^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) // SPDX-License-Identifier: GPL-2.0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) * Test cases for compiler-based stack variable zeroing via future
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) * compiler flags or CONFIG_GCC_PLUGIN_STRUCTLEAK*.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) #include <linux/init.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) #include <linux/kernel.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) #include <linux/module.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) #include <linux/string.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) /* Exfiltration buffer. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) #define MAX_VAR_SIZE 128
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) static u8 check_buf[MAX_VAR_SIZE];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) /* Character array to trigger stack protector in all functions. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) #define VAR_BUFFER 32
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) /* Volatile mask to convince compiler to copy memory with 0xff. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) static volatile u8 forced_mask = 0xff;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) /* Location and size tracking to validate fill and test are colocated. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) static void *fill_start, *target_start;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) static size_t fill_size, target_size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) static bool range_contains(char *haystack_start, size_t haystack_size,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) char *needle_start, size_t needle_size)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) if (needle_start >= haystack_start &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) needle_start + needle_size <= haystack_start + haystack_size)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) return true;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) return false;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) #define DO_NOTHING_TYPE_SCALAR(var_type) var_type
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) #define DO_NOTHING_TYPE_STRING(var_type) void
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) #define DO_NOTHING_TYPE_STRUCT(var_type) void
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) #define DO_NOTHING_RETURN_SCALAR(ptr) *(ptr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) #define DO_NOTHING_RETURN_STRING(ptr) /**/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) #define DO_NOTHING_RETURN_STRUCT(ptr) /**/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) #define DO_NOTHING_CALL_SCALAR(var, name) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) (var) = do_nothing_ ## name(&(var))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) #define DO_NOTHING_CALL_STRING(var, name) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) do_nothing_ ## name(var)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) #define DO_NOTHING_CALL_STRUCT(var, name) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) do_nothing_ ## name(&(var))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) #define FETCH_ARG_SCALAR(var) &var
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) #define FETCH_ARG_STRING(var) var
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) #define FETCH_ARG_STRUCT(var) &var
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) #define FILL_SIZE_STRING 16
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) #define INIT_CLONE_SCALAR /**/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) #define INIT_CLONE_STRING [FILL_SIZE_STRING]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) #define INIT_CLONE_STRUCT /**/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) #define INIT_SCALAR_none /**/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) #define INIT_SCALAR_zero = 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) #define INIT_STRING_none [FILL_SIZE_STRING] /**/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) #define INIT_STRING_zero [FILL_SIZE_STRING] = { }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) #define INIT_STRUCT_none /**/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) #define INIT_STRUCT_zero = { }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) #define INIT_STRUCT_static_partial = { .two = 0, }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) #define INIT_STRUCT_static_all = { .one = 0, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) .two = 0, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) .three = 0, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) .four = 0, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) #define INIT_STRUCT_dynamic_partial = { .two = arg->two, }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) #define INIT_STRUCT_dynamic_all = { .one = arg->one, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) .two = arg->two, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) .three = arg->three, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) .four = arg->four, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) #define INIT_STRUCT_runtime_partial ; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) var.two = 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) #define INIT_STRUCT_runtime_all ; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) var.one = 0; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) var.two = 0; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) var.three = 0; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) var.four = 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) * @name: unique string name for the test
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) * @var_type: type to be tested for zeroing initialization
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) * @which: is this a SCALAR, STRING, or STRUCT type?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) * @init_level: what kind of initialization is performed
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) * @xfail: is this test expected to fail?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) #define DEFINE_TEST_DRIVER(name, var_type, which, xfail) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) /* Returns 0 on success, 1 on failure. */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) static noinline __init int test_ ## name (void) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) { \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) var_type zero INIT_CLONE_ ## which; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) int ignored; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) u8 sum = 0, i; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) /* Notice when a new test is larger than expected. */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) BUILD_BUG_ON(sizeof(zero) > MAX_VAR_SIZE); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) /* Fill clone type with zero for per-field init. */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) memset(&zero, 0x00, sizeof(zero)); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) /* Clear entire check buffer for 0xFF overlap test. */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) memset(check_buf, 0x00, sizeof(check_buf)); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) /* Fill stack with 0xFF. */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) ignored = leaf_ ##name((unsigned long)&ignored, 1, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) FETCH_ARG_ ## which(zero)); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) /* Verify all bytes overwritten with 0xFF. */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) for (sum = 0, i = 0; i < target_size; i++) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) sum += (check_buf[i] != 0xFF); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) if (sum) { \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) pr_err(#name ": leaf fill was not 0xFF!?\n"); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) return 1; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) } \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) /* Clear entire check buffer for later bit tests. */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) memset(check_buf, 0x00, sizeof(check_buf)); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) /* Extract stack-defined variable contents. */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) ignored = leaf_ ##name((unsigned long)&ignored, 0, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) FETCH_ARG_ ## which(zero)); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) /* Validate that compiler lined up fill and target. */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) if (!range_contains(fill_start, fill_size, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) target_start, target_size)) { \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) pr_err(#name ": stack fill missed target!?\n"); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) pr_err(#name ": fill %zu wide\n", fill_size); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) pr_err(#name ": target offset by %d\n", \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) (int)((ssize_t)(uintptr_t)fill_start - \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) (ssize_t)(uintptr_t)target_start)); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) return 1; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) } \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) /* Look for any bytes still 0xFF in check region. */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) for (sum = 0, i = 0; i < target_size; i++) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) sum += (check_buf[i] == 0xFF); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) if (sum == 0) { \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) pr_info(#name " ok\n"); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) return 0; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) } else { \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) pr_warn(#name " %sFAIL (uninit bytes: %d)\n", \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) (xfail) ? "X" : "", sum); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) return (xfail) ? 0 : 1; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) } \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) #define DEFINE_TEST(name, var_type, which, init_level) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) /* no-op to force compiler into ignoring "uninitialized" vars */\
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) static noinline __init DO_NOTHING_TYPE_ ## which(var_type) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) do_nothing_ ## name(var_type *ptr) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) { \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) /* Will always be true, but compiler doesn't know. */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) if ((unsigned long)ptr > 0x2) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) return DO_NOTHING_RETURN_ ## which(ptr); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) else \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) return DO_NOTHING_RETURN_ ## which(ptr + 1); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) } \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) static noinline __init int leaf_ ## name(unsigned long sp, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) bool fill, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) var_type *arg) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) { \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) char buf[VAR_BUFFER]; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) var_type var INIT_ ## which ## _ ## init_level; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) target_start = &var; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) target_size = sizeof(var); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) /* \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) * Keep this buffer around to make sure we've got a \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) * stack frame of SOME kind... \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) memset(buf, (char)(sp & 0xff), sizeof(buf)); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) /* Fill variable with 0xFF. */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) if (fill) { \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) fill_start = &var; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) fill_size = sizeof(var); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) memset(fill_start, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) (char)((sp & 0xff) | forced_mask), \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) fill_size); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) } \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) /* Silence "never initialized" warnings. */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) DO_NOTHING_CALL_ ## which(var, name); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) /* Exfiltrate "var". */ \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) memcpy(check_buf, target_start, target_size); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) return (int)buf[0] | (int)buf[sizeof(buf) - 1]; \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) } \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) DEFINE_TEST_DRIVER(name, var_type, which, 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) /* Structure with no padding. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) struct test_packed {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) unsigned long one;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) unsigned long two;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) unsigned long three;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) unsigned long four;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) /* Simple structure with padding likely to be covered by compiler. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) struct test_small_hole {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) size_t one;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) char two;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) /* 3 byte padding hole here. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) int three;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) unsigned long four;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) /* Trigger unhandled padding in a structure. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) struct test_big_hole {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) u8 one;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) u8 two;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) u8 three;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) /* 61 byte padding hole here. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) u8 four __aligned(64);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) } __aligned(64);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) struct test_trailing_hole {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) char *one;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) char *two;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) char *three;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) char four;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) /* "sizeof(unsigned long) - 1" byte padding hole here. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) /* Test if STRUCTLEAK is clearing structs with __user fields. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) struct test_user {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) u8 one;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) unsigned long two;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) char __user *three;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) unsigned long four;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) #define DEFINE_SCALAR_TEST(name, init) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) DEFINE_TEST(name ## _ ## init, name, SCALAR, init)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) #define DEFINE_SCALAR_TESTS(init) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) DEFINE_SCALAR_TEST(u8, init); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) DEFINE_SCALAR_TEST(u16, init); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) DEFINE_SCALAR_TEST(u32, init); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) DEFINE_SCALAR_TEST(u64, init); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) DEFINE_TEST(char_array_ ## init, unsigned char, STRING, init)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) #define DEFINE_STRUCT_TEST(name, init) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) DEFINE_TEST(name ## _ ## init, \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) struct test_ ## name, STRUCT, init)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) #define DEFINE_STRUCT_TESTS(init) \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) DEFINE_STRUCT_TEST(small_hole, init); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) DEFINE_STRUCT_TEST(big_hole, init); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) DEFINE_STRUCT_TEST(trailing_hole, init); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) DEFINE_STRUCT_TEST(packed, init)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) /* These should be fully initialized all the time! */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) DEFINE_SCALAR_TESTS(zero);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) DEFINE_STRUCT_TESTS(zero);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) /* Static initialization: padding may be left uninitialized. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) DEFINE_STRUCT_TESTS(static_partial);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262) DEFINE_STRUCT_TESTS(static_all);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) /* Dynamic initialization: padding may be left uninitialized. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) DEFINE_STRUCT_TESTS(dynamic_partial);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) DEFINE_STRUCT_TESTS(dynamic_all);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) /* Runtime initialization: padding may be left uninitialized. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267) DEFINE_STRUCT_TESTS(runtime_partial);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) DEFINE_STRUCT_TESTS(runtime_all);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) /* No initialization without compiler instrumentation. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) DEFINE_SCALAR_TESTS(none);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271) DEFINE_STRUCT_TESTS(none);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) DEFINE_TEST(user, struct test_user, STRUCT, none);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275) * Check two uses through a variable declaration outside either path,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) * which was noticed as a special case in porting earlier stack init
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) * compiler logic.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279) static int noinline __leaf_switch_none(int path, bool fill)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) switch (path) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) uint64_t var;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284) case 1:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) target_start = &var;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) target_size = sizeof(var);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287) if (fill) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) fill_start = &var;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289) fill_size = sizeof(var);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) memset(fill_start, forced_mask | 0x55, fill_size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293) memcpy(check_buf, target_start, target_size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) case 2:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296) target_start = &var;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297) target_size = sizeof(var);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) if (fill) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299) fill_start = &var;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300) fill_size = sizeof(var);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302) memset(fill_start, forced_mask | 0xaa, fill_size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) memcpy(check_buf, target_start, target_size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) break;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306) default:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307) var = 5;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308) return var & forced_mask;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313) static noinline __init int leaf_switch_1_none(unsigned long sp, bool fill,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314) uint64_t *arg)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316) return __leaf_switch_none(1, fill);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319) static noinline __init int leaf_switch_2_none(unsigned long sp, bool fill,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320) uint64_t *arg)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322) return __leaf_switch_none(2, fill);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 323) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 324)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 325) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 326) * These are expected to fail for most configurations because neither
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 327) * GCC nor Clang have a way to perform initialization of variables in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 328) * non-code areas (i.e. in a switch statement before the first "case").
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 329) * https://bugs.llvm.org/show_bug.cgi?id=44916
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 330) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 331) DEFINE_TEST_DRIVER(switch_1_none, uint64_t, SCALAR, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 332) DEFINE_TEST_DRIVER(switch_2_none, uint64_t, SCALAR, 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 333)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 334) static int __init test_stackinit_init(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 335) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 336) unsigned int failures = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 337)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 338) #define test_scalars(init) do { \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 339) failures += test_u8_ ## init (); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 340) failures += test_u16_ ## init (); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 341) failures += test_u32_ ## init (); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 342) failures += test_u64_ ## init (); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 343) failures += test_char_array_ ## init (); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 344) } while (0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 345)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 346) #define test_structs(init) do { \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 347) failures += test_small_hole_ ## init (); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 348) failures += test_big_hole_ ## init (); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 349) failures += test_trailing_hole_ ## init (); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 350) failures += test_packed_ ## init (); \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 351) } while (0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 352)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 353) /* These are explicitly initialized and should always pass. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 354) test_scalars(zero);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 355) test_structs(zero);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 356) /* Padding here appears to be accidentally always initialized? */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 357) test_structs(dynamic_partial);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 358) /* Padding initialization depends on compiler behaviors. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 359) test_structs(static_partial);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 360) test_structs(static_all);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 361) test_structs(dynamic_all);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 362) test_structs(runtime_partial);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 363) test_structs(runtime_all);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 364)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 365) /* STRUCTLEAK_BYREF_ALL should cover everything from here down. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 366) test_scalars(none);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 367) failures += test_switch_1_none();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 368) failures += test_switch_2_none();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 369)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 370) /* STRUCTLEAK_BYREF should cover from here down. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 371) test_structs(none);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 372)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 373) /* STRUCTLEAK will only cover this. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 374) failures += test_user();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 375)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 376) if (failures == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 377) pr_info("all tests passed!\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 378) else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 379) pr_err("failures: %u\n", failures);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 380)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 381) return failures ? -EINVAL : 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 382) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 383) module_init(test_stackinit_init);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 384)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 385) static void __exit test_stackinit_exit(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 386) { }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 387) module_exit(test_stackinit_exit);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 388)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 389) MODULE_LICENSE("GPL");
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags