LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software > Linux - Kernel
User Name
Password
Linux - Kernel This forum is for all discussion relating to the Linux kernel.

Notices


Reply
  Search this Thread
Old 11-20-2017, 04:03 PM   #1
satanfu
LQ Newbie
 
Registered: Nov 2017
Posts: 4

Rep: Reputation: Disabled
How to crash kernel "on purpose" from fs/exec.c ?


Hi, folks!

I've been trying, for research/fun purpose, to crash the kernel from specific kernel functions (or to render the system unuseable) after testing a condition in fs/exec.c , lets say inside do_execveat_common().

I've tried almost everything, from a divbyzero, null dereference, infinite loop, ... Kernel displays some error, but is still alive and system runs. I'm beginning to understand that this execve* kernel code is executed after a fork of some sort, so only the executed process will die, not the kernel.

I've tried as well to call various functions (without any knowledge of them) like emergency_sync();
kernel_restart(NULL);
or ctrl_alt_del(),
but it actually doesnt compile.

My question is then, how can I f*ck up the kernel from here?

Many thanks!

Last edited by satanfu; 11-21-2017 at 02:24 AM. Reason: precisions
 
Old 11-20-2017, 11:57 PM   #2
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 8,681
Blog Entries: 4

Rep: Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023
Well, I suppose that I could mention that certain Universities actually created a crash system command in their Unix timesharing systems of yesteryear. (It proved to be the best way to persuade bored-but-brilliant young students from finding other ways to crash it: "make the process trivially easy to do, therefore no longer amusing.")

But seriously ... for very obvious reasons, the kernel is designed to protect itself against anything that any user process might (maliciously or accidentally) do.

User-land processes of course cannot call any function within the kernel code. It should come as no surprise to you that user-land code which attempts to do so will not compile.

Last edited by sundialsvcs; 11-20-2017 at 11:58 PM.
 
Old 11-21-2017, 02:33 AM   #3
satanfu
LQ Newbie
 
Registered: Nov 2017
Posts: 4

Original Poster
Rep: Reputation: Disabled
Please read me well :)

Quote:
Originally Posted by sundialsvcs View Post
Well, I suppose that I could mention that certain Universities actually created a crash system command in their Unix timesharing systems of yesteryear. (It proved to be the best way to persuade bored-but-brilliant young students from finding other ways to crash it: "make the process trivially easy to do, therefore no longer amusing.")

But seriously ... for very obvious reasons, the kernel is designed to protect itself against anything that any user process might (maliciously or accidentally) do.

User-land processes of course cannot call any function within the kernel code. It should come as no surprise to you that user-land code which attempts to do so will not compile.
Hi sundialsvcs, please read me well. The code I'm patching is kernel sources (fs/exec.c). Those kernel functions are called when a userspace program invokes the exec syscall. Its obvious that the kernel should be resistant to a malicious userspace process.
This code is called when a process is exec(), but is kernel code. The purpose of the patch is for example to tell the kernel to crash if user exec() a process at 23:42.


Thanks,

Last edited by satanfu; 11-21-2017 at 02:39 AM.
 
Old 11-21-2017, 12:54 PM   #4
!!!
Member
 
Registered: Jan 2017
Posts: 610

Rep: Reputation: 233Reputation: 233Reputation: 233
Maybe: look at the kernel code that handles=performs SysRq c
Or maybe (my wild-guess) call panic() in your modified kernel code. Idk, sorry.
p.s. 'Welcome to LQ'.
 
Old 11-21-2017, 04:10 PM   #5
satanfu
LQ Newbie
 
Registered: Nov 2017
Posts: 4

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by !!! View Post
p.s. 'Welcome to LQ'.
Thanks mate!

I'll try for the panic and sysrq handlers.
 
1 members found this post helpful.
Old 11-23-2017, 05:15 PM   #6
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 8,681
Blog Entries: 4

Rep: Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023Reputation: 3023
Quote:
Originally Posted by satanfu View Post
Hi sundialsvcs, please read me well. The code I'm patching is kernel sources (fs/exec.c). Those kernel functions are called when a userspace program invokes the exec syscall. Its obvious that the kernel should be resistant to a malicious userspace process.
This code is called when a process is exec(), but is kernel code. The purpose of the patch is for example to tell the kernel to crash if user exec() a process at 23:42.
Seems to me that it ought to kill the requesting process, not burn-down the entire forest.
 
Old 11-25-2017, 01:24 PM   #7
satanfu
LQ Newbie
 
Registered: Nov 2017
Posts: 4

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by !!! View Post
Or maybe (my wild-guess) call panic() in your modified kernel code.
panic() did the job.

Many thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] No UTMPX entry, You must EXEC "login" for the lowest "shell" Jamalalhakemi Linux - Newbie 11 06-02-2015 06:14 PM
No UTMPX entry, You must EXEC "login" for the lowest "shell" Jamalalhakemi Linux - Newbie 3 06-01-2015 10:52 AM
No UTMPX entry, You must EXEC "login" for the lowest "shell" ooihc Solaris / OpenSolaris 7 03-12-2007 03:09 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software > Linux - Kernel

All times are GMT -5. The time now is 09:50 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration