Re: [PATCH] lib: Add test module for CONFIG_DEBUG_VIRTUAL

From: Kees Cook
Date: Tue Aug 08 2017 - 15:58:52 EST


On Tue, Aug 8, 2017 at 11:35 AM, Luis R. Rodriguez <mcgrof@xxxxxxxxxx> wrote:
> On Tue, Aug 08, 2017 at 11:04:11AM -0700, Florian Fainelli wrote:
>> On 08/08/2017 10:57 AM, Luis R. Rodriguez wrote:
>> > On Tue, Aug 08, 2017 at 09:40:26AM -0700, Florian Fainelli wrote:
>> >> Add a test module that allows testing that CONFIG_DEBUG_VIRTUAL works
>> >> correctly, at least that it can catch invalid calls to virt_to_phys()
>> >> against the non-linear kernel virtual address map.
>> >>
>> >> Signed-off-by: Florian Fainelli <f.fainelli@xxxxxxxxx>
>> >> ---
>>
>> >> +static int __init test_debug_virtual_init(void)
>> >> +{
>> >> + phys_addr_t pa;
>> >> + void *va;
>> >> +
>> >> + va = (void *)VMALLOC_START;
>> >> + pa = virt_to_phys(va);
>> >> +
>> >> + pr_info("PA: %pa for VA: 0x%lx\n", &pa, (unsigned long)va);
>> >> +
>> >> + foo = kzalloc(sizeof(*foo), GFP_KERNEL);
>> >> + if (!foo)
>> >> + return -ENOMEM;
>> >> +
>> >> + pa = virt_to_phys(foo);
>> >> + va = foo;
>> >> + pr_info("PA: %pa for VA: 0x%lx\n", &pa, (unsigned long)va);
>> >
>> > Should there be a tests here of some sort? When should this fail, why?
>>
>> There is no test per-se, the kernel will produce warning with
>> CONFIG_DEBUG_VIRTUAL telling you that what you are doing is wrong.
>>
>> > There is no docs on this self test, could one be added?
>>
>> I suppose I could add one even though that just means pointing out the
>> code that produces the warning?
>
> A /* note */ indicating what you just said above would suffice then but
> typically tests return back to userspace an error, so another option
> would be to see if one could get a return value that an error happened
> and return that back to the module init. Grepping just for warning for
> an error seems error prone.

If the test depends on the kernel's response (i.e. WARN, BUG, panic)
that cannot be detected in the test itself, it may be better suited
for lkdtm (drivers/misc/lkdtm*) which is almost entirely comprised of
tests like that.

-Kees

--
Kees Cook
Pixel Security