[PATCH v3 0/5] fortify: Add KUnit tests for runtime overflows

From: Kees Cook
Date: Fri Feb 16 2024 - 23:53:50 EST


Hi,

This series is the rest of the v2 series that was half landed last year,
and finally introduces KUnit runtime testing of the CONFIG_FORTIFY_SOURCE
APIs. Additionally FORTIFY failure messages are improved to give more
context about read/write and sizes.

-Kees

v3
- rebase (goodbye strlcpy)
- avoid extra macros for replacing fortify_panic() (nick)
- generally clean up macro usage
- avoid build warnings when testing known overflow conditions
v2 https://lore.kernel.org/all/20230407192717.636137-10-keescook@xxxxxxxxxxxx/
v1 https://lore.kernel.org/lkml/20230405235832.never.487-kees@xxxxxxxxxx/

Kees Cook (5):
fortify: Split reporting and avoid passing string pointer
fortify: Allow KUnit test to build without FORTIFY
fortify: Provide KUnit counters for failure testing
fortify: Add KUnit tests for runtime overflows
fortify: Improve buffer overflow reporting

arch/arm/boot/compressed/misc.c | 2 +-
arch/x86/boot/compressed/misc.c | 2 +-
include/linux/fortify-string.h | 100 +++--
lib/Kconfig.debug | 2 +-
lib/Makefile | 1 +
lib/fortify_kunit.c | 662 +++++++++++++++++++++++++++++++-
lib/string_helpers.c | 26 +-
tools/objtool/noreturns.h | 2 +-
8 files changed, 761 insertions(+), 36 deletions(-)

--
2.34.1