From: Kees Cook <kees@kernel.org>
To: David Gow <davidgow@google.com>
Cc: "Arnd Bergmann" <arnd@arndb.de>,
"Bill Wendling" <morbo@google.com>,
"Andrew Morton" <akpm@linux-foundation.org>,
"Nathan Chancellor" <nathan@kernel.org>,
"Nick Desaulniers" <nick.desaulniers+lkml@gmail.com>,
"Justin Stitt" <justinstitt@google.com>,
"Petr Mladek" <pmladek@suse.com>, "Rae Moar" <rmoar@google.com>,
"Tamir Duberstein" <tamird@gmail.com>,
"Diego Vieira" <diego.daniel.professional@gmail.com>,
"Luis Chamberlain" <mcgrof@kernel.org>,
llvm@lists.linux.dev,
"Dr. David Alan Gilbert" <linux@treblig.org>,
"Mark Brown" <broonie@kernel.org>,
WangYuli <wangyuli@uniontech.com>,
"Mickaël Salaün" <mic@digikod.net>,
"Günther Noack" <gnoack@google.com>,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
"Paul Moore" <paul@paul-moore.com>,
"James Morris" <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org,
linux-security-module@vger.kernel.org
Subject: Re: [PATCH 2/3] lib/tests: Add randstruct KUnit test
Date: Wed, 30 Apr 2025 11:56:09 -0700 [thread overview]
Message-ID: <202504301154.1A83E92@keescook> (raw)
In-Reply-To: <CABVgOSn1Lrkp96tucPniwPkVbpsBvTRZey=mCVDw7xS+Jro_AA@mail.gmail.com>
On Tue, Apr 29, 2025 at 03:44:01PM +0800, David Gow wrote:
> On Sun, 27 Apr 2025 at 09:38, Kees Cook <kees@kernel.org> wrote:
> >
> > Perform basic validation about layout randomization and initialization
> > tracking when using CONFIG_RANDSTRUCT=y. Tested using:
> >
> > $ ./tools/testing/kunit/kunit.py run \
> > --kconfig_add CONFIG_RANDSTRUCT_FULL=y \
> > randstruct
> > [17:22:30] ================= randstruct (2 subtests) ==================
> > [17:22:30] [PASSED] randstruct_layout
> > [17:22:30] [PASSED] randstruct_initializers
> > [17:22:30] =================== [PASSED] randstruct ====================
> > [17:22:30] ============================================================
> > [17:22:30] Testing complete. Ran 2 tests: passed: 2
> > [17:22:30] Elapsed time: 5.091s total, 0.001s configuring, 4.974s building, 0.086s running
> >
> > Adding "--make_option LLVM=1" can be used to test Clang, which also
> > passes.
> >
> > Signed-off-by: Kees Cook <kees@kernel.org>
> > ---
>
> This works here for me. I'm a little wary of the prospect of the
> "unlucky or broken" message making the test fail if we're just
> unlucky, but it seems unlikely enough that we can deal with it later
> if it ever becomes a problem.
>
> Acked-by: David Gow <davidgow@google.com>
Thanks!
Yeah, I wonder if it might be an interesting adjustment to the shuffling
to make sure it isn't a no-op? Like, it would shuffle with the original
hash, and if it's a no-op, it could permute the hash again, and then try
again? Hmmm...
--
Kees Cook
next prev parent reply other threads:[~2025-04-30 18:56 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-27 1:38 [PATCH 0/3] randstruct: gcc-plugin: Remove bogus void member Kees Cook
2025-04-27 1:38 ` [PATCH 1/3] " Kees Cook
2025-04-27 1:38 ` [PATCH 2/3] lib/tests: Add randstruct KUnit test Kees Cook
2025-04-27 3:47 ` kernel test robot
2025-04-27 3:47 ` kernel test robot
2025-04-30 18:56 ` Kees Cook
2025-04-27 6:04 ` kernel test robot
2025-04-29 7:44 ` David Gow
2025-04-30 18:56 ` Kees Cook [this message]
2025-04-27 1:38 ` [PATCH 3/3] Revert "hardening: Disable GCC randstruct for COMPILE_TEST" Kees Cook
2025-05-30 0:06 ` Thiago Jung Bauermann
2025-05-30 5:12 ` Kees Cook
2025-05-30 19:09 ` Nathan Chancellor
2025-05-30 19:37 ` Kees Cook
2025-05-30 22:31 ` Kees Cook
2025-05-20 15:18 ` [PATCH 0/3] randstruct: gcc-plugin: Remove bogus void member Mickaël Salaün
2025-05-20 16:14 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202504301154.1A83E92@keescook \
--to=kees@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=broonie@kernel.org \
--cc=davidgow@google.com \
--cc=diego.daniel.professional@gmail.com \
--cc=gnoack@google.com \
--cc=gustavoars@kernel.org \
--cc=jmorris@namei.org \
--cc=justinstitt@google.com \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linux@treblig.org \
--cc=llvm@lists.linux.dev \
--cc=mcgrof@kernel.org \
--cc=mic@digikod.net \
--cc=morbo@google.com \
--cc=nathan@kernel.org \
--cc=nick.desaulniers+lkml@gmail.com \
--cc=paul@paul-moore.com \
--cc=pmladek@suse.com \
--cc=rmoar@google.com \
--cc=serge@hallyn.com \
--cc=tamird@gmail.com \
--cc=wangyuli@uniontech.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.