* [PATCH v2 0/7] Handle faults in KUnit tests
@ 2024-03-01 19:40 Mickaël Salaün
2024-03-01 19:40 ` [PATCH v2 1/7] kunit: Handle thread creation error Mickaël Salaün
` (6 more replies)
0 siblings, 7 replies; 22+ messages in thread
From: Mickaël Salaün @ 2024-03-01 19:40 UTC (permalink / raw
To: Brendan Higgins, David Gow, Kees Cook, Rae Moar, Shuah Khan
Cc: Mickaël Salaün, Alan Maguire, Borislav Petkov,
Dave Hansen, H . Peter Anvin, Ingo Molnar, James Morris,
Luis Chamberlain, Madhavan T . Venkataraman, Marco Pagani,
Paolo Bonzini, Sean Christopherson, Stephen Boyd, Thara Gopinath,
Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li, Zahra Tarkhani,
kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
Hi,
This patch series teaches KUnit to handle kthread faults as errors, and
it brings a few related fixes and improvements.
I removed the previous patch that moved the KUnit test execution at the
very end of kernel initialization. We'll address that with a separate
series.
A new test case check NULL pointer dereference, which wasn't possible
before.
This is useful to test current kernel self-protection mechanisms or
future ones such as Heki: https://github.com/heki-linux
Previous version:
v1: https://lore.kernel.org/r/20240229170409.365386-1-mic@digikod.net
Regards,
Mickaël Salaün (7):
kunit: Handle thread creation error
kunit: Fix kthread reference
kunit: Fix timeout message
kunit: Handle test faults
kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests
kunit: Print last test location on fault
kunit: Add tests for fault
include/kunit/test.h | 24 ++++++++++++++++++---
include/kunit/try-catch.h | 3 ---
lib/kunit/kunit-test.c | 45 ++++++++++++++++++++++++++++++++++++++-
lib/kunit/try-catch.c | 33 +++++++++++++++++-----------
lib/kunit_iov_iter.c | 18 ++++++++--------
5 files changed, 95 insertions(+), 28 deletions(-)
base-commit: d206a76d7d2726f3b096037f2079ce0bd3ba329b
--
2.44.0
^ permalink raw reply [flat|nested] 22+ messages in thread
* [PATCH v2 1/7] kunit: Handle thread creation error
2024-03-01 19:40 [PATCH v2 0/7] Handle faults in KUnit tests Mickaël Salaün
@ 2024-03-01 19:40 ` Mickaël Salaün
2024-03-05 20:57 ` Rae Moar
2024-03-12 4:53 ` David Gow
2024-03-01 19:40 ` [PATCH v2 2/7] kunit: Fix kthread reference Mickaël Salaün
` (5 subsequent siblings)
6 siblings, 2 replies; 22+ messages in thread
From: Mickaël Salaün @ 2024-03-01 19:40 UTC (permalink / raw
To: Brendan Higgins, David Gow, Kees Cook, Rae Moar, Shuah Khan
Cc: Mickaël Salaün, Alan Maguire, Borislav Petkov,
Dave Hansen, H . Peter Anvin, Ingo Molnar, James Morris,
Luis Chamberlain, Madhavan T . Venkataraman, Marco Pagani,
Paolo Bonzini, Sean Christopherson, Stephen Boyd, Thara Gopinath,
Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li, Zahra Tarkhani,
kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
Previously, if a thread creation failed (e.g. -ENOMEM), the function was
called (kunit_catch_run_case or kunit_catch_run_case_cleanup) without
marking the test as failed. Instead, fill try_result with the error
code returned by kthread_run(), which will mark the test as failed and
print "internal error occurred...".
Cc: Brendan Higgins <brendanhiggins@google.com>
Cc: David Gow <davidgow@google.com>
Cc: Rae Moar <rmoar@google.com>
Cc: Shuah Khan <skhan@linuxfoundation.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Link: https://lore.kernel.org/r/20240301194037.532117-2-mic@digikod.net
---
Changes since v1:
* Added Kees's Reviewed-by.
---
lib/kunit/try-catch.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
index f7825991d576..a5cb2ef70a25 100644
--- a/lib/kunit/try-catch.c
+++ b/lib/kunit/try-catch.c
@@ -69,6 +69,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
try_catch,
"kunit_try_catch_thread");
if (IS_ERR(task_struct)) {
+ try_catch->try_result = PTR_ERR(task_struct);
try_catch->catch(try_catch->context);
return;
}
--
2.44.0
^ permalink raw reply related [flat|nested] 22+ messages in thread
* [PATCH v2 2/7] kunit: Fix kthread reference
2024-03-01 19:40 [PATCH v2 0/7] Handle faults in KUnit tests Mickaël Salaün
2024-03-01 19:40 ` [PATCH v2 1/7] kunit: Handle thread creation error Mickaël Salaün
@ 2024-03-01 19:40 ` Mickaël Salaün
2024-03-05 20:57 ` Rae Moar
2024-03-12 4:53 ` David Gow
2024-03-01 19:40 ` [PATCH v2 3/7] kunit: Fix timeout message Mickaël Salaün
` (4 subsequent siblings)
6 siblings, 2 replies; 22+ messages in thread
From: Mickaël Salaün @ 2024-03-01 19:40 UTC (permalink / raw
To: Brendan Higgins, David Gow, Kees Cook, Rae Moar, Shuah Khan
Cc: Mickaël Salaün, Alan Maguire, Borislav Petkov,
Dave Hansen, H . Peter Anvin, Ingo Molnar, James Morris,
Luis Chamberlain, Madhavan T . Venkataraman, Marco Pagani,
Paolo Bonzini, Sean Christopherson, Stephen Boyd, Thara Gopinath,
Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li, Zahra Tarkhani,
kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
There is a race condition when a kthread finishes after the deadline and
before the call to kthread_stop(), which may lead to use after free.
Cc: Brendan Higgins <brendanhiggins@google.com>
Cc: David Gow <davidgow@google.com>
Cc: Rae Moar <rmoar@google.com>
Cc: Shuah Khan <skhan@linuxfoundation.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Link: https://lore.kernel.org/r/20240301194037.532117-3-mic@digikod.net
---
Changes since v1:
* Added Kees's Reviewed-by.
---
lib/kunit/try-catch.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
index a5cb2ef70a25..73f5007f20ea 100644
--- a/lib/kunit/try-catch.c
+++ b/lib/kunit/try-catch.c
@@ -11,6 +11,7 @@
#include <linux/completion.h>
#include <linux/kernel.h>
#include <linux/kthread.h>
+#include <linux/sched/task.h>
#include "try-catch-impl.h"
@@ -65,14 +66,15 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
try_catch->context = context;
try_catch->try_completion = &try_completion;
try_catch->try_result = 0;
- task_struct = kthread_run(kunit_generic_run_threadfn_adapter,
- try_catch,
- "kunit_try_catch_thread");
+ task_struct = kthread_create(kunit_generic_run_threadfn_adapter,
+ try_catch, "kunit_try_catch_thread");
if (IS_ERR(task_struct)) {
try_catch->try_result = PTR_ERR(task_struct);
try_catch->catch(try_catch->context);
return;
}
+ get_task_struct(task_struct);
+ wake_up_process(task_struct);
time_remaining = wait_for_completion_timeout(&try_completion,
kunit_test_timeout());
@@ -82,6 +84,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
kthread_stop(task_struct);
}
+ put_task_struct(task_struct);
exit_code = try_catch->try_result;
if (!exit_code)
--
2.44.0
^ permalink raw reply related [flat|nested] 22+ messages in thread
* [PATCH v2 3/7] kunit: Fix timeout message
2024-03-01 19:40 [PATCH v2 0/7] Handle faults in KUnit tests Mickaël Salaün
2024-03-01 19:40 ` [PATCH v2 1/7] kunit: Handle thread creation error Mickaël Salaün
2024-03-01 19:40 ` [PATCH v2 2/7] kunit: Fix kthread reference Mickaël Salaün
@ 2024-03-01 19:40 ` Mickaël Salaün
2024-03-05 20:58 ` Rae Moar
2024-03-12 4:53 ` David Gow
2024-03-01 19:40 ` [PATCH v2 4/7] kunit: Handle test faults Mickaël Salaün
` (3 subsequent siblings)
6 siblings, 2 replies; 22+ messages in thread
From: Mickaël Salaün @ 2024-03-01 19:40 UTC (permalink / raw
To: Brendan Higgins, David Gow, Kees Cook, Rae Moar, Shuah Khan
Cc: Mickaël Salaün, Alan Maguire, Borislav Petkov,
Dave Hansen, H . Peter Anvin, Ingo Molnar, James Morris,
Luis Chamberlain, Madhavan T . Venkataraman, Marco Pagani,
Paolo Bonzini, Sean Christopherson, Stephen Boyd, Thara Gopinath,
Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li, Zahra Tarkhani,
kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
The exit code is always checked, so let's properly handle the -ETIMEDOUT
error code.
