Commit cf6219ee authored by Kees Cook's avatar Kees Cook Committed by Shuah Khan

usercopy: Convert test_user_copy to KUnit test

Convert the runtime tests of hardened usercopy to standard KUnit tests.

Additionally disable usercopy_test_invalid() for systems with separate
address spaces (or no MMU) since it's not sensible to test for address
confusion there (e.g. m68k).
Co-developed-by: default avatarVitor Massaru Iha <vitor@massaru.org>
Signed-off-by: default avatarVitor Massaru Iha <vitor@massaru.org>
Link: https://lore.kernel.org/r/20200721174654.72132-1-vitor@massaru.orgTested-by: default avatarIvan Orlov <ivan.orlov0322@gmail.com>
Reviewed-by: default avatarDavid Gow <davidgow@google.com>
Signed-off-by: default avatarKees Cook <kees@kernel.org>
Signed-off-by: default avatarShuah Khan <skhan@linuxfoundation.org>
parent 51104c19
...@@ -11962,6 +11962,7 @@ F: arch/*/configs/hardening.config ...@@ -11962,6 +11962,7 @@ F: arch/*/configs/hardening.config
F: include/linux/overflow.h F: include/linux/overflow.h
F: include/linux/randomize_kstack.h F: include/linux/randomize_kstack.h
F: kernel/configs/hardening.config F: kernel/configs/hardening.config
F: lib/usercopy_kunit.c
F: mm/usercopy.c F: mm/usercopy.c
K: \b(add|choose)_random_kstack_offset\b K: \b(add|choose)_random_kstack_offset\b
K: \b__check_(object_size|heap_object)\b K: \b__check_(object_size|heap_object)\b
......
...@@ -2505,18 +2505,6 @@ config TEST_VMALLOC ...@@ -2505,18 +2505,6 @@ config TEST_VMALLOC
If unsure, say N. If unsure, say N.
config TEST_USER_COPY
tristate "Test user/kernel boundary protections"
depends on m
help
This builds the "test_user_copy" module that runs sanity checks
on the copy_to/from_user infrastructure, making sure basic
user/kernel boundary testing is working. If it fails to load,
a regression has been detected in the user/kernel memory boundary
protections.
If unsure, say N.
config TEST_BPF config TEST_BPF
tristate "Test BPF filter functionality" tristate "Test BPF filter functionality"
depends on m && NET depends on m && NET
...@@ -2814,6 +2802,15 @@ config SIPHASH_KUNIT_TEST ...@@ -2814,6 +2802,15 @@ config SIPHASH_KUNIT_TEST
This is intended to help people writing architecture-specific This is intended to help people writing architecture-specific
optimized versions. If unsure, say N. optimized versions. If unsure, say N.
config USERCOPY_KUNIT_TEST
tristate "KUnit Test for user/kernel boundary protections"
depends on KUNIT
default KUNIT_ALL_TESTS
help
This builds the "usercopy_kunit" module that runs sanity checks
on the copy_to/from_user infrastructure, making sure basic
user/kernel boundary testing is working.
config TEST_UDELAY config TEST_UDELAY
tristate "udelay test driver" tristate "udelay test driver"
help help
......
...@@ -78,7 +78,6 @@ obj-$(CONFIG_TEST_LKM) += test_module.o ...@@ -78,7 +78,6 @@ obj-$(CONFIG_TEST_LKM) += test_module.o
obj-$(CONFIG_TEST_VMALLOC) += test_vmalloc.o obj-$(CONFIG_TEST_VMALLOC) += test_vmalloc.o
obj-$(CONFIG_TEST_RHASHTABLE) += test_rhashtable.o obj-$(CONFIG_TEST_RHASHTABLE) += test_rhashtable.o
obj-$(CONFIG_TEST_SORT) += test_sort.o obj-$(CONFIG_TEST_SORT) += test_sort.o
obj-$(CONFIG_TEST_USER_COPY) += test_user_copy.o
obj-$(CONFIG_TEST_STATIC_KEYS) += test_static_keys.o obj-$(CONFIG_TEST_STATIC_KEYS) += test_static_keys.o
obj-$(CONFIG_TEST_STATIC_KEYS) += test_static_key_base.o obj-$(CONFIG_TEST_STATIC_KEYS) += test_static_key_base.o
obj-$(CONFIG_TEST_DYNAMIC_DEBUG) += test_dynamic_debug.o obj-$(CONFIG_TEST_DYNAMIC_DEBUG) += test_dynamic_debug.o
...@@ -388,6 +387,7 @@ CFLAGS_fortify_kunit.o += $(call cc-disable-warning, stringop-truncation) ...@@ -388,6 +387,7 @@ CFLAGS_fortify_kunit.o += $(call cc-disable-warning, stringop-truncation)
CFLAGS_fortify_kunit.o += $(DISABLE_STRUCTLEAK_PLUGIN) CFLAGS_fortify_kunit.o += $(DISABLE_STRUCTLEAK_PLUGIN)
obj-$(CONFIG_FORTIFY_KUNIT_TEST) += fortify_kunit.o obj-$(CONFIG_FORTIFY_KUNIT_TEST) += fortify_kunit.o
obj-$(CONFIG_SIPHASH_KUNIT_TEST) += siphash_kunit.o obj-$(CONFIG_SIPHASH_KUNIT_TEST) += siphash_kunit.o
obj-$(CONFIG_USERCOPY_KUNIT_TEST) += usercopy_kunit.o
obj-$(CONFIG_GENERIC_LIB_DEVMEM_IS_ALLOWED) += devmem_is_allowed.o obj-$(CONFIG_GENERIC_LIB_DEVMEM_IS_ALLOWED) += devmem_is_allowed.o
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment