February 2020 - Linux-kselftest-mirror

by Dmitry Vyukov

Hi Shuah, We discussed collecting and uploading all syzkaller reproducers somewhere. You wanted to see how they look. I've uploaded all current reproducers here: https://github.com/dvyukov/syzkaller-repros Minimalistic build/run scripts are included. +some testing mailing lists too as this can be used as a test suite If you have any potential uses for this, you are welcome to use it. But then we probably need to find some more official and shared place for them than my private github. The test programs can also be bulk updated if necessary, because all of this is auto-generated. Thanks

4 years, 1 month

5
24
0 0

[PATCH] kunit/kunit_kernel: Rebuild .config if .kunitconfig is modified

by sj38.park＠gmail.com

From: SeongJae Park <sjpark(a)amazon.de> Deletions of configs in the '.kunitconfig' is not applied because kunit rebuilds '.config' only if the '.config' is not a subset of the '.kunitconfig'. To allow the deletions to applied, this commit modifies the '.config' rebuild condition to addtionally check the modified times of those files. Signed-off-by: SeongJae Park <sjpark(a)amazon.de> --- tools/testing/kunit/kunit_kernel.py | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/tools/testing/kunit/kunit_kernel.py b/tools/testing/kunit/kunit_kernel.py index cc5d844ecca1..a3a5d6c7e66d 100644 --- a/tools/testing/kunit/kunit_kernel.py +++ b/tools/testing/kunit/kunit_kernel.py @@ -111,17 +111,22 @@ class LinuxSourceTree(object): return True def build_reconfig(self, build_dir): - """Creates a new .config if it is not a subset of the .kunitconfig.""" + """Creates a new .config if it is not a subset of, or older than the .kunitconfig.""" kconfig_path = get_kconfig_path(build_dir) if os.path.exists(kconfig_path): existing_kconfig = kunit_config.Kconfig() existing_kconfig.read_from_file(kconfig_path) - if not self._kconfig.is_subset_of(existing_kconfig): - print('Regenerating .config ...') - os.remove(kconfig_path) - return self.build_config(build_dir) - else: + subset = self._kconfig.is_subset_of(existing_kconfig) + + kunitconfig_mtime = os.path.getmtime(kunitconfig_path) + kconfig_mtime = os.path.getmtime(kconfig_path) + older = kconfig_mtime < kunitconfig_mtime + + if subset and not older: return True + print('Regenerating .config ...') + os.remove(kconfig_path) + return self.build_config(build_dir) else: print('Generating .config ...') return self.build_config(build_dir) -- 2.17.1

4 years, 1 month

8
12
0 0

[RFC PATCH 1/2] Port KASAN Tests to KUnit

by Patricia Alfonso

Transfer all previous tests for KASAN to KUnit so they can be run more easily. With proper KASAN integration into KUnit, developers can run these tests with their other KUnit tests and see "pass" or "fail" with the appropriate KASAN report instead of needing to parse each KASAN report to test KASAN functionalities. Stack tests do not work in UML so those tests are protected inside an "#if (CONFIG_KASAN_STACK == 1)" so this only runs if stack instrumentation is enabled. Signed-off-by: Patricia Alfonso <trishalfonso(a)google.com> --- The KUnit version of these tests could be in addition to the existing tests if that is preferred. lib/Kconfig.kasan | 2 +- lib/test_kasan.c | 352 +++++++++++++++++++++------------------------- 2 files changed, 161 insertions(+), 193 deletions(-) diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan index 5b54f3c9a741..f8cc9ed60677 100644 --- a/lib/Kconfig.kasan +++ b/lib/Kconfig.kasan @@ -160,7 +160,7 @@ config KASAN_VMALLOC config TEST_KASAN tristate "Module for testing KASAN for bug detection" - depends on m && KASAN + depends on KASAN && KUNIT help This is a test module doing various nasty things like out of bounds accesses, use after free. It is useful for testing diff --git a/lib/test_kasan.c b/lib/test_kasan.c index 3872d250ed2c..988650387a2a 100644 --- a/lib/test_kasan.c +++ b/lib/test_kasan.c @@ -23,17 +23,18 @@ #include <asm/page.h> +#include <kunit/test.h> + /* * Note: test functions are marked noinline so that their names appear in * reports. */ -static noinline void __init kmalloc_oob_right(void) +static noinline void kmalloc_oob_right(void) { char *ptr; size_t size = 123; - pr_info("out-of-bounds to right\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -44,12 +45,11 @@ static noinline void __init kmalloc_oob_right(void) kfree(ptr); } -static noinline void __init kmalloc_oob_left(void) +static noinline void kmalloc_oob_left(void) { char *ptr; size_t size = 15; - pr_info("out-of-bounds to left\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -60,12 +60,11 @@ static noinline void __init kmalloc_oob_left(void) kfree(ptr); } -static noinline void __init kmalloc_node_oob_right(void) +static noinline void kmalloc_node_oob_right(void) { char *ptr; size_t size = 4096; - pr_info("kmalloc_node(): out-of-bounds to right\n"); ptr = kmalloc_node(size, GFP_KERNEL, 0); if (!ptr) { pr_err("Allocation failed\n"); @@ -77,7 +76,7 @@ static noinline void __init kmalloc_node_oob_right(void) } #ifdef CONFIG_SLUB -static noinline void __init kmalloc_pagealloc_oob_right(void) +static noinline void kmalloc_pagealloc_oob_right(void) { char *ptr; size_t size = KMALLOC_MAX_CACHE_SIZE + 10; @@ -85,7 +84,6 @@ static noinline void __init kmalloc_pagealloc_oob_right(void) /* Allocate a chunk that does not fit into a SLUB cache to trigger * the page allocator fallback. */ - pr_info("kmalloc pagealloc allocation: out-of-bounds to right\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -96,12 +94,11 @@ static noinline void __init kmalloc_pagealloc_oob_right(void) kfree(ptr); } -static noinline void __init kmalloc_pagealloc_uaf(void) +static noinline void kmalloc_pagealloc_uaf(void) { char *ptr; size_t size = KMALLOC_MAX_CACHE_SIZE + 10; - pr_info("kmalloc pagealloc allocation: use-after-free\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -112,12 +109,11 @@ static noinline void __init kmalloc_pagealloc_uaf(void) ptr[0] = 0; } -static noinline void __init kmalloc_pagealloc_invalid_free(void) +static noinline void kmalloc_pagealloc_invalid_free(void) { char *ptr; size_t size = KMALLOC_MAX_CACHE_SIZE + 10; - pr_info("kmalloc pagealloc allocation: invalid-free\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -128,14 +124,13 @@ static noinline void __init kmalloc_pagealloc_invalid_free(void) } #endif -static noinline void __init kmalloc_large_oob_right(void) +static noinline void kmalloc_large_oob_right(void) { char *ptr; size_t size = KMALLOC_MAX_CACHE_SIZE - 256; /* Allocate a chunk that is large enough, but still fits into a slab * and does not trigger the page allocator fallback in SLUB. */ - pr_info("kmalloc large allocation: out-of-bounds to right\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -146,13 +141,12 @@ static noinline void __init kmalloc_large_oob_right(void) kfree(ptr); } -static noinline void __init kmalloc_oob_krealloc_more(void) +static noinline void kmalloc_oob_krealloc_more(void) { char *ptr1, *ptr2; size_t size1 = 17; size_t size2 = 19; - pr_info("out-of-bounds after krealloc more\n"); ptr1 = kmalloc(size1, GFP_KERNEL); ptr2 = krealloc(ptr1, size2, GFP_KERNEL); if (!ptr1 || !ptr2) { @@ -166,13 +160,12 @@ static noinline void __init kmalloc_oob_krealloc_more(void) kfree(ptr2); } -static noinline void __init kmalloc_oob_krealloc_less(void) +static noinline void kmalloc_oob_krealloc_less(void) { char *ptr1, *ptr2; size_t size1 = 17; size_t size2 = 15; - pr_info("out-of-bounds after krealloc less\n"); ptr1 = kmalloc(size1, GFP_KERNEL); ptr2 = krealloc(ptr1, size2, GFP_KERNEL); if (!ptr1 || !ptr2) { @@ -184,13 +177,12 @@ static noinline void __init kmalloc_oob_krealloc_less(void) kfree(ptr2); } -static noinline void __init kmalloc_oob_16(void) +static noinline void kmalloc_oob_16(void) { struct { u64 words[2]; } *ptr1, *ptr2; - pr_info("kmalloc out-of-bounds for 16-bytes access\n"); ptr1 = kmalloc(sizeof(*ptr1) - 3, GFP_KERNEL); ptr2 = kmalloc(sizeof(*ptr2), GFP_KERNEL); if (!ptr1 || !ptr2) { @@ -204,12 +196,11 @@ static noinline void __init kmalloc_oob_16(void) kfree(ptr2); } -static noinline void __init kmalloc_oob_memset_2(void) +static noinline void kmalloc_oob_memset_2(void) { char *ptr; size_t size = 8; - pr_info("out-of-bounds in memset2\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -220,12 +211,11 @@ static noinline void __init kmalloc_oob_memset_2(void) kfree(ptr); } -static noinline void __init kmalloc_oob_memset_4(void) +static noinline void kmalloc_oob_memset_4(void) { char *ptr; size_t size = 8; - pr_info("out-of-bounds in memset4\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -237,12 +227,11 @@ static noinline void __init kmalloc_oob_memset_4(void) } -static noinline void __init kmalloc_oob_memset_8(void) +static noinline void kmalloc_oob_memset_8(void) { char *ptr; size_t size = 8; - pr_info("out-of-bounds in memset8\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -253,12 +242,11 @@ static noinline void __init kmalloc_oob_memset_8(void) kfree(ptr); } -static noinline void __init kmalloc_oob_memset_16(void) +static noinline void kmalloc_oob_memset_16(void) { char *ptr; size_t size = 16; - pr_info("out-of-bounds in memset16\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -269,12 +257,11 @@ static noinline void __init kmalloc_oob_memset_16(void) kfree(ptr); } -static noinline void __init kmalloc_oob_in_memset(void) +static noinline void kmalloc_oob_in_memset(void) { char *ptr; size_t size = 666; - pr_info("out-of-bounds in memset\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -285,12 +272,11 @@ static noinline void __init kmalloc_oob_in_memset(void) kfree(ptr); } -static noinline void __init kmalloc_uaf(void) +static noinline void kmalloc_uaf(void) { char *ptr; size_t size = 10; - pr_info("use-after-free\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -301,12 +287,11 @@ static noinline void __init kmalloc_uaf(void) *(ptr + 8) = 'x'; } -static noinline void __init kmalloc_uaf_memset(void) +static noinline void kmalloc_uaf_memset(void) { char *ptr; size_t size = 33; - pr_info("use-after-free in memset\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -317,12 +302,11 @@ static noinline void __init kmalloc_uaf_memset(void) memset(ptr, 0, size); } -static noinline void __init kmalloc_uaf2(void) +static noinline void kmalloc_uaf2(void) { char *ptr1, *ptr2; size_t size = 43; - pr_info("use-after-free after another kmalloc\n"); ptr1 = kmalloc(size, GFP_KERNEL); if (!ptr1) { pr_err("Allocation failed\n"); @@ -342,14 +326,13 @@ static noinline void __init kmalloc_uaf2(void) kfree(ptr2); } -static noinline void __init kfree_via_page(void) +static noinline void kfree_via_page(void) { char *ptr; size_t size = 8; struct page *page; unsigned long offset; - pr_info("invalid-free false positive (via page)\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -361,13 +344,12 @@ static noinline void __init kfree_via_page(void) kfree(page_address(page) + offset); } -static noinline void __init kfree_via_phys(void) +static noinline void kfree_via_phys(void) { char *ptr; size_t size = 8; phys_addr_t phys; - pr_info("invalid-free false positive (via phys)\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -378,7 +360,7 @@ static noinline void __init kfree_via_phys(void) kfree(phys_to_virt(phys)); } -static noinline void __init kmem_cache_oob(void) +static noinline void kmem_cache_oob(void) { char *p; size_t size = 200; @@ -389,7 +371,6 @@ static noinline void __init kmem_cache_oob(void) pr_err("Cache allocation failed\n"); return; } - pr_info("out-of-bounds in kmem_cache_alloc\n"); p = kmem_cache_alloc(cache, GFP_KERNEL); if (!p) { pr_err("Allocation failed\n"); @@ -402,7 +383,7 @@ static noinline void __init kmem_cache_oob(void) kmem_cache_destroy(cache); } -static noinline void __init memcg_accounted_kmem_cache(void) +static noinline void memcg_accounted_kmem_cache(void) { int i; char *p; @@ -415,7 +396,6 @@ static noinline void __init memcg_accounted_kmem_cache(void) return; } - pr_info("allocate memcg accounted object\n"); /* * Several allocations with a delay to allow for lazy per memcg kmem * cache creation. @@ -435,31 +415,19 @@ static noinline void __init memcg_accounted_kmem_cache(void) static char global_array[10]; -static noinline void __init kasan_global_oob(void) +static noinline void kasan_global_oob(void) { volatile int i = 3; char *p = &global_array[ARRAY_SIZE(global_array) + i]; - pr_info("out-of-bounds global variable\n"); - *(volatile char *)p; -} - -static noinline void __init kasan_stack_oob(void) -{ - char stack_array[10]; - volatile int i = 0; - char *p = &stack_array[ARRAY_SIZE(stack_array) + i]; - - pr_info("out-of-bounds on stack\n"); *(volatile char *)p; } -static noinline void __init ksize_unpoisons_memory(void) +static noinline void ksize_unpoisons_memory(void) { char *ptr; size_t size = 123, real_size; - pr_info("ksize() unpoisons the whole allocated chunk\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -473,72 +441,36 @@ static noinline void __init ksize_unpoisons_memory(void) kfree(ptr); } -static noinline void __init copy_user_test(void) +#if (CONFIG_KASAN_STACK == 1) +static noinline void kasan_stack_oob(void) { - char *kmem; - char __user *usermem; - size_t size = 10; - int unused; - - kmem = kmalloc(size, GFP_KERNEL); - if (!kmem) - return; - - usermem = (char __user *)vm_mmap(NULL, 0, PAGE_SIZE, - PROT_READ | PROT_WRITE | PROT_EXEC, - MAP_ANONYMOUS | MAP_PRIVATE, 0); - if (IS_ERR(usermem)) { - pr_err("Failed to allocate user memory\n"); - kfree(kmem); - return; - } - - pr_info("out-of-bounds in copy_from_user()\n"); - unused = copy_from_user(kmem, usermem, size + 1); - - pr_info("out-of-bounds in copy_to_user()\n"); - unused = copy_to_user(usermem, kmem, size + 1); - - pr_info("out-of-bounds in __copy_from_user()\n"); - unused = __copy_from_user(kmem, usermem, size + 1); - - pr_info("out-of-bounds in __copy_to_user()\n"); - unused = __copy_to_user(usermem, kmem, size + 1); - - pr_info("out-of-bounds in __copy_from_user_inatomic()\n"); - unused = __copy_from_user_inatomic(kmem, usermem, size + 1); - - pr_info("out-of-bounds in __copy_to_user_inatomic()\n"); - unused = __copy_to_user_inatomic(usermem, kmem, size + 1); - - pr_info("out-of-bounds in strncpy_from_user()\n"); - unused = strncpy_from_user(kmem, usermem, size + 1); + char stack_array[10]; + volatile int i = 0; + char *p = &stack_array[ARRAY_SIZE(stack_array) + i]; - vm_munmap((unsigned long)usermem, PAGE_SIZE); - kfree(kmem); + *(volatile char *)p; } -static noinline void __init kasan_alloca_oob_left(void) +static noinline void kasan_alloca_oob_left(void) { volatile int i = 10; char alloca_array[i]; char *p = alloca_array - 1; - pr_info("out-of-bounds to left on alloca\n"); *(volatile char *)p; } -static noinline void __init kasan_alloca_oob_right(void) +static noinline void kasan_alloca_oob_right(void) { volatile int i = 10; char alloca_array[i]; char *p = alloca_array + i; - pr_info("out-of-bounds to right on alloca\n"); *(volatile char *)p; } +#endif /* CONFIG_KASAN_STACK */ -static noinline void __init kmem_cache_double_free(void) +static noinline void kmem_cache_double_free(void) { char *p; size_t size = 200; @@ -549,7 +481,6 @@ static noinline void __init kmem_cache_double_free(void) pr_err("Cache allocation failed\n"); return; } - pr_info("double-free on heap object\n"); p = kmem_cache_alloc(cache, GFP_KERNEL); if (!p) { pr_err("Allocation failed\n"); @@ -562,7 +493,7 @@ static noinline void __init kmem_cache_double_free(void) kmem_cache_destroy(cache); } -static noinline void __init kmem_cache_invalid_free(void) +static noinline void kmem_cache_invalid_free(void) { char *p; size_t size = 200; @@ -574,7 +505,6 @@ static noinline void __init kmem_cache_invalid_free(void) pr_err("Cache allocation failed\n"); return; } - pr_info("invalid-free of heap object\n"); p = kmem_cache_alloc(cache, GFP_KERNEL); if (!p) { pr_err("Allocation failed\n"); @@ -594,12 +524,11 @@ static noinline void __init kmem_cache_invalid_free(void) kmem_cache_destroy(cache); } -static noinline void __init kasan_memchr(void) +static noinline void kasan_memchr(void) { char *ptr; size_t size = 24; - pr_info("out-of-bounds in memchr\n"); ptr = kmalloc(size, GFP_KERNEL | __GFP_ZERO); if (!ptr) return; @@ -608,13 +537,12 @@ static noinline void __init kasan_memchr(void) kfree(ptr); } -static noinline void __init kasan_memcmp(void) +static noinline void kasan_memcmp(void) { char *ptr; size_t size = 24; int arr[9]; - pr_info("out-of-bounds in memcmp\n"); ptr = kmalloc(size, GFP_KERNEL | __GFP_ZERO); if (!ptr) return; @@ -624,12 +552,11 @@ static noinline void __init kasan_memcmp(void) kfree(ptr); } -static noinline void __init kasan_strings(void) +static noinline void kasan_strings(void) { char *ptr; size_t size = 24; - pr_info("use-after-free in strchr\n"); ptr = kmalloc(size, GFP_KERNEL | __GFP_ZERO); if (!ptr) return; @@ -645,23 +572,18 @@ static noinline void __init kasan_strings(void) ptr += 16; strchr(ptr, '1'); - pr_info("use-after-free in strrchr\n"); strrchr(ptr, '1'); - pr_info("use-after-free in strcmp\n"); strcmp(ptr, "2"); - pr_info("use-after-free in strncmp\n"); strncmp(ptr, "2", 1); - pr_info("use-after-free in strlen\n"); strlen(ptr); - pr_info("use-after-free in strnlen\n"); strnlen(ptr, 1); } -static noinline void __init kasan_bitops(void) +static noinline void kasan_bitops(void) { /* * Allocate 1 more byte, which causes kzalloc to round up to 16-bytes; @@ -676,70 +598,52 @@ static noinline void __init kasan_bitops(void) * below accesses are still out-of-bounds, since bitops are defined to * operate on the whole long the bit is in. */ - pr_info("out-of-bounds in set_bit\n"); set_bit(BITS_PER_LONG, bits); - pr_info("out-of-bounds in __set_bit\n"); __set_bit(BITS_PER_LONG, bits); - pr_info("out-of-bounds in clear_bit\n"); clear_bit(BITS_PER_LONG, bits); - pr_info("out-of-bounds in __clear_bit\n"); __clear_bit(BITS_PER_LONG, bits); - pr_info("out-of-bounds in clear_bit_unlock\n"); clear_bit_unlock(BITS_PER_LONG, bits); - pr_info("out-of-bounds in __clear_bit_unlock\n"); __clear_bit_unlock(BITS_PER_LONG, bits); - pr_info("out-of-bounds in change_bit\n"); change_bit(BITS_PER_LONG, bits); - pr_info("out-of-bounds in __change_bit\n"); __change_bit(BITS_PER_LONG, bits); /* * Below calls try to access bit beyond allocated memory. */ - pr_info("out-of-bounds in test_and_set_bit\n"); test_and_set_bit(BITS_PER_LONG + BITS_PER_BYTE, bits); - pr_info("out-of-bounds in __test_and_set_bit\n"); __test_and_set_bit(BITS_PER_LONG + BITS_PER_BYTE, bits); - pr_info("out-of-bounds in test_and_set_bit_lock\n"); test_and_set_bit_lock(BITS_PER_LONG + BITS_PER_BYTE, bits); - pr_info("out-of-bounds in test_and_clear_bit\n"); test_and_clear_bit(BITS_PER_LONG + BITS_PER_BYTE, bits); - pr_info("out-of-bounds in __test_and_clear_bit\n"); __test_and_clear_bit(BITS_PER_LONG + BITS_PER_BYTE, bits); - pr_info("out-of-bounds in test_and_change_bit\n"); test_and_change_bit(BITS_PER_LONG + BITS_PER_BYTE, bits); - pr_info("out-of-bounds in __test_and_change_bit\n"); __test_and_change_bit(BITS_PER_LONG + BITS_PER_BYTE, bits); - pr_info("out-of-bounds in test_bit\n"); (void)test_bit(BITS_PER_LONG + BITS_PER_BYTE, bits); #if defined(clear_bit_unlock_is_negative_byte) - pr_info("out-of-bounds in clear_bit_unlock_is_negative_byte\n"); clear_bit_unlock_is_negative_byte(BITS_PER_LONG + BITS_PER_BYTE, bits); #endif kfree(bits); } -static noinline void __init kmalloc_double_kzfree(void) +static noinline void kmalloc_double_kzfree(void) { char *ptr; size_t size = 16; - pr_info("double-free (kzfree)\n"); ptr = kmalloc(size, GFP_KERNEL); if (!ptr) { pr_err("Allocation failed\n"); @@ -750,29 +654,130 @@ static noinline void __init kmalloc_double_kzfree(void) kzfree(ptr); } -#ifdef CONFIG_KASAN_VMALLOC -static noinline void __init vmalloc_oob(void) +static void kunit_test_oob(struct kunit *test) +{ + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_oob_right()); + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_oob_left()); + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_node_oob_right()); + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_large_oob_right()); + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_oob_krealloc_more()); + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_oob_krealloc_less()); + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_oob_16()); + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_oob_in_memset()); + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_oob_memset_2()); + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_oob_memset_4()); + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_oob_memset_8()); + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_oob_memset_16()); + KUNIT_EXPECT_KASAN_FAIL(test, kmem_cache_oob()); + KUNIT_EXPECT_KASAN_FAIL(test, kasan_global_oob()); + KUNIT_EXPECT_KASAN_FAIL(test, ksize_unpoisons_memory()); + KUNIT_EXPECT_KASAN_FAIL(test, kasan_memchr()); + KUNIT_EXPECT_KASAN_FAIL(test, kasan_memcmp()); + KUNIT_EXPECT_KASAN_FAIL(test, kasan_strings()); + KUNIT_EXPECT_KASAN_FAIL(test, kasan_bitops()); +#ifdef CONFIG_SLUB + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_pagealloc_oob_right()); +#endif /* CONFIG_SLUB */ + +#if (CONFIG_KASAN_STACK == 1) + KUNIT_EXPECT_KASAN_FAIL(test, kasan_stack_oob()); + KUNIT_EXPECT_KASAN_FAIL(test, kasan_alloca_oob_right()); + KUNIT_EXPECT_KASAN_FAIL(test, kasan_alloca_oob_left()); +#endif /*CONFIG_KASAN_STACK*/ +} + +static void kunit_test_uaf(struct kunit *test) +{ +#ifdef CONFIG_SLUB + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_pagealloc_uaf()); +#endif + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_uaf()); + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_uaf_memset()); + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_uaf2()); +} + +static void kunit_test_invalid_free(struct kunit *test) { - void *area; +#ifdef CONFIG_SLUB + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_pagealloc_invalid_free()); +#endif + KUNIT_EXPECT_KASAN_FAIL(test, kmem_cache_invalid_free()); + KUNIT_EXPECT_KASAN_FAIL(test, kmem_cache_double_free()); + KUNIT_EXPECT_KASAN_FAIL(test, kmalloc_double_kzfree()); +} - pr_info("vmalloc out-of-bounds\n"); +static void kunit_test_false_positives(struct kunit *test) +{ + kfree_via_page(); + kfree_via_phys(); +} - /* - * We have to be careful not to hit the guard page. - * The MMU will catch that and crash us. - */ - area = vmalloc(3000); - if (!area) { - pr_err("Allocation failed\n"); +static void kunit_test_memcg(struct kunit *test) +{ + memcg_accounted_kmem_cache(); +} + +static struct kunit_case kasan_kunit_test_cases[] = { + KUNIT_CASE(kunit_test_oob), + KUNIT_CASE(kunit_test_uaf), + KUNIT_CASE(kunit_test_invalid_free), + KUNIT_CASE(kunit_test_false_positives), + KUNIT_CASE(kunit_test_memcg), + {} +}; + +static struct kunit_suite kasan_kunit_test_suite = { + .name = "kasan_kunit_test", + .test_cases = kasan_kunit_test_cases, +}; + +kunit_test_suite(kasan_kunit_test_suite); + +#if IS_MODULE(CONFIG_TEST_KASAN) +static noinline void __init copy_user_test(void) +{ + char *kmem; + char __user *usermem; + size_t size = 10; + int unused; + + kmem = kmalloc(size, GFP_KERNEL); + if (!kmem) + return; + + usermem = (char __user *)vm_mmap(NULL, 0, PAGE_SIZE, + PROT_READ | PROT_WRITE | PROT_EXEC, + MAP_ANONYMOUS | MAP_PRIVATE, 0); + if (IS_ERR(usermem)) { + pr_err("Failed to allocate user memory\n"); + kfree(kmem); return; } - ((volatile char *)area)[3100]; - vfree(area); + pr_info("out-of-bounds in copy_from_user()\n"); + unused = copy_from_user(kmem, usermem, size + 1); + + pr_info("out-of-bounds in copy_to_user()\n"); + unused = copy_to_user(usermem, kmem, size + 1); + + pr_info("out-of-bounds in __copy_from_user()\n"); + unused = __copy_from_user(kmem, usermem, size + 1); + + pr_info("out-of-bounds in __copy_to_user()\n"); + unused = __copy_to_user(usermem, kmem, size + 1); + + pr_info("out-of-bounds in __copy_from_user_inatomic()\n"); + unused = __copy_from_user_inatomic(kmem, usermem, size + 1); + + pr_info("out-of-bounds in __copy_to_user_inatomic()\n"); + unused = __copy_to_user_inatomic(usermem, kmem, size + 1); + + pr_info("out-of-bounds in strncpy_from_user()\n"); + unused = strncpy_from_user(kmem, usermem, size + 1); + + vm_munmap((unsigned long)usermem, PAGE_SIZE); + kfree(kmem); } -#else -static void __init vmalloc_oob(void) {} -#endif static int __init kmalloc_tests_init(void) { @@ -782,44 +787,7 @@ static int __init kmalloc_tests_init(void) */ bool multishot = kasan_save_enable_multi_shot(); - kmalloc_oob_right(); - kmalloc_oob_left(); - kmalloc_node_oob_right(); -#ifdef CONFIG_SLUB - kmalloc_pagealloc_oob_right(); - kmalloc_pagealloc_uaf(); - kmalloc_pagealloc_invalid_free(); -#endif - kmalloc_large_oob_right(); - kmalloc_oob_krealloc_more(); - kmalloc_oob_krealloc_less(); - kmalloc_oob_16(); - kmalloc_oob_in_memset(); - kmalloc_oob_memset_2(); - kmalloc_oob_memset_4(); - kmalloc_oob_memset_8(); - kmalloc_oob_memset_16(); - kmalloc_uaf(); - kmalloc_uaf_memset(); - kmalloc_uaf2(); - kfree_via_page(); - kfree_via_phys(); - kmem_cache_oob(); - memcg_accounted_kmem_cache(); - kasan_stack_oob(); - kasan_global_oob(); - kasan_alloca_oob_left(); - kasan_alloca_oob_right(); - ksize_unpoisons_memory(); copy_user_test(); - kmem_cache_double_free(); - kmem_cache_invalid_free(); - kasan_memchr(); - kasan_memcmp(); - kasan_strings(); - kasan_bitops(); - kmalloc_double_kzfree(); - vmalloc_oob(); kasan_restore_multi_shot(multishot); @@ -827,4 +795,4 @@ static int __init kmalloc_tests_init(void) } module_init(kmalloc_tests_init); -MODULE_LICENSE("GPL"); +#endif /* IS_MODULE(CONFIG_TEST_KASAN) */ -- 2.25.0.265.gbab2e86ba0-goog

