On Wednesday, 31 January 2024 02:52:11 CST Andi Kleen wrote: > Elizabeth Figura <[email protected]> writes: > > > +TEST(test_wait_any) > > +{ > > + struct ntsync_mutex_args mutex_args = {0}; > > + struct ntsync_wait_args wait_args = {0}; > > + struct ntsync_sem_args sem_args = {0}; > > + __u32 owner, index, count; > > + struct timespec timeout; > > + int objs[2], fd, ret; > > + > > + clock_gettime(CLOCK_MONOTONIC, &timeout); > > + > > + fd = open("/dev/ntsync", O_CLOEXEC | O_RDONLY); > > + ASSERT_LE(0, fd); > > + > > + sem_args.count = 2; > > + sem_args.max = 3; > > + sem_args.sem = 0xdeadbeef; > > + ret = ioctl(fd, NTSYNC_IOC_CREATE_SEM, &sem_args); > > + EXPECT_EQ(0, ret); > > + EXPECT_NE(0xdeadbeef, sem_args.sem); > > + > > + mutex_args.owner = 0; > > + mutex_args.count = 0; > > + mutex_args.mutex = 0xdeadbeef; > > + ret = ioctl(fd, NTSYNC_IOC_CREATE_MUTEX, &mutex_args); > > + EXPECT_EQ(0, ret); > > + EXPECT_NE(0xdeadbeef, mutex_args.mutex); > > It seems your tests are missing test cases for exceeding any limits, > especially overflow/underflow cases. Since these are the most likely > for any security problems it would be good to have extra coverage here. > The fuzzers will hopefully hit it too. > > Also some stress testing with multiple threads would be useful.
Thanks, I'll add these.
