Re: [PATCH v3 2/2] usercopy: Convert test_user_copy to KUnit test

Fri, 14 Jun 2024 08:50:24 -0700 

On 6/12/24 13:59, Kees Cook wrote:

Convert the runtime tests of hardened usercopy to standard KUnit tests.

Additionally disable usercopy_test_invalid() for systems with separate
address spaces (or no MMU) since it's not sensible to test for address
confusion there (e.g. m68k).

Co-developed-by: Vitor Massaru Iha <[email protected]>
Signed-off-by: Vitor Massaru Iha <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Tested-by: Ivan Orlov <[email protected]>
Reviewed-by: David Gow <[email protected]>
Signed-off-by: Kees Cook <[email protected]>
---
  MAINTAINERS                                |   1 +
  lib/Kconfig.debug                          |  21 +-
  lib/Makefile                               |   2 +-
  lib/{test_user_copy.c => usercopy_kunit.c} | 282 ++++++++++-----------
  4 files changed, 151 insertions(+), 155 deletions(-)
  rename lib/{test_user_copy.c => usercopy_kunit.c} (46%)

diff --git a/MAINTAINERS b/MAINTAINERS
index 8754ac2c259d..0cd171ec6010 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -11962,6 +11962,7 @@ F:      arch/*/configs/hardening.config
  F:    include/linux/overflow.h
  F:    include/linux/randomize_kstack.h
  F:    kernel/configs/hardening.config
+F:     lib/usercopy_kunit.c
  F:    mm/usercopy.c
  K:    \b(add|choose)_random_kstack_offset\b
  K:    \b__check_(object_size|heap_object)\b
diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
index 59b6765d86b8..561e346f5cb0 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -2505,18 +2505,6 @@ config TEST_VMALLOC
If unsure, say N. -config TEST_USER_COPY 
-       tristate "Test user/kernel boundary protections"
-       depends on m
-       help
-         This builds the "test_user_copy" module that runs sanity checks
-         on the copy_to/from_user infrastructure, making sure basic
-         user/kernel boundary testing is working. If it fails to load,
-         a regression has been detected in the user/kernel memory boundary
-         protections.
-
-         If unsure, say N.
-
  config TEST_BPF
        tristate "Test BPF filter functionality"
        depends on m && NET
@@ -2814,6 +2802,15 @@ config SIPHASH_KUNIT_TEST
          This is intended to help people writing architecture-specific
          optimized versions.  If unsure, say N.
+config USERCOPY_KUNIT_TEST 
+       tristate "KUnit Test for user/kernel boundary protections"
+       depends on KUNIT
+       default KUNIT_ALL_TESTS
+       help
+         This builds the "usercopy_kunit" module that runs sanity checks
+         on the copy_to/from_user infrastructure, making sure basic
+         user/kernel boundary testing is working.
+


Please carry the following line forward as well to be complete assuming
it is relevant.

If unsure, say N.

thanks,
-- Shuah

Reply via email to