Received: by 2002:ab2:6c55:0:b0:1fd:c486:4f03 with SMTP id v21csp670610lqp; Wed, 12 Jun 2024 12:32:12 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWQnSFl9pw/ojOsbRa+MeR11g+BlaRJwEFoeZbXQGqHp4/gsSyWPFxZ+bbGj+iVfscTtbEbpNfdPpdhxAEgiiG/jgZhJaIwscTSc/1jWg== X-Google-Smtp-Source: AGHT+IGTuTf9D2tzsGzZHwYXZ6OEIr0DCAN/Ufm2kzwitDAAwOuAs/UAzJs8bVrcbrNH0hYxb66O X-Received: by 2002:a05:6a20:d48f:b0:1b7:ad9:1a06 with SMTP id adf61e73a8af0-1b8a9c82277mr3318021637.60.1718220731829; Wed, 12 Jun 2024 12:32:11 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1718220731; cv=pass; d=google.com; s=arc-20160816; b=RhH4I3/Fz5DBr97iabOy0eJMFCFDd6GACxATvUkeuQm+4/zPA1R+uwthDuP9PPgK8M m73qfZn3e05zrGZCEl3BO/9LlJ7RO0DLxE9sRMQ+n4reOUoRfgAPAqYPFP2Z+h7wzQu+ DBo6u1Xv/u2Ou2liCZGp2y2HhRcZw5JEYE9pYGzjREv/1lNcIvpBRmW1uvBmEhiA/9VO g58YHU2qFIYsGZC02D/J4RIJpYug0jhWUrGR0ps+GE8F3wxqO4eKz/OQmMsgKw+68tO2 mOt4pvo7VpLTi+YkTP7xX1kVdn0CPtC8wHtHLjcgp1edWKH8OhhmkbWCDJXuNek5Z9yR QF6A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence; bh=o9H3Nrhjw0EDFs2mHp/oL+kQ0y9WJBzcaGC/TcFVbrU=; fh=m2vxdmPa5ImHp6TnkyDbVnVwd3H1MzwmVi04uR7aaJI=; b=0ehYU9ZoluIrCdSnqcBGJdHDtcIJ8yAfU1nOtqTZaCuEXikROVIxwKAIEOGt9cfRkw 3ga9U6SOcU/HF9UHw8NxMMzgk0My1EDFmejmZUztthhlYc5PaM10kSdLwVGQHcadHQBN l6HwIjob4p8HmHoyikUjmIyKfAKVuFml/SIk3L9IhNOitfK8deccj+PC8Ee43JTBH4fc ISEexcfh80yiwSj5kw9AqxO8FlanC5usX0RVLuE63kyehptZu+aCCAQl/IaHoo38Fg1H kyvmqIIfF2DptTm9esTLA5j5pjuGEG5vr9iq+hMFzhjFINPzFefhhH8gzTfbTGZZ5Xy6 zb/w==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-212151-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-212151-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id 98e67ed59e1d1-2c4a76abcedsi2016363a91.90.2024.06.12.12.32.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Jun 2024 12:32:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-212151-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-212151-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-212151-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id DF0F8288F10 for ; Wed, 12 Jun 2024 19:23:03 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1D3AB839EA; Wed, 12 Jun 2024 19:22:13 +0000 (UTC) Received: from mail-yb1-f170.google.com (mail-yb1-f170.google.com [209.85.219.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8EDA28526C; Wed, 12 Jun 2024 19:22:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.170 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718220132; cv=none; b=praMIBXH/giYS/c39LkH6d6zcgOscVElS/kD+MrtfOZkxi1LQOuLU+xB+LmY+wt06Ig96r1+8BmTZL1ifsSDvSbEm5R5R7J7jSbiYPIDqUFlGdPXxJx1CG31JbJhnGcPK4dCTuDtQoLLt3yrwFRLOnWywTrATycIJKDh6Hn4OJU= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718220132; c=relaxed/simple; bh=EJ2U0PBqYGloWqGwHp67L2zESA8Kvm6C7y+3Lwt/JAY=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=A/8F8+xJEd1Gni1TJGBVSVb1DiGyOkta5MAgijRPnw7ghwPPdpJX09eNbAg9YFyWVlnc89pdSc1mzENgtoVzZeyKKoEO1mJP4debYaK0IpApnQk+t0CoWkF50woStFxolTOum2PbF7wgDLtcowreh4SLvFV8BjpaRcFeL75Mh2o= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=linux-m68k.org; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.219.170 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=linux-m68k.