From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B14CFC433ED for ; Thu, 6 May 2021 22:12:54 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 8D97661289 for ; Thu, 6 May 2021 22:12:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230384AbhEFWNw (ORCPT ); Thu, 6 May 2021 18:13:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38222 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230149AbhEFWNw (ORCPT ); Thu, 6 May 2021 18:13:52 -0400 Received: from mail-ej1-x62a.google.com (mail-ej1-x62a.google.com [IPv6:2a00:1450:4864:20::62a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 735ABC061574 for ; Thu, 6 May 2021 15:12:53 -0700 (PDT) Received: by mail-ej1-x62a.google.com with SMTP id gx5so10532936ejb.11 for ; Thu, 06 May 2021 15:12:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=g4k85sNna4acWN9ZC6UqwVS/egVVT59K9tfgh5ipaL0=; b=OeVrGpI2jXAJIL35oXmZsoEVD6ZtLijoYlhbF7/+AxfnOwk1Kn9GM42xPX34HpTT1e VIB4WmdjVvGw5/ORihmdcIMpOFKsvbBkEDGRJmNNOpic9tb11BUnMUtiaohv8uLvUZqo PkoGgbZ34boY2cb/YV66fQ07QP1D064BHvfe01bsuIQDSMBGDDhdJH9pyZtWZeo12dU2 OJ10s44qQUR95JWko5VWCSzHJEnIXcx74ldRzn0X9IvXf6LGzvoA0ExpHPmsgnhLKGKU RcT/1Ganva7DAs+LpEIeZBC4WrNHGt5z2ixlCZJF7XcozrLm+paiJ/3h77GzbrY6Nj1Q dfRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=g4k85sNna4acWN9ZC6UqwVS/egVVT59K9tfgh5ipaL0=; b=DecEVQPkzM5bzQzgIl73im3sg+42rlFPbZhsH6yprKdzBj+F5oWpI9tN9KBtjk8s9+ aTkANFvzGIelGlyKOYZVn23CUil1hoBqmBJvFS+MpJqRIxjEbU49eiaeVFaYrJAoARMZ viQN1x5g+5PwYwfxtvzWJEKPTWIsskR8xCY2BCbNBUYtBLwageuq4MoQzOwgD5AjKbgi cIYdXoVDAenhYiGMcPzw6uyoK3Gs17TVoMFWjGMeDoztGWrYW2+fqSbHqv0QLoCMyAD3 vj8/NfSW1s22KhzzvMl8kiOD3d12fRfeACYXt+zrThqyBnkU9H6tev23TeS8IEmchySt 7RSw== X-Gm-Message-State: AOAM533dZ/xROod8Bf24WRCGWerqgjTAPjCA6j15ZJeb2qZ1jmW4aU/s Ugy92x+lvxk03GDgAk5BJjaKgj8S08aBjG6D9oo= X-Google-Smtp-Source: ABdhPJwaTRG1B8nTf5RhEh+PJTM99galXlQ0+1oFt+ozQCQX0tlFkxNgdyaZ9rH2/J3ZHEvRwvsG1XST6exVC7yPMQ0= X-Received: by 2002:a17:906:14c1:: with SMTP id y1mr6878062ejc.481.1620339172238; Thu, 06 May 2021 15:12:52 -0700 (PDT) MIME-Version: 1.0 References: <20210506212025.815380-1-pcc@google.com> In-Reply-To: <20210506212025.815380-1-pcc@google.com> From: Andrey Konovalov Date: Fri, 7 May 2021 00:12:41 +0200 Message-ID: Subject: Re: [PATCH] kasan: fix unit tests with CONFIG_UBSAN_LOCAL_BOUNDS enabled To: Peter Collingbourne Cc: Alexander Potapenko , George Popescu , Elena Petrova , Evgenii Stepanov , Andrew Morton , Linux Memory Management List , stable@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org On Thu, May 6, 2021 at 11:20 PM Peter Collingbourne wrote: > > These tests deliberately access these arrays out of bounds, > which will cause the dynamic local bounds checks inserted by > CONFIG_UBSAN_LOCAL_BOUNDS to fail and panic the kernel. To avoid this > problem, access the arrays via volatile pointers, which will prevent > the compiler from being able to determine the array bounds. > > Signed-off-by: Peter Collingbourne > Cc: stable@vger.kernel.org > Link: https://linux-review.googlesource.com/id/I90b1713fbfa1bf68ff895aef099ea77b98a7c3b9 > --- > lib/test_kasan.c | 14 ++++++++------ > 1 file changed, 8 insertions(+), 6 deletions(-) > > diff --git a/lib/test_kasan.c b/lib/test_kasan.c > index dc05cfc2d12f..2a078e8e7b8e 100644 > --- a/lib/test_kasan.c > +++ b/lib/test_kasan.c > @@ -654,8 +654,8 @@ static char global_array[10]; > > static void kasan_global_oob(struct kunit *test) > { > - volatile int i = 3; > - char *p = &global_array[ARRAY_SIZE(global_array) + i]; > + char *volatile array = global_array; > + char *p = &array[ARRAY_SIZE(global_array) + 3]; Nit: in the kernel, "volatile" usually comes before the pointer type. > > /* Only generic mode