forked from torvalds/linux
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
selftests/powerpc: Add test of mitigation patching
We recently discovered some of our mitigation patching was not safe against other CPUs running concurrently. Add a test which enable/disables all mitigations in a tight loop while also running some stress load. On an unpatched system this almost always leads to an oops and panic/reboot, but we also check if the kernel becomes tainted in case we have a non-fatal oops. Signed-off-by: Michael Ellerman <[email protected]> Link: https://lore.kernel.org/r/[email protected]
- Loading branch information
Showing
2 changed files
with
77 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
75 changes: 75 additions & 0 deletions
75
tools/testing/selftests/powerpc/security/mitigation-patching.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,75 @@ | ||
| #!/usr/bin/env bash | ||
|
|
||
| set -euo pipefail | ||
|
|
||
| TIMEOUT=10 | ||
|
|
||
| function do_one | ||
| { | ||
| local mitigation="$1" | ||
| local orig | ||
| local start | ||
| local now | ||
|
|
||
| orig=$(cat "$mitigation") | ||
|
|
||
| start=$EPOCHSECONDS | ||
| now=$start | ||
|
|
||
| while [[ $((now-start)) -lt "$TIMEOUT" ]] | ||
| do | ||
| echo 0 > "$mitigation" | ||
| echo 1 > "$mitigation" | ||
|
|
||
| now=$EPOCHSECONDS | ||
| done | ||
|
|
||
| echo "$orig" > "$mitigation" | ||
| } | ||
|
|
||
| rc=0 | ||
| cd /sys/kernel/debug/powerpc || rc=1 | ||
| if [[ "$rc" -ne 0 ]]; then | ||
| echo "Error: couldn't cd to /sys/kernel/debug/powerpc" >&2 | ||
| exit 1 | ||
| fi | ||
|
|
||
| tainted=$(cat /proc/sys/kernel/tainted) | ||
| if [[ "$tainted" -ne 0 ]]; then | ||
| echo "Error: kernel already tainted!" >&2 | ||
| exit 1 | ||
| fi | ||
|
|
||
| mitigations="barrier_nospec stf_barrier count_cache_flush rfi_flush entry_flush uaccess_flush" | ||
|
|
||
| for m in $mitigations | ||
| do | ||
| do_one "$m" & | ||
| done | ||
|
|
||
| echo "Spawned threads enabling/disabling mitigations ..." | ||
|
|
||
| if stress-ng > /dev/null 2>&1; then | ||
| stress="stress-ng" | ||
| elif stress > /dev/null 2>&1; then | ||
| stress="stress" | ||
| else | ||
| stress="" | ||
| fi | ||
|
|
||
| if [[ -n "$stress" ]]; then | ||
| "$stress" -m "$(nproc)" -t "$TIMEOUT" & | ||
| echo "Spawned VM stressors ..." | ||
| fi | ||
|
|
||
| echo "Waiting for timeout ..." | ||
| wait | ||
|
|
||
| tainted=$(cat /proc/sys/kernel/tainted) | ||
| if [[ "$tainted" -ne 0 ]]; then | ||
| echo "Error: kernel became tainted!" >&2 | ||
| exit 1 | ||
| fi | ||
|
|
||
| echo "OK" | ||
| exit 0 |