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-yb1-f170.google.com with SMTP id 3f1490d57ef6-dfdff9771f8so252745276.1; Wed, 12 Jun 2024 12:22:10 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718220128; x=1718824928; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=o9H3Nrhjw0EDFs2mHp/oL+kQ0y9WJBzcaGC/TcFVbrU=; b=H3A4UYvRlxoljART4ch0VRrnsbSnTuape3wPhks1ckjMx37wO2Bh+3ft59db8hZnKq 07tKc/sePhte7H5T5+uY+o7B5y3amF+d1cI+2IRcKOH1VwszwAJE2yCxqlZcVMEefLvj ZrKDX3EMr1D0oYJmtBxOmkzrCY1jXcgQ6jdTxo4vFWQ2vM52ONcWFIAAZD51gIBLEnKa OtGAtjHCoGo9y8Gn2SImwElfvadUjX0xFB4Dti6HhkHbbIuAVnRDuDVJ3KmkfQPB7NR5 7lQkTv9KONJswJW5sLFVBrZO3GsdAphKgfqTJV3ihrxHzd8XwwpD5RwUOtuXi4Q7XWpe /uoA== X-Forwarded-Encrypted: i=1; AJvYcCV4AYIcEfaDDwQkkzj1jr7Q0oY+cnhUAb8va9cClJLn97ZnwjslraIYd/FmtjdehHKZsMd4md69X7AcIo5XB2b/Zj9H7Mz4N3dCAcpCTf25GiNCxOG4PMsJROma7GyJyplJvZLjMbbmIAzdppEQNSi9SIfriBkCWMX1q5s66MeQnBGTnFY8QlD6mYGzaRfc X-Gm-Message-State: AOJu0YzSPNYytpCdgBD9vBaCukNcICk2LSHfKbxSr8QOPfci+7m2NLZy x//0vdbflnh2PAxdmPqq9llPzN9T2pqsWPZK3kwbB7aT54Q52rkCnQ6zpCzUYW0= X-Received: by 2002:a25:c74f:0:b0:dff:129:ade2 with SMTP id 3f1490d57ef6-dff0129b374mr105752276.12.1718220127623; Wed, 12 Jun 2024 12:22:07 -0700 (PDT) Received: from mail-yw1-f178.google.com (mail-yw1-f178.google.com. [209.85.128.178]) by smtp.gmail.com with ESMTPSA id 3f1490d57ef6-dff009bee58sm16809276.59.2024.06.12.12.22.06 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 12 Jun 2024 12:22:06 -0700 (PDT) Received: by mail-yw1-f178.google.com with SMTP id 00721157ae682-62a0809c805so2789637b3.0; Wed, 12 Jun 2024 12:22:06 -0700 (PDT) X-Forwarded-Encrypted: i=1; AJvYcCUmyibkF4LhYVjTyMAJ1XeDg4rRVomOo4bKMlZI5OHveoGVZ2etFVcqpqpADVEEDztIE3FZl3BpMY9GLkMAvJDQy1a6b+141+yZ21qkaSY72PAmayBSZ7E4TtxCrLKAnCkFIgLcqr8Rp0qZRaC/N43Z3XQG+v/z86ebFKg34dbg/CIoQMmc4SLU8PkLyk9D X-Received: by 2002:a81:4fd8:0:b0:615:e0e:d234 with SMTP id 00721157ae682-62fbbde9490mr28515547b3.16.1718220126141; Wed, 12 Jun 2024 12:22:06 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240610213055.it.075-kees@kernel.org> <20240610213330.1310156-2-kees@kernel.org> <202406120927.3C64ACD6@keescook> In-Reply-To: <202406120927.3C64ACD6@keescook> From: Geert Uytterhoeven Date: Wed, 12 Jun 2024 21:21:52 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2 2/2] usercopy: Convert test_user_copy to KUnit test To: Kees Cook Cc: Mark Rutland , David Gow , Vitor Massaru Iha , Ivan Orlov , Brendan Higgins , Rae Moar , "Gustavo A. R. Silva" , linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, kunit-dev@googlegroups.com, linux-hardening@vger.kernel.org, linux-m68k@lists.linux-m68k.