From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1AA21CFC501 for ; Tue, 15 Oct 2024 01:33:56 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 929616B0089; Mon, 14 Oct 2024 21:33:55 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 8D87E6B008A; Mon, 14 Oct 2024 21:33:55 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 752FB6B008C; Mon, 14 Oct 2024 21:33:55 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 551396B0089 for ; Mon, 14 Oct 2024 21:33:55 -0400 (EDT) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id CDD4D160409 for ; Tue, 15 Oct 2024 01:33:45 +0000 (UTC) X-FDA: 82674114936.08.76A6D59 Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) by imf04.hostedemail.com (Postfix) with ESMTP id 34AF640007 for ; Tue, 15 Oct 2024 01:33:44 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=IleYz1ae; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf04.hostedemail.com: domain of ritesh.list@gmail.com designates 209.85.210.177 as permitted sender) smtp.mailfrom=ritesh.list@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1728956001; a=rsa-sha256; cv=none; b=Bi5gtD+2O+Mb8zjo19KXFJgUwQFAjARQTY9tXxjBHv1okNXlz7W4AIyph476mPRmNqT8jg T06p5w8+KMWnRQnb14FOrUVKbcv4HUXBFDVkVvCgfsISa6nkOi2WFvJyiwTRgYFJktKc1V Ac65h4SFUJ3rpl3dolXiOB/N+L+tJa8= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=IleYz1ae; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf04.hostedemail.com: domain of ritesh.list@gmail.com designates 209.85.210.177 as permitted sender) smtp.mailfrom=ritesh.list@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1728956001; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=L3z8aqN2PapGEchw6ngaiDWNeD417V3WkhQBwYXWFqM=; b=YqVngTz4Hb9c4NcgjcsI4uDEDh4rSQ3daOh9rUJfo1Lwl5qt9U514VeaRsuIDWdpISQfKW cKi4QfyZkXFFvfwFTUcUUw6JdW8AeRUzvRts9IaWLFi6hg4Povv6mA47HRLaiDeR3K8ZtA OgFWYkNDlWDWbBByfq6KYH3w4gnAU3g= Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-71e61b47c6cso1502706b3a.2 for ; Mon, 14 Oct 2024 18:33:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728956032; x=1729560832; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=L3z8aqN2PapGEchw6ngaiDWNeD417V3WkhQBwYXWFqM=; b=IleYz1aelW141NqQ40BYysaFoxx7hH6sBPg/DlfnlAmL5Sz9suF7YRZLxsz+1AQfLH Z5LSMpRO/3apIrV6lqbQumuOCtfTMpYE6R1VlTbXYMPdEYN0klK5HIettCoCpitloPHC B5atGtzqgoPzsvT+pqynOvQOBSbQbheQM7f3qdI/PXigTldXUsvGkjBT1niqKSml8LuS 8uAIq5plxJvLDkltknjqgLsTfaUUcTdhIUaNO0SFGWAiI5oj/LbX6ZpngAdxdmWzSrPO GMPQbY1wgyvTl/lBb1X5KhoqCmBSI73QvHuTFvEvmOJLHMTE8kVC+y2CZJ+LafK1C4yx E+/A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728956032; x=1729560832; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=L3z8aqN2PapGEchw6ngaiDWNeD417V3WkhQBwYXWFqM=; b=fb7x2/fc71ByvHkk6P2Vs2471kTQ2oFk+zXLq6pD8E91Cttzo6pW+/o4X+ifeqC+1Q B14+c9M7sXBehLtZ+i57Vi2IeU7s++U71jKg0AhuoZzoAHD0jMh5NqqwwBXX7qX7mox5 tvfxA0d5uaNgIz1F1ce/Xjmi1jD/wkJ0/vu6IoQU0U2xmd3dQ6UMmjZbQWdfTPJhFTuC ny4CvF9VVpPo1f2yTcGtRTmCk4ZGbFZ6W3UxipoQHK/YIWKDNZKrHMS956uMSAh0ujw1 k+78gQaw8T6EchlgwCAUZocBBVET+1Oli/rDQl5nDt7fb4yfjYCnG4/RIPs5mJ5Yicqd C9KQ== X-Forwarded-Encrypted: i=1; AJvYcCVGFrL1HLQQWlrzstOsNrWvfjWri/foFXXx2vvfHdNi+8AS43yrHYxp3ZzesLt7xqbL5bNcHGCoog==@kvack.org X-Gm-Message-State: AOJu0YzaCiR3LzR6vVbm0Dhq0iN5lyxEVV8WcBZENf17DCFWF9JWinkQ o7wn38bDw9gX/wDe03MPGvKFoTBtaUPkMIrZhBfN+Z/XzE93StVp X-Google-Smtp-Source: AGHT+IGqbk3XkcP38tM4YL865mfr8G0wKwLOrKwm5cB+ZAuXCK3oFNnJ20ByJ9R3zI+2HFTRH1ioYA== X-Received: by 2002:a05:6a00:9a1:b0:71d:f215:1d96 with SMTP id d2e1a72fcca58-71e37e287e7mr22675408b3a.6.1728956031701; Mon, 14 Oct 2024 18:33:51 -0700 (PDT) Received: from dw-tp.. ([171.76.80.151]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e77508562sm189349b3a.186.2024.10.14.18.33.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 14 Oct 2024 18:33:51 -0700 (PDT) From: "Ritesh Harjani (IBM)" To: linuxppc-dev@lists.ozlabs.org Cc: kasan-dev@googlegroups.com, linux-mm@kvack.org, Marco Elver , Alexander Potapenko , Heiko Carstens , Michael Ellerman , Nicholas Piggin , Madhavan Srinivasan , Christophe Leroy , Hari Bathini , "Aneesh Kumar K . V" , Donet Tom , Pavithra Prakash , LKML , Nirjhar Roy , "Ritesh Harjani (IBM)" Subject: [RFC RESEND v2 01/13] mm/kfence: Add a new kunit test test_use_after_free_read_nofault() Date: Tue, 15 Oct 2024 07:03:24 +0530 Message-ID: X-Mailer: git-send-email 2.46.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Rspam-User: X-Stat-Signature: 783jznp13797o6x31si19xawwb5m44bh X-Rspamd-Queue-Id: 34AF640007 X-Rspamd-Server: rspam02 X-HE-Tag: 1728956023-933305 X-HE-Meta: U2FsdGVkX18G7CSXYrI6JcScFhhRhYnvBhApcZs5++jWjEOc0iuhiJHMKLKvcppJmpGltKeZkCLHosAyx9euJG/sKPdxVVe+YbSOPoGZDrcKw5GQqi3ra/HTq90EEnqDhV7XekB/YwIj8PE/nNQSRhsFao+oQz1hS3TvviPogE7IUSMF3o9S0NYQ4K+9kdpAP3NwvziR+rwbfzAaISnM3V+wOmRFxFYhl9lL/i6DXt6KHnNpTHMOY5O7SLFrLJ+E7wbwwSXfd9WfM9v7WREmJyLjsaX4YYfVvfawkBaahOPwYnuaAQ5HSSOobhh2M7OK1nHEC0Eghe8RHtBKfQyJe5VnI6yH4mwHiuphhtZrZ29wPjkLMFTvccK0zxI9IW0wHuqna3/D59kWrDDzISxNxpoDmprkWLje/AX9fwZ3wAfQ5Kta9tidyhYwRpDC0TBj+1MtPCHbjwOjdVX2D9GBWLLUmSqJhKAh+8put2UaOvW2JAToQYKkl4hY2JEg3tvNmpZxEG7Cl8lflYbz5ee76r9ph9UZjZy3JipdK8uBhPFuasidvHzbzLULsL1mmKSf9yPseMV94o0dd1phSNmbG2hNcPOCezYcxiF3t/fWEdbemCdOuG8YDtDuKZkEouQ4wfN34EBFbxnO4u6yAU4sdyCVc0wxU5KYZOZJ5tAy5cWZvWbIcuLz+B2iVCFJfsC7O8p0mpPZUVeYh+/v5vTZURRT5GUDM5jflh/oQbZhom8Qc0nh16ColiNp92pNAH7An3FprJPgKyECsytqegEGBHm0PTrX5pJ63K0SjCgSelczSFjaR/XxP8VOGcnuRiWnhOVIRj+1yJE1/kcOLbmZy/f1LU2mfS5+T75Upj1ih892YcPDERCZ5Hvl3FG75WG10f02bPdfmyQBYPFUqnH00yty1XThMMooFT14iTxypq6fkGBvtG5wWrbT+yDAtvh3/WT/P+t3v/C7b7TfnPd