lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 1 Mar 2020 07:39:22 +0100 From: Dmitry Vyukov <dvyukov@...gle.com> To: Patricia Alfonso <trishalfonso@...gle.com>, Kees Cook <keescook@...gle.com> Cc: Andrey Ryabinin <aryabinin@...tuozzo.com>, Brendan Higgins <brendanhiggins@...gle.com>, David Gow <davidgow@...gle.com>, Ingo Molnar <mingo@...hat.com>, Peter Zijlstra <peterz@...radead.org>, Juri Lelli <juri.lelli@...hat.com>, Vincent Guittot <vincent.guittot@...aro.org>, LKML <linux-kernel@...r.kernel.org>, kasan-dev <kasan-dev@...glegroups.com>, "open list:KERNEL SELFTEST FRAMEWORK" <linux-kselftest@...r.kernel.org>, kunit-dev@...glegroups.com Subject: Re: [RFC PATCH 1/2] Port KASAN Tests to KUnit On Sat, Feb 29, 2020 at 2:56 AM Patricia Alfonso <trishalfonso@...gle.com> wrote: > On Thu, Feb 27, 2020 at 6:19 AM Dmitry Vyukov <dvyukov@...gle.com> wrote: > > > > .On Thu, Feb 27, 2020 at 3:44 AM Patricia Alfonso > > > - pr_info("out-of-bounds in copy_from_user()\n"); > > > - unused = copy_from_user(kmem, usermem, size + 1); > > > > Why is all of this removed? > > Most of these tests are hard earned and test some special corner cases. > > > I just moved it inside IS_MODULE(CONFIG_TEST_KASAN) instead because I > don't think there is a way to rewrite this without it being a module. You mean these are unconditionally crashing the machine? If yes, please add a comment about this. Theoretically we could have a notion of "death tests" similar to gunit: https://stackoverflow.com/questions/3698718/what-are-google-test-death-tests KUnit test runner wrapper would need to spawn a separete process per each such test. Under non-KUnit test runner these should probably be disabled by default and only run if specifically requested (a-la --gunit_filter/--gunit_also_run_disabled_tests). Could also be used to test other things that unconditionally panic, e.g. +Kees may be happy for unit tests for some of the hardening/fortification features. I am not asking to bundle this with this change of course.
Powered by blists - more mailing lists