mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-12 21:57:43 +00:00
Code Issues Releases Wiki Activity
linux-stable/lib/kunit
History
Jinjie Ruan 2b56a4b79b kunit: Fix possible null-ptr-deref in kunit_parse_glob_filter() 
Inject fault while probing kunit-example-test.ko, if kzalloc fails
in kunit_parse_glob_filter(), strcpy() or strncpy() to NULL will
cause below null-ptr-deref bug. So check NULL for kzalloc() and
return int instead of void for kunit_parse_glob_filter().

 Unable to handle kernel paging request at virtual address dfff800000000000
 KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
 Mem abort info:
   ESR = 0x0000000096000005
   EC = 0x25: DABT (current EL), IL = 32 bits
   SET = 0, FnV = 0
   EA = 0, S1PTW = 0
   FSC = 0x05: level 1 translation fault
 Data abort info:
   ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
   CM = 0, WnR = 0, TnD = 0, TagAccess = 0
   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
 [dfff800000000000] address between user and kernel address ranges
 Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP
 Modules linked in: kunit_example_test cfg80211 rfkill 8021q garp mrp stp llc ipv6 [last unloaded: kunit_example_test]
 CPU: 4 PID: 6047 Comm: modprobe Tainted: G        W        N 6.5.0-next-20230829+ #141
 Hardware name: linux,dummy-virt (DT)
 pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
 pc : strncpy+0x58/0xc0
 lr : kunit_filter_suites+0x15c/0xa84
 sp : ffff800082a17420
 x29: ffff800082a17420 x28: 0000000000000000 x27: 0000000000000004
 x26: 0000000000000000 x25: ffffa847e40a5320 x24: 0000000000000001
 x23: 0000000000000000 x22: 0000000000000001 x21: dfff800000000000
 x20: 000000000000002a x19: 0000000000000000 x18: 00000000750b3b54
 x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000
 x14: 0000000000000000 x13: 34393178302f3039 x12: ffff7508fcea4ec1
 x11: 1ffff508fcea4ec0 x10: ffff7508fcea4ec0 x9 : dfff800000000000
 x8 : ffff6051b1a7f86a x7 : ffff800082a17270 x6 : 0000000000000002
 x5 : 0000000000000098 x4 : ffff028d9817b250 x3 : 0000000000000000
 x2 : 0000000000000000 x1 : ffffa847e40a5320 x0 : 0000000000000000
 Call trace:
  strncpy+0x58/0xc0
  kunit_filter_suites+0x15c/0xa84
  kunit_module_notify+0x1b0/0x3ac
  blocking_notifier_call_chain+0xc4/0x128
  do_init_module+0x250/0x594
  load_module+0x37b0/0x44b4
  init_module_from_file+0xd4/0x128
  idempotent_init_module+0x2c8/0x524
  __arm64_sys_finit_module+0xac/0x100
  invoke_syscall+0x6c/0x258
  el0_svc_common.constprop.0+0x160/0x22c
  do_el0_svc+0x44/0x5c
  el0_svc+0x38/0x78
  el0t_64_sync_handler+0x13c/0x158
  el0t_64_sync+0x190/0x194
 Code: 5400028a d343fe63 12000a62 39400034 (38f56863)
 ---[ end trace 0000000000000000 ]---
 Kernel panic - not syncing: Oops: Fatal exception
 SMP: stopping secondary CPUs
 Kernel Offset: 0x284761400000 from 0xffff800080000000
 PHYS_OFFSET: 0xfffffd7380000000
 CPU features: 0x88000203,3c020000,1000421b
 Memory Limit: none
 Rebooting in 1 seconds..

Fixes: a127b154a8 ("kunit: tool: allow filtering test cases via glob")
Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
Reviewed-by: Rae Moar <rmoar@google.com>
Reviewed-by: David Gow <davidgow@google.com>
Signed-off-by: Shuah Khan <skhan@linuxfoundation.org>
2023-09-05 12:30:01 -06:00
..
.kunitconfig kunit: tool: make --kunitconfig accept dirs, add lib/kunit fragment 2021-04-02 14:14:36 -06:00
assert.c kunit: fix bug in KUNIT_EXPECT_MEMEQ 2023-01-30 14:46:46 -07:00
attributes.c kunit: fix struct kunit_attr header 2023-08-21 08:07:56 -06:00
debugfs.c kunit: include debugfs header file 2023-06-09 17:44:16 -07:00
debugfs.h kunit: add debugfs /sys/kernel/debug/kunit/<suite>/results display 2020-03-26 14:07:18 -06:00
executor.c kunit: Fix possible null-ptr-deref in kunit_parse_glob_filter() 2023-09-05 12:30:01 -06:00
executor_test.c kunit: test: Make filter strings in executor_test writable 2023-09-01 09:09:25 -06:00
hooks-impl.h kunit: Add printf attribute to fail_current_test_impl 2023-02-08 18:08:14 -07:00
hooks.c kunit: Add "hooks" to call into KUnit when it's built as a module 2023-02-08 14:26:25 -07:00
Kconfig kunit: Allow kunit test modules to use test filtering 2023-08-08 13:46:18 -06:00
kunit-example-test.c kunit: Add speed attribute 2023-07-26 13:29:04 -06:00
kunit-test.c kunit: Add kunit_add_action() to defer a call until test exit 2023-05-25 08:52:55 -06:00
Makefile kunit: Add test attributes API structure 2023-07-26 13:28:57 -06:00
resource.c kunit: Add kunit_add_action() to defer a call until test exit 2023-05-25 08:52:55 -06:00
static_stub.c kunit: Expose 'static stub' API to redirect functions 2023-02-08 14:28:17 -07:00
string-stream-test.c kunit: allow kunit tests to be loaded as a module 2020-01-09 16:42:29 -07:00
string-stream.c kunit: alloc_string_stream_fragment error handling bug fix 2022-12-26 16:01:36 -07:00
string-stream.h kunit: drop test pointer in string_stream_fragment 2022-10-07 10:15:33 -06:00
test.c kunit: Fix wild-memory-access bug in kunit_free_suite_set() 2023-09-05 12:29:50 -06:00
try-catch-impl.h kunit: hide unexported try-catch interface in try-catch-impl.h 2020-01-09 16:42:09 -07:00
try-catch.c kunit: make kunit_test_timeout compatible with comment 2022-03-22 15:57:11 -07:00