Commit be58f710 authored by Kees Cook's avatar Kees Cook
Browse files

fortify: Add compile-time FORTIFY_SOURCE tests 



While the run-time testing of FORTIFY_SOURCE is already present in
LKDTM, there is no testing of the expected compile-time detections. In
preparation for correctly supporting FORTIFY_SOURCE under Clang, adding
additional FORTIFY_SOURCE defenses, and making sure FORTIFY_SOURCE
doesn't silently regress with GCC, introduce a build-time test suite that
checks each expected compile-time failure condition.

As this is relatively backwards from standard build rules in the
sense that a successful test is actually a compile _failure_, create
a wrapper script to check for the correct errors, and wire it up as
a dummy dependency to lib/string.o, collecting the results into a log
file artifact.

Signed-off-by: default avatarKees Cook <keescook@chromium.org>
parent 3009f891

MAINTAINERS

+9 −0
Original line number Diff line number Diff line
@@ -7323,6 +7323,15 @@ L: netdev@vger.kernel.org 
S:	Maintained

F:	drivers/net/ethernet/nvidia/*









FORTIFY_SOURCE









M:	Kees Cook <keescook@chromium.org>









L:	linux-hardening@vger.kernel.org









S:	Supported









F:	include/linux/fortify-string.h









F:	lib/test_fortify/*









F:	scripts/test_fortify.sh









K:	\b__NO_FORTIFY\b

















FPGA DFL DRIVERS









M:	Wu Hao <hao.wu@intel.com>









R:	Tom Rix <trix@redhat.com>
































lib/.gitignore



+2
−0






























Original line number
Diff line number
Diff line







@@ -4,3 +4,5 @@







/gen_crc32table









/gen_crc64table









/oid_registry_data.c









/test_fortify.log









/test_fortify/*.log
























lib/Makefile



+33
−0






























Original line number
Diff line number
Diff line







@@ -360,3 +360,36 @@ obj-$(CONFIG_CMDLINE_KUNIT_TEST) += cmdline_kunit.o







obj-$(CONFIG_SLUB_KUNIT_TEST) += slub_kunit.o



















obj-$(CONFIG_GENERIC_LIB_DEVMEM_IS_ALLOWED) += devmem_is_allowed.o



















# FORTIFY_SOURCE compile-time behavior tests









TEST_FORTIFY_SRCS = $(wildcard $(srctree)/$(src)/test_fortify/*-*.c)









TEST_FORTIFY_LOGS = $(patsubst $(srctree)/$(src)/%.c, %.log, $(TEST_FORTIFY_SRCS))









TEST_FORTIFY_LOG = test_fortify.log



















quiet_cmd_test_fortify = TEST    $@









      cmd_test_fortify = $(CONFIG_SHELL) $(srctree)/scripts/test_fortify.sh \









			$< $@ "$(NM)" $(CC) $(c_flags) \









			$(call cc-disable-warning,fortify-source)



















targets += $(TEST_FORTIFY_LOGS)









clean-files += $(TEST_FORTIFY_LOGS)









clean-files += $(addsuffix .o, $(TEST_FORTIFY_LOGS))









$(obj)/test_fortify/%.log: $(src)/test_fortify/%.c \









			   $(src)/test_fortify/test_fortify.h \









			   $(srctree)/include/linux/fortify-string.h \









			   $(srctree)/scripts/test_fortify.sh \









			   FORCE









	$(call if_changed,test_fortify)



















quiet_cmd_gen_fortify_log = GEN     $@









      cmd_gen_fortify_log = cat </dev/null $(filter-out FORCE,$^) 2>/dev/null > $@ || true



















targets += $(TEST_FORTIFY_LOG)









clean-files += $(TEST_FORTIFY_LOG)









$(obj)/$(TEST_FORTIFY_LOG): $(addprefix $(obj)/, $(TEST_FORTIFY_LOGS)) FORCE









	$(call if_changed,gen_fortify_log)



















# Fake dependency to trigger the fortify tests.









ifeq ($(CONFIG_FORTIFY_SOURCE),y)









$(obj)/string.o: $(obj)/$(TEST_FORTIFY_LOG)









endif
























lib/test_fortify/read_overflow-memchr.c
0 → 100644



+5
−0






























Original line number
Diff line number
Diff line









// SPDX-License-Identifier: GPL-2.0-only









#define TEST	\









	memchr(small, 0x7A, sizeof(small) + 1)



















#include "test_fortify.h"
























lib/test_fortify/read_overflow-memchr_inv.c
0 → 100644



+5
−0






























Original line number
Diff line number
Diff line









// SPDX-License-Identifier: GPL-2.0-only









#define TEST	\









	memchr_inv(small, 0x7A, sizeof(small) + 1)



















#include "test_fortify.h"