Cc: Brendan Higgins <brendanhiggins@google.com>
Cc: David Gow <davidgow@google.com>
Cc: Rae Moar <rmoar@google.com>
Cc: Shuah Khan <skhan@linuxfoundation.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Link: https://lore.kernel.org/r/20240301194037.532117-4-mic@digikod.net
---
Changes since v1:
* Added Kees's Reviewed-by.
---
lib/kunit/try-catch.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
index 73f5007f20ea..cab8b24b5d5a 100644
--- a/lib/kunit/try-catch.c
+++ b/lib/kunit/try-catch.c
@@ -79,7 +79,6 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
time_remaining = wait_for_completion_timeout(&try_completion,
kunit_test_timeout());
if (time_remaining == 0) {
- kunit_err(test, "try timed out\n");
try_catch->try_result = -ETIMEDOUT;
kthread_stop(task_struct);
}
@@ -94,6 +93,8 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
try_catch->try_result = 0;
else if (exit_code == -EINTR)
kunit_err(test, "wake_up_process() was never called\n");
+ else if (exit_code == -ETIMEDOUT)
+ kunit_err(test, "try timed out\n");
else if (exit_code)
kunit_err(test, "Unknown error: %d\n", exit_code);
--
2.44.0
^ permalink raw reply related [flat|nested] 22+ messages in thread
* [PATCH v2 4/7] kunit: Handle test faults
2024-03-01 19:40 [PATCH v2 0/7] Handle faults in KUnit tests Mickaël Salaün
` (2 preceding siblings ...)
2024-03-01 19:40 ` [PATCH v2 3/7] kunit: Fix timeout message Mickaël Salaün
@ 2024-03-01 19:40 ` Mickaël Salaün
2024-03-11 21:21 ` Rae Moar
2024-03-12 5:05 ` David Gow
2024-03-01 19:40 ` [PATCH v2 5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests Mickaël Salaün
` (2 subsequent siblings)
6 siblings, 2 replies; 22+ messages in thread
From: Mickaël Salaün @ 2024-03-01 19:40 UTC (permalink / raw
To: Brendan Higgins, David Gow, Kees Cook, Rae Moar, Shuah Khan
Cc: Mickaël Salaün, Alan Maguire, Borislav Petkov,
Dave Hansen, H . Peter Anvin, Ingo Molnar, James Morris,
Luis Chamberlain, Madhavan T . Venkataraman, Marco Pagani,
Paolo Bonzini, Sean Christopherson, Stephen Boyd, Thara Gopinath,
Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li, Zahra Tarkhani,
kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
Previously, when a kernel test thread crashed (e.g. NULL pointer
dereference, general protection fault), the KUnit test hanged for 30
seconds and exited with a timeout error.
Fix this issue by waiting on task_struct->vfork_done instead of the
custom kunit_try_catch.try_completion, and track the execution state by
initially setting try_result with -EFAULT and only setting it to 0 if
the test passed.
Fix kunit_generic_run_threadfn_adapter() signature by returning 0
instead of calling kthread_complete_and_exit(). Because thread's exit
code is never checked, always set it to 0 to make it clear.
Fix the -EINTR error message, which couldn't be reached until now.
This is tested with a following patch.
Cc: Brendan Higgins <brendanhiggins@google.com>
Cc: David Gow <davidgow@google.com>
Cc: Rae Moar <rmoar@google.com>
Cc: Shuah Khan <skhan@linuxfoundation.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Link: https://lore.kernel.org/r/20240301194037.532117-5-mic@digikod.net
---
Changes since v1:
* Added Kees's Reviewed-by.
---
include/kunit/try-catch.h | 3 ---
lib/kunit/try-catch.c | 14 +++++++-------
2 files changed, 7 insertions(+), 10 deletions(-)
diff --git a/include/kunit/try-catch.h b/include/kunit/try-catch.h
index c507dd43119d..7c966a1adbd3 100644
--- a/include/kunit/try-catch.h
+++ b/include/kunit/try-catch.h
@@ -14,13 +14,11 @@
typedef void (*kunit_try_catch_func_t)(void *);
-struct completion;
struct kunit;
/**
* struct kunit_try_catch - provides a generic way to run code which might fail.
* @test: The test case that is currently being executed.
- * @try_completion: Completion that the control thread waits on while test runs.
* @try_result: Contains any errno obtained while running test case.
* @try: The function, the test case, to attempt to run.
* @catch: The function called if @try bails out.
@@ -46,7 +44,6 @@ struct kunit;
struct kunit_try_catch {
/* private: internal use only. */
struct kunit *test;
- struct completion *try_completion;
int try_result;
kunit_try_catch_func_t try;
kunit_try_catch_func_t catch;
diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
index cab8b24b5d5a..c6ee4db0b3bd 100644
--- a/lib/kunit/try-catch.c
+++ b/lib/kunit/try-catch.c
@@ -18,7 +18,7 @@
void __noreturn kunit_try_catch_throw(struct kunit_try_catch *try_catch)
{
try_catch->try_result = -EFAULT;
- kthread_complete_and_exit(try_catch->try_completion, -EFAULT);
+ kthread_exit(0);
}
EXPORT_SYMBOL_GPL(kunit_try_catch_throw);
@@ -26,9 +26,12 @@ static int kunit_generic_run_threadfn_adapter(void *data)
{
struct kunit_try_catch *try_catch = data;
+ try_catch->try_result = -EINTR;
try_catch->try(try_catch->context);
+ if (try_catch->try_result == -EINTR)
+ try_catch->try_result = 0;
- kthread_complete_and_exit(try_catch->try_completion, 0);
+ return 0;
}
static unsigned long kunit_test_timeout(void)
@@ -58,13 +61,11 @@ static unsigned long kunit_test_timeout(void)
void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
{
- DECLARE_COMPLETION_ONSTACK(try_completion);
struct kunit *test = try_catch->test;
struct task_struct *task_struct;
int exit_code, time_remaining;
try_catch->context = context;
- try_catch->try_completion = &try_completion;
try_catch->try_result = 0;
task_struct = kthread_create(kunit_generic_run_threadfn_adapter,
try_catch, "kunit_try_catch_thread");
@@ -75,8 +76,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
}
get_task_struct(task_struct);
wake_up_process(task_struct);
-
- time_remaining = wait_for_completion_timeout(&try_completion,
+ time_remaining = wait_for_completion_timeout(task_struct->vfork_done,
kunit_test_timeout());
if (time_remaining == 0) {
try_catch->try_result = -ETIMEDOUT;
@@ -92,7 +92,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
if (exit_code == -EFAULT)
try_catch->try_result = 0;
else if (exit_code == -EINTR)
- kunit_err(test, "wake_up_process() was never called\n");
+ kunit_err(test, "try faulted\n");
else if (exit_code == -ETIMEDOUT)
kunit_err(test, "try timed out\n");
else if (exit_code)
--
2.44.0
^ permalink raw reply related [flat|nested] 22+ messages in thread
* [PATCH v2 5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests
2024-03-01 19:40 [PATCH v2 0/7] Handle faults in KUnit tests Mickaël Salaün
` (3 preceding siblings ...)
2024-03-01 19:40 ` [PATCH v2 4/7] kunit: Handle test faults Mickaël Salaün
@ 2024-03-01 19:40 ` Mickaël Salaün
2024-03-12 4:54 ` David Gow
2024-03-01 19:40 ` [PATCH v2 6/7] kunit: Print last test location on fault Mickaël Salaün
2024-03-01 19:40 ` [PATCH v2 7/7] kunit: Add tests for fault Mickaël Salaün
6 siblings, 1 reply; 22+ messages in thread
From: Mickaël Salaün @ 2024-03-01 19:40 UTC (permalink / raw
To: Brendan Higgins, David Gow, Kees Cook, Rae Moar, Shuah Khan
Cc: Mickaël Salaün, Alan Maguire, Borislav Petkov,
Dave Hansen, H . Peter Anvin, Ingo Molnar, James Morris,
Luis Chamberlain, Madhavan T . Venkataraman, Marco Pagani,
Paolo Bonzini, Sean Christopherson, Stephen Boyd, Thara Gopinath,
Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li, Zahra Tarkhani,
kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
Fix KUNIT_SUCCESS() calls to pass a test argument.
This is a no-op for now because this macro does nothing, but it will be
required for the next commit.
Cc: Brendan Higgins <brendanhiggins@google.com>
Cc: David Gow <davidgow@google.com>
Cc: Rae Moar <rmoar@google.com>
Cc: Shuah Khan <skhan@linuxfoundation.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Link: https://lore.kernel.org/r/20240301194037.532117-6-mic@digikod.net
---
Changes since v1:
* Added Kees's Reviewed-by.
---
lib/kunit_iov_iter.c | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/lib/kunit_iov_iter.c b/lib/kunit_iov_iter.c
index 859b67c4d697..27e0c8ee71d8 100644
--- a/lib/kunit_iov_iter.c
+++ b/lib/kunit_iov_iter.c
@@ -139,7 +139,7 @@ static void __init iov_kunit_copy_to_kvec(struct kunit *test)
return;
}
- KUNIT_SUCCEED();
+ KUNIT_SUCCEED(test);
}
/*
@@ -194,7 +194,7 @@ static void __init iov_kunit_copy_from_kvec(struct kunit *test)
return;
}
- KUNIT_SUCCEED();
+ KUNIT_SUCCEED(test);
}
struct bvec_test_range {
@@ -302,7 +302,7 @@ static void __init iov_kunit_copy_to_bvec(struct kunit *test)
return;
}
- KUNIT_SUCCEED();
+ KUNIT_SUCCEED(test);
}
/*
@@ -359,7 +359,7 @@ static void __init iov_kunit_copy_from_bvec(struct kunit *test)
return;
}
- KUNIT_SUCCEED();
+ KUNIT_SUCCEED(test);
}
static void iov_kunit_destroy_xarray(void *data)
@@ -453,7 +453,7 @@ static void __init iov_kunit_copy_to_xarray(struct kunit *test)
return;
}
- KUNIT_SUCCEED();
+ KUNIT_SUCCEED(test);
}
/*
@@ -516,7 +516,7 @@ static void __init iov_kunit_copy_from_xarray(struct kunit *test)
return;
}
- KUNIT_SUCCEED();
+ KUNIT_SUCCEED(test);
}
/*
@@ -596,7 +596,7 @@ static void __init iov_kunit_extract_pages_kvec(struct kunit *test)
stop:
KUNIT_EXPECT_EQ(test, size, 0);
KUNIT_EXPECT_EQ(test, iter.count, 0);
- KUNIT_SUCCEED();
+ KUNIT_SUCCEED(test);
}
/*
@@ -674,7 +674,7 @@ static void __init iov_kunit_extract_pages_bvec(struct kunit *test)
stop:
KUNIT_EXPECT_EQ(test, size, 0);
KUNIT_EXPECT_EQ(test, iter.count, 0);
- KUNIT_SUCCEED();
+ KUNIT_SUCCEED(test);
}
/*
@@ -753,7 +753,7 @@ static void __init iov_kunit_extract_pages_xarray(struct kunit *test)
}
stop:
- KUNIT_SUCCEED();
+ KUNIT_SUCCEED(test);
}
static struct kunit_case __refdata iov_kunit_cases[] = {
--
2.44.0
^ permalink raw reply related [flat|nested] 22+ messages in thread
* [PATCH v2 6/7] kunit: Print last test location on fault
2024-03-01 19:40 [PATCH v2 0/7] Handle faults in KUnit tests Mickaël Salaün
` (4 preceding siblings ...)
2024-03-01 19:40 ` [PATCH v2 5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests Mickaël Salaün
@ 2024-03-01 19:40 ` Mickaël Salaün
2024-03-12 4:54 ` David Gow
2024-03-01 19:40 ` [PATCH v2 7/7] kunit: Add tests for fault Mickaël Salaün
6 siblings, 1 reply; 22+ messages in thread
From: Mickaël Salaün @ 2024-03-01 19:40 UTC (permalink / raw
To: Brendan Higgins, David Gow, Kees Cook, Rae Moar, Shuah Khan
Cc: Mickaël Salaün, Alan Maguire, Borislav Petkov,
Dave Hansen, H . Peter Anvin, Ingo Molnar, James Morris,
Luis Chamberlain, Madhavan T . Venkataraman, Marco Pagani,
Paolo Bonzini, Sean Christopherson, Stephen Boyd, Thara Gopinath,
Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li, Zahra Tarkhani,
kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
This helps identify the location of test faults.
Cc: Brendan Higgins <brendanhiggins@google.com>
Cc: David Gow <davidgow@google.com>
Cc: Rae Moar <rmoar@google.com>
Cc: Shuah Khan <skhan@linuxfoundation.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Link: https://lore.kernel.org/r/20240301194037.532117-7-mic@digikod.net
---
Changes since v1:
* Added Kees's Reviewed-by.
---
include/kunit/test.h | 24 +++++++++++++++++++++---
lib/kunit/try-catch.c | 10 +++++++---
2 files changed, 28 insertions(+), 6 deletions(-)
diff --git a/include/kunit/test.h b/include/kunit/test.h
index fcb4a4940ace..f3aa66eb0087 100644
--- a/include/kunit/test.h
+++ b/include/kunit/test.h
@@ -301,6 +301,8 @@ struct kunit {
struct list_head resources; /* Protected by lock. */
char status_comment[KUNIT_STATUS_COMMENT_SIZE];
+ /* Saves the last seen test. Useful to help with faults. */
+ struct kunit_loc last_seen;
};
static inline void kunit_set_failure(struct kunit *test)
@@ -567,6 +569,15 @@ void __printf(2, 3) kunit_log_append(struct string_stream *log, const char *fmt,
#define kunit_err(test, fmt, ...) \
kunit_printk(KERN_ERR, test, fmt, ##__VA_ARGS__)
+/*
+ * Must be called at the beginning of each KUNIT_*_ASSERTION().
+ * Cf. KUNIT_CURRENT_LOC.
+ */
+#define _KUNIT_SAVE_LOC(test) do { \
+ WRITE_ONCE(test->last_seen.file, __FILE__); \
+ WRITE_ONCE(test->last_seen.line, __LINE__); \
+} while (0)
+
/**
* KUNIT_SUCCEED() - A no-op expectation. Only exists for code clarity.
* @test: The test context object.
@@ -575,7 +586,7 @@ void __printf(2, 3) kunit_log_append(struct string_stream *log, const char *fmt,
* words, it does nothing and only exists for code clarity. See
* KUNIT_EXPECT_TRUE() for more information.
*/
-#define KUNIT_SUCCEED(test) do {} while (0)
+#define KUNIT_SUCCEED(test) _KUNIT_SAVE_LOC(test)
void __noreturn __kunit_abort(struct kunit *test);
@@ -601,14 +612,16 @@ void __kunit_do_failed_assertion(struct kunit *test,
} while (0)
-#define KUNIT_FAIL_ASSERTION(test, assert_type, fmt, ...) \
+#define KUNIT_FAIL_ASSERTION(test, assert_type, fmt, ...) do { \
+ _KUNIT_SAVE_LOC(test); \
_KUNIT_FAILED(test, \
assert_type, \
kunit_fail_assert, \
kunit_fail_assert_format, \
{}, \
fmt, \
- ##__VA_ARGS__)
+ ##__VA_ARGS__); \
+} while (0)
/**
* KUNIT_FAIL() - Always causes a test to fail when evaluated.
@@ -637,6 +650,7 @@ void __kunit_do_failed_assertion(struct kunit *test,
fmt, \
...) \
do { \
+ _KUNIT_SAVE_LOC(test); \
if (likely(!!(condition_) == !!expected_true_)) \
break; \
\
@@ -698,6 +712,7 @@ do { \
.right_text = #right, \
}; \
\
+ _KUNIT_SAVE_LOC(test); \
if (likely(__left op __right)) \
break; \
\
@@ -758,6 +773,7 @@ do { \
.right_text = #right, \
}; \
\
+ _KUNIT_SAVE_LOC(test); \
if (likely((__left) && (__right) && (strcmp(__left, __right) op 0))) \
break; \
\
@@ -791,6 +807,7 @@ do { \
.right_text = #right, \
}; \
\
+ _KUNIT_SAVE_LOC(test); \
if (likely(__left && __right)) \
if (likely(memcmp(__left, __right, __size) op 0)) \
break; \
@@ -815,6 +832,7 @@ do { \
do { \
const typeof(ptr) __ptr = (ptr); \
\
+ _KUNIT_SAVE_LOC(test); \
if (!IS_ERR_OR_NULL(__ptr)) \
break; \
\
diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
index c6ee4db0b3bd..2ec21c6918f3 100644
--- a/lib/kunit/try-catch.c
+++ b/lib/kunit/try-catch.c
@@ -91,9 +91,13 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
if (exit_code == -EFAULT)
try_catch->try_result = 0;
- else if (exit_code == -EINTR)
- kunit_err(test, "try faulted\n");
- else if (exit_code == -ETIMEDOUT)
+ else if (exit_code == -EINTR) {
+ if (test->last_seen.file)
+ kunit_err(test, "try faulted after %s:%d\n",
+ test->last_seen.file, test->last_seen.line);
+ else
+ kunit_err(test, "try faulted before the first test\n");
+ } else if (exit_code == -ETIMEDOUT)
kunit_err(test, "try timed out\n");
else if (exit_code)
kunit_err(test, "Unknown error: %d\n", exit_code);
--
2.44.0
^ permalink raw reply related [flat|nested] 22+ messages in thread
* [PATCH v2 7/7] kunit: Add tests for fault
2024-03-01 19:40 [PATCH v2 0/7] Handle faults in KUnit tests Mickaël Salaün
` (5 preceding siblings ...)
2024-03-01 19:40 ` [PATCH v2 6/7] kunit: Print last test location on fault Mickaël Salaün
@ 2024-03-01 19:40 ` Mickaël Salaün
2024-03-12 4:54 ` David Gow
6 siblings, 1 reply; 22+ messages in thread
From: Mickaël Salaün @ 2024-03-01 19:40 UTC (permalink / raw
To: Brendan Higgins, David Gow, Kees Cook, Rae Moar, Shuah Khan
Cc: Mickaël Salaün, Alan Maguire, Borislav Petkov,
Dave Hansen, H . Peter Anvin, Ingo Molnar, James Morris,
Luis Chamberlain, Madhavan T . Venkataraman, Marco Pagani,
Paolo Bonzini, Sean Christopherson, Stephen Boyd, Thara Gopinath,
Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li, Zahra Tarkhani,
kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
Add a test case to check NULL pointer dereference and make sure it would
result as a failed test.
The full kunit_fault test suite is marked as skipped when run on UML
because it would result to a kernel panic.
Tested with:
./tools/testing/kunit/kunit.py run --arch x86_64 kunit_fault
./tools/testing/kunit/kunit.py run --arch arm64 \
--cross_compile=aarch64-linux-gnu- kunit_fault
Cc: Brendan Higgins <brendanhiggins@google.com>
Cc: David Gow <davidgow@google.com>
Cc: Rae Moar <rmoar@google.com>
Cc: Shuah Khan <skhan@linuxfoundation.org>
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Link: https://lore.kernel.org/r/20240301194037.532117-8-mic@digikod.net
---
Changes since v1:
* Removed the rodata and const test cases for now.
* Replace CONFIG_X86 check with !CONFIG_UML, and remove the "_x86"
references.
---
lib/kunit/kunit-test.c | 45 +++++++++++++++++++++++++++++++++++++++++-
1 file changed, 44 insertions(+), 1 deletion(-)
diff --git a/lib/kunit/kunit-test.c b/lib/kunit/kunit-test.c
index f7980ef236a3..0fdca5fffaec 100644
--- a/lib/kunit/kunit-test.c
+++ b/lib/kunit/kunit-test.c
@@ -109,6 +109,48 @@ static struct kunit_suite kunit_try_catch_test_suite = {
.test_cases = kunit_try_catch_test_cases,
};
+#ifndef CONFIG_UML
+
+static void kunit_test_null_dereference(void *data)
+{
+ struct kunit *test = data;
+ int *null = NULL;
+
+ *null = 0;
+
+ KUNIT_FAIL(test, "This line should never be reached\n");
+}
+
+static void kunit_test_fault_null_dereference(struct kunit *test)
+{
+ struct kunit_try_catch_test_context *ctx = test->priv;
+ struct kunit_try_catch *try_catch = ctx->try_catch;
+
+ kunit_try_catch_init(try_catch,
+ test,
+ kunit_test_null_dereference,
+ kunit_test_catch);
+ kunit_try_catch_run(try_catch, test);
+
+ KUNIT_EXPECT_EQ(test, try_catch->try_result, -EINTR);
+ KUNIT_EXPECT_TRUE(test, ctx->function_called);
+}
+
+#endif /* !CONFIG_UML */
+
+static struct kunit_case kunit_fault_test_cases[] = {
+#ifndef CONFIG_UML
+ KUNIT_CASE(kunit_test_fault_null_dereference),
+#endif /* !CONFIG_UML */
+ {}
+};
+
+static struct kunit_suite kunit_fault_test_suite = {
+ .name = "kunit_fault",
+ .init = kunit_try_catch_test_init,
+ .test_cases = kunit_fault_test_cases,
+};
+
/*
* Context for testing test managed resources
* is_resource_initialized is used to test arbitrary resources
@@ -826,6 +868,7 @@ static struct kunit_suite kunit_current_test_suite = {
kunit_test_suites(&kunit_try_catch_test_suite, &kunit_resource_test_suite,
&kunit_log_test_suite, &kunit_status_test_suite,
- &kunit_current_test_suite, &kunit_device_test_suite);
+ &kunit_current_test_suite, &kunit_device_test_suite,
+ &kunit_fault_test_suite);
MODULE_LICENSE("GPL v2");
--
2.44.0
^ permalink raw reply related [flat|nested] 22+ messages in thread
* Re: [PATCH v2 1/7] kunit: Handle thread creation error
2024-03-01 19:40 ` [PATCH v2 1/7] kunit: Handle thread creation error Mickaël Salaün
@ 2024-03-05 20:57 ` Rae Moar
2024-03-12 4:53 ` David Gow
1 sibling, 0 replies; 22+ messages in thread
From: Rae Moar @ 2024-03-05 20:57 UTC (permalink / raw
To: Mickaël Salaün
Cc: Brendan Higgins, David Gow, Kees Cook, Shuah Khan, Alan Maguire,
Borislav Petkov, Dave Hansen, H . Peter Anvin, Ingo Molnar,
James Morris, Luis Chamberlain, Madhavan T . Venkataraman,
Marco Pagani, Paolo Bonzini, Sean Christopherson, Stephen Boyd,
Thara Gopinath, Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li,
Zahra Tarkhani, kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
On Fri, Mar 1, 2024 at 2:40 PM Mickaël Salaün <mic@digikod.net> wrote:
>
> Previously, if a thread creation failed (e.g. -ENOMEM), the function was
> called (kunit_catch_run_case or kunit_catch_run_case_cleanup) without
> marking the test as failed. Instead, fill try_result with the error
> code returned by kthread_run(), which will mark the test as failed and
> print "internal error occurred...".
Hello!
I have tested this and this fix looks good to me. Thanks!
-Rae
Reviewed-by: Rae Moar <rmoar@google.com>
>
> Cc: Brendan Higgins <brendanhiggins@google.com>
> Cc: David Gow <davidgow@google.com>
> Cc: Rae Moar <rmoar@google.com>
> Cc: Shuah Khan <skhan@linuxfoundation.org>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> Link: https://lore.kernel.org/r/20240301194037.532117-2-mic@digikod.net
> ---
>
> Changes since v1:
> * Added Kees's Reviewed-by.
> ---
> lib/kunit/try-catch.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
> index f7825991d576..a5cb2ef70a25 100644
> --- a/lib/kunit/try-catch.c
> +++ b/lib/kunit/try-catch.c
> @@ -69,6 +69,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> try_catch,
> "kunit_try_catch_thread");
> if (IS_ERR(task_struct)) {
> + try_catch->try_result = PTR_ERR(task_struct);
> try_catch->catch(try_catch->context);
> return;
> }
> --
> 2.44.0
>
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH v2 2/7] kunit: Fix kthread reference
2024-03-01 19:40 ` [PATCH v2 2/7] kunit: Fix kthread reference Mickaël Salaün
@ 2024-03-05 20:57 ` Rae Moar
2024-03-12 4:53 ` David Gow
1 sibling, 0 replies; 22+ messages in thread
From: Rae Moar @ 2024-03-05 20:57 UTC (permalink / raw
To: Mickaël Salaün
Cc: Brendan Higgins, David Gow, Kees Cook, Shuah Khan, Alan Maguire,
Borislav Petkov, Dave Hansen, H . Peter Anvin, Ingo Molnar,
James Morris, Luis Chamberlain, Madhavan T . Venkataraman,
Marco Pagani, Paolo Bonzini, Sean Christopherson, Stephen Boyd,
Thara Gopinath, Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li,
Zahra Tarkhani, kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
On Fri, Mar 1, 2024 at 2:40 PM Mickaël Salaün <mic@digikod.net> wrote:
>
> There is a race condition when a kthread finishes after the deadline and
> before the call to kthread_stop(), which may lead to use after free.
