From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.3 required=3.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0CCC8C31E45 for ; Thu, 13 Jun 2019 15:19:59 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id D96972054F for ; Thu, 13 Jun 2019 15:19:58 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="ts1iVh+M" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732283AbfFMPTx (ORCPT ); Thu, 13 Jun 2019 11:19:53 -0400 Received: from mail-qt1-f201.google.com ([209.85.160.201]:43730 "EHLO mail-qt1-f201.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732126AbfFMNAK (ORCPT ); Thu, 13 Jun 2019 09:00:10 -0400 Received: by mail-qt1-f201.google.com with SMTP id z16so17393650qto.10 for ; Thu, 13 Jun 2019 06:00:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=Ybi8SfjCPz2J5Q8w+1yX5IhzPr2ih+s0DDGtyk1eE0Q=; b=ts1iVh+MGoXxSHAOlM6VYEYvHolnCXBAmkapqrFpT7xVCQzd3Fa2JkT1/HyG97LFTI mO4qoHbIWJzYknXJB9Qo9GJzrP+bFZryH68kiERkcgtbTpQ85NTHFaHjFVKszYIV7DQp Q1jw3cRylgS8rtUqWuipeckBmtvdIGjD+0qBR+2w2BdtT1j0mAt/Nr9W5IwLPgurFckj rlVC/BIiHSswUysRXsjRYgl0Tv+gCDCfg1Lv5xNY6uPfkfi8PZi75+tSjqfaHLZAyzC0 k7CTsMMm4jVSITG9r6yCHkrahbWECdormGn+3rkzx0NsMpxx2Pi9d4Cw/SkV3QLvo9jW SzFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=Ybi8SfjCPz2J5Q8w+1yX5IhzPr2ih+s0DDGtyk1eE0Q=; b=s/FoSnLUq7ZSpqn+hCsLQwNQUxo3rGbTxif3NYLjmRWhdTJxiCO3gUrN/yp2E5foDI njex4IpES52NkOtWiz/YHnpS8u+raObvmpRe1SYqkpy9+m31J4iYmQyZOXeNFM0szi6H BTPxHlOqN133GIjgWHWl4eYf0lGE4yg13WQGc6lkXJ1ZMONcK+SHrRiL4NL4BIjCBzmW QgO0KVwWbxt1/iwLfp6UXPPEk4vujS4Jo7NbORn9B1mX3N1da+MZUSKav4X4rGV5vg22 M5UJEO5DKZrF4jEQ3SHw6TAVVgQ2hymPyDlBNlgVzLpeXMRXq3wOvArvaZowXSosUDIe Qbkw== X-Gm-Message-State: APjAAAW5YPkdaS+9yJ5C5Q9ty0RPRhxfc3iiJdyxSKDgKTte1Iq2UgYr WEn57G2Vv+CUSVLPNRnMfs9Ijq88Wg== X-Google-Smtp-Source: APXvYqwtOyF/NipHfM0B1wS4zD7lYMrDN1HIEKEOmJ/DyO1Fbp7VEq6WgJWIEL0g0Ore5QNIIZb+c7v12w== X-Received: by 2002:a37:47d1:: with SMTP id u200mr37053086qka.21.1560430808803; Thu, 13 Jun 2019 06:00:08 -0700 (PDT) Date: Thu, 13 Jun 2019 14:59:48 +0200 In-Reply-To: <20190613125950.197667-1-elver@google.com> Message-Id: <20190613125950.197667-2-elver@google.com> Mime-Version: 1.0 References: <20190613125950.197667-1-elver@google.com> X-Mailer: git-send-email 2.22.0.rc2.383.gf4fbbf30c2-goog Subject: [PATCH v5 1/3] lib/test_kasan: Add bitops tests From: Marco Elver To: peterz@infradead.org, aryabinin@virtuozzo.com, dvyukov@google.com, glider@google.com, andreyknvl@google.com, mark.rutland@arm.com, hpa@zytor.com Cc: corbet@lwn.net, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, x86@kernel.org, arnd@arndb.de, jpoimboe@redhat.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, kasan-dev@googlegroups.com, Marco Elver Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This adds bitops tests to the test_kasan module. In a follow-up patch, support for bitops instrumentation will be added. Signed-off-by: Marco Elver Acked-by: Mark Rutland Reviewed-by: Andrey Ryabinin --- Changes in v5: * Remove incorrect comment. Changes in v4: * Remove "within-bounds" tests. * Allocate sizeof(*bite) + 1, to not actually corrupt other memory in case instrumentation isn't working. * Clarify that accesses operate on whole longs, which causes OOB regardless of the bit accessed beyond the first long in the test. Changes in v3: * Use kzalloc instead of kmalloc. * Use