instruments globals. */ > KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_KASAN_GENERIC); > @@ -703,8 +703,8 @@ static void ksize_uaf(struct kunit *test) > static void kasan_stack_oob(struct kunit *test) > { > char stack_array[10]; > - volatile int i = OOB_TAG_OFF; > - char *p = &stack_array[ARRAY_SIZE(stack_array) + i]; > + char *volatile array = stack_array; > + char *p = &array[ARRAY_SIZE(stack_array) + OOB_TAG_OFF]; > > KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_KASAN_STACK); > > @@ -715,7 +715,8 @@ static void kasan_alloca_oob_left(struct kunit *test) > { > volatile int i = 10; > char alloca_array[i]; > - char *p = alloca_array - 1; > + char *volatile array = alloca_array; > + char *p = array - 1; > > /* Only generic mode instruments dynamic allocas. */ > KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_KASAN_GENERIC); > @@ -728,7 +729,8 @@ static void kasan_alloca_oob_right(struct kunit *test) > { > volatile int i = 10; > char alloca_array[i]; > - char *p = alloca_array + i; > + char *volatile array = alloca_array; > + char *p = array + i; > > /* Only generic mode instruments dynamic allocas. */ > KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_KASAN_GENERIC); > -- > 2.31.1.607.g51e8a6a459-goog > Acked-by: Andrey Konovalov Thanks, Peter! From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D5E16C433B4 for ; Thu, 6 May 2021 22:12:56 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 59C2A61164 for ; Thu, 6 May 2021 22:12:56 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 59C2A61164 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id D3E1E6B0070; Thu, 6 May 2021 18:12:55 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id CDC3E6B0071; Thu, 6 May 2021 18:12:55 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B559F6B0072; Thu, 6 May 2021 18:12:55 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0117.hostedemail.com [216.40.44.117]) by kanga.kvack.org (Postfix) with ESMTP id 9B9F46B0070 for ; Thu, 6 May 2021 18:12:55 -0400 (EDT) Received: from smtpin22.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id CD331181AC9C6 for ; Thu, 6 May 2021 22:12:53 +0000 (UTC) X-FDA: 78112207026.22.2AF020B Received: from mail-ej1-f42.google.com (mail-ej1-f42.google.com [209.85.218.42]) by imf18.hostedemail.com (Postfix) with ESMTP id 282142000242 for ; Thu, 6 May 2021 22:12:55 +0000 (UTC) Received: by mail-ej1-f42.google.com with SMTP id t4so10644712ejo.0 for ; Thu, 06 May 2021 15:12:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=g4k85sNna4acWN9ZC6UqwVS/egVVT59K9tfgh5ipaL0=; b=OeVrGpI2jXAJIL35oXmZsoEVD6ZtLijoYlhbF7/+AxfnOwk1Kn9GM42xPX34HpTT1e VIB4WmdjVvGw5/ORihmdcIMpOFKsvbBkEDGRJmNNOpic9tb11BUnMUtiaohv8uLvUZqo PkoGgbZ34boY2cb/YV66fQ07QP1D064BHvfe01bsuIQDSMBGDDhdJH9pyZtWZeo12dU2 OJ10s44qQUR95JWko5VWCSzHJEnIXcx74ldRzn0X9IvXf6LGzvoA0ExpHPmsgnhLKGKU RcT/1Ganva7DAs+LpEIeZBC4WrNHGt5z2ixlCZJF7XcozrLm+paiJ/3h77GzbrY6Nj1Q dfRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=g4k85sNna4acWN9ZC6UqwVS/egVVT59K9tfgh5ipaL0=; b=AVPQ6U0oRUOJ19iZ0lrZ2JLuWnCMtnxXkQ4xbiZwMDN7BhlEHX/jUZt5H9l/X/z/EZ B31kzwr4PNyyZ1k8wmo38b52U+t+zX6YQ3/coxoMQ+cw1S8R7ZKjAAq9cnBLM01vTcCU s/Z5899zpFImJwcnd1oyoSynuhdEuMveW7mI/VXi3rGVSRl1A0yLpBySi/A9V8QjUWM+ nd4CPHIkwVv+JPNZjePc2LCcaWkaDFM2e+u0PJz/BG1xvvOEwJEjEmsKyUB/tcsVEFd7 jZOWSI3XFQbIuAMsYzDJWMSothdNyR7kGFO7g1Y3V+i1HnATTLybjZu8WqjsMkuWzf3s fceQ== X-Gm-Message-State: AOAM530KT/sd+tZ0t3z6Agor9wWsxU3w3gJHnctwuYVNfzx27Mj0JgBj fceWASL74KMwnYOj4xR5I62mq8iVaabHUtnw5V4= X-Google-Smtp-Source: ABdhPJwaTRG1B8nTf5RhEh+PJTM99galXlQ0+1oFt+ozQCQX0tlFkxNgdyaZ9rH2/J3ZHEvRwvsG1XST6exVC7yPMQ0= X-Received: by 2002:a17:906:14c1:: with SMTP id y1mr6878062ejc.481.1620339172238; Thu, 