f+m4pbx0 BZpaavMu7BIKWigSBeVpD/tFjEAs8SqyiXTLW1MMB88NZChwEIYFv88DkOQLO+xbg8Ia84hTr7C5JBEJoHJaEldzAv9B6CxBaPOTJtMlhRDrqwoQJf8sn/lcKRxIJ1XOK/GFT+RU/pfppRVi2xdc5stqlUQBPL7knHwUXTlxMTraH/oHADP5QDSKAkQGqVesGYhWEEHqbW2Yd9AQXU7S0IrD/7r7sBJy+lgQIS+uQVh03yHmWmMvQ94LHDqS9nwIjWymwRuMelUAYX4lLpHTvB1CEKI5zNKfwQwbb+RFNX26zFufUR9KkdVDkWNd2KUZUT18NdD5BuWBqNKLtJfjS2DGdqg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Nirjhar Roy Faults from copy_from_kernel_nofault() needs to be handled by fixup table and should not be handled by kfence. Otherwise while reading /proc/kcore which uses copy_from_kernel_nofault(), kfence can generate false negatives. This can happen when /proc/kcore ends up reading an unmapped address from kfence pool. Let's add a testcase to cover this case. Co-developed-by: Ritesh Harjani (IBM) Signed-off-by: Ritesh Harjani (IBM) Signed-off-by: Nirjhar Roy Cc: kasan-dev@googlegroups.com Cc: Alexander Potapenko Cc: linux-mm@kvack.org --- mm/kfence/kfence_test.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/mm/kfence/kfence_test.c b/mm/kfence/kfence_test.c index 00fd17285285..f65fb182466d 100644 --- a/mm/kfence/kfence_test.c +++ b/mm/kfence/kfence_test.c @@ -383,6 +383,22 @@ static void test_use_after_free_read(struct kunit *test) KUNIT_EXPECT_TRUE(test, report_matches(&expect)); } +static void test_use_after_free_read_nofault(struct kunit *test) +{ + const size_t size = 32; + char *addr; + char dst; + int ret; + + setup_test_cache(test, size, 0, NULL); + addr = test_alloc(test, size, GFP_KERNEL, ALLOCATE_ANY); + test_free(addr); + /* Use after free with *_nofault() */ + ret = copy_from_kernel_nofault(&dst, addr, 1); + KUNIT_EXPECT_EQ(test, ret, -EFAULT); + KUNIT_EXPECT_FALSE(test, report_available()); +} + static void test_double_free(struct kunit *test) { const size_t size = 32; @@ -780,6 +796,7 @@ static struct kunit_case kfence_test_cases[] = { KFENCE_KUNIT_CASE(test_out_of_bounds_read), KFENCE_KUNIT_CASE(test_out_of_bounds_write), KFENCE_KUNIT_CASE(test_use_after_free_read), + KFENCE_KUNIT_CASE(test_use_after_free_read_nofault), KFENCE_KUNIT_CASE(test_double_free), KFENCE_KUNIT_CASE(test_invalid_addr_free), KFENCE_KUNIT_CASE(test_corruption), -- 2.46.0