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Kees, On Wed, Jun 12, 2024 at 6:51=E2=80=AFPM Kees Cook wrote: > On Wed, Jun 12, 2024 at 05:13:39PM +0800, David Gow wrote: > > On Tue, 11 Jun 2024 at 05:33, Kees Cook wrote: > > > Convert the runtime tests of hardened usercopy to standard KUnit test= s. > > > > > > Co-developed-by: Vitor Massaru Iha > > > Signed-off-by: Vitor Massaru Iha > > > Link: https://lore.kernel.org/r/20200721174654.72132-1-vitor@massaru.= org > > > Tested-by: Ivan Orlov > > > Signed-off-by: Kees Cook > > > --- > > > > This looks good, particularly with the x86 fix applied. > > > > It's still hanging on m68k -- I think at the 'illegal reversed > > copy_to_user passed' test -- but I'll admit to not having tried to > > debug it further. > > > > One other (set of) notes below about using KUNIT_EXPECT_MEMEQ_MSG(), > > otherwise (assuming the m68k stuff isn't actually a regression, which > > I haven't tested but I imagine is unlikely), > > I'm trying to debug a hang on m68k in the usercopy behavioral testing > routines. It's testing for the pathological case of having inverted > arguments to copy_to_user(): > > user_addr =3D kunit_vm_mmap(test, NULL, 0, priv->size, > PROT_READ | PROT_WRITE | PROT_EXEC, > MAP_ANONYMOUS | MAP_PRIVATE, 0); > ... > bad_usermem =3D (char *)user_addr; > ... > KUNIT_EXPECT_NE_MSG(test, copy_to_user((char __user *)kmem, bad_u= sermem, > PAGE_SIZE), 0, > "illegal reversed copy_to_user passed"); > > On other architectures, this immediate fails because the access_ok() > check rejects it. On m68k with CONFIG_ALTERNATE_USER_ADDRESS_SPACE, > access_ok() short-circuits to "true". I've tried reading > arch/m68k/include/asm/uaccess.h but I'm not sure what's happening under > CONFIG_CPU_HAS_ADDRESS_SPACES. On m68k CPUs that support CPU_HAS_ADDRESS_SPACES (i.e. all traditional 680x0 that can run real Linux), the CPU has separate address spaces for kernel and user addresses. Accessing userspace addresses is done using the special "moves" instruction, so we can just use the MMU to catch invalid accesses. > For now I've excluded that test for m68k, but I'm not sure what's > expected to happen here on m68k for this set of bad arguments. Can you > advise? Perhaps the kernel address is actually a valid user address, or vice versa? Does the test work on systems that use 4G/4G for kernel/userspace instead of the usual 1G/3G split? /me runs the old test_user_copy.ko on ARAnyM Seems to take a while? Or it hangs, too? Related reading material https://lore.kernel.org/all/CAMuHMdUzHwm5_TL7TNAOF+uqheJnKgsqF+_vzqGRzB_3eu= fKug@mail.gmail.com/ https://lore.kernel.org/all/CAMuHMdVQ93ihgcxUbjptTaHdPjxXLyVAsAr-m3tWBJV0kr= S2vw@mail.gmail.com/ Gr{oetje,eeting}s, Geert --=20 Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k= .org In personal conversations with technical people, I call myself a hacker. Bu= t when I'm talking to journalists I just say "programmer" or something like t= hat. -- Linus Torvalds