From patchwork Thu Sep 19 02:55:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Ritesh Harjani (IBM)" X-Patchwork-Id: 13807305 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E60D9CDD56B for ; Thu, 19 Sep 2024 02:56:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5EB7E6B0082; Wed, 18 Sep 2024 22:56:34 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 59BE06B0083; Wed, 18 Sep 2024 22:56:34 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 43CDE6B0085; Wed, 18 Sep 2024 22:56:34 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 265D66B0082 for ; Wed, 18 Sep 2024 22:56:34 -0400 (EDT) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 9FFA840A52 for ; Thu, 19 Sep 2024 02:56:33 +0000 (UTC) X-FDA: 82579974666.11.1A9D72F Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) by imf12.hostedemail.com (Postfix) with ESMTP id CBB6740010 for ; Thu, 19 Sep 2024 02:56:31 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b="H/XL9VxB"; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf12.hostedemail.com: domain of ritesh.list@gmail.com designates 209.85.214.172 as permitted sender) smtp.mailfrom=ritesh.list@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1726714508; a=rsa-sha256; cv=none; b=SkHti/RUGQEHPxX9YG3hoFU3MJ4UFGjjDijbdFgviHXYeBM4qABERsTAZSLvqD1ViGYCIR l8ofPGQSjacI8wpbMWT2zcCzSLBZnjDbrdzlX4CNLFLV659CHEd83uHdzQqRNZEIC7BBIi YA9sOWTTEyn+6odYpIHiDYt0z6l3EHs= ARC-Authentication-Results: i=1; imf12.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b="H/XL9VxB"; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf12.hostedemail.com: domain of ritesh.list@gmail.com designates 209.85.214.172 as permitted sender) smtp.mailfrom=ritesh.list@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1726714508; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=L3z8aqN2PapGEchw6ngaiDWNeD417V3WkhQBwYXWFqM=; b=7Bz1GqrJWhryZYLNIyrDn+P/MFQy5aqeLaiFVxAC3rIOF6GKZhhLcf04jXx5EkB6fKANlA d4hP4Lh0zs9Sp5Ch/t/87pS6eFGFQ3joAqXdm91wzrOOu6uUfW/SFnSIl5+paimonaTyhs 5XNdef/gNmSZdgpQXcAIqguk9r03V7M= Received: by mail-pl1-f172.google.com with SMTP id d9443c01a7336-205659dc63aso3656515ad.1 for ; Wed, 18 Sep 2024 19:56:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1726714590; x=1727319390; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=L3z8aqN2PapGEchw6ngaiDWNeD417V3WkhQBwYXWFqM=; b=H/XL9VxBkefZW111ZrPJRgWKL46Xf1c0vRNffZDSBYx6rxV30NEzmp5YUzoVhMvlSW dVA2jfTuoskjYI7V6/eGqXjZoMR0NL3aoqBPYxrQyqgqJ7RXG63joj7MKimWRtxYchOv 9Omv/m0tGrXDheoSYsCdJj7nHbki13Y4a9SCmhttYbwys0pL/vWTlwGZKNiDzE4tsMXs 2u1MPThOJg+M4YPnyqzmN+AxaJH7e2cGDlva2aDYC0HtL2SuVX9GRpTpu1d2ToviDHrA hv1liI/xTz+BnG6mclut0HVl2sEipLLXFky2FAdKCyiEErqlyXXe3c0Ix1B5yMTAxXH9 /NkQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1726714590; x=1727319390; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=L3z8aqN2PapGEchw6ngaiDWNeD417V3WkhQBwYXWFqM=; b=kNwb0592n1mw5Qa8zJ4CVRWkXSuowjpaY/3elF/FTGljVBotdOr61Vs37sG5dgGE5f M8woLqQmXdnVijFjGr88DA3I+Dq3BbjcnMgXiS8KtvKL1z49UeyWSA/wmByenrEZZVBt 6/tuoY90DMCS/Lhzg0Otfgz9be+1G96WetbSTICQTXUT1fgVmoIBQnEgUC19jOuVq4PT p2Q/cOZk4Ev2eVEoYF8ybseXxIPHDhDZUj1ADOKw99Vbho3cKuGLWPrkvoruM2qoXmi9 ajbKc6pZCW2mPnsv3KU5OLuFiK7xUE6sesLEjlxMvjouaS7WaTGnpf8GHIxakbdY+5RD 8DMw== X-Forwarded-Encrypted: i=1; AJvYcCWp5JyB8u7qfHI6gPaNHV9t48zWDVZaQ+acZN93UsRYicEe80i18BKSxngfOcnrhZT39w+lKCb8bA==@kvack.org X-Gm-Message-State: AOJu0Yzk2F1msZ9xd/VdKX6b2w/DCQrLIxfGi5G0LUDUltEAoPjyuD2r uaqbX20ZO+/C2S3YE8jIsYjyqNmUwcwQHymS2qljOeQLioVVYsR4aO458w== X-Google-Smtp-Source: AGHT+IG3E3x5sXQMsxEWayCG7th6zZkwGaojJWrlU5aw9OEqWkqNzOuRCe7304FOOtHaaUGVabeHyA== X-Received: by 2002:a17:902:da84:b0:206:c911:9d75 with SMTP id d9443c01a7336-2076e3b2654mr336649595ad.20.1726714590396; Wed, 18 Sep 2024 19:56:30 -0700 (PDT) Received: from dw-tp.. ([171.76.85.129]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-207946d2823sm71389105ad.148.2024.09.18.19.56.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Sep 2024 19:56:29 -0700 (PDT) From: "Ritesh Harjani (IBM)" To: linuxppc-dev@lists.ozlabs.org Cc: Michael Ellerman , Nicholas Piggin , Madhavan Srinivasan , Christophe Leroy , Hari Bathini , "Aneesh Kumar K . V" , Donet Tom , Pavithra Prakash , Nirjhar Roy , LKML , kasan-dev@googlegroups.com, "Ritesh Harjani (IBM)" , Alexander Potapenko , linux-mm@kvack.org Subject: [RFC v2 01/13] mm/kfence: Add a new kunit test test_use_after_free_read_nofault() Date: Thu, 19 Sep 2024 08:25:59 +0530 Message-ID: X-Mailer: git-send-email 2.46.0 In-Reply-To: References: MIME-Version: 1.0 X-Rspamd-Queue-Id: CBB6740010 X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: fak8iij3bko9m4b1yn86s4u7hfhqow17 X-HE-Tag: 1726714591-92147 X-HE-Meta: U2FsdGVkX1/pikQnWRW1T14ppoCu/vEA0Pl37+gomYgLnolZXTBVqOi17xspp+tE7cHtVerJ1ILirndl2dR4v5Kw/oBBZSEEN1fgVSlH30INY0Xd3IOJDcKoms6bvzqzFIOHiAtGjL6hiGeE2zmJxVFLsjgxnUSspyUBoJfvzKRzrjjQ4pWo8/odMSrNr+e4tlrBkdwpJ/LV1LTKyqmvRMXi3L2MwsCkmp5lW8SGgjtrQ1PYplYjv51MYhpqz3h1ZPSMwntb/AMNP8FtN0KNHwHs2PLw4QU1PSd8Dw1eHJlUK9qoLf7BOk7l89gsJU5MSiPRjaimzQGUHyVeMWHnmmgRZK2ahVCM2WOEEuikK7EKR8ZDt08Fgw1BE5TLdFBQcJMW/Lw2iNhgtjo60u2CCrZhdMDUAMFZAPSW9rJ7caLOUdOyt1HwuVzz6aSFFM2l5xS5faaRJPpRqLFBLakLCI9x3/AN7YKpk6offgXbIz02H+XId2l9dW4EBVXDxlF/R+YNq7pnJvoKSjlYbzxHS6rC6Vj1fNsQqRNNVsjyukMDyWjZoKmF2x0FbeOkTjzu+Vz6gK6X5hpTg6E80Gn9CjZ0SXTATSyuPabzK8ZRBONBAGV/jpFldYve0yZtsWLOggkyl9huyVqUTQ0+atq6wzH9r1Jl+XRCPOAYWVFjWPb7JBxXMu8D3LAFs5zLXghsI7Hue6qCc2kirvNnazjsU/6+oFUL9NnxoiytQyR8sX5/TJSYV+UMNrEJjmwXPAnTu8hgxIUPJvO5IeWnnfm9RaPI4alr+2t0LxWVYhfFESNlD6nvhbfPeKM4cxCJD/w3qZJKiPQ0VLK7sYXCZP8HE2oBC7CLROm9JYQeMh3SdnrDP940x8XMeX2rp3gKhLOY+AdeAy6Z4IXLTPeQ1ckzflhZbI3VuiOwZFMirKxrGnALrZwVWJm5STHlUBZsvKht1qMdHAbQDFct3x2g1rm