[PATCH 2/9] fortify: Allow KUnit test to build without FORTIFY

From: Kees Cook
Date: Wed Apr 05 2023 - 20:09:25 EST

Next message: Wesley Cheng: "Re: [PATCH] usb: dwc3: gadget: Stall and restart EP0 if host is unresponsive"
Previous message: Jaewon Kim: "[PATCH v2] dma-buf/heaps: system_heap: Avoid DoS by limiting single allocations to half of all memory"
In reply to: Kees Cook: "[PATCH 8/9] fortify: Add KUnit tests for runtime overflows"
Next in thread: Daniel Latypov: "Re: [PATCH 2/9] fortify: Allow KUnit test to build without FORTIFY"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Kees Cook <kees@xxxxxxxxxxx>

In order for CI systems to notice all the skipped tests related to
CONFIG_FORTIFY_SOURCE, allow the FORTIFY_SOURCE KUnit tests to build
with or without CONFIG_FORTIFY_SOURCE.

Signed-off-by: Kees Cook <kees@xxxxxxxxxxx>
---
lib/Kconfig.debug | 2 +-
lib/fortify_kunit.c | 15 +++++++++++++++
2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
index c8b379e2e9ad..d48a5f4b471e 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -2614,7 +2614,7 @@ config STACKINIT_KUNIT_TEST

config FORTIFY_KUNIT_TEST
tristate "Test fortified str*() and mem*() function internals at runtime" if !KUNIT_ALL_TESTS
- depends on KUNIT && FORTIFY_SOURCE
+ depends on KUNIT
default KUNIT_ALL_TESTS
help
Builds unit tests for checking internals of FORTIFY_SOURCE as used
diff --git a/lib/fortify_kunit.c b/lib/fortify_kunit.c
index c8c33cbaae9e..d054fc20a7d5 100644
--- a/lib/fortify_kunit.c
+++ b/lib/fortify_kunit.c
@@ -25,8 +25,21 @@ static const char array_of_10[] = "this is 10";
static const char *ptr_of_11 = "this is 11!";
static char array_unknown[] = "compiler thinks I might change";

+/* Handle being built without CONFIG_FORTIFY_SOURCE */
+#ifndef __compiletime_strlen
+# define __compiletime_strlen __builtin_strlen
+#endif
+
+#define skip_without_fortify() \
+do { \
+ if (!IS_ENABLED(CONFIG_FORTIFY_SOURCE)) \
+ kunit_skip(test, "Not built with CONFIG_FORTIFY_SOURCE=y"); \
+} while (0)
+
static void known_sizes_test(struct kunit *test)
{
+ skip_without_fortify();
+
KUNIT_EXPECT_EQ(test, __compiletime_strlen("88888888"), 8);
KUNIT_EXPECT_EQ(test, __compiletime_strlen(array_of_10), 10);
KUNIT_EXPECT_EQ(test, __compiletime_strlen(ptr_of_11), 11);
@@ -60,6 +73,8 @@ static noinline size_t want_minus_one(int pick)

static void control_flow_split_test(struct kunit *test)
{
+ skip_without_fortify();
+
KUNIT_EXPECT_EQ(test, want_minus_one(pick), SIZE_MAX);
}

--
2.34.1

Next message: Wesley Cheng: "Re: [PATCH] usb: dwc3: gadget: Stall and restart EP0 if host is unresponsive"
Previous message: Jaewon Kim: "[PATCH v2] dma-buf/heaps: system_heap: Avoid DoS by limiting single allocations to half of all memory"
In reply to: Kees Cook: "[PATCH 8/9] fortify: Add KUnit tests for runtime overflows"
Next in thread: Daniel Latypov: "Re: [PATCH 2/9] fortify: Allow KUnit test to build without FORTIFY"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]