[v2,0/8] kasan: test: avoid crashing the kernel with HW_TAGS

Message ID	cover.1628779805.git.andreyknvl@gmail.com (mailing list archive)
Headers	show Return-Path: <SRS0=vrBG=ND=kvack.org=owner-linux-mm@kernel.org> DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org BC09D6103A From: andrey.konovalov@linux.dev To: Andrew Morton <akpm@linux-foundation.org> Cc: Andrey Konovalov <andreyknvl@gmail.com>, Andrey Ryabinin <aryabinin@virtuozzo.com>, Marco Elver <elver@google.com>, Dmitry Vyukov <dvyukov@google.com>, Alexander Potapenko <glider@google.com>, kasan-dev@googlegroups.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 0/8] kasan: test: avoid crashing the kernel with HW_TAGS Date: Thu, 12 Aug 2021 16:53:27 +0200 Message-Id: <cover.1628779805.git.andreyknvl@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: owner-linux-mm@kvack.org Precedence: bulk
Series	kasan: test: avoid crashing the kernel with HW_TAGS \| expand [v2,0/8] kasan: test: avoid crashing the kernel with HW_TAGS [v2,1/8] kasan: test: rework kmalloc_oob_right [v2,2/8] kasan: test: avoid writing invalid memory [v2,3/8] kasan: test: avoid corrupting memory via memset [v2,4/8] kasan: test: disable kmalloc_memmove_invalid_size for HW_TAGS [v2,5/8] kasan: test: only do kmalloc_uaf_memset for generic mode [v2,6/8] kasan: test: clean up ksize_uaf [v2,7/8] kasan: test: avoid corrupting memory in copy_user_test [v2,8/8] kasan: test: avoid corrupting memory in kasan_rcu_uaf

Message ID

cover.1628779805.git.andreyknvl@gmail.com (mailing list archive)

Headers

DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org BC09D6103A
From: andrey.konovalov@linux.dev
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Andrey Konovalov <andreyknvl@gmail.com>,
	Andrey Ryabinin <aryabinin@virtuozzo.com>,
	Marco Elver <elver@google.com>,
	Dmitry Vyukov <dvyukov@google.com>,
	Alexander Potapenko <glider@google.com>,
	kasan-dev@googlegroups.com,
	linux-mm@kvack.org,
	linux-kernel@vger.kernel.org
Subject: [PATCH v2 0/8] kasan: test: avoid crashing the kernel with HW_TAGS
Date: Thu, 12 Aug 2021 16:53:27 +0200
Message-Id: <cover.1628779805.git.andreyknvl@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: owner-linux-mm@kvack.org
Precedence: bulk

Series

kasan: test: avoid crashing the kernel with HW_TAGS | expand

Message

andrey.konovalov@linux.dev Aug. 12, 2021, 2:53 p.m. UTC

From: Andrey Konovalov <andreyknvl@gmail.com>

KASAN tests do out-of-bounds and use-after-free accesses. Running the
tests works fine for the GENERIC mode, as it uses qurantine and redzones.
But the HW_TAGS mode uses neither, and running the tests might crash
the kernel.

Rework the tests to avoid corrupting kernel memory.

Changes v1->v2:
- Touch both good and bad memory in memset tests as suggested by Marco.

Andrey Konovalov (8):
  kasan: test: rework kmalloc_oob_right
  kasan: test: avoid writing invalid memory
  kasan: test: avoid corrupting memory via memset
  kasan: test: disable kmalloc_memmove_invalid_size for HW_TAGS
  kasan: test: only do kmalloc_uaf_memset for generic mode
  kasan: test: clean up ksize_uaf
  kasan: test: avoid corrupting memory in copy_user_test
  kasan: test: avoid corrupting memory in kasan_rcu_uaf

 lib/test_kasan.c        | 80 +++++++++++++++++++++++++++++------------
 lib/test_kasan_module.c | 20 +++++------
 2 files changed, 66 insertions(+), 34 deletions(-)

Comments

Andrey Konovalov Aug. 12, 2021, 3:05 p.m. UTC | #1

On Thu, Aug 12, 2021 at 4:53 PM <andrey.konovalov@linux.dev> wrote:
>
> From: Andrey Konovalov <andreyknvl@gmail.com>
>
> KASAN tests do out-of-bounds and use-after-free accesses. Running the
> tests works fine for the GENERIC mode, as it uses qurantine and redzones.
> But the HW_TAGS mode uses neither, and running the tests might crash
> the kernel.
>
> Rework the tests to avoid corrupting kernel memory.
>
> Changes v1->v2:
> - Touch both good and bad memory in memset tests as suggested by Marco.

Ah, I forgot to include your reviews/acks, Marco.

Perhaps you can give one for the whole series now.

Thanks!

Marco Elver Aug. 12, 2021, 3:44 p.m. UTC | #2

On Thu, 12 Aug 2021 at 17:06, Andrey Konovalov <andreyknvl@gmail.com> wrote:
> On Thu, Aug 12, 2021 at 4:53 PM <andrey.konovalov@linux.dev> wrote:
> > From: Andrey Konovalov <andreyknvl@gmail.com>
> >
> > KASAN tests do out-of-bounds and use-after-free accesses. Running the
> > tests works fine for the GENERIC mode, as it uses qurantine and redzones.
> > But the HW_TAGS mode uses neither, and running the tests might crash
> > the kernel.
> >
> > Rework the tests to avoid corrupting kernel memory.
> >
> > Changes v1->v2:
> > - Touch both good and bad memory in memset tests as suggested by Marco.
>
> Ah, I forgot to include your reviews/acks, Marco.
>
> Perhaps you can give one for the whole series now.

Reviewed-by: Marco Elver <elver@google.com>

Looks good, thank you!