Hello!
I have tested this patch and it looks good to me.
Thanks!
-Rae
Reviewed-by: Rae Moar <rmoar@google.com>
>
> Cc: Brendan Higgins <brendanhiggins@google.com>
> Cc: David Gow <davidgow@google.com>
> Cc: Rae Moar <rmoar@google.com>
> Cc: Shuah Khan <skhan@linuxfoundation.org>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> Link: https://lore.kernel.org/r/20240301194037.532117-3-mic@digikod.net
> ---
>
> Changes since v1:
> * Added Kees's Reviewed-by.
> ---
> lib/kunit/try-catch.c | 9 ++++++---
> 1 file changed, 6 insertions(+), 3 deletions(-)
>
> diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
> index a5cb2ef70a25..73f5007f20ea 100644
> --- a/lib/kunit/try-catch.c
> +++ b/lib/kunit/try-catch.c
> @@ -11,6 +11,7 @@
> #include <linux/completion.h>
> #include <linux/kernel.h>
> #include <linux/kthread.h>
> +#include <linux/sched/task.h>
>
> #include "try-catch-impl.h"
>
> @@ -65,14 +66,15 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> try_catch->context = context;
> try_catch->try_completion = &try_completion;
> try_catch->try_result = 0;
> - task_struct = kthread_run(kunit_generic_run_threadfn_adapter,
> - try_catch,
> - "kunit_try_catch_thread");
> + task_struct = kthread_create(kunit_generic_run_threadfn_adapter,
> + try_catch, "kunit_try_catch_thread");
> if (IS_ERR(task_struct)) {
> try_catch->try_result = PTR_ERR(task_struct);
> try_catch->catch(try_catch->context);
> return;
> }
> + get_task_struct(task_struct);
> + wake_up_process(task_struct);
>
> time_remaining = wait_for_completion_timeout(&try_completion,
> kunit_test_timeout());
> @@ -82,6 +84,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> kthread_stop(task_struct);
> }
>
> + put_task_struct(task_struct);
> exit_code = try_catch->try_result;
>
> if (!exit_code)
> --
> 2.44.0
>
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH v2 3/7] kunit: Fix timeout message
2024-03-01 19:40 ` [PATCH v2 3/7] kunit: Fix timeout message Mickaël Salaün
@ 2024-03-05 20:58 ` Rae Moar
2024-03-12 4:53 ` David Gow
1 sibling, 0 replies; 22+ messages in thread
From: Rae Moar @ 2024-03-05 20:58 UTC (permalink / raw
To: Mickaël Salaün
Cc: Brendan Higgins, David Gow, Kees Cook, Shuah Khan, Alan Maguire,
Borislav Petkov, Dave Hansen, H . Peter Anvin, Ingo Molnar,
James Morris, Luis Chamberlain, Madhavan T . Venkataraman,
Marco Pagani, Paolo Bonzini, Sean Christopherson, Stephen Boyd,
Thara Gopinath, Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li,
Zahra Tarkhani, kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
On Fri, Mar 1, 2024 at 2:40 PM Mickaël Salaün <mic@digikod.net> wrote:
>
> The exit code is always checked, so let's properly handle the -ETIMEDOUT
> error code.
Hello!
This change looks good to me. Thanks!
-Rae
Reviewed-by: Rae Moar <rmoar@google.com>
>
> Cc: Brendan Higgins <brendanhiggins@google.com>
> Cc: David Gow <davidgow@google.com>
> Cc: Rae Moar <rmoar@google.com>
> Cc: Shuah Khan <skhan@linuxfoundation.org>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> Link: https://lore.kernel.org/r/20240301194037.532117-4-mic@digikod.net
> ---
>
> Changes since v1:
> * Added Kees's Reviewed-by.
> ---
> lib/kunit/try-catch.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
> index 73f5007f20ea..cab8b24b5d5a 100644
> --- a/lib/kunit/try-catch.c
> +++ b/lib/kunit/try-catch.c
> @@ -79,7 +79,6 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> time_remaining = wait_for_completion_timeout(&try_completion,
> kunit_test_timeout());
> if (time_remaining == 0) {
> - kunit_err(test, "try timed out\n");
> try_catch->try_result = -ETIMEDOUT;
> kthread_stop(task_struct);
> }
> @@ -94,6 +93,8 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> try_catch->try_result = 0;
> else if (exit_code == -EINTR)
> kunit_err(test, "wake_up_process() was never called\n");
> + else if (exit_code == -ETIMEDOUT)
> + kunit_err(test, "try timed out\n");
> else if (exit_code)
> kunit_err(test, "Unknown error: %d\n", exit_code);
>
> --
> 2.44.0
>
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH v2 4/7] kunit: Handle test faults
2024-03-01 19:40 ` [PATCH v2 4/7] kunit: Handle test faults Mickaël Salaün
@ 2024-03-11 21:21 ` Rae Moar
2024-03-12 12:15 ` Mickaël Salaün
2024-03-12 5:05 ` David Gow
1 sibling, 1 reply; 22+ messages in thread
From: Rae Moar @ 2024-03-11 21:21 UTC (permalink / raw
To: Mickaël Salaün
Cc: Brendan Higgins, David Gow, Kees Cook, Shuah Khan, Alan Maguire,
Borislav Petkov, Dave Hansen, H . Peter Anvin, Ingo Molnar,
James Morris, Luis Chamberlain, Madhavan T . Venkataraman,
Marco Pagani, Paolo Bonzini, Sean Christopherson, Stephen Boyd,
Thara Gopinath, Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li,
Zahra Tarkhani, kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
On Fri, Mar 1, 2024 at 2:40 PM Mickaël Salaün <mic@digikod.net> wrote:
>
> Previously, when a kernel test thread crashed (e.g. NULL pointer
> dereference, general protection fault), the KUnit test hanged for 30
> seconds and exited with a timeout error.
>
> Fix this issue by waiting on task_struct->vfork_done instead of the
> custom kunit_try_catch.try_completion, and track the execution state by
> initially setting try_result with -EFAULT and only setting it to 0 if
Hello!
Thanks for your patch! This has been tested and seems pretty good to
me but I just have a few questions. First, do you mean here "setting
try_result with -EINTR" instead?
But happy to add the tested-by.
Tested-by: Rae Moar <rmoar@google.com>
Thanks!
-Rae
> the test passed.
>
> Fix kunit_generic_run_threadfn_adapter() signature by returning 0
> instead of calling kthread_complete_and_exit(). Because thread's exit
> code is never checked, always set it to 0 to make it clear.
>
> Fix the -EINTR error message, which couldn't be reached until now.
>
> This is tested with a following patch.
>
> Cc: Brendan Higgins <brendanhiggins@google.com>
> Cc: David Gow <davidgow@google.com>
> Cc: Rae Moar <rmoar@google.com>
> Cc: Shuah Khan <skhan@linuxfoundation.org>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> Link: https://lore.kernel.org/r/20240301194037.532117-5-mic@digikod.net
> ---
>
> Changes since v1:
> * Added Kees's Reviewed-by.
> ---
> include/kunit/try-catch.h | 3 ---
> lib/kunit/try-catch.c | 14 +++++++-------
> 2 files changed, 7 insertions(+), 10 deletions(-)
>
> diff --git a/include/kunit/try-catch.h b/include/kunit/try-catch.h
> index c507dd43119d..7c966a1adbd3 100644
> --- a/include/kunit/try-catch.h
> +++ b/include/kunit/try-catch.h
> @@ -14,13 +14,11 @@
>
> typedef void (*kunit_try_catch_func_t)(void *);
>
> -struct completion;
> struct kunit;
>
> /**
> * struct kunit_try_catch - provides a generic way to run code which might fail.
> * @test: The test case that is currently being executed.
> - * @try_completion: Completion that the control thread waits on while test runs.
> * @try_result: Contains any errno obtained while running test case.
> * @try: The function, the test case, to attempt to run.
> * @catch: The function called if @try bails out.
