Skip to content

Commit 3738290

Browse files
niharcyakpm00
niharcy
authored and
akpm00
committed
kasan: add kunit tests for kmalloc_track_caller, kmalloc_node_track_caller
The Kunit tests for kmalloc_track_caller and kmalloc_node_track_caller were missing in kasan_test_c.c, which check that these functions poison the memory properly. Add a Kunit test: -> kmalloc_tracker_caller_oob_right(): This includes out-of-bounds access test for kmalloc_track_caller and kmalloc_node_track_caller. Link: https://lkml.kernel.org/r/[email protected] Link: https://bugzilla.kernel.org/show_bug.cgi?id=216509 Signed-off-by: Nihar Chaithanya <[email protected]> Reviewed-by: Andrey Konovalov <[email protected]> Cc: Andrey Ryabinin <[email protected]> Cc: Dmitry Vyukov <[email protected]> Cc: Shuah Khan <[email protected]> Signed-off-by: Andrew Morton <[email protected]>
1 parent 1857099 commit 3738290

File tree

1 file changed

+31
-0
lines changed

1 file changed

+31
-0
lines changed

mm/kasan/kasan_test_c.c

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -215,6 +215,36 @@ static void kmalloc_node_oob_right(struct kunit *test)
215215
kfree(ptr);
216216
}
217217

218+
static void kmalloc_track_caller_oob_right(struct kunit *test)
219+
{
220+
char *ptr;
221+
size_t size = 128 - KASAN_GRANULE_SIZE;
222+
223+
/*
224+
* Check that KASAN detects out-of-bounds access for object allocated via
225+
* kmalloc_track_caller().
226+
*/
227+
ptr = kmalloc_track_caller(size, GFP_KERNEL);
228+
KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr);
229+
230+
OPTIMIZER_HIDE_VAR(ptr);
231+
KUNIT_EXPECT_KASAN_FAIL(test, ptr[size] = 'y');
232+
233+
kfree(ptr);
234+
235+
/*
236+
* Check that KASAN detects out-of-bounds access for object allocated via
237+
* kmalloc_node_track_caller().
238+
*/
239+
ptr = kmalloc_node_track_caller(size, GFP_KERNEL, 0);
240+
KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr);
241+
242+
OPTIMIZER_HIDE_VAR(ptr);
243+
KUNIT_EXPECT_KASAN_FAIL(test, ptr[size] = 'y');
244+
245+
kfree(ptr);
246+
}
247+
218248
/*
219249
* Check that KASAN detects an out-of-bounds access for a big object allocated
220250
* via kmalloc(). But not as big as to trigger the page_alloc fallback.
@@ -2015,6 +2045,7 @@ static struct kunit_case kasan_kunit_test_cases[] = {
20152045
KUNIT_CASE(kmalloc_oob_right),
20162046
KUNIT_CASE(kmalloc_oob_left),
20172047
KUNIT_CASE(kmalloc_node_oob_right),
2048+
KUNIT_CASE(kmalloc_track_caller_oob_right),
20182049
KUNIT_CASE(kmalloc_big_oob_right),
20192050
KUNIT_CASE(kmalloc_large_oob_right),
20202051
KUNIT_CASE(kmalloc_large_uaf),

0 commit comments

Comments
 (0)