On Fri, Jul 19, 2019 at 03:28:18PM +0200, Marco Elver wrote: > Adds a simple stack overflow test, to check the error being reported on > an overflow. Without CONFIG_STACK_GUARD_PAGE, the result is typically > some seemingly unrelated KASAN error message due to accessing random > other memory.
Can't we use the LKDTM_EXHAUST_STACK case to check this? I was also under the impression that the other KASAN self-tests weren't fatal, and IIUC this will kill the kernel. Given that, and given this is testing non-KASAN functionality, I'm not sure it makes sense to bundle this with the KASAN tests. Thanks, Mark. > > Signed-off-by: Marco Elver <[email protected]> > Cc: Thomas Gleixner <[email protected]> > Cc: Ingo Molnar <[email protected]> > Cc: Borislav Petkov <[email protected]> > Cc: "H. Peter Anvin" <[email protected]> > Cc: Andrey Ryabinin <[email protected]> > Cc: Alexander Potapenko <[email protected]> > Cc: Dmitry Vyukov <[email protected]> > Cc: Andrey Konovalov <[email protected]> > Cc: Mark Rutland <[email protected]> > Cc: Peter Zijlstra <[email protected]> > Cc: [email protected] > Cc: [email protected] > Cc: [email protected] > --- > lib/test_kasan.c | 36 ++++++++++++++++++++++++++++++++++++ > 1 file changed, 36 insertions(+) > > diff --git a/lib/test_kasan.c b/lib/test_kasan.c > index b63b367a94e8..3092ec01189d 100644 > --- a/lib/test_kasan.c > +++ b/lib/test_kasan.c > @@ -15,6 +15,7 @@ > #include <linux/mman.h> > #include <linux/module.h> > #include <linux/printk.h> > +#include <linux/sched/task_stack.h> > #include <linux/slab.h> > #include <linux/string.h> > #include <linux/uaccess.h> > @@ -709,6 +710,32 @@ static noinline void __init kmalloc_double_kzfree(void) > kzfree(ptr); > } > > +#ifdef CONFIG_STACK_GUARD_PAGE > +static noinline void __init stack_overflow_via_recursion(void) > +{ > + volatile int n = 512; > + > + BUILD_BUG_ON(IS_ENABLED(CONFIG_STACK_GROWSUP)); > + > + /* About to overflow: overflow via alloca'd array and try to write. */ > + if (!object_is_on_stack((void *)&n - n)) { > + volatile char overflow[n]; > + > + overflow[0] = overflow[0]; > + return; > + } > + > + stack_overflow_via_recursion(); > +} > + > +static noinline void __init kasan_stack_overflow(void) > +{ > + pr_info("stack overflow begin\n"); > + stack_overflow_via_recursion(); > + pr_info("stack overflow end\n"); > +} > +#endif > + > static int __init kmalloc_tests_init(void) > { > /* > @@ -753,6 +780,15 @@ static int __init kmalloc_tests_init(void) > kasan_bitops(); > kmalloc_double_kzfree(); > > +#ifdef CONFIG_STACK_GUARD_PAGE > + /* > + * Only test with CONFIG_STACK_GUARD_PAGE, as without we get other > + * random KASAN violations, due to accessing other random memory (we > + * want to avoid actually corrupting memory in these tests). > + */ > + kasan_stack_overflow(); > +#endif > + > kasan_restore_multi_shot(multishot); > > return -EAGAIN; > -- > 2.22.0.657.g960e92d24f-goog >