> @@ -46,7 +44,6 @@ struct kunit;
> struct kunit_try_catch {
> /* private: internal use only. */
> struct kunit *test;
> - struct completion *try_completion;
> int try_result;
> kunit_try_catch_func_t try;
> kunit_try_catch_func_t catch;
> diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
> index cab8b24b5d5a..c6ee4db0b3bd 100644
> --- a/lib/kunit/try-catch.c
> +++ b/lib/kunit/try-catch.c
> @@ -18,7 +18,7 @@
> void __noreturn kunit_try_catch_throw(struct kunit_try_catch *try_catch)
> {
> try_catch->try_result = -EFAULT;
> - kthread_complete_and_exit(try_catch->try_completion, -EFAULT);
> + kthread_exit(0);
> }
> EXPORT_SYMBOL_GPL(kunit_try_catch_throw);
>
> @@ -26,9 +26,12 @@ static int kunit_generic_run_threadfn_adapter(void *data)
> {
> struct kunit_try_catch *try_catch = data;
>
> + try_catch->try_result = -EINTR;
> try_catch->try(try_catch->context);
> + if (try_catch->try_result == -EINTR)
> + try_catch->try_result = 0;
>
> - kthread_complete_and_exit(try_catch->try_completion, 0);
> + return 0;
Really my only question is why we do not need to still do a
kthread_exit(0) here? I realize we are not checking the thread's exit
code but isn't it safer to call kthread_exit(). I'm new to kthread so
I am not too sure.
> }
>
> static unsigned long kunit_test_timeout(void)
> @@ -58,13 +61,11 @@ static unsigned long kunit_test_timeout(void)
>
> void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> {
> - DECLARE_COMPLETION_ONSTACK(try_completion);
> struct kunit *test = try_catch->test;
> struct task_struct *task_struct;
> int exit_code, time_remaining;
>
> try_catch->context = context;
> - try_catch->try_completion = &try_completion;
> try_catch->try_result = 0;
> task_struct = kthread_create(kunit_generic_run_threadfn_adapter,
> try_catch, "kunit_try_catch_thread");
> @@ -75,8 +76,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> }
> get_task_struct(task_struct);
> wake_up_process(task_struct);
> -
> - time_remaining = wait_for_completion_timeout(&try_completion,
> + time_remaining = wait_for_completion_timeout(task_struct->vfork_done,
> kunit_test_timeout());
> if (time_remaining == 0) {
> try_catch->try_result = -ETIMEDOUT;
> @@ -92,7 +92,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> if (exit_code == -EFAULT)
> try_catch->try_result = 0;
> else if (exit_code == -EINTR)
> - kunit_err(test, "wake_up_process() was never called\n");
> + kunit_err(test, "try faulted\n");
> else if (exit_code == -ETIMEDOUT)
> kunit_err(test, "try timed out\n");
> else if (exit_code)
> --
> 2.44.0
>
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH v2 1/7] kunit: Handle thread creation error
2024-03-01 19:40 ` [PATCH v2 1/7] kunit: Handle thread creation error Mickaël Salaün
2024-03-05 20:57 ` Rae Moar
@ 2024-03-12 4:53 ` David Gow
1 sibling, 0 replies; 22+ messages in thread
From: David Gow @ 2024-03-12 4:53 UTC (permalink / raw
To: Mickaël Salaün
Cc: Brendan Higgins, Kees Cook, Rae Moar, Shuah Khan, Alan Maguire,
Borislav Petkov, Dave Hansen, H . Peter Anvin, Ingo Molnar,
James Morris, Luis Chamberlain, Madhavan T . Venkataraman,
Marco Pagani, Paolo Bonzini, Sean Christopherson, Stephen Boyd,
Thara Gopinath, Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li,
Zahra Tarkhani, kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
[-- Attachment #1: Type: text/plain, Size: 1606 bytes --]
On Sat, 2 Mar 2024 at 03:40, Mickaël Salaün <mic@digikod.net> wrote:
>
> Previously, if a thread creation failed (e.g. -ENOMEM), the function was
> called (kunit_catch_run_case or kunit_catch_run_case_cleanup) without
> marking the test as failed. Instead, fill try_result with the error
> code returned by kthread_run(), which will mark the test as failed and
> print "internal error occurred...".
>
> Cc: Brendan Higgins <brendanhiggins@google.com>
> Cc: David Gow <davidgow@google.com>
> Cc: Rae Moar <rmoar@google.com>
> Cc: Shuah Khan <skhan@linuxfoundation.org>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> Link: https://lore.kernel.org/r/20240301194037.532117-2-mic@digikod.net
> ---
>
> Changes since v1:
> * Added Kees's Reviewed-by.
> ---
Thanks for catching this!
Reviewed-by: David Gow <davidgow@google.com>
Thanks,
-- David
-- David
> lib/kunit/try-catch.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
> index f7825991d576..a5cb2ef70a25 100644
> --- a/lib/kunit/try-catch.c
> +++ b/lib/kunit/try-catch.c
> @@ -69,6 +69,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> try_catch,
> "kunit_try_catch_thread");
> if (IS_ERR(task_struct)) {
> + try_catch->try_result = PTR_ERR(task_struct);
> try_catch->catch(try_catch->context);
> return;
> }
> --
> 2.44.0
>
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 4014 bytes --]
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH v2 2/7] kunit: Fix kthread reference
2024-03-01 19:40 ` [PATCH v2 2/7] kunit: Fix kthread reference Mickaël Salaün
2024-03-05 20:57 ` Rae Moar
@ 2024-03-12 4:53 ` David Gow
1 sibling, 0 replies; 22+ messages in thread
From: David Gow @ 2024-03-12 4:53 UTC (permalink / raw
To: Mickaël Salaün
Cc: Brendan Higgins, Kees Cook, Rae Moar, Shuah Khan, Alan Maguire,
Borislav Petkov, Dave Hansen, H . Peter Anvin, Ingo Molnar,
James Morris, Luis Chamberlain, Madhavan T . Venkataraman,
Marco Pagani, Paolo Bonzini, Sean Christopherson, Stephen Boyd,
Thara Gopinath, Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li,
Zahra Tarkhani, kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
[-- Attachment #1: Type: text/plain, Size: 2674 bytes --]
On Sat, 2 Mar 2024 at 03:40, Mickaël Salaün <mic@digikod.net> wrote:
>
> There is a race condition when a kthread finishes after the deadline and
> before the call to kthread_stop(), which may lead to use after free.
>
> Cc: Brendan Higgins <brendanhiggins@google.com>
> Cc: David Gow <davidgow@google.com>
> Cc: Rae Moar <rmoar@google.com>
> Cc: Shuah Khan <skhan@linuxfoundation.org>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> Link: https://lore.kernel.org/r/20240301194037.532117-3-mic@digikod.net
> ---
Thanks: I've never been unlucky enough to hit this, but it's definitely a bug.
We should ideally mark it with a fixes tag:
Fixes: adf505457032 ("kunit: fix UAF when run kfence test case test_gfpzero")
Reviewed-by: David Gow <davidgow@google.com>
Cheers,
-- David
>
> Changes since v1:
> * Added Kees's Reviewed-by.
> ---
> lib/kunit/try-catch.c | 9 ++++++---
> 1 file changed, 6 insertions(+), 3 deletions(-)
>
> diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
> index a5cb2ef70a25..73f5007f20ea 100644
> --- a/lib/kunit/try-catch.c
> +++ b/lib/kunit/try-catch.c
> @@ -11,6 +11,7 @@
> #include <linux/completion.h>
> #include <linux/kernel.h>
> #include <linux/kthread.h>
> +#include <linux/sched/task.h>
>
> #include "try-catch-impl.h"
>
> @@ -65,14 +66,15 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> try_catch->context = context;
> try_catch->try_completion = &try_completion;
> try_catch->try_result = 0;
> - task_struct = kthread_run(kunit_generic_run_threadfn_adapter,
> - try_catch,
> - "kunit_try_catch_thread");
> + task_struct = kthread_create(kunit_generic_run_threadfn_adapter,
> + try_catch, "kunit_try_catch_thread");
> if (IS_ERR(task_struct)) {
> try_catch->try_result = PTR_ERR(task_struct);
> try_catch->catch(try_catch->context);
> return;
> }
> + get_task_struct(task_struct);
> + wake_up_process(task_struct);
>
> time_remaining = wait_for_completion_timeout(&try_completion,
> kunit_test_timeout());
> @@ -82,6 +84,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> kthread_stop(task_struct);
> }
>
> + put_task_struct(task_struct);
> exit_code = try_catch->try_result;
>
> if (!exit_code)
> --
> 2.44.0
>
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 4014 bytes --]
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH v2 3/7] kunit: Fix timeout message
2024-03-01 19:40 ` [PATCH v2 3/7] kunit: Fix timeout message Mickaël Salaün
2024-03-05 20:58 ` Rae Moar
@ 2024-03-12 4:53 ` David Gow
1 sibling, 0 replies; 22+ messages in thread
From: David Gow @ 2024-03-12 4:53 UTC (permalink / raw
To: Mickaël Salaün
Cc: Brendan Higgins, Kees Cook, Rae Moar, Shuah Khan, Alan Maguire,
Borislav Petkov, Dave Hansen, H . Peter Anvin, Ingo Molnar,
James Morris, Luis Chamberlain, Madhavan T . Venkataraman,
Marco Pagani, Paolo Bonzini, Sean Christopherson, Stephen Boyd,
Thara Gopinath, Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li,
Zahra Tarkhani, kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
[-- Attachment #1: Type: text/plain, Size: 2034 bytes --]
On Sat, 2 Mar 2024 at 03:40, Mickaël Salaün <mic@digikod.net> wrote:
>
> The exit code is always checked, so let's properly handle the -ETIMEDOUT
> error code.
