Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
tjh.dev
kernel
os
linux
1#!/bin/sh
2# SPDX-License-Identifier: GPL-2.0
3#
4# Measure kernel stack entropy by sampling via LKDTM's REPORT_STACK test.
5set -e
6samples="${1:-1000}"
7
8# Capture dmesg continuously since it may fill up depending on sample size.
9log=$(mktemp -t stack-entropy-XXXXXX)
10dmesg --follow >"$log" & pid=$!
11report=-1
12for i in $(seq 1 $samples); do
13 echo "REPORT_STACK" >/sys/kernel/debug/provoke-crash/DIRECT
14 if [ -t 1 ]; then
15 percent=$(( 100 * $i / $samples ))
16 if [ "$percent" -ne "$report" ]; then
17 /bin/echo -en "$percent%\r"
18 report="$percent"
19 fi
20 fi
21done
22kill "$pid"
23
24# Count unique offsets since last run.
25seen=$(tac "$log" | grep -m1 -B"$samples"0 'Starting stack offset' | \
26 grep 'Stack offset' | awk '{print $NF}' | sort | uniq -c | wc -l)
27bits=$(echo "obase=2; $seen" | bc | wc -L)
28echo "Bits of stack entropy: $bits"
29rm -f "$log"
30
31# We would expect any functional stack randomization to be at least 5 bits.
32if [ "$bits" -lt 5 ]; then
33 exit 1
34else
35 exit 0
36fi