Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3128208pxj; Mon, 17 May 2021 18:31:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwjb0iqZx3/yNCly44wRzOTMZtM+X0wNo7y0GpNo8d4OGQdDFjY8hr4EGa6Prn2CZEVP805 X-Received: by 2002:a92:ce90:: with SMTP id r16mr2183616ilo.220.1621301477012; Mon, 17 May 2021 18:31:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1621301477; cv=none; d=google.com; s=arc-20160816; b=EDwO4HIxDbM6yf/4xJTZL1FuKYwwd4GWeXO6TNgkmXKVNOwM1Y9esgMYYp2ZKWTY9o HbJZ9/Ba/nUfdesUvBTbFbPSJxNCBTYULpi9Xq12/6Ud96mtu1WQv7lRb6yir8/RSWg9 W2ejlv1lCEHSDovTmyx2sufVjmTlvHQXf38AkMrQjLl4J+qWXgFSP6q1BmPcXcNOg/aR NXhv2/AooCp3NMTEd/kO6oPUhld6xHcQmcCc6zRuH9+gPwgG4Ktt8j5nkJSQ0TcjpW+t AnXsCJtQN3L1PySQzdnAFJCFPO73ActqVlwD/QGPoGaf/RjDTWV6jGfEO+8kw7JCeG2s 0csw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=bvAIk3kItreIRVmYajsZnWxaimx2pnUQe21sKSdcJf4=; b=otNCDEX9swP5Mg9rsJ2fvEQ0wGTcxTcYIgrKg2xZGFrtfWY8IcRVfXnYm2gRRDggcE 8EsDlQAvMwolp+lOYtIm2wjPA2aXl/Xz5MMNUOqQq6lY5YErfSQsIJug9o5xjqhjINAV XkWXPvITIWCaaLfbpiUeZZuaBEekCamRtHPusw1F3mmSvbpbVbhGz/6y17X3W5tTk5Am R4DPlP64VkmcGctGVYs1pcjMKgRWM/VE/kzcC8aB7RXTGPbANU8JDc23kMJ2o2mOUg5E P+a57/Wd0EYsRWFn7eOTtJ5NmIcXX9BKxvhHSkcClyAtn/sE0TO3CQxUSMxLNXh9FCkW MVlg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b="nc/FU5Zr"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v6si21735089jas.16.2021.05.17.18.31.04; Mon, 17 May 2021 18:31:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b="nc/FU5Zr"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240302AbhEQOdv (ORCPT + 99 others); Mon, 17 May 2021 10:33:51 -0400 Received: from mail.kernel.org ([198.145.29.99]:54856 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239640AbhEQO2p (ORCPT ); Mon, 17 May 2021 10:28:45 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 4A1906162B; Mon, 17 May 2021 14:14:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1621260871; bh=36nyn1CnhMES9ENY/LXJ93aq+G6k9QQAaQp5TxlZVPI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=nc/FU5Zr/s3ZXCsIx3mlqN8D9M6oM23rlcjd7yi8CcFgrZRYJjKeWZr0ohBZNGZTv SBLcDwqhIz98oP2l0GyCp5b/upUh7fgtJaREVY+GyBvCssUbvbTPdNapOA85gTmPur 3CcUhazhuoxMz/Yu3oCzLZSX/UfAjHriBTcdqTkE= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Peter Collingbourne , Alexander Potapenko , Andrey Konovalov , George Popescu , Elena Petrova , Evgenii Stepanov , Andrew Morton , Linus Torvalds Subject: [PATCH 5.12 257/363] kasan: fix unit tests with CONFIG_UBSAN_LOCAL_BOUNDS enabled Date: Mon, 17 May 2021 16:02:03 +0200 Message-Id: <20210517140311.287340895@linuxfoundation.org> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210517140302.508966430@linuxfoundation.org> References: <20210517140302.508966430@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Peter Collingbourne commit f649dc0e0d7b509c75570ee403723660f5b72ec7 upstream. These tests deliberately access these arrays out of bounds, which will cause the dynamic local bounds checks inserted by CONFIG_UBSAN_LOCAL_BOUNDS to fail and panic the kernel. To avoid this problem, access the arrays via volatile pointers, which will prevent the compiler from being able to determine the array bounds. These accesses use volatile pointers to char (char *volatile) rather than the more conventional pointers to volatile char (volatile char *) because we want to prevent the compiler from making inferences about the pointer itself (i.e. its array bounds), not the data that it refers to. Link: https://lkml.kernel.org/r/20210507025915.1464056-1-pcc@google.com Link: https://linux-review.googlesource.com/id/I90b1713fbfa1bf68ff895aef099ea77b98a7c3b9 Signed-off-by: Peter Collingbourne Tested-by: Alexander Potapenko Reviewed-by: Andrey Konovalov Cc: Peter Collingbourne Cc: George Popescu Cc: Elena Petrova Cc: Evgenii Stepanov Cc: Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- lib/test_kasan.c | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) --- a/lib/test_kasan.c +++ b/lib/test_kasan.c @@ -646,8 +646,20 @@ static char global_array[10]; static void kasan_global_oob(struct kunit *test) { - volatile int i = 3; - char *p = &global_array[ARRAY_SIZE(global_array) + i]; + /* + * Deliberate out-of-bounds access. To prevent CONFIG_UBSAN_LOCAL_BOUNDS + * from failing here and panicing the kernel, access the array via a + * volatile pointer, which will prevent the compiler from being able to + * determine the array bounds. + * + * This access uses a volatile pointer to char (char *volatile) rather + * than the more conventional pointer to volatile char (volatile char *) + * because we want to prevent the compiler from making inferences about + * the pointer itself (i.e. its array bounds), not the data that it + * refers to. + */ + char *volatile array = global_array; + char *p = &array[ARRAY_SIZE(global_array) + 3]; /* Only generic mode instruments globals. */ KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_KASAN_GENERIC); @@ -695,8 +707,9 @@ static void ksize_uaf(struct kunit *test static void kasan_stack_oob(struct kunit *test) { char stack_array[10]; - volatile int i = OOB_TAG_OFF; - char *p = &stack_array[ARRAY_SIZE(stack_array) + i]; + /* See comment in kasan_global_oob. */ + char *volatile array = stack_array; + char *p = &array[ARRAY_SIZE(stack_array) + OOB_TAG_OFF]; KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_KASAN_STACK); @@ -707,7 +720,9 @@ static void kasan_alloca_oob_left(struct { volatile int i = 10; char alloca_array[i]; - char *p = alloca_array - 1; + /* See comment in kasan_global_oob. */ + char *volatile array = alloca_array; + char *p = array - 1; /* Only generic mode instruments dynamic allocas. */ KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_KASAN_GENERIC); @@ -720,7 +735,9 @@ static void kasan_alloca_oob_right(struc { volatile int i = 10; char alloca_array[i]; - char *p = alloca_array + i; + /* See comment in kasan_global_oob. */ + char *volatile array = alloca_array; + char *p = array + i; /* Only generic mode instruments dynamic allocas. */ KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_KASAN_GENERIC);