lib/test_kasan.c: fix KASAN unit tests for tag-based KASAN (f33a0149) · Commits · 戴 / test

lib/test_kasan.c

+32 −17

Original line number	Diff line number	Diff line
		@@ -23,6 +23,10 @@

		#include <asm/page.h>

		#include "../mm/kasan/kasan.h"

		#define OOB_TAG_OFF (IS_ENABLED(CONFIG_KASAN_GENERIC) ? 0 : KASAN_SHADOW_SCALE_SIZE)

		/*
		* We assign some test results to these globals to make sure the tests
		* are not eliminated as dead code.
		@@ -48,7 +52,8 @@ static noinline void __init kmalloc_oob_right(void)
		return;
		}

		ptr[size] = 'x';
		ptr[size + OOB_TAG_OFF] = 'x';

		kfree(ptr);
		}

		@@ -100,7 +105,8 @@ static noinline void __init kmalloc_pagealloc_oob_right(void)
		return;
		}

		ptr[size] = 0;
		ptr[size + OOB_TAG_OFF] = 0;

		kfree(ptr);
		}

		@@ -170,7 +176,8 @@ static noinline void __init kmalloc_oob_krealloc_more(void)
		return;
		}

		ptr2[size2] = 'x';
		ptr2[size2 + OOB_TAG_OFF] = 'x';

		kfree(ptr2);
		}

		@@ -188,7 +195,9 @@ static noinline void __init kmalloc_oob_krealloc_less(void)
		kfree(ptr1);
		return;
		}
		ptr2[size2] = 'x';

		ptr2[size2 + OOB_TAG_OFF] = 'x';

		kfree(ptr2);
		}

		@@ -224,7 +233,8 @@ static noinline void __init kmalloc_oob_memset_2(void)
		return;
		}

		memset(ptr+7, 0, 2);
		memset(ptr + 7 + OOB_TAG_OFF, 0, 2);

		kfree(ptr);
		}

		@@ -240,7 +250,8 @@ static noinline void __init kmalloc_oob_memset_4(void)
		return;
		}

		memset(ptr+5, 0, 4);
		memset(ptr + 5 + OOB_TAG_OFF, 0, 4);

		kfree(ptr);
		}

		@@ -257,7 +268,8 @@ static noinline void __init kmalloc_oob_memset_8(void)
		return;
		}

		memset(ptr+1, 0, 8);
		memset(ptr + 1 + OOB_TAG_OFF, 0, 8);

		kfree(ptr);
		}

		@@ -273,7 +285,8 @@ static noinline void __init kmalloc_oob_memset_16(void)
		return;
		}

		memset(ptr+1, 0, 16);
		memset(ptr + 1 + OOB_TAG_OFF, 0, 16);

		kfree(ptr);
		}

		@@ -289,7 +302,8 @@ static noinline void __init kmalloc_oob_in_memset(void)
		return;
		}

		memset(ptr, 0, size+5);
		memset(ptr, 0, size + 5 + OOB_TAG_OFF);

		kfree(ptr);
		}

		@@ -423,7 +437,8 @@ static noinline void __init kmem_cache_oob(void)
		return;
		}

		*p = p[size];
		*p = p[size + OOB_TAG_OFF];

		kmem_cache_free(cache, p);
		kmem_cache_destroy(cache);
		}
		@@ -520,25 +535,25 @@ static noinline void __init copy_user_test(void)
		}

		pr_info("out-of-bounds in copy_from_user()\n");
		unused = copy_from_user(kmem, usermem, size + 1);
		unused = copy_from_user(kmem, usermem, size + 1 + OOB_TAG_OFF);

		pr_info("out-of-bounds in copy_to_user()\n");
		unused = copy_to_user(usermem, kmem, size + 1);
		unused = copy_to_user(usermem, kmem, size + 1 + OOB_TAG_OFF);

		pr_info("out-of-bounds in __copy_from_user()\n");
		unused = __copy_from_user(kmem, usermem, size + 1);
		unused = __copy_from_user(kmem, usermem, size + 1 + OOB_TAG_OFF);

		pr_info("out-of-bounds in __copy_to_user()\n");
		unused = __copy_to_user(usermem, kmem, size + 1);
		unused = __copy_to_user(usermem, kmem, size + 1 + OOB_TAG_OFF);

		pr_info("out-of-bounds in __copy_from_user_inatomic()\n");
		unused = __copy_from_user_inatomic(kmem, usermem, size + 1);
		unused = __copy_from_user_inatomic(kmem, usermem, size + 1 + OOB_TAG_OFF);

		pr_info("out-of-bounds in __copy_to_user_inatomic()\n");
		unused = __copy_to_user_inatomic(usermem, kmem, size + 1);
		unused = __copy_to_user_inatomic(usermem, kmem, size + 1 + OOB_TAG_OFF);

		pr_info("out-of-bounds in strncpy_from_user()\n");
		unused = strncpy_from_user(kmem, usermem, size + 1);
		unused = strncpy_from_user(kmem, usermem, size + 1 + OOB_TAG_OFF);

		vm_munmap((unsigned long)usermem, PAGE_SIZE);
		kfree(kmem);

Admin message