>
> Cc: Brendan Higgins <brendanhiggins@google.com>
> Cc: David Gow <davidgow@google.com>
> Cc: Rae Moar <rmoar@google.com>
> Cc: Shuah Khan <skhan@linuxfoundation.org>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> Link: https://lore.kernel.org/r/20240301194037.532117-4-mic@digikod.net
> ---
This looks good to me. It might make sense to use a switch statement
rather than a change of else-ifs if we end up handling more errors in
the future, but this is fine for now.
Reviewed-by: David Gow <davidgow@google.com>
Cheers,
-- David
>
> Changes since v1:
> * Added Kees's Reviewed-by.
> ---
> lib/kunit/try-catch.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
> index 73f5007f20ea..cab8b24b5d5a 100644
> --- a/lib/kunit/try-catch.c
> +++ b/lib/kunit/try-catch.c
> @@ -79,7 +79,6 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> time_remaining = wait_for_completion_timeout(&try_completion,
> kunit_test_timeout());
> if (time_remaining == 0) {
> - kunit_err(test, "try timed out\n");
> try_catch->try_result = -ETIMEDOUT;
> kthread_stop(task_struct);
> }
> @@ -94,6 +93,8 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> try_catch->try_result = 0;
> else if (exit_code == -EINTR)
> kunit_err(test, "wake_up_process() was never called\n");
> + else if (exit_code == -ETIMEDOUT)
> + kunit_err(test, "try timed out\n");
> else if (exit_code)
> kunit_err(test, "Unknown error: %d\n", exit_code);
>
> --
> 2.44.0
>
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 4014 bytes --]
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH v2 5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests
2024-03-01 19:40 ` [PATCH v2 5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests Mickaël Salaün
@ 2024-03-12 4:54 ` David Gow
0 siblings, 0 replies; 22+ messages in thread
From: David Gow @ 2024-03-12 4:54 UTC (permalink / raw
To: Mickaël Salaün
Cc: Brendan Higgins, Kees Cook, Rae Moar, Shuah Khan, Alan Maguire,
Borislav Petkov, Dave Hansen, H . Peter Anvin, Ingo Molnar,
James Morris, Luis Chamberlain, Madhavan T . Venkataraman,
Marco Pagani, Paolo Bonzini, Sean Christopherson, Stephen Boyd,
Thara Gopinath, Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li,
Zahra Tarkhani, kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
[-- Attachment #1: Type: text/plain, Size: 3299 bytes --]
On Sat, 2 Mar 2024 at 03:40, Mickaël Salaün <mic@digikod.net> wrote:
>
> Fix KUNIT_SUCCESS() calls to pass a test argument.
>
> This is a no-op for now because this macro does nothing, but it will be
> required for the next commit.
>
> Cc: Brendan Higgins <brendanhiggins@google.com>
> Cc: David Gow <davidgow@google.com>
> Cc: Rae Moar <rmoar@google.com>
> Cc: Shuah Khan <skhan@linuxfoundation.org>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> Link: https://lore.kernel.org/r/20240301194037.532117-6-mic@digikod.net
> ---
This is a pretty straightforward fix.
I'm actually a bit surprised how many tests were actually using
KUNIT_SUCCEEDED().
Reviewed-by: David Gow <davidgow@google.com>
Thanks,
-- David
-- David
>
> Changes since v1:
> * Added Kees's Reviewed-by.
> ---
> lib/kunit_iov_iter.c | 18 +++++++++---------
> 1 file changed, 9 insertions(+), 9 deletions(-)
>
> diff --git a/lib/kunit_iov_iter.c b/lib/kunit_iov_iter.c
> index 859b67c4d697..27e0c8ee71d8 100644
> --- a/lib/kunit_iov_iter.c
> +++ b/lib/kunit_iov_iter.c
> @@ -139,7 +139,7 @@ static void __init iov_kunit_copy_to_kvec(struct kunit *test)
> return;
> }
>
> - KUNIT_SUCCEED();
> + KUNIT_SUCCEED(test);
> }
>
> /*
> @@ -194,7 +194,7 @@ static void __init iov_kunit_copy_from_kvec(struct kunit *test)
> return;
> }
>
> - KUNIT_SUCCEED();
> + KUNIT_SUCCEED(test);
> }
>
> struct bvec_test_range {
> @@ -302,7 +302,7 @@ static void __init iov_kunit_copy_to_bvec(struct kunit *test)
> return;
> }
>
> - KUNIT_SUCCEED();
> + KUNIT_SUCCEED(test);
> }
>
> /*
> @@ -359,7 +359,7 @@ static void __init iov_kunit_copy_from_bvec(struct kunit *test)
> return;
> }
>
> - KUNIT_SUCCEED();
> + KUNIT_SUCCEED(test);
> }
>
> static void iov_kunit_destroy_xarray(void *data)
> @@ -453,7 +453,7 @@ static void __init iov_kunit_copy_to_xarray(struct kunit *test)
> return;
> }
>
> - KUNIT_SUCCEED();
> + KUNIT_SUCCEED(test);
> }
>
> /*
> @@ -516,7 +516,7 @@ static void __init iov_kunit_copy_from_xarray(struct kunit *test)
> return;
> }
>
> - KUNIT_SUCCEED();
> + KUNIT_SUCCEED(test);
> }
>
> /*
> @@ -596,7 +596,7 @@ static void __init iov_kunit_extract_pages_kvec(struct kunit *test)
> stop:
> KUNIT_EXPECT_EQ(test, size, 0);
> KUNIT_EXPECT_EQ(test, iter.count, 0);
> - KUNIT_SUCCEED();
> + KUNIT_SUCCEED(test);
> }
>
> /*
> @@ -674,7 +674,7 @@ static void __init iov_kunit_extract_pages_bvec(struct kunit *test)
> stop:
> KUNIT_EXPECT_EQ(test, size, 0);
> KUNIT_EXPECT_EQ(test, iter.count, 0);
> - KUNIT_SUCCEED();
> + KUNIT_SUCCEED(test);
> }
>
> /*
> @@ -753,7 +753,7 @@ static void __init iov_kunit_extract_pages_xarray(struct kunit *test)
> }
>
> stop:
> - KUNIT_SUCCEED();
> + KUNIT_SUCCEED(test);
> }
>
> static struct kunit_case __refdata iov_kunit_cases[] = {
> --
> 2.44.0
>
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 4014 bytes --]
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH v2 6/7] kunit: Print last test location on fault
2024-03-01 19:40 ` [PATCH v2 6/7] kunit: Print last test location on fault Mickaël Salaün
@ 2024-03-12 4:54 ` David Gow
2024-03-12 12:15 ` Mickaël Salaün
0 siblings, 1 reply; 22+ messages in thread
From: David Gow @ 2024-03-12 4:54 UTC (permalink / raw
To: Mickaël Salaün
Cc: Brendan Higgins, Kees Cook, Rae Moar, Shuah Khan, Alan Maguire,
Borislav Petkov, Dave Hansen, H . Peter Anvin, Ingo Molnar,
James Morris, Luis Chamberlain, Madhavan T . Venkataraman,
Marco Pagani, Paolo Bonzini, Sean Christopherson, Stephen Boyd,
Thara Gopinath, Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li,
Zahra Tarkhani, kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
[-- Attachment #1: Type: text/plain, Size: 9294 bytes --]
On Sat, 2 Mar 2024 at 03:40, Mickaël Salaün <mic@digikod.net> wrote:
>
> This helps identify the location of test faults.
>
> Cc: Brendan Higgins <brendanhiggins@google.com>
> Cc: David Gow <davidgow@google.com>
> Cc: Rae Moar <rmoar@google.com>
> Cc: Shuah Khan <skhan@linuxfoundation.org>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> Link: https://lore.kernel.org/r/20240301194037.532117-7-mic@digikod.net
> ---
I like the idea of this, but am a little bit worried about how
confusing it might be, given that the location only updates on those
particular macros.