Lsp97X5Z B7cNFMDovFdIeaR1nqthljLVYMC+1NxLm/LCKobWySmJmOFLXuoWwX3Exwr+sN5IZt7QeQO33AYtPjuH7w2pNLOGB3igRKg/nHzcwyHUbOYlEJ4Jr+HIOM4cPa9ENZAshuiSu+AbwzXOooUVGvCbA//XrFjkU+onWIo6NxaD7usBUkpvLamkNzlm6Ka3//Qo/WiOlLz4En1Z2r8aAaPGEC2X3Q5VjTedf2HjjAAqY6ux947KvyrFxvUazhi7WXXbMVFGGDVJWx9HhItUH0EkVeMrh19gBrEineB2c+fHdlhx/GX0xjjSjTM7XtzzHj7Wbis+D++IG9bYLvKOYKB8O2hSunZ7Dy0ZVW0esUbt6crqmcOHBHmcB2x+cGLuYBXvqQ2q3UUvRgzurEzSyILiDJkBLE1vlrlfP2ncAEpYbabnt2PC+SzXGKvNXnw1QNGMBvwM5p4pHkRGYv7X+csepmYew8L1e+ZAFQHisTnVZZ3LOkgv/jTiMQogFss55PpWljOzVc7I+BGZcVEwOxtDU8A+TgWBVFLblwTJsLAaKvEJ+gewpsDLPY1tnHCMTdwA8S6ua2VUOBlbY2DdTeR0TMrzNykNfi5x7utO0DRcUOZb8aFRULWVY2p86YDYrDKXtA31QtxcNBEjx6TEKC+t7nf81paCqKMdkyYMu X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Nirjhar Roy Faults from copy_from_kernel_nofault() needs to be handled by fixup table and should not be handled by kfence. Otherwise while reading /proc/kcore which uses copy_from_kernel_nofault(), kfence can generate false negatives. This can happen when /proc/kcore ends up reading an unmapped address from kfence pool. Let's add a testcase to cover this case. Co-developed-by: Ritesh Harjani (IBM) Signed-off-by: Ritesh Harjani (IBM) Signed-off-by: Nirjhar Roy Cc: kasan-dev@googlegroups.com Cc: Alexander Potapenko Cc: linux-mm@kvack.org --- mm/kfence/kfence_test.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) -- 2.46.0 diff --git a/mm/kfence/kfence_test.c b/mm/kfence/kfence_test.c index 00fd17285285..f65fb182466d 100644 --- a/mm/kfence/kfence_test.c +++ b/mm/kfence/kfence_test.c @@ -383,6 +383,22 @@ static void test_use_after_free_read(struct kunit *test) KUNIT_EXPECT_TRUE(test, report_matches(&expect)); } +static void test_use_after_free_read_nofault(struct kunit *test) +{ + const size_t size = 32; + char *addr; + char dst; + int ret; + + setup_test_cache(test, size, 0, NULL); + addr = test_alloc(test, size, GFP_KERNEL, ALLOCATE_ANY); + test_free(addr); + /* Use after free with *_nofault() */ + ret = copy_from_kernel_nofault(&dst, addr, 1); + KUNIT_EXPECT_EQ(test, ret, -EFAULT); + KUNIT_EXPECT_FALSE(test, report_available()); +} + static void test_double_free(struct kunit *test) { const size_t size = 32; @@ -780,6 +796,7 @@ static struct kunit_case kfence_test_cases[] = { KFENCE_KUNIT_CASE(test_out_of_bounds_read), KFENCE_KUNIT_CASE(test_out_of_bounds_write), KFENCE_KUNIT_CASE(test_use_after_free_read), + KFENCE_KUNIT_CASE(test_use_after_free_read_nofault), KFENCE_KUNIT_CASE(test_double_free), KFENCE_KUNIT_CASE(test_invalid_addr_free), KFENCE_KUNIT_CASE(test_corruption),