Linux Hardening
 help / color / mirror / Atom feed
* [PATCH] lib/tests: Make FORTIFY_KUNIT_TEST depend on FORTIFY_SOURCE
@ 2025-06-02 14:51 Geert Uytterhoeven
  2025-06-02 18:11 ` Kees Cook
  0 siblings, 1 reply; 2+ messages in thread
From: Geert Uytterhoeven @ 2025-06-02 14:51 UTC (permalink / raw)
  To: Andrew Morton, Kees Cook, Gustavo A . R . Silva, David Gow
  Cc: linux-hardening, linux-kselftest, linux-kernel,
	Geert Uytterhoeven

When CONFIG_FORTIFY_SOURCE is not enabled, all fortify tests are
skipped.  Move this logic from run-time to config-time, to avoid people
building and running tests that do not do anything.

This basically reverts commit 1a78f8cb5daac774 ("fortify: Allow KUnit
test to build without FORTIFY") in v6.9, which was v3 of commit
a9dc8d0442294b42 ("fortify: Allow KUnit test to build without FORTIFY")
in v6.5, which was quickly reverted in commit 5e2956ee46244ffb ("Revert
"fortify: Allow KUnit test to build without FORTIFY"").

Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
---
Let's keep on playing whack-a-mole ;-)
---
 lib/Kconfig.debug         | 1 +
 lib/tests/fortify_kunit.c | 8 --------
 2 files changed, 1 insertion(+), 8 deletions(-)

diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
index 407f2ed7fcb3e94c..ca5afd192c9fbf51 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -2912,6 +2912,7 @@ config STACKINIT_KUNIT_TEST
 config FORTIFY_KUNIT_TEST
 	tristate "Test fortified str*() and mem*() function internals at runtime" if !KUNIT_ALL_TESTS
 	depends on KUNIT
+	depends on FORTIFY_SOURCE
 	default KUNIT_ALL_TESTS
 	help
 	  Builds unit tests for checking internals of FORTIFY_SOURCE as used
diff --git a/lib/tests/fortify_kunit.c b/lib/tests/fortify_kunit.c
index 29ffc62a71e3f968..10b0e1b12cdc3ae2 100644
--- a/lib/tests/fortify_kunit.c
+++ b/lib/tests/fortify_kunit.c
@@ -48,11 +48,6 @@ void fortify_add_kunit_error(int write);
 #include <linux/string.h>
 #include <linux/vmalloc.h>
 
-/* Handle being built without CONFIG_FORTIFY_SOURCE */
-#ifndef __compiletime_strlen
-# define __compiletime_strlen __builtin_strlen
-#endif
-
 static struct kunit_resource read_resource;
 static struct kunit_resource write_resource;
 static int fortify_read_overflows;
@@ -1071,9 +1066,6 @@ static void fortify_test_kmemdup(struct kunit *test)
 
 static int fortify_test_init(struct kunit *test)
 {
-	if (!IS_ENABLED(CONFIG_FORTIFY_SOURCE))
-		kunit_skip(test, "Not built with CONFIG_FORTIFY_SOURCE=y");
-
 	fortify_read_overflows = 0;
 	kunit_add_named_resource(test, NULL, NULL, &read_resource,
 				 "fortify_read_overflows",
-- 
2.43.0


^ permalink raw reply related	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-06-02 18:11 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-06-02 14:51 [PATCH] lib/tests: Make FORTIFY_KUNIT_TEST depend on FORTIFY_SOURCE Geert Uytterhoeven
2025-06-02 18:11 ` Kees Cook

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox