From: Andrey Konovalov andreyknvl@gmail.com
[ Upstream commit 25b12a58e848459ae2dbf2e7d318ef168bd1c5e2 ]
kmalloc_uaf_memset() writes to freed memory, which is only safe with the GENERIC mode (as it uses quarantine). For other modes, this test corrupts kernel memory, which might result in a crash.
Only enable kmalloc_uaf_memset() for the GENERIC mode.
Link: https://lkml.kernel.org/r/2e1c87b607b1292556cde3cab2764f108542b60c.162877980... Signed-off-by: Andrey Konovalov andreyknvl@gmail.com Reviewed-by: Marco Elver elver@google.com Cc: Alexander Potapenko glider@google.com Cc: Andrey Ryabinin aryabinin@virtuozzo.com Cc: Dmitry Vyukov dvyukov@google.com Signed-off-by: Andrew Morton akpm@linux-foundation.org Signed-off-by: Linus Torvalds torvalds@linux-foundation.org Signed-off-by: Sasha Levin sashal@kernel.org --- lib/test_kasan.c | 6 ++++++ 1 file changed, 6 insertions(+)
diff --git a/lib/test_kasan.c b/lib/test_kasan.c index c149675300bd..65adde0757a3 100644 --- a/lib/test_kasan.c +++ b/lib/test_kasan.c @@ -518,6 +518,12 @@ static void kmalloc_uaf_memset(struct kunit *test) char *ptr; size_t size = 33;
+ /* + * Only generic KASAN uses quarantine, which is required to avoid a + * kernel memory corruption this test causes. + */ + KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_KASAN_GENERIC); + ptr = kmalloc(size, GFP_KERNEL); KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr);