Skip to content

Commit b2325bf

Browse files
PacheNicoakpm00
PacheNico
authored and
akpm00
committed
kunit: kasan_test: disable fortify string checker on kmalloc_oob_memset
Similar to commit 09c6304 ("kasan: test: fix compatibility with FORTIFY_SOURCE") the kernel is panicing in kmalloc_oob_memset_*. This is due to the `ptr` not being hidden from the optimizer which would disable the runtime fortify string checker. kernel BUG at lib/string_helpers.c:1048! Call Trace: [<00000000272502e2>] fortify_panic+0x2a/0x30 ([<00000000272502de>] fortify_panic+0x26/0x30) [<001bffff817045c4>] kmalloc_oob_memset_2+0x22c/0x230 [kasan_test] Hide the `ptr` variable from the optimizer to fix the kernel panic. Also define a memset_size variable and hide that as well. This cleans up the code and follows the same convention as other tests. [[email protected]: address review comments from Andrey] Link: https://lkml.kernel.org/r/[email protected] Link: https://lkml.kernel.org/r/[email protected] Signed-off-by: Nico Pache <[email protected]> Reviewed-by: Andrey Konovalov <[email protected]> Cc: Alexander Potapenko <[email protected]> Cc: Andrey Konovalov <[email protected]> Cc: Andrey Ryabinin <[email protected]> Cc: Dmitry Vyukov <[email protected]> Cc: Vincenzo Frascino <[email protected]> Signed-off-by: Andrew Morton <[email protected]>
1 parent e63bde3 commit b2325bf

File tree

1 file changed

+16
-4
lines changed

1 file changed

+16
-4
lines changed

mm/kasan/kasan_test.c

Lines changed: 16 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -493,59 +493,71 @@ static void kmalloc_oob_memset_2(struct kunit *test)
493493
{
494494
char *ptr;
495495
size_t size = 128 - KASAN_GRANULE_SIZE;
496+
size_t memset_size = 2;
496497

497498
KASAN_TEST_NEEDS_CHECKED_MEMINTRINSICS(test);
498499

499500
ptr = kmalloc(size, GFP_KERNEL);
500501
KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr);
501502

503+
OPTIMIZER_HIDE_VAR(ptr);
502504
OPTIMIZER_HIDE_VAR(size);
503-
KUNIT_EXPECT_KASAN_FAIL(test, memset(ptr + size - 1, 0, 2));
505+
OPTIMIZER_HIDE_VAR(memset_size);
506+
KUNIT_EXPECT_KASAN_FAIL(test, memset(ptr + size - 1, 0, memset_size));
504507
kfree(ptr);
505508
}
506509

507510
static void kmalloc_oob_memset_4(struct kunit *test)
508511
{
509512
char *ptr;
510513
size_t size = 128 - KASAN_GRANULE_SIZE;
514+
size_t memset_size = 4;
511515

512516
KASAN_TEST_NEEDS_CHECKED_MEMINTRINSICS(test);
513517

514518
ptr = kmalloc(size, GFP_KERNEL);
515519
KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr);
516520

521+
OPTIMIZER_HIDE_VAR(ptr);
517522
OPTIMIZER_HIDE_VAR(size);
518-
KUNIT_EXPECT_KASAN_FAIL(test, memset(ptr + size - 3, 0, 4));
523+
OPTIMIZER_HIDE_VAR(memset_size);
524+
KUNIT_EXPECT_KASAN_FAIL(test, memset(ptr + size - 3, 0, memset_size));
519525
kfree(ptr);
520526
}
521527

522528
static void kmalloc_oob_memset_8(struct kunit *test)
523529
{
524530
char *ptr;
525531
size_t size = 128 - KASAN_GRANULE_SIZE;
532+
size_t memset_size = 8;
526533

527534
KASAN_TEST_NEEDS_CHECKED_MEMINTRINSICS(test);
528535

529536
ptr = kmalloc(size, GFP_KERNEL);
530537
KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr);
531538

539+
OPTIMIZER_HIDE_VAR(ptr);
532540
OPTIMIZER_HIDE_VAR(size);
533-
KUNIT_EXPECT_KASAN_FAIL(test, memset(ptr + size - 7, 0, 8));
541+
OPTIMIZER_HIDE_VAR(memset_size);
542+
KUNIT_EXPECT_KASAN_FAIL(test, memset(ptr + size - 7, 0, memset_size));
534543
kfree(ptr);
535544
}
536545

537546
static void kmalloc_oob_memset_16(struct kunit *test)
538547
{
539548
char *ptr;
540549
size_t size = 128 - KASAN_GRANULE_SIZE;
550+
size_t memset_size = 16;
541551

542552
KASAN_TEST_NEEDS_CHECKED_MEMINTRINSICS(test);
543553

544554
ptr = kmalloc(size, GFP_KERNEL);
545555
KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr);
546556

557+
OPTIMIZER_HIDE_VAR(ptr);
547558
OPTIMIZER_HIDE_VAR(size);
548-
KUNIT_EXPECT_KASAN_FAIL(test, memset(ptr + size - 15, 0, 16));
559+
OPTIMIZER_HIDE_VAR(memset_size);
560+
KUNIT_EXPECT_KASAN_FAIL(test, memset(ptr + size - 15, 0, memset_size));
549561
kfree(ptr);
550562
}
551563

0 commit comments

Comments
 (0)