On Mon, Aug 17, 2020 at 01:24:37PM -0500, Eric W. Biederman wrote: > Alexander Popov <alex.popov@xxxxxxxxx> writes: > > > Add a simple test for CONFIG_SLAB_QUARANTINE. > > > > It performs heap spraying that aims to reallocate the recently freed heap > > object. This technique is used for exploiting use-after-free > > vulnerabilities in the kernel code. > > > > This test shows that CONFIG_SLAB_QUARANTINE breaks heap spraying > > exploitation technique. > > > > Signed-off-by: Alexander Popov <alex.popov@xxxxxxxxx> > > Why put this test in the linux kernel dump test module? > > I have no problem with tests, and I may be wrong but this > does not look like you are testing to see if heap corruption > triggers a crash dump. Which is what the rest of the tests > in lkdtm are about. Seeing if the test triggers successfully > triggers a crash dump. The scope of LKDTM has shifted a bit, and I'm fine with tests that don't cause crashes as long as they're part of testing system-wide defenses, etc. It's easier to collect similar tests together (even if they don't break the system). -- Kees Cook
