include <linux/export.h> +#include <linux/list.h> +#include <linux/bug.h> +#include <linux/kernel.h> + +/* + * Check that the data structures for the list manipulations are reasonably + * valid. Failures here indicate memory corruption (and possibly an exploit + * attempt). + */ + +bool __list_add_valid_or_report(struct list_head *new, struct list_head *prev, + struct list_head *next) +{ + if (CHECK_DATA_CORRUPTION(prev == NULL, + "list_add corruption. prev is NULL.\n") || + CHECK_DATA_CORRUPTION(next == NULL, + "list_add corruption. next is NULL.\n") || + CHECK_DATA_CORRUPTION(next->prev != prev, + "list_add corruption. next->prev should be prev (%px), but was %px. (next=%px).\n", + prev, next->prev, next) || + CHECK_DATA_CORRUPTION(prev->next != next, + "list_add corruption. prev->next should be next (%px), but was %px. (prev=%px).\n", + next, prev->next, prev) || + CHECK_DATA_CORRUPTION(new == prev || new == next, + "list_add double add: new=%px, prev=%px, next=%px.\n", + new, prev, next)) + return false; + + return true; +} +EXPORT_SYMBOL(__list_add_valid_or_report); + +bool __list_del_entry_valid_or_report(struct list_head *entry) +{ + struct list_head *prev, *next; + + prev = entry->prev; + next = entry->next; + + if (CHECK_DATA_CORRUPTION(next == NULL, + "list_del corruption, %px->next is NULL\n", entry) || + CHECK_DATA_CORRUPTION(prev == NULL, + "list_del corruption, %px->prev is NULL\n", entry) || + CHECK_DATA_CORRUPTION(next == LIST_POISON1, + "list_del corruption, %px->next is LIST_POISON1 (%px)\n", + entry, LIST_POISON1) || + CHECK_DATA_CORRUPTION(prev == LIST_POISON2, + "list_del corruption, %px->prev is LIST_POISON2 (%px)\n", + entry, LIST_POISON2) || + CHECK_DATA_CORRUPTION(prev->next != entry, + "list_del corruption. prev->next should be %px, but was %px. (prev=%px)\n", + entry, prev->next, prev) || + CHECK_DATA_CORRUPTION(next->prev != entry, + "list_del corruption. next->prev should be %px, but was %px. (next=%px)\n", + entry, next->prev, next)) + return false; + + return true; +} +EXPORT_SYMBOL(__list_del_entry_valid_or_report); |