Maybe the answer is to make the __KUNIT_SAVE_LOC() macro, or something
equivalent, a supported API.
One possibility would be to have a KUNIT_MARKER() macro. If we really
wanted to, we could expand it to take a string so we can have a more
user-friendly KUNIT_MARKER(test, "parsing packet") description of
where things went wrong. Another could be to extend this to use the
code tagging framework[1], if that lands.
That being said, I think this is still an improvement without any of
those features. I've left a few comments below. Let me know what you
think.
Cheers,
-- David
[1]: https://lwn.net/Articles/906660/
>
> Changes since v1:
> * Added Kees's Reviewed-by.
> ---
> include/kunit/test.h | 24 +++++++++++++++++++++---
> lib/kunit/try-catch.c | 10 +++++++---
> 2 files changed, 28 insertions(+), 6 deletions(-)
>
> diff --git a/include/kunit/test.h b/include/kunit/test.h
> index fcb4a4940ace..f3aa66eb0087 100644
> --- a/include/kunit/test.h
> +++ b/include/kunit/test.h
> @@ -301,6 +301,8 @@ struct kunit {
> struct list_head resources; /* Protected by lock. */
>
> char status_comment[KUNIT_STATUS_COMMENT_SIZE];
> + /* Saves the last seen test. Useful to help with faults. */
> + struct kunit_loc last_seen;
> };
>
> static inline void kunit_set_failure(struct kunit *test)
> @@ -567,6 +569,15 @@ void __printf(2, 3) kunit_log_append(struct string_stream *log, const char *fmt,
> #define kunit_err(test, fmt, ...) \
> kunit_printk(KERN_ERR, test, fmt, ##__VA_ARGS__)
>
> +/*
> + * Must be called at the beginning of each KUNIT_*_ASSERTION().
> + * Cf. KUNIT_CURRENT_LOC.
> + */
> +#define _KUNIT_SAVE_LOC(test) do { \
> + WRITE_ONCE(test->last_seen.file, __FILE__); \
> + WRITE_ONCE(test->last_seen.line, __LINE__); \
> +} while (0)
Can we get rid of the leading '_', make this public, and document it?
If we want to rename it to KUNIT_MARKER() or similar, that might work
better, too.
> +
> /**
> * KUNIT_SUCCEED() - A no-op expectation. Only exists for code clarity.
> * @test: The test context object.
> @@ -575,7 +586,7 @@ void __printf(2, 3) kunit_log_append(struct string_stream *log, const char *fmt,
> * words, it does nothing and only exists for code clarity. See
> * KUNIT_EXPECT_TRUE() for more information.
> */
> -#define KUNIT_SUCCEED(test) do {} while (0)
> +#define KUNIT_SUCCEED(test) _KUNIT_SAVE_LOC(test)
>
> void __noreturn __kunit_abort(struct kunit *test);
>
> @@ -601,14 +612,16 @@ void __kunit_do_failed_assertion(struct kunit *test,
> } while (0)
>
>
> -#define KUNIT_FAIL_ASSERTION(test, assert_type, fmt, ...) \
> +#define KUNIT_FAIL_ASSERTION(test, assert_type, fmt, ...) do { \
> + _KUNIT_SAVE_LOC(test); \
> _KUNIT_FAILED(test, \
> assert_type, \
> kunit_fail_assert, \
> kunit_fail_assert_format, \
> {}, \
> fmt, \
> - ##__VA_ARGS__)
> + ##__VA_ARGS__); \
> +} while (0)
>
> /**
> * KUNIT_FAIL() - Always causes a test to fail when evaluated.
> @@ -637,6 +650,7 @@ void __kunit_do_failed_assertion(struct kunit *test,
> fmt, \
> ...) \
> do { \
> + _KUNIT_SAVE_LOC(test); \
> if (likely(!!(condition_) == !!expected_true_)) \
> break; \
> \
> @@ -698,6 +712,7 @@ do { \
> .right_text = #right, \
> }; \
> \
> + _KUNIT_SAVE_LOC(test); \
> if (likely(__left op __right)) \
> break; \
> \
> @@ -758,6 +773,7 @@ do { \
> .right_text = #right, \
> }; \
> \
> + _KUNIT_SAVE_LOC(test); \
> if (likely((__left) && (__right) && (strcmp(__left, __right) op 0))) \
> break; \
> \
> @@ -791,6 +807,7 @@ do { \
> .right_text = #right, \
> }; \
> \
> + _KUNIT_SAVE_LOC(test); \
> if (likely(__left && __right)) \
> if (likely(memcmp(__left, __right, __size) op 0)) \
> break; \
> @@ -815,6 +832,7 @@ do { \
> do { \
> const typeof(ptr) __ptr = (ptr); \
> \
> + _KUNIT_SAVE_LOC(test); \
> if (!IS_ERR_OR_NULL(__ptr)) \
> break; \
> \
> diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
> index c6ee4db0b3bd..2ec21c6918f3 100644
> --- a/lib/kunit/try-catch.c
> +++ b/lib/kunit/try-catch.c
> @@ -91,9 +91,13 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
>
> if (exit_code == -EFAULT)
> try_catch->try_result = 0;
> - else if (exit_code == -EINTR)
> - kunit_err(test, "try faulted\n");
> - else if (exit_code == -ETIMEDOUT)
> + else if (exit_code == -EINTR) {
> + if (test->last_seen.file)
> + kunit_err(test, "try faulted after %s:%d\n",
> + test->last_seen.file, test->last_seen.line);
It's possibly a bit confusing to just say "after file:line",
particularly if we then loop or call a function "higher up" in the
file. Maybe something like "try faulted: last line seen %s:%d" is
clearer.
> + else
> + kunit_err(test, "try faulted before the first test\n");
I don't like using "test" here, as it introduces ambiguity between
"kunit tests" and "assertions/expectations" if we call them both
tests. Maybe just "try faulted" here, or "try faulted (no markers
seen)" or similar?
> + } else if (exit_code == -ETIMEDOUT)
> kunit_err(test, "try timed out\n");
> else if (exit_code)
> kunit_err(test, "Unknown error: %d\n", exit_code);
> --
> 2.44.0
>
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 4014 bytes --]
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH v2 7/7] kunit: Add tests for fault
2024-03-01 19:40 ` [PATCH v2 7/7] kunit: Add tests for fault Mickaël Salaün
@ 2024-03-12 4:54 ` David Gow
0 siblings, 0 replies; 22+ messages in thread
From: David Gow @ 2024-03-12 4:54 UTC (permalink / raw
To: Mickaël Salaün
Cc: Brendan Higgins, Kees Cook, Rae Moar, Shuah Khan, Alan Maguire,
Borislav Petkov, Dave Hansen, H . Peter Anvin, Ingo Molnar,
James Morris, Luis Chamberlain, Madhavan T . Venkataraman,
Marco Pagani, Paolo Bonzini, Sean Christopherson, Stephen Boyd,
Thara Gopinath, Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li,
Zahra Tarkhani, kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
[-- Attachment #1: Type: text/plain, Size: 3663 bytes --]
On Sat, 2 Mar 2024 at 03:40, Mickaël Salaün <mic@digikod.net> wrote:
>
> Add a test case to check NULL pointer dereference and make sure it would
> result as a failed test.
>
> The full kunit_fault test suite is marked as skipped when run on UML
> because it would result to a kernel panic.
>
> Tested with:
> ./tools/testing/kunit/kunit.py run --arch x86_64 kunit_fault
> ./tools/testing/kunit/kunit.py run --arch arm64 \
> --cross_compile=aarch64-linux-gnu- kunit_fault
>
> Cc: Brendan Higgins <brendanhiggins@google.com>
> Cc: David Gow <davidgow@google.com>
> Cc: Rae Moar <rmoar@google.com>
> Cc: Shuah Khan <skhan@linuxfoundation.org>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> Link: https://lore.kernel.org/r/20240301194037.532117-8-mic@digikod.net
> ---
>
> Changes since v1:
> * Removed the rodata and const test cases for now.
> * Replace CONFIG_X86 check with !CONFIG_UML, and remove the "_x86"
> references.
> ---
I think UML _should_ be able to handle this with signal handlers, but
I tested it and agree that it's broken, so disabling for now makes
sense.
In general, I'd prefer to have an empty test which SKIP()s here, but
since the suite is empty, KUnit does that anyway, so this is fine.
Reviewed-by: David Gow <davidgow@google.com>
Cheers,
-- David
> lib