| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190611175830.GA236872@google.com>
Date: Tue, 11 Jun 2019 10:58:30 -0700
From: Brendan Higgins <brendanhiggins@...gle.com>
To: Stephen Boyd <sboyd@...nel.org>
Cc: Iurii Zaikin <yzaikin@...gle.com>, frowand.list@...il.com,
gregkh@...uxfoundation.org, jpoimboe@...hat.com,
keescook@...gle.com, kieran.bingham@...asonboard.com,
mcgrof@...nel.org, peterz@...radead.org, robh@...nel.org,
shuah@...nel.org, tytso@....edu, yamada.masahiro@...ionext.com,
devicetree@...r.kernel.org, dri-devel@...ts.freedesktop.org,
kunit-dev@...glegroups.com, linux-doc@...r.kernel.org,
linux-fsdevel@...r.kernel.org, linux-kbuild@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-kselftest@...r.kernel.org,
linux-nvdimm@...ts.01.org, linux-um@...ts.infradead.org,
Alexander.Levin@...rosoft.com, Tim.Bird@...y.com,
amir73il@...il.com, dan.carpenter@...cle.com, daniel@...ll.ch,
jdike@...toit.com, joel@....id.au, julia.lawall@...6.fr,
khilman@...libre.com, knut.omang@...cle.com, logang@...tatee.com,
mpe@...erman.id.au, pmladek@...e.com, rdunlap@...radead.org,
richard@....at, rientjes@...gle.com, rostedt@...dmis.org,
wfg@...ux.intel.com
Subject: Re: [PATCH v4 17/18] kernel/sysctl-test: Add null pointer test for
sysctl.c:proc_dointvec()
On Fri, Jun 07, 2019 at 12:00:47PM -0700, Stephen Boyd wrote:
> Quoting Iurii Zaikin (2019-06-05 18:29:42)
> > On Fri, May 17, 2019 at 11:22 AM Stephen Boyd <sboyd@...nel.org> wrote:
> > >
> > > Quoting Brendan Higgins (2019-05-14 15:17:10)
> > > > diff --git a/kernel/sysctl-test.c b/kernel/sysctl-test.c
> > > > new file mode 100644
> > > > index 0000000000000..fe0f2bae66085
> > > > --- /dev/null
> > > > +++ b/kernel/sysctl-test.c
> > > > +
> > > > +
> > > > +static void sysctl_test_dointvec_happy_single_negative(struct kunit *test)
> > > > +{
> > > > + struct ctl_table table = {
> > > > + .procname = "foo",
> > > > + .data = &test_data.int_0001,
> > > > + .maxlen = sizeof(int),
> > > > + .mode = 0644,
> > > > + .proc_handler = proc_dointvec,
> > > > + .extra1 = &i_zero,
> > > > + .extra2 = &i_one_hundred,
> > > > + };
> > > > + char input[] = "-9";
> > > > + size_t len = sizeof(input) - 1;
> > > > + loff_t pos = 0;
> > > > +
> > > > + table.data = kunit_kzalloc(test, sizeof(int), GFP_USER);
> > > > + KUNIT_EXPECT_EQ(test, 0, proc_dointvec(&table, 1, input, &len, &pos));
> > > > + KUNIT_EXPECT_EQ(test, sizeof(input) - 1, len);
> > > > + KUNIT_EXPECT_EQ(test, sizeof(input) - 1, pos);
> > > > + KUNIT_EXPECT_EQ(test, -9, *(int *)table.data);
> > >
> > > Is the casting necessary? Or can the macro do a type coercion of the
> > > second parameter based on the first type?
> > Data field is defined as void* so I believe casting is necessary to
> > dereference it as a pointer to an array of ints. I don't think the
> > macro should do any type coercion that == operator wouldn't do.
> > I did change the cast to make it more clear that it's a pointer to an
> > array of ints being dereferenced.
>
> Ok, I still wonder if we should make KUNIT_EXPECT_EQ check the types on
> both sides and cause a build warning/error if the types aren't the same.
> This would be similar to our min/max macros that complain about
> mismatched types in the comparisons. Then if a test developer needs to
> convert one type or the other they could do so with a
> KUNIT_EXPECT_EQ_T() macro that lists the types to coerce both sides to
> explicitly.
Do you think it would be better to do a phony compare similar to how
min/max used to work prior to 4.17, or to use the new __typecheck(...)
macro? This might seem like a dumb question (and maybe it is), but Iurii
and I thought the former created an error message that was a bit easier
to understand, whereas __typecheck is obviously superior in terms of
code reuse.
This is what we are thinking right now; if you don't have any complaints
I will squash it into the relevant commits on the next revision:
---
From: Iurii Zaikin <yzaikin@...gle.com>
Adds a warning message when comparing values of different types similar
to what min() / max() macros do.
Signed-off-by: Iurii Zaikin <yzaikin@...gle.com>
---
include/kunit/test.h | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/include/kunit/test.h b/include/kunit/test.h
index 511c9e85401a6..791e22fba5620 100644
--- a/include/kunit/test.h
+++ b/include/kunit/test.h
@@ -335,6 +335,13 @@ void __printf(3, 4) kunit_printk(const char *level,
#define kunit_err(test, fmt, ...) \
kunit_printk(KERN_ERR, test, fmt, ##__VA_ARGS__)
+/*
+ * 'Unnecessary' cast serves to generate a compile-time warning in case
+ * of comparing incompatible types. Inspired by include/linux/kernel.h
+ */
+#define __kunit_typecheck(lhs, rhs) \
+ ((void) (&(lhs) == &(rhs)))
+
static inline struct kunit_stream *kunit_expect_start(struct kunit *test,
const char *file,
const char *line)
@@ -514,6 +521,7 @@ static inline void kunit_expect_ptr_binary(struct kunit *test,
#define KUNIT_EXPECT_BINARY(test, left, condition, right) do { \
typeof(left) __left = (left); \
typeof(right) __right = (right); \
+ __kunit_typecheck(__left, __right); \
kunit_expect_binary(test, \
(long long) __left, #left, \
(long long) __right, #right, \
@@ -524,6 +532,7 @@ static inline void kunit_expect_ptr_binary(struct kunit *test,
#define KUNIT_EXPECT_BINARY_MSG(test, left, condition, right, fmt, ...) do { \
typeof(left) __left = (left); \
typeof(right) __right = (right); \
+ __kunit_typecheck(__left, __right); \
kunit_expect_binary_msg(test, \
(long long) __left, #left, \
(long long) __right, #right, \
@@ -538,6 +547,7 @@ static inline void kunit_expect_ptr_binary(struct kunit *test,
#define KUNIT_EXPECT_PTR_BINARY(test, left, condition, right) do { \
typeof(left) __left = (left); \
typeof(right) __right = (right); \
+ __kunit_typecheck(__left, __right); \
kunit_expect_ptr_binary(test, \
(void *) __left, #left, \
(void *) __right, #right, \
@@ -553,6 +563,7 @@ static inline void kunit_expect_ptr_binary(struct kunit *test,
...) do { \
typeof(left) __left = (left); \
typeof(right) __right = (right); \
+ __kunit_typecheck(__left, __right); \
kunit_expect_ptr_binary_msg(test, \
(void *) __left, #left, \
(void *) __right, #right, \
@@ -1013,6 +1024,7 @@ static inline void kunit_assert_ptr_binary(struct kunit *test,
#define KUNIT_ASSERT_BINARY(test, left, condition, right) do { \
typeof(left) __left = (left); \
typeof(right) __right = (right); \
+ __kunit_typecheck(__left, __right); \
kunit_assert_binary(test, \
(long long) __left, #left, \
(long long) __right, #right, \
@@ -1023,6 +1035,7 @@ static inline void kunit_assert_ptr_binary(struct kunit *test,
#define KUNIT_ASSERT_BINARY_MSG(test, left, condition, right, fmt, ...) do { \
typeof(left) __left = (left); \
typeof(right) __right = (right); \
+ __kunit_typecheck(__left, __right); \
kunit_assert_binary_msg(test, \
(long long) __left, #left, \
(long long) __right, #right, \
@@ -1037,6 +1050,7 @@ static inline void kunit_assert_ptr_binary(struct kunit *test,
#define KUNIT_ASSERT_PTR_BINARY(test, left, condition, right) do { \
typeof(left) __left = (left); \
typeof(right) __right = (right); \
+ __kunit_typecheck(__left, __right); \
kunit_assert_ptr_binary(test, \
(void *) __left, #left, \
(void *) __right, #right, \
@@ -1051,6 +1065,7 @@ static inline void kunit_assert_ptr_binary(struct kunit *test,
fmt, ...) do { \
typeof(left) __left = (left); \
typeof(right) __right = (right); \
+ __kunit_typecheck(__left, __right); \
kunit_assert_ptr_binary_msg(test, \
(void *) __left, #left, \
(void *) __right, #right, \
--
2.22.0.rc2.383.gf4fbbf30c2-goog
Powered by blists - more mailing lists