sizeof(*bits). Changes in v2: * Use BITS_PER_LONG. * Use heap allocated memory for test, as newer compilers (correctly) warn on OOB stack access. --- lib/test_kasan.c | 81 ++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 78 insertions(+), 3 deletions(-) diff --git a/lib/test_kasan.c b/lib/test_kasan.c index 7de2702621dc..267f31a61870 100644 --- a/lib/test_kasan.c +++ b/lib/test_kasan.c @@ -11,16 +11,17 @@ #define pr_fmt(fmt) "kasan test: %s " fmt, __func__ +#include #include +#include #include -#include #include +#include +#include #include #include #include #include -#include -#include /* * Note: test functions are marked noinline so that their names appear in @@ -623,6 +624,79 @@ static noinline void __init kasan_strings(void) strnlen(ptr, 1); } +static noinline void __init kasan_bitops(void) +{ + /* + * Allocate 1 more byte, which causes kzalloc to round up to 16-bytes; + * this way we do not actually corrupt other memory. + */ + long *bits = kzalloc(sizeof(*bits) + 1, GFP_KERNEL); + if (!bits) + return; + + /* + * Below calls try to access bit within allocated memory; however, the + * below accesses are still out-of-bounds, since bitops are defined to + * operate on the whole long the bit is in. + */ + pr_info("out-of-bounds in set_bit\n"); + set_bit(BITS_PER_LONG, bits); + + pr_info("out-of-bounds in __set_bit\n"); + __set_bit(BITS_PER_LONG, bits); + + pr_info("out-of-bounds in clear_bit\n"); + clear_bit(BITS_PER_LONG, bits); + + pr_info("out-of-bounds in __clear_bit\n"); + __clear_bit(BITS_PER_LONG, bits); + + pr_info("out-of-bounds in clear_bit_unlock\n"); + clear_bit_unlock(BITS_PER_LONG, bits); + + pr_info("out-of-bounds in __clear_bit_unlock\n"); + __clear_bit_unlock(BITS_PER_LONG, bits); + + pr_info("out-of-bounds in change_bit\n"); + change_bit(BITS_PER_LONG, bits); + + pr_info("out-of-bounds in __change_bit\n"); + __change_bit(BITS_PER_LONG, bits); + + /* + * Below calls try to access bit beyond allocated memory. + */ + pr_info("out-of-bounds in test_and_set_bit\n"); + test_and_set_bit(BITS_PER_LONG + BITS_PER_BYTE, bits); + + pr_info("out-of-bounds in __test_and_set_bit\n"); + __test_and_set_bit(BITS_PER_LONG + BITS_PER_BYTE, bits); + + pr_info("out-of-bounds in test_and_set_bit_lock\n"); + test_and_set_bit_lock(BITS_PER_LONG + BITS_PER_BYTE, bits); + + pr_info("out-of-bounds in test_and_clear_bit\n"); + test_and_clear_bit(BITS_PER_LONG + BITS_PER_BYTE, bits); + + pr_info("out-of-bounds in __test_and_clear_bit\n"); + __test_and_clear_bit(BITS_PER_LONG + BITS_PER_BYTE, bits); + + pr_info("out-of-bounds in test_and_change_bit\n"); + test_and_change_bit(BITS_PER_LONG + BITS_PER_BYTE, bits); + + pr_info("out-of-bounds in __test_and_change_bit\n"); + __test_and_change_bit(BITS_PER_LONG + BITS_PER_BYTE, bits); + + pr_info("out-of-bounds in test_bit\n"); + (void)test_bit(BITS_PER_LONG + BITS_PER_BYTE, bits); + +#if defined(clear_bit_unlock_is_negative_byte) + pr_info("out-of-bounds in clear_bit_unlock_is_negative_byte\n"); + clear_bit_unlock_is_negative_byte(BITS_PER_LONG + BITS_PER_BYTE, bits); +#endif + kfree(bits); +} + static int __init kmalloc_tests_init(void) { /* @@ -664,6 +738,7 @@ static int __init kmalloc_tests_init(void) kasan_memchr(); kasan_memcmp(); kasan_strings(); + kasan_bitops(); kasan_restore_multi_shot(multishot); -- 2.22.0.rc2.383.gf4fbbf30c2-goog