From patchwork Tue Apr 9 16:08:04 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10891543 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3973E1708 for ; Tue, 9 Apr 2019 16:08:09 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2002B288DD for ; Tue, 9 Apr 2019 16:08:09 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1356D28901; Tue, 9 Apr 2019 16:08:09 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4B96A288DD for ; Tue, 9 Apr 2019 16:08:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726499AbfDIQIH (ORCPT ); Tue, 9 Apr 2019 12:08:07 -0400 Received: from mail-pl1-f196.google.com ([209.85.214.196]:42346 "EHLO mail-pl1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726383AbfDIQIH (ORCPT ); Tue, 9 Apr 2019 12:08:07 -0400 Received: by mail-pl1-f196.google.com with SMTP id cv12so9663558plb.9 for ; Tue, 09 Apr 2019 09:08:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:mime-version:content-disposition; bh=b+gIDRN3H8CZqvhpkXlxC/491x5SUGbqqXnJhp+zY+k=; b=hNxSd1cGkz4sgk6gKXnKLRwfx84e+w0iYoW7g96DCUFo4+a0dOJmuhlGOgMZ/3k/ed o87Th1LEB+FJ4JXjY5KRsJ5CmK3zzzr3fBUFjyxNls18TETxFvGqxXGw8btk59eoxqu6 qGRz5qlye1l7rnzW+fesuvCX2G1MEnmcb7iO8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version :content-disposition; bh=b+gIDRN3H8CZqvhpkXlxC/491x5SUGbqqXnJhp+zY+k=; b=rg/0hDdSbtFmygq2fUf6NpJYoxd1wEcuS24wwDxHJ04qVil5M+VxewbahL4Cj96E8V 3peytG+JZ8A2xLFK6l60IHZYgV5RRs1UGyfVjFD8ogTmR5cra6BX82jCX4U4oODHa4OA VQ7a9VF/XqyD6bOIn3yx5IFannJzD67Q3dZVqybgJtGMcdHfAZTHzkLF/Ol/5wj0ejtx CG7bGlUfPpZGus0zjQ28UAMk1Uq2EG3uqKHvuXHpoyE2rjq3y00+JEFOHci9R2brk6Wz CWHZzAPwrqWQK2HcztrwP8C9WZCGdNqhyFJZDhDBrM4qhNqFzLY0bpYeTIysghF9wkpI Vx7Q== X-Gm-Message-State: APjAAAVyqNQwXx+FOntsCFPF0dQULqJzJvgnHtjIFloYIccIg6ZBKKS+ /NVQ1rCnvXshgTnvaI1W+Pn60ZlkofU= X-Google-Smtp-Source: APXvYqzYfIvIeh3hZuVn24YT2pQahqLNlxgtGJfVJbsNphO10eEeLhrvogBtSPdwtjV4FNm/Wp93hA== X-Received: by 2002:a17:902:8f92:: with SMTP id z18mr38844314plo.123.1554826086551; Tue, 09 Apr 2019 09:08:06 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id c22sm34616756pfn.136.2019.04.09.09.08.05 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 09 Apr 2019 09:08:05 -0700 (PDT) Date: Tue, 9 Apr 2019 09:08:04 -0700 From: Kees Cook To: Shuah Khan Cc: linux-kselftest@vger.kernel.org Subject: [PATCH] kselftest/lkdtm: Create selftest driving scripts for LKDTM Message-ID: <20190409160804.GA19767@beast> MIME-Version: 1.0 Content-Disposition: inline Sender: linux-kselftest-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP This adds most of the non-system-crashing selftests that exist in LKDTM. The ones that leave the system in an unstable state are marked as "SKIP" in the test run. Since output can change based on architecture and other kernel configs, all output is reported during the tests. Example output: # cd tools/testing/selftests # make --silent -C lkdtm run_tests TAP version 13 1..64 selftests: lkdtm # selftests: lkdtm: PANIC.sh # PANIC: crashes entire system [SKIP] not ok 1 selftests: lkdtm: PANIC.sh # SKIP # selftests: lkdtm: BUG.sh # [19716.955023] lkdtm: Performing direct entry BUG # [19716.956236] ------------[ cut here ]------------ # [19716.957318] kernel BUG at drivers/misc/lkdtm/bugs.c:63! ... # BUG: saw 'call trace:': ok ok 2 selftests: lkdtm: BUG.sh ... Signed-off-by: Kees Cook --- MAINTAINERS | 1 + tools/testing/selftests/lkdtm/.gitignore | 1 + tools/testing/selftests/lkdtm/Makefile | 11 +++ tools/testing/selftests/lkdtm/config | 1 + tools/testing/selftests/lkdtm/run.sh | 86 ++++++++++++++++++++++++ tools/testing/selftests/lkdtm/tests.txt | 64 ++++++++++++++++++ 6 files changed, 164 insertions(+) create mode 100644 tools/testing/selftests/lkdtm/.gitignore create mode 100644 tools/testing/selftests/lkdtm/Makefile create mode 100644 tools/testing/selftests/lkdtm/config create mode 100755 tools/testing/selftests/lkdtm/run.sh create mode 100644 tools/testing/selftests/lkdtm/tests.txt diff --git a/MAINTAINERS b/MAINTAINERS index 3e5a5d263f29..716d6f0fbd0c 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -8976,6 +8976,7 @@ LINUX KERNEL DUMP TEST MODULE (LKDTM) M: Kees Cook S: Maintained F: drivers/misc/lkdtm/* +F: tools/testing/selftests/lkdtm/* LINUX KERNEL MEMORY CONSISTENCY MODEL (LKMM) M: Alan Stern diff --git a/tools/testing/selftests/lkdtm/.gitignore b/tools/testing/selftests/lkdtm/.gitignore new file mode 100644 index 000000000000..09df4a4da272 --- /dev/null +++ b/tools/testing/selftests/lkdtm/.gitignore @@ -0,0 +1 @@ +[A-Z][A-Z]*.sh diff --git a/tools/testing/selftests/lkdtm/Makefile b/tools/testing/selftests/lkdtm/Makefile new file mode 100644 index 000000000000..f322d281fd8e --- /dev/null +++ b/tools/testing/selftests/lkdtm/Makefile @@ -0,0 +1,11 @@ +# SPDX-License-Identifier: GPL-2.0 +# Makefile for LKDTM regression tests + +include ../lib.mk + +# NOTE: $(OUTPUT) won't get default value if used before lib.mk +TEST_GEN_PROGS = $(patsubst %,$(OUTPUT)/%.sh,$(shell awk '{print $$1}' tests.txt | sed -e 's/\#//')) +all: $(TEST_GEN_PROGS) + +$(OUTPUT)/%: run.sh tests.txt + install -m 0744 run.sh $@ diff --git a/tools/testing/selftests/lkdtm/config b/tools/testing/selftests/lkdtm/config new file mode 100644 index 000000000000..d874990e442b --- /dev/null +++ b/tools/testing/selftests/lkdtm/config @@ -0,0 +1 @@ +CONFIG_LKDTM=y diff --git a/tools/testing/selftests/lkdtm/run.sh b/tools/testing/selftests/lkdtm/run.sh new file mode 100755 index 000000000000..a166b925c43d --- /dev/null +++ b/tools/testing/selftests/lkdtm/run.sh @@ -0,0 +1,86 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-2.0 +# +# This reads tests.txt for the list of LKDTM tests to invoke. Any marked +# with a leading "#" are skipped. The line after the test name is either +# the text to look for in dmesg for a "success", or the rationale for why +# a test is marked to be skipped. +# +set -e +TRIGGER=/sys/kernel/debug/provoke-crash/DIRECT + +# Verify we have LKDTM available in the kernel. +if [ ! -r $TRIGGER ] ; then + /sbin/modprobe -q lkdtm || true + if [ ! -r $TRIGGER ] ; then + echo "Cannot find $TRIGGER (missing CONFIG_LKDTM?) [SKIP]" + else + echo "Cannot write $TRIGGER (need to run as root?) [SKIP]" + fi + # Skip this test + exit 4 +fi + +# Figure out which test to run from our script name. +test=$(basename $0 .sh) +# Look up details about the test from master list of LKDTM tests. +line=$(egrep '^#?'"$test"'\b' tests.txt) +if [ -z "$line" ]; then + echo "Missing test '$test' [SKIP]" + exit 4 +fi +# Check that the test is known to LKDTM. +if ! egrep -q '^'"$test"'$' "$TRIGGER" ; then + echo "'$test' missing in $TRIGGER! [SKIP]" + exit 4 +fi + +# Extract notes/expected output from test list. +test=$(echo "$line" | cut -d" " -f1) +if echo "$line" | grep -q ' ' ; then + expect=$(echo "$line" | cut -d" " -f2-) +else + expect="" +fi + +# If the test is commented out, report a skip +if echo "$test" | grep -q '^#' ; then + test=$(echo "$test" | cut -c2-) + if [ -z "$expect" ]; then + expect="crashes entire system" + fi + echo "$test: $expect [SKIP]" + exit 4 +fi + +# If no expected output given, assume an Oops with back trace is success. +if [ -z "$expect" ]; then + expect="call trace:" +fi + +# Clear out dmesg for output reporting +dmesg -c >/dev/null + +# Prepare log for report checking +LOG=$(mktemp --tmpdir -t lkdtm-XXXXXX) +cleanup() { + rm -f "$LOG" +} +trap cleanup EXIT + +# Most shells yell about signals and we're expecting the "cat" process +# to usually be killed by the kernel. So we have to run it in a sub-shell +# and silence errors. +($SHELL -c 'cat <(echo '"$test"') >'"$TRIGGER" 2>/dev/null) || true + +# Record and dump the results +dmesg -c >"$LOG" +cat "$LOG" +# Check for expected output +if grep -qi "$expect" "$LOG" ; then + echo "$test: saw '$expect': ok" + exit 0 +else + echo "$test: missing '$expect': [FAIL]" + exit 1 +fi diff --git a/tools/testing/selftests/lkdtm/tests.txt b/tools/testing/selftests/lkdtm/tests.txt new file mode 100644 index 000000000000..3ee43df87d71 --- /dev/null +++ b/tools/testing/selftests/lkdtm/tests.txt @@ -0,0 +1,64 @@ +#PANIC +BUG +WARNING +EXCEPTION +#LOOP Hangs the system +#EXHAUST_STACK Corrupts memory on failure +#CORRUPT_STACK Crashes entire system on success +#CORRUPT_STACK_STRONG Crashes entire system on success +CORRUPT_LIST_ADD +CORRUPT_LIST_DEL +CORRUPT_USER_DS +STACK_GUARD_PAGE_LEADING +STACK_GUARD_PAGE_TRAILING +UNALIGNED_LOAD_STORE_WRITE +#OVERWRITE_ALLOCATION Corrupts memory on failure +#WRITE_AFTER_FREE Corrupts memory on failure +READ_AFTER_FREE +#WRITE_BUDDY_AFTER_FREE Corrupts memory on failure +READ_BUDDY_AFTER_FREE +#SOFTLOCKUP Hangs the system +#HARDLOCKUP Hangs the system +#SPINLOCKUP Hangs the system +#HUNG_TASK Hangs the system +EXEC_DATA +EXEC_STACK +EXEC_KMALLOC +EXEC_VMALLOC +EXEC_RODATA +EXEC_USERSPACE +EXEC_NULL +ACCESS_USERSPACE +ACCESS_NULL +WRITE_RO +WRITE_RO_AFTER_INIT +WRITE_KERN +REFCOUNT_INC_OVERFLOW +REFCOUNT_ADD_OVERFLOW +REFCOUNT_INC_NOT_ZERO_OVERFLOW +REFCOUNT_ADD_NOT_ZERO_OVERFLOW +REFCOUNT_DEC_ZERO +REFCOUNT_DEC_NEGATIVE Negative detected: saturated +REFCOUNT_DEC_AND_TEST_NEGATIVE Negative detected: saturated +REFCOUNT_SUB_AND_TEST_NEGATIVE Negative detected: saturated +REFCOUNT_INC_ZERO +REFCOUNT_ADD_ZERO +REFCOUNT_INC_SATURATED Saturation detected: still saturated +REFCOUNT_DEC_SATURATED Saturation detected: still saturated +REFCOUNT_ADD_SATURATED Saturation detected: still saturated +REFCOUNT_INC_NOT_ZERO_SATURATED +REFCOUNT_ADD_NOT_ZERO_SATURATED +REFCOUNT_DEC_AND_TEST_SATURATED Saturation detected: still saturated +REFCOUNT_SUB_AND_TEST_SATURATED Saturation detected: still saturated +#REFCOUNT_TIMING timing only +#ATOMIC_TIMING timing only +USERCOPY_HEAP_SIZE_TO +USERCOPY_HEAP_SIZE_FROM +USERCOPY_HEAP_WHITELIST_TO +USERCOPY_HEAP_WHITELIST_FROM +USERCOPY_STACK_FRAME_TO +USERCOPY_STACK_FRAME_FROM +USERCOPY_STACK_BEYOND +USERCOPY_KERNEL +USERCOPY_KERNEL_DS +STACKLEAK_ERASING