All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] tests/util/grub-shell: Enable RNG device to better test stack smashing
@ 2023-09-01  4:50 Glenn Washburn
  2023-09-02 18:28 ` Daniel Kiper
  0 siblings, 1 reply; 3+ messages in thread
From: Glenn Washburn @ 2023-09-01  4:50 UTC (permalink / raw)
  To: grub-devel, Daniel Kiper; +Cc: Glenn Washburn

In certain firmwares, eg. OVMF, the RNG protocol is not enabled unless
there is an RNG device. When not enabled, GRUB fails to initialize the
stack guard with random bytes. For testing, this is not a big issue, but
there have been bugs found in the initialization. So turn this on for EFI
platforms to catch any regressions.

Signed-off-by: Glenn Washburn <development@efficientek.com>
---
This patch will potentially cause a lot of failures on EFI platforms
because of a bug in stack smashing initialization, which the list has
been notified of. This patch is in part meant to exercise that bug and
allows successful test runs when that bug is fixed.

Glenn
---
 tests/util/grub-shell.in | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/tests/util/grub-shell.in b/tests/util/grub-shell.in
index 715e1c2e67b3..496e1bab33c8 100644
--- a/tests/util/grub-shell.in
+++ b/tests/util/grub-shell.in
@@ -225,6 +225,13 @@ case "${grub_modinfo_target_cpu}-${grub_modinfo_platform}" in
 	console=console;;
 esac
 
+case "${grub_modinfo_target_cpu}-${grub_modinfo_platform}" in
+    # Only add the RNG device for EFI platforms because we currently only
+    # support Stack Smashing protection on EFI.
+    *-efi)
+	qemuopts="$qemuopts -device virtio-rng-pci" ;;
+esac
+
 timeout=${GRUB_SHELL_DEFAULT_TIMEOUT:-60}
 mkimage_extra_arg=
 debug=${GRUB_SHELL_DEFAULT_DEBUG:-$GRUB_TEST_DEFAULT_DEBUG}
-- 
2.34.1


_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH] tests/util/grub-shell: Enable RNG device to better test stack smashing
  2023-09-01  4:50 [PATCH] tests/util/grub-shell: Enable RNG device to better test stack smashing Glenn Washburn
@ 2023-09-02 18:28 ` Daniel Kiper
  2023-09-04 19:24   ` Glenn Washburn
  0 siblings, 1 reply; 3+ messages in thread
From: Daniel Kiper @ 2023-09-02 18:28 UTC (permalink / raw)
  To: Glenn Washburn; +Cc: grub-devel

On Thu, Aug 31, 2023 at 11:50:56PM -0500, Glenn Washburn wrote:
> In certain firmwares, eg. OVMF, the RNG protocol is not enabled unless
> there is an RNG device. When not enabled, GRUB fails to initialize the
> stack guard with random bytes. For testing, this is not a big issue, but
> there have been bugs found in the initialization. So turn this on for EFI
> platforms to catch any regressions.
>
> Signed-off-by: Glenn Washburn <development@efficientek.com>

Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

> ---
> This patch will potentially cause a lot of failures on EFI platforms
> because of a bug in stack smashing initialization, which the list has
> been notified of. This patch is in part meant to exercise that bug and
> allows successful test runs when that bug is fixed.

I will review the patch mentioned above and then push both patches
together to not break tests at this point.

Daniel

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH] tests/util/grub-shell: Enable RNG device to better test stack smashing
  2023-09-02 18:28 ` Daniel Kiper
@ 2023-09-04 19:24   ` Glenn Washburn
  0 siblings, 0 replies; 3+ messages in thread
From: Glenn Washburn @ 2023-09-04 19:24 UTC (permalink / raw)
  To: Daniel Kiper; +Cc: grub-devel

On Sat, 2 Sep 2023 20:28:16 +0200
Daniel Kiper <dkiper@net-space.pl> wrote:

> On Thu, Aug 31, 2023 at 11:50:56PM -0500, Glenn Washburn wrote:
> > In certain firmwares, eg. OVMF, the RNG protocol is not enabled unless
> > there is an RNG device. When not enabled, GRUB fails to initialize the
> > stack guard with random bytes. For testing, this is not a big issue, but
> > there have been bugs found in the initialization. So turn this on for EFI
> > platforms to catch any regressions.
> >
> > Signed-off-by: Glenn Washburn <development@efficientek.com>
> 
> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
> 
> > ---
> > This patch will potentially cause a lot of failures on EFI platforms
> > because of a bug in stack smashing initialization, which the list has
> > been notified of. This patch is in part meant to exercise that bug and
> > allows successful test runs when that bug is fixed.
> 
> I will review the patch mentioned above and then push both patches
> together to not break tests at this point.

Sounds good. Also keep in mind that there should probably be some
thought given to other implementations of the stack smashing fix. The
one proposed just disables it for grub_efi_init(), but it should be
considered whether we do want this function covered by the protection.

Glenn

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-09-04 19:24 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-09-01  4:50 [PATCH] tests/util/grub-shell: Enable RNG device to better test stack smashing Glenn Washburn
2023-09-02 18:28 ` Daniel Kiper
2023-09-04 19:24   ` Glenn Washburn

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.