Commit 091f79e8 authored by Kees Cook's avatar Kees Cook
Browse files

kunit/fortify: Do not spam logs with fortify WARNs 

When running KUnit fortify tests, we're already doing precise tracking
of which warnings are getting hit. Don't fill the logs with WARNs unless
we've been explicitly built with DEBUG enabled.

Link: https://lore.kernel.org/r/20240429194342.2421639-2-keescook@chromium.org


Signed-off-by: default avatarKees Cook <keescook@chromium.org>
parent a0d6677e

lib/fortify_kunit.c

+8 −1
Original line number Diff line number Diff line
@@ -15,10 +15,17 @@ 
 */

#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt



/* We don't need to fill dmesg with the fortify WARNs during testing. */

#ifdef DEBUG

# define FORTIFY_REPORT_KUNIT(x...) __fortify_report(x)

#else

# define FORTIFY_REPORT_KUNIT(x...) do { } while (0)

#endif



/* Redefine fortify_panic() to track failures. */

void fortify_add_kunit_error(int write);

#define fortify_panic(func, write, avail, size, retfail) do {		\

	__fortify_report(FORTIFY_REASON(func, write), avail, size);	\

	FORTIFY_REPORT_KUNIT(FORTIFY_REASON(func, write), avail, size);	\

	fortify_add_kunit_error(write);					\

	return (retfail);						\

} while (0)