Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp3539008pxb; Wed, 13 Oct 2021 08:02:22 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwLHulPGyV3+YsMIZegAi6kYkPDXDmCpvE3SrPjc4TC3rkDV482II2ygTF7b9PFd0R2I1Uh X-Received: by 2002:a65:6554:: with SMTP id a20mr28214631pgw.107.1634137341790; Wed, 13 Oct 2021 08:02:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634137341; cv=none; d=google.com; s=arc-20160816; b=SCmywLX8sLhcQNOhFInVlsz1MztjPHR6mTRYejoHhfsvLykIQjGVoGKQonZh+yjLBf nctgeTVVTNx58SHkB7LWcFxRoB9HNMy10dgqJzFRzLtjjQaiNVVnytvlOy7RsvQk08c+ IG36TMvI/zVbn5PbD/52kEU4Ph4UFaBRt1mbRHKv1IhD+NgLEy6/0wFETMjNYj3Ydfr0 l71diQqkLT9jpRoPu1df0+1/YLu8YpgR8IMC23a+BGDaLuXSG1KEoCj8MrnMZcUlw+5P CptLDMEgHFKhBc8oBUO3bgzUnd5NvIVvK9K1dIq01uNxEp7cMjulOkvoL6t4R1IXPVgJ 8hQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=Z/4U1ZtgzbYAgnHL2K329RrZBH4lvI5Au3vtocKGV1E=; b=UyVuP5n87leHOKI7kdbZN0E3kTcL6mOdh/LV4eS9nRhQc0y8A/YF2iKLSmRYyBBo4T AuwAcLmdd75DKepXsCzuO1Lpjm0nNthxz1Dnid/O5Gzun5Pd6Bt2GPu3E/+lRqmyls2Q mjTDS3ifGKF0V3ckhktTPsoJHpiF00R7l7ISvpQxbdqGu3f8vs2mXvYhb7fiE7735GUm pFknLh42kSTx40m3wu2O40YTrm3apvUXes61wOYnPMVg2fQyXChbixT1IdMdeJIk7nlh cGpm06+OCwc/imM2qSXT9MwdYgWl0LTPOCOjoYq1NeZFg7LeWfeLIVtrmcVHhroie6sQ a9Bg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=D0mhcJwL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g5si19036871plt.215.2021.10.13.08.01.48; Wed, 13 Oct 2021 08:02:21 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=D0mhcJwL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235899AbhJMPCf (ORCPT + 99 others); Wed, 13 Oct 2021 11:02:35 -0400 Received: from mail.kernel.org ([198.145.29.99]:58602 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233133AbhJMPCe (ORCPT ); Wed, 13 Oct 2021 11:02:34 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 692F860720; Wed, 13 Oct 2021 15:00:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1634137231; bh=Kf8uHVjkarQQnfDUcAzsGWVS+btn2CLXNlG1S1kgSwM=; h=From:To:Cc:Subject:Date:From; b=D0mhcJwLXff71e4P+kB8dw5HLxZkq2KRq3oS5oOZYLI2yXYn8rEPgLHvRloyf6v1Z KogTzrfyowT60coi8wAwPzbZu8kRr2qTooWPwTGMVnJcOz282foh6hKxr/8KYXcMr5 HQx3FGDY9HdQMquCWwRSyY/427emkmqQEz7vt8sBymIKjUiZwJrOPYoAMnBa05F51S tnZtGIAudW0FNxetbOWTrfrPUfZXL8aY9bToV3lx6sN6hkF+5WJzIdp6Ke5c56FqSg JRdBS/6g45a1ljUwJb07hAE3jvz4Sz7dsX7d6R/LdAuYvazDlEr7tIrdDDG4CMI0FM DuA9ckSEmwvog== From: Arnd Bergmann To: linux-hardening@vger.kernel.org, Kees Cook , Andrey Ryabinin , Alexander Potapenko , Andrey Konovalov , Dmitry Vyukov , kasan-dev@googlegroups.com Cc: Arnd Bergmann , Andrew Morton , Marco Elver , Catalin Marinas , Peter Collingbourne , Patricia Alfonso , Vincenzo Frascino , linux-kernel@vger.kernel.org Subject: [PATCH 1/2] kasan: test: use underlying string helpers Date: Wed, 13 Oct 2021 17:00:05 +0200 Message-Id: <20211013150025.2875883-1-arnd@kernel.org> X-Mailer: git-send-email 2.29.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Arnd Bergmann Calling memcmp() and memchr() with an intentional buffer overflow is now caught at compile time: In function 'memcmp', inlined from 'kasan_memcmp' at lib/test_kasan.c:897:2: include/linux/fortify-string.h:263:25: error: call to '__read_overflow' declared with attribute error: detected read beyond size of object (1st parameter) 263 | __read_overflow(); | ^~~~~~~~~~~~~~~~~ In function 'memchr', inlined from 'kasan_memchr' at lib/test_kasan.c:872:2: include/linux/fortify-string.h:277:17: error: call to '__read_overflow' declared with attribute error: detected read beyond size of object (1st parameter) 277 | __read_overflow(); | ^~~~~~~~~~~~~~~~~ Change the kasan tests to wrap those inside of a noinline function to prevent the compiler from noticing the bug and let kasan find it at runtime. Signed-off-by: Arnd Bergmann --- lib/test_kasan.c | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/lib/test_kasan.c b/lib/test_kasan.c index 67ed689a0b1b..903215e944f1 100644 --- a/lib/test_kasan.c +++ b/lib/test_kasan.c @@ -852,6 +852,21 @@ static void kmem_cache_invalid_free(struct kunit *test) kmem_cache_destroy(cache); } +/* + * noinline wrappers to prevent the compiler from noticing the overflow + * at compile time rather than having kasan catch it. + * */ +static noinline void *__kasan_memchr(const void *s, int c, size_t n) +{ + return memchr(s, c, n); +} + +static noinline int __kasan_memcmp(const void *s1, const void *s2, size_t n) +{ + return memcmp(s1, s2, n); +} + + static void kasan_memchr(struct kunit *test) { char *ptr; @@ -870,7 +885,7 @@ static void kasan_memchr(struct kunit *test) KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); KUNIT_EXPECT_KASAN_FAIL(test, - kasan_ptr_result = memchr(ptr, '1', size + 1)); + kasan_ptr_result = __kasan_memchr(ptr, '1', size + 1)); kfree(ptr); } @@ -895,7 +910,7 @@ static void kasan_memcmp(struct kunit *test) memset(arr, 0, sizeof(arr)); KUNIT_EXPECT_KASAN_FAIL(test, - kasan_int_result = memcmp(ptr, arr, size+1)); + kasan_int_result = __kasan_memcmp(ptr, arr, size+1)); kfree(ptr); } -- 2.29.2