Extend the test module with a new test case (test1) that intentionally overflows a local u64 buffer to corrupt the stack canary. This helps validate detection of stack corruption under overflow conditions.
The proc interface is updated to document the new test: - test1: stack canary overflow test Signed-off-by: Jinchao Wang <[email protected]> --- mm/kstackwatch/test.c | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/mm/kstackwatch/test.c b/mm/kstackwatch/test.c index 76dbfb042067..ab1a3f92b5e8 100644 --- a/mm/kstackwatch/test.c +++ b/mm/kstackwatch/test.c @@ -40,6 +40,27 @@ static void canary_test_write(void) pr_info("canary write test completed\n"); } +/* + * Test Case 1: Stack Overflow (Canary Test) + * This function uses a u64 buffer 64-bit write + * to corrupt the stack canary with a single operation + */ +static void canary_test_overflow(void) +{ + u64 buffer[BUFFER_SIZE]; + + pr_info("starting %s\n", __func__); + pr_info("buffer 0x%lx\n", (unsigned long)buffer); + + /* intentionally overflow the u64 buffer. */ + ((u64 *)buffer + BUFFER_SIZE)[0] = 0xdeadbeefdeadbeef; + + /* make sure the compiler do not drop assign action */ + barrier_data(buffer); + + pr_info("canary overflow test completed\n"); +} + static ssize_t test_proc_write(struct file *file, const char __user *buffer, size_t count, loff_t *pos) { @@ -63,6 +84,10 @@ static ssize_t test_proc_write(struct file *file, const char __user *buffer, pr_info("triggering canary write test\n"); canary_test_write(); break; + case 1: + pr_info("triggering canary overflow test\n"); + canary_test_overflow(); + break; default: pr_err("Unknown test number %d\n", test_num); return -EINVAL; @@ -82,7 +107,8 @@ static ssize_t test_proc_read(struct file *file, char __user *buffer, "KStackWatch Simplified Test Module\n" "==================================\n" "Usage:\n" - " echo 'test0' > /proc/kstackwatch_test - Canary write test\n"; + " echo 'test0' > /proc/kstackwatch_test - Canary write test\n" + " echo 'test1' > /proc/kstackwatch_test - Canary overflow test\n"; return simple_read_from_buffer(buffer, count, pos, usage, strlen(usage)); -- 2.43.0
