llvm.lists.linux.dev archive mirror
 help / color / mirror / Atom feed
* [PATCH] kunit/fortify: Expand testing of __compiletime_strlen()
@ 2025-03-12  0:03 Kees Cook
  0 siblings, 0 replies; only message in thread
From: Kees Cook @ 2025-03-12  0:03 UTC (permalink / raw)
  To: Nathan Chancellor
  Cc: Kees Cook, linux-hardening, Nick Desaulniers, Bill Wendling,
	Justin Stitt, linux-kernel, llvm

It seems that Clang thinks __builtin_constant_p() of undefined variables
should return true[1]. This is being fixed separately[2], but in the
meantime, expand the fortify tests to help track this kind of thing down
faster in the future.

Link: https://github.com/ClangBuiltLinux/linux/issues/2073 [1]
Link: https://github.com/llvm/llvm-project/pull/130713 [2]
Signed-off-by: Kees Cook <kees@kernel.org>
---
Cc: Nathan Chancellor <nathan@kernel.org>
Cc: linux-hardening@vger.kernel.org
---
 lib/tests/fortify_kunit.c | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/lib/tests/fortify_kunit.c b/lib/tests/fortify_kunit.c
index ecb638d4cde1..18dcdedf777f 100644
--- a/lib/tests/fortify_kunit.c
+++ b/lib/tests/fortify_kunit.c
@@ -60,6 +60,7 @@ static int fortify_write_overflows;
 
 static const char array_of_10[] = "this is 10";
 static const char *ptr_of_11 = "this is 11!";
+static const char * const unchanging_12 = "this is 12!!";
 static char array_unknown[] = "compiler thinks I might change";
 
 void fortify_add_kunit_error(int write)
@@ -83,12 +84,28 @@ void fortify_add_kunit_error(int write)
 
 static void fortify_test_known_sizes(struct kunit *test)
 {
+	char stack[80] = "Test!";
+
+	KUNIT_EXPECT_FALSE(test, __is_constexpr(__builtin_strlen(stack)));
+	KUNIT_EXPECT_EQ(test, __compiletime_strlen(stack), 5);
+
+	KUNIT_EXPECT_TRUE(test, __is_constexpr(__builtin_strlen("88888888")));
 	KUNIT_EXPECT_EQ(test, __compiletime_strlen("88888888"), 8);
+
+	KUNIT_EXPECT_TRUE(test, __is_constexpr(__builtin_strlen(array_of_10)));
 	KUNIT_EXPECT_EQ(test, __compiletime_strlen(array_of_10), 10);
+
+	KUNIT_EXPECT_FALSE(test, __is_constexpr(__builtin_strlen(ptr_of_11)));
 	KUNIT_EXPECT_EQ(test, __compiletime_strlen(ptr_of_11), 11);
 
+	KUNIT_EXPECT_TRUE(test, __is_constexpr(__builtin_strlen(unchanging_12)));
+	KUNIT_EXPECT_EQ(test, __compiletime_strlen(unchanging_12), 12);
+
+	KUNIT_EXPECT_FALSE(test, __is_constexpr(__builtin_strlen(array_unknown)));
 	KUNIT_EXPECT_EQ(test, __compiletime_strlen(array_unknown), SIZE_MAX);
+
 	/* Externally defined and dynamically sized string pointer: */
+	KUNIT_EXPECT_FALSE(test, __is_constexpr(__builtin_strlen(test->name)));
 	KUNIT_EXPECT_EQ(test, __compiletime_strlen(test->name), SIZE_MAX);
 }
 
-- 
2.34.1


^ permalink raw reply related	[flat|nested] only message in thread
only message in thread, other threads:[~2025-03-12  0:04 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-03-12  0:03 [PATCH] kunit/fortify: Expand testing of __compiletime_strlen() Kees Cook

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).