06 May 2021 15:12:52 -0700 (PDT) MIME-Version: 1.0 References: <20210506212025.815380-1-pcc@google.com> In-Reply-To: <20210506212025.815380-1-pcc@google.com> From: Andrey Konovalov Date: Fri, 7 May 2021 00:12:41 +0200 Message-ID: Subject: Re: [PATCH] kasan: fix unit tests with CONFIG_UBSAN_LOCAL_BOUNDS enabled To: Peter Collingbourne Cc: Alexander Potapenko , George Popescu , Elena Petrova , Evgenii Stepanov , Andrew Morton , Linux Memory Management List , stable@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Authentication-Results: imf18.hostedemail.com; dkim=pass header.d=gmail.com header.s=20161025 header.b=OeVrGpI2; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf18.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.218.42 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com X-Stat-Signature: rkomd9gki76n43431peybp9iktucw4qo X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: 282142000242 Received-SPF: none (gmail.com>: No applicable sender policy available) receiver=imf18; identity=mailfrom; envelope-from=""; helo=mail-ej1-f42.google.com; client-ip=209.85.218.42 X-HE-DKIM-Result: pass/pass X-HE-Tag: 1620339175-610677 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, May 6, 2021 at 11:20 PM Peter Collingbourne wrote: > > These tests deliberately access these arrays out of bounds, > which will cause the dynamic local bounds checks inserted by > CONFIG_UBSAN_LOCAL_BOUNDS to fail and panic the kernel. To avoid this > problem, access the arrays via volatile pointers, which will prevent > the compiler from being able to determine the array bounds. > > Signed-off-by: Peter Collingbourne > Cc: stable@vger.kernel.org > Link: https://linux-review.googlesource.com/id/I90b1713fbfa1bf68ff895aef099ea77b98a7c3b9 > --- > lib/test_kasan.c | 14 ++++++++------ > 1 file changed, 8 insertions(+), 6 deletions(-) > > diff --git a/lib/test_kasan.c b/lib/test_kasan.c > index dc05cfc2d12f..2a078e8e7b8e 100644 > --- a/lib/test_kasan.c > +++ b/lib/test_kasan.c > @@ -654,8 +654,8 @@ static char global_array[10]; > > static void kasan_global_oob(struct kunit *test) > { > - volatile int i = 3; > - char *p = &global_array[ARRAY_SIZE(global_array) + i]; > + char *volatile array = global_array; > + char *p = &array[ARRAY_SIZE(global_array) + 3]; Nit: in the kernel, "volatile" usually comes before the pointer type. > > /* Only generic mode instruments globals. */ > KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_KASAN_GENERIC); > @@ -703,8 +703,8 @@ static void ksize_uaf(struct kunit *test) > static void kasan_stack_oob(struct kunit *test) > { > char stack_array[10]; > - volatile int i = OOB_TAG_OFF; > - char *p = &stack_array[ARRAY_SIZE(stack_array) + i]; > + char *volatile array = stack_array; > + char *p = &array[ARRAY_SIZE(stack_array) + OOB_TAG_OFF]; > > KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_KASAN_STACK); > > @@ -715,7 +715,8 @@ static void kasan_alloca_oob_left(struct kunit *test) > { > volatile int i = 10; > char alloca_array[i]; > - char *p = alloca_array - 1; > + char *volatile array = alloca_array; > + char *p = array - 1; > > /* Only generic mode instruments dynamic allocas. */ > KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_KASAN_GENERIC); > @@ -728,7 +729,8 @@ static void kasan_alloca_oob_right(struct kunit *test) > { > volatile int i = 10; > char alloca_array[i]; > - char *p = alloca_array + i; > + char *volatile array = alloca_array; > + char *p = array + i; > > /* Only generic mode instruments dynamic allocas. */ > KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_KASAN_GENERIC); > -- > 2.31.1.607.g51e8a6a459-goog > Acked-by: Andrey Konovalov Thanks, Peter!