4 years, 1 month

6
30
0 0

[PATCH 0/3] riscv: add support for restartable sequence

by Vincent Chen

Add RSEQ, restartable sequence, support and related selftest to RISCV. The Kconfig option HAVE_REGS_AND_STACK_ACCESS_API is also required by RSEQ because RSEQ will modify the content of pt_regs.sepc through instruction_pointer_set() during the fixup procedure. In order to select the config HAVE_REGS_AND_STACK_ACCESS_API, the missing APIs for accessing pt_regs are also added in this patch set. The relevant RSEQ tests in kselftest require the Binutils patch "RISC-V: Fix linker problems with TLS copy relocs" to avoid placing PREINIT_ARRAY and TLS variable of librseq.so at the same address. https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=3e7bd7f… A segmental fault will happen if the Binutils misses this patch. Vincent Chen (3): riscv: add required functions to enable HAVE_REGS_AND_STACK_ACCESS_API riscv: Add support for restartable sequence rseq/selftests: Add support for riscv arch/riscv/Kconfig | 2 + arch/riscv/include/asm/ptrace.h | 29 +- arch/riscv/kernel/entry.S | 4 + arch/riscv/kernel/ptrace.c | 99 +++++ arch/riscv/kernel/signal.c | 3 + tools/testing/selftests/rseq/param_test.c | 23 ++ tools/testing/selftests/rseq/rseq-riscv.h | 622 ++++++++++++++++++++++++++++++ tools/testing/selftests/rseq/rseq.h | 2 + 8 files changed, 783 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/rseq/rseq-riscv.h -- 2.7.4

4 years, 1 month

3
8
0 0

[PATCH v3 0/4] Implement FUTEX_WAIT_MULTIPLE operation

by André Almeida

Hello, This patchset implements a new futex operation, called FUTEX_WAIT_MULTIPLE, which allows a thread to wait on several futexes at the same time, and be awoken by any of them. The use case lies in the Wine implementation of the Windows NT interface WaitMultipleObjects. This Windows API function allows a thread to sleep waiting on the first of a set of event sources (mutexes, timers, signal, console input, etc) to signal. Considering this is a primitive synchronization operation for Windows applications, being able to quickly signal events on the producer side, and quickly go to sleep on the consumer side is essential for good performance of those running over Wine. Since this API exposes a mechanism to wait on multiple objects, and we might have multiple waiters for each of these events, a M->N relationship, the current Linux interfaces fell short on performance evaluation of large M,N scenarios. We experimented, for instance, with eventfd, which has performance problems discussed below, but we also experimented with userspace solutions, like making each consumer wait on a condition variable guarding the entire list of objects, and then waking up multiple variables on the producer side, but this is prohibitively expensive since we either need to signal many condition variables or share that condition variable among multiple waiters, and then verify for the event being signaled in userspace, which means dealing with often false positive wakes ups. The natural interface to implement the behavior we want, also considering that one of the waitable objects is a mutex itself, would be the futex interface. Therefore, this patchset proposes a mechanism for a thread to wait on multiple futexes at once, and wake up on the first futex that was awaken. In particular, using futexes in our Wine use case reduced the CPU utilization by 4% for the game Beat Saber and by 1.5% for the game Shadow of Tomb Raider, both running over Proton (a Wine based solution for Windows emulation), when compared to the eventfd interface. This implementation also doesn't rely of file descriptors, so it doesn't risk overflowing the resource. In time, we are also proposing modifications to glibc and libpthread to make this feature available for Linux native multithreaded applications using libpthread, which can benefit from the behavior of waiting on any of a group of futexes. Technically, the existing FUTEX_WAIT implementation can be easily reworked by using futex_wait_multiple() with a count of one, and I have a patch showing how it works. I'm not proposing it, since futex is such a tricky code, that I'd be more comfortable to have FUTEX_WAIT_MULTIPLE running upstream for a couple development cycles, before considering modifying FUTEX_WAIT. The patch series includes an extensive set of kselftests validating the behavior of the interface. We also implemented support[1] on Syzkaller and survived the fuzzy testing. Finally, if you'd rather pull directly a branch with this set you can find it here: https://gitlab.collabora.com/tonyk/linux/commits/futex-dev-v3 The RFC for this patch can be found here: https://lkml.org/lkml/2019/7/30/1399 === Performance of eventfd === Polling on several eventfd contexts with semaphore semantics would provide us with the exact semantics we are looking for. However, as shown below, in a scenario with sufficient producers and consumers, the eventfd interface itself becomes a bottleneck, in particular because each thread will compete to acquire a sequence of waitqueue locks for each eventfd context in the poll list. In addition, in the uncontended case, where the producer is ready for consumption, eventfd still requires going into the kernel on the consumer side. When a write or a read operation in an eventfd file succeeds, it will try to wake up all threads that are waiting to perform some operation to the file. The lock (ctx->wqh.lock) that hold the access to the file value (ctx->count) is the same lock used to control access the waitqueue. When all those those thread woke, they will compete to get this lock. Along with that, the poll() also manipulates the waitqueue and need to hold this same lock. This lock is specially hard to acquire when poll() calls poll_freewait(), where it tries to free all waitqueues associated with this poll. While doing that, it will compete with a lot of read and write operations that have been waken. In our use case, with a huge number of parallel reads, writes and polls, this lock is a bottleneck and hurts the performance of applications. Our implementation of futex, however, decrease the calls of spin lock by more than 80% in some user applications. Finally, eventfd operates on file descriptors, which is a limited resource that has shown its limitation in our use cases. Despite the Windows interface not waiting on more than 64 objects at once, we still have multiple waiters at the same time, and we were easily able to exhaust the FD limits on applications like games. Thanks, André [1] https://github.com/andrealmeid/syzkaller/tree/futex-wait-multiple Gabriel Krisman Bertazi (4): futex: Implement mechanism to wait on any of several futexes selftests: futex: Add FUTEX_WAIT_MULTIPLE timeout test selftests: futex: Add FUTEX_WAIT_MULTIPLE wouldblock test selftests: futex: Add FUTEX_WAIT_MULTIPLE wake up test include/uapi/linux/futex.h | 20 + kernel/futex.c | 358 +++++++++++++++++- .../selftests/futex/functional/.gitignore | 1 + .../selftests/futex/functional/Makefile | 3 +- .../futex/functional/futex_wait_multiple.c | 173 +++++++++ .../futex/functional/futex_wait_timeout.c | 38 +- .../futex/functional/futex_wait_wouldblock.c | 28 +- .../testing/selftests/futex/functional/run.sh | 3 + .../selftests/futex/include/futextest.h | 22 ++ 9 files changed, 639 insertions(+), 7 deletions(-) create mode 100644 tools/testing/selftests/futex/functional/futex_wait_multiple.c -- 2.25.0

4 years, 1 month

7
20
0 0

[PATCH v2 0/7] kunit: create a centralized executor to dispatch all KUnit tests

by Brendan Higgins

## TL;DR This patchset adds a centralized executor to dispatch tests rather than relying on late_initcall to schedule each test suite separately along with a couple of new features that depend on it. ## What am I trying to do? Conceptually, I am trying to provide a mechanism by which test suites can be grouped together so that they can be reasoned about collectively. The last two of three patches in this series add features which depend on this: PATCH 5/7 Prints out a test plan right before KUnit tests are run[1]; this is valuable because it makes it possible for a test harness to detect whether the number of tests run matches the number of tests expected to be run, ensuring that no tests silently failed. PATCH 6/7 Add a new kernel command-line option which allows the user to specify that the kernel poweroff, halt, or reboot after completing all KUnit tests; this is very handy for running KUnit tests on UML or a VM so that the UML/VM process exits cleanly immediately after running all tests without needing a special initramfs. In addition, by dispatching tests from a single location, we can guarantee that all KUnit tests run after late_init is complete, which was a concern during the initial KUnit patchset review (this has not been a problem in practice, but resolving with certainty is nevertheless desirable). Other use cases for this exist, but the above features should provide an idea of the value that this could provide. Alan Maguire (1): kunit: test: create a single centralized executor for all tests Brendan Higgins (5): vmlinux.lds.h: add linker section for KUnit test suites arch: um: add linker section for KUnit test suites init: main: add KUnit to kernel init kunit: test: add test plan to KUnit TAP format Documentation: Add kunit_shutdown to kernel-parameters.txt David Gow (1): kunit: Add 'kunit_shutdown' option .../admin-guide/kernel-parameters.txt | 7 ++ arch/um/include/asm/common.lds.S | 4 + include/asm-generic/vmlinux.lds.h | 8 ++ include/kunit/test.h | 82 ++++++++++++------- init/main.c | 4 + lib/kunit/Makefile | 3 +- lib/kunit/executor.c | 71 ++++++++++++++++ lib/kunit/test.c | 11 --- tools/testing/kunit/kunit_kernel.py | 2 +- tools/testing/kunit/kunit_parser.py | 76 ++++++++++++++--- .../test_is_test_passed-all_passed.log | 1 + .../test_data/test_is_test_passed-crash.log | 1 + .../test_data/test_is_test_passed-failure.log | 1 + 13 files changed, 217 insertions(+), 54 deletions(-) create mode 100644 lib/kunit/executor.c -- 2.25.0.341.g760bfbb309-goog

4 years, 1 month

5
25
0 0

[PATCH v5 kunit-next 0/4] kunit: add debugfs representation to show results

by Alan Maguire

When kunit tests are run on native (i.e. non-UML) environments, the results of test execution are often intermixed with dmesg output. This patch series attempts to solve this by providing a debugfs representation of the results of the last test run, available as /sys/kernel/debug/kunit/<testsuite>/results Changes since v4: - added suite-level log expectations to kunit log test (Brendan, patch 2) - added log expectations (of it being NULL) for case where CONFIG_KUNIT_DEBUGFS=n to kunit log test (patch 2) - added patch 3 which replaces subtest tab indentation with 4 space indentation as per TAP 14 spec (Frank, patch 3) Changes since v3: - added CONFIG_KUNIT_DEBUGFS to support conditional compilation of debugfs representation, including string logging (Frank, patch 1) - removed unneeded NULL check for test_case in kunit_suite_for_each_test_case() (Frank, patch 1) - added kunit log test to verify logging multiple strings works (Frank, patch 2) - rephrased description of results file (Frank, patch 3) Changes since v2: - updated kunit_status2str() to kunit_status_to_string() and made it static inline in include/kunit/test.h (Brendan) - added log string to struct kunit_suite and kunit_case, with log pointer in struct kunit pointing at the case log. This allows us to collect kunit_[err|info|warning]() messages at the same time as we printk() them. This solves for the most part the sharing of log messages between test execution and debugfs since we just print the suite log (which contains the test suite preamble) and the individual test logs. The only exception is the suite-level status, which we cannot store in the suite log as it would mean we'd print the suite and its status prior to the suite's results. (Brendan, patch 1) - dropped debugfs-based kunit run patch for now so as not to cause problems with tests currently under development (Brendan) - fixed doc issues with code block (Brendan, patch 3) Changes since v1: - trimmed unneeded include files in lib/kunit/debugfs.c (Greg) - renamed global debugfs functions to be prefixed with kunit_ (Greg) - removed error checking for debugfs operations (Greg) Alan Maguire (4): kunit: add debugfs /sys/kernel/debug/kunit/<suite>/results display kunit: add log test kunit: subtests should be indented 4 spaces according to TAP kunit: update documentation to describe debugfs representation Documentation/dev-tools/kunit/usage.rst | 13 ++++ include/kunit/test.h | 59 ++++++++++++--- lib/kunit/Kconfig | 8 +++ lib/kunit/Makefile | 4 ++ lib/kunit/assert.c | 79 +++++++++++---------- lib/kunit/debugfs.c | 116 ++++++++++++++++++++++++++++++ lib/kunit/debugfs.h | 30 ++++++++ lib/kunit/kunit-test.c | 45 +++++++++++- lib/kunit/test.c | 122 ++++++++++++++++++++++++-------- 9 files changed, 395 insertions(+), 81 deletions(-) create mode 100644 lib/kunit/debugfs.c create mode 100644 lib/kunit/debugfs.h -- 1.8.3.1

4 years, 1 month

2
6
0 0

[RFC v1 0/6] kunit: create a centralized executor to dispatch all KUnit tests

by Brendan Higgins

## TL;DR This patchset adds a centralized executor to dispatch tests rather than relying on late_initcall to schedule each test suite separately along with a couple of new features that depend on it. ## What am I trying to do? Conceptually, I am trying to provide a mechanism by which test suites can be grouped together so that they can be reasoned about collectively. The last two patches in this series add features which depend on this: RFC 5/6 Prints out a test plan right before KUnit tests are run[1]; this is valuable because it makes it possible for a test harness to detect whether the number of tests run matches the number of tests expected to be run, ensuring that no tests silently failed. RFC 6/6 Add a new kernel command-line option which allows the user to specify that the kernel poweroff, halt, or reboot after completing all KUnit tests; this is very handy for running KUnit tests on UML or a VM so that the UML/VM process exits cleanly immediately after running all tests without needing a special initramfs. In addition, by dispatching tests from a single location, we can guarantee that all KUnit tests run after late_init is complete, which was a concern during the initial KUnit patchset review (this has not been a problem in practice, but resolving with certainty is nevertheless desirable). Other use cases for this exist, but the above features should provide an idea of the value that this could provide. ## What work remains to be done? These patches were based on patches in our non-upstream branch[2], so we have a pretty good idea that they are useable as presented; nevertheless, some of the changes done in this patchset could *definitely* use some review by subsystem experts (linker scripts, init, etc), and will likely change a lot after getting feedback. The biggest thing that I know will require additional attention is integrating this patchset with the KUnit module support patchset[3]. I have not even attempted to build these patches on top of the module support patches as I would like to get people's initial thoughts first (especially Alan's :-) ). I think that making these patches work with module support should be fairly straight forward, nevertheless. Brendan Higgins (5): vmlinux.lds.h: add linker section for KUnit test suites arch: um: add linker section for KUnit test suites kunit: test: create a single centralized executor for all tests init: main: add KUnit to kernel init kunit: test: add test plan to KUnit TAP format David Gow (1): kunit: Add 'kunit_shutdown' option arch/um/include/asm/common.lds.S | 4 + include/asm-generic/vmlinux.lds.h | 8 ++ include/kunit/test.h | 16 ++-- init/main.c | 4 + lib/kunit/Makefile | 3 +- lib/kunit/executor.c | 74 ++++++++++++++++++ lib/kunit/test.c | 11 --- tools/testing/kunit/kunit_kernel.py | 2 +- tools/testing/kunit/kunit_parser.py | 76 +++++++++++++++---- .../test_is_test_passed-all_passed.log | 1 + .../test_data/test_is_test_passed-crash.log | 1 + .../test_data/test_is_test_passed-failure.log | 1 + 12 files changed, 170 insertions(+), 31 deletions(-) create mode 100644 lib/kunit/executor.c [1]: https://github.com/isaacs/testanything.github.io/blob/tap14/tap-version-14-… [2]: https://kunit-review.googlesource.com/c/linux/+/1037 [3]: https://patchwork.kernel.org/project/linux-kselftest/list/?series=211727 -- 2.24.1.735.g03f4e72817-goog

4 years, 1 month

6
28
0 0

[PATCH v18 00/24] selftests, powerpc, x86: Memory Protection Keys

by Sandipan Das

Memory protection keys enables an application to protect its address space from inadvertent access by its own code. This feature is now enabled on powerpc and has been available since 4.16-rc1. The patches move the selftests to arch neutral directory and enhance their test coverage. Tested on powerpc64 and x86_64 (Skylake-SP). Link to development branch: https://github.com/sandip4n/linux/tree/pkey-selftests Changelog --------- Link to previous version (v17): https://patchwork.ozlabs.org/project/linuxppc-dev/list/?series=154174 v18: (1) Fixed issues with x86 multilib builds based on feedback from Dave. (2) Moved patch 2 to the end of the series. v17: (1) Fixed issues with i386 builds when running on x86_64 based on feedback from Dave. (2) Replaced patch 6 from previous version with patch 7. This addresses u64 format specifier related concerns that Michael had raised in v15. v16: (1) Rebased on top of latest master. (2) Switched to u64 instead of using an arch-dependent pkey_reg_t type for references to the pkey register based on suggestions from Dave, Michal and Michael. (3) Removed build time determination of page size based on suggestion from Michael. (4) Fixed comment before the definition of __page_o_noops() from patch 13 ("selftests/vm/pkeys: Introduce powerpc support"). v15: (1) Rebased on top of latest master. (2) Addressed review comments from Dave Hansen. (3) Moved code for getting or setting pkey bits to new helpers. These changes replace patch 7 of v14. (4) Added a fix which ensures that the correct count of reserved keys is used across different platforms. (5) Added a fix which ensures that the correct page size is used as powerpc supports both 4K and 64K pages. v14: (1) Incorporated another round of comments from Dave Hansen. v13: (1) Incorporated comments for Dave Hansen. (2) Added one more test for correct pkey-0 behavior. v12: (1) Fixed the offset of pkey field in the siginfo structure for x86_64 and powerpc. And tries to use the actual field if the headers have it defined. v11: (1) Fixed a deadlock in the ptrace testcase. v10 and prior: (1) Moved the testcase to arch neutral directory. (2) Split the changes into incremental patches. Desnes A. Nunes do Rosario (1): selftests/vm/pkeys: Fix number of reserved powerpc pkeys Ram Pai (16): selftests/x86/pkeys: Move selftests to arch-neutral directory selftests/vm/pkeys: Rename all references to pkru to a generic name selftests/vm/pkeys: Move generic definitions to header file selftests/vm/pkeys: Fix pkey_disable_clear() selftests/vm/pkeys: Fix assertion in pkey_disable_set/clear() selftests/vm/pkeys: Fix alloc_random_pkey() to make it really random selftests/vm/pkeys: Introduce generic pkey abstractions selftests/vm/pkeys: Introduce powerpc support selftests/vm/pkeys: Fix assertion in test_pkey_alloc_exhaust() selftests/vm/pkeys: Improve checks to determine pkey support selftests/vm/pkeys: Associate key on a mapped page and detect access violation selftests/vm/pkeys: Associate key on a mapped page and detect write violation selftests/vm/pkeys: Detect write violation on a mapped access-denied-key page selftests/vm/pkeys: Introduce a sub-page allocator selftests/vm/pkeys: Test correct behaviour of pkey-0 selftests/vm/pkeys: Override access right definitions on powerpc Sandipan Das (5): selftests: vm: pkeys: Use sane types for pkey register selftests: vm: pkeys: Add helpers for pkey bits selftests: vm: pkeys: Use the correct huge page size selftests: vm: pkeys: Use the correct page size on powerpc selftests: vm: pkeys: Fix multilib builds for x86 Thiago Jung Bauermann (2): selftests/vm/pkeys: Move some definitions to arch-specific header selftests/vm/pkeys: Make gcc check arguments of sigsafe_printf() tools/testing/selftests/vm/.gitignore | 1 + tools/testing/selftests/vm/Makefile | 73 ++ tools/testing/selftests/vm/pkey-helpers.h | 225 ++++++ tools/testing/selftests/vm/pkey-powerpc.h | 136 ++++ tools/testing/selftests/vm/pkey-x86.h | 181 +++++ .../selftests/{x86 => vm}/protection_keys.c | 696 ++++++++++-------- tools/testing/selftests/x86/.gitignore | 1 - tools/testing/selftests/x86/Makefile | 2 +- tools/testing/selftests/x86/pkey-helpers.h | 219 ------ 9 files changed, 1002 insertions(+), 532 deletions(-) create mode 100644 tools/testing/selftests/vm/pkey-helpers.h create mode 100644 tools/testing/selftests/vm/pkey-powerpc.h create mode 100644 tools/testing/selftests/vm/pkey-x86.h rename tools/testing/selftests/{x86 => vm}/protection_keys.c (74%) delete mode 100644 tools/testing/selftests/x86/pkey-helpers.h -- 2.17.1

4 years, 1 month

2
26
0 0

[ANN] Kselftest integration into Kernel CI

by Shuah Khan

Integrating Kselftest into Kernel CI rings depends on Kselftest build and install framework to support Kernel CI use-cases. I am kicking off an effort to support Kselftest runs in Kernel CI rings. Running these tests in Kernel CI rings will help quality of kernel releases, both stable and mainline. What is required for full support? 1. Cross-compilation & relocatable build support 2. Generates objects in objdir/kselftest without cluttering main objdir 3. Leave source directory clean 4. Installs correctly in objdir/kselftest/kselftest_install and adds itself to run_kselftest.sh script generated during install. Note that install step is necessary for all files to be installed for run time support. I looked into the current status and identified problems. The work is minimal to add full support. Out of 80+ tests, 7 fail to cross-build and 1 fails to install correctly. List is below: Tests fails to build: bpf, capabilities, kvm, memfd, mqueue, timens, vm Tests fail to install: android (partial failure) Leaves source directory dirty: bpf, seccomp I have patches ready for the following issues: Kselftest objects (test dirs) clutter top level object directory. seccomp_bpf generates objects in the source directory. I created a topic branch to collect all the patches: https://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest.git/?… I am going to start working on build problems. If anybody is interested in helping me with this effort, don't hesitate to contact me. I first priority is fixing build and install and then look into tests that leave the source directory dirty. Detailed report can be found here: https://drive.google.com/file/d/11nnWOKIzzOrE4EiucZBn423lzSU_eNNv/view?usp=… thanks, -- Shuah

4 years, 1 month

2
2
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror February 2020