Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp4246588pxb; Thu, 14 Oct 2021 01:16:44 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyHwDON/HhNXkuq8X8E5TGxySXwbvl2i5/xoiXscwLVX6c5Q7VIOCMC9uqNHz0wmkkpbPBL X-Received: by 2002:a05:6402:3588:: with SMTP id y8mr6437200edc.285.1634199404491; Thu, 14 Oct 2021 01:16:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634199404; cv=none; d=google.com; s=arc-20160816; b=GOU9UrcFj0Nrj7K3U55C/We3TFA9uOVovVHcvmpzbmfveRbBXLWx1hWyz3B2Bv4z6n eS9IP5AeMzmSCwLfeEBUbPSNNrHZc2t+Jljb6HMlD+Xsb1duQ9fiyhYB0OdsZ4eLyQ1t kZezHcO1wCXnlru15RcZlZj5wHWRJlz5OrywceOlgRC+7BJlhRGAHduV5voZT/glXAZd nUt1RzDg5rAyoODW0ZfspUnyDkiqTjnD819CCxXNGBLEtVjDXig6rhvZFu5hm+CpwdI3 zfktvtntJVIsYbGP69xPuKFC6AEcqSrNk2wzHHFZilwj0YnuuTjs4RUH/b6/J7vs0H5I nLYw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=T4BBGf8C8Hds99rvLv0C8gO68kXruefDce9diJnZZ/E=; b=hqMwSFlqPvsXymc+w0JDf/r0WOR4uc/lcZ2IWtY8wGX+xUyf/f+A62u552RYB5QBr1 udBW6xbckG6T7CSz/1gYM4B+vQFTe1z443ISkBt8CcBIsgjwA9yJanzLmFALVox+SG7Q 5TWslQX0LFLzfpELnIm1fQbPXamkiH1dkhhayvFC2h5jxNX9OGTDbMODel1itNZYT+YT xYm9kqJjF/h96mm9ToencCTbFM53eHvAwS9SarbPA+PscTlK7ejyREMgpDpN5jB6ER/V 8dX9zkWUkuWcaNqxlIokWTnvicW81oBaYeKbqobHNCCGqr4uqOoA6tpl2sj5/fLC9OOq r/uA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id y21si3770094edc.591.2021.10.14.01.16.20; Thu, 14 Oct 2021 01:16:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230051AbhJNIOk (ORCPT + 99 others); Thu, 14 Oct 2021 04:14:40 -0400 Received: from foss.arm.com ([217.140.110.172]:50984 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229992AbhJNIOk (ORCPT ); Thu, 14 Oct 2021 04:14:40 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 145C61063; Thu, 14 Oct 2021 01:12:35 -0700 (PDT) Received: from [192.168.1.131] (unknown [172.31.20.19]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id CD7A43F66F; Thu, 14 Oct 2021 01:12:31 -0700 (PDT) Subject: Re: [PATCH 1/2] kasan: test: use underlying string helpers To: Arnd Bergmann , linux-hardening@vger.kernel.org, Kees Cook , Andrey Ryabinin , Alexander Potapenko , Andrey Konovalov , Dmitry Vyukov , kasan-dev@googlegroups.com Cc: Arnd Bergmann , Andrew Morton , Marco Elver , Catalin Marinas , Peter Collingbourne , Patricia Alfonso , linux-kernel@vger.kernel.org References: <20211013150025.2875883-1-arnd@kernel.org> From: Vincenzo Frascino Message-ID: Date: Thu, 14 Oct 2021 10:12:54 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <20211013150025.2875883-1-arnd@kernel.org> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 10/13/21 5:00 PM, Arnd Bergmann wrote: > From: Arnd Bergmann > > Calling memcmp() and memchr() with an intentional buffer overflow > is now caught at compile time: > > In function 'memcmp', > inlined from 'kasan_memcmp' at lib/test_kasan.c:897:2: > include/linux/fortify-string.h:263:25: error: call to '__read_overflow' declared with attribute error: detected read beyond size of object (1st parameter) > 263 | __read_overflow(); > | ^~~~~~~~~~~~~~~~~ > In function 'memchr', > inlined from 'kasan_memchr' at lib/test_kasan.c:872:2: > include/linux/fortify-string.h:277:17: error: call to '__read_overflow' declared with attribute error: detected read beyond size of object (1st parameter) > 277 | __read_overflow(); > | ^~~~~~~~~~~~~~~~~ > > Change the kasan tests to wrap those inside of a noinline function > to prevent the compiler from noticing the bug and let kasan find > it at runtime. > > Signed-off-by: Arnd Bergmann Reviewed-by: Vincenzo Frascino > --- > lib/test_kasan.c | 19 +++++++++++++++++-- > 1 file changed, 17 insertions(+), 2 deletions(-) > > diff --git a/lib/test_kasan.c b/lib/test_kasan.c > index 67ed689a0b1b..903215e944f1 100644 > --- a/lib/test_kasan.c > +++ b/lib/test_kasan.c > @@ -852,6 +852,21 @@ static void kmem_cache_invalid_free(struct kunit *test) > kmem_cache_destroy(cache); > } > > +/* > + * noinline wrappers to prevent the compiler from noticing the overflow > + * at compile time rather than having kasan catch it. > + * */ > +static noinline void *__kasan_memchr(const void *s, int c, size_t n) > +{ > + return memchr(s, c, n); > +} > + > +static noinline int __kasan_memcmp(const void *s1, const void *s2, size_t n) > +{ > + return memcmp(s1, s2, n); > +} > + > + > static void kasan_memchr(struct kunit *test) > { > char *ptr; > @@ -870,7 +885,7 @@ static void kasan_memchr(struct kunit *test) > KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); > > KUNIT_EXPECT_KASAN_FAIL(test, > - kasan_ptr_result = memchr(ptr, '1', size + 1)); > + kasan_ptr_result = __kasan_memchr(ptr, '1', size + 1)); > > kfree(ptr); > } > @@ -895,7 +910,7 @@ static void kasan_memcmp(struct kunit *test) > memset(arr, 0, sizeof(arr)); > > KUNIT_EXPECT_KASAN_FAIL(test, > - kasan_int_result = memcmp(ptr, arr, size+1)); > + kasan_int_result = __kasan_memcmp(ptr, arr, size+1)); > kfree(ptr); > } > > -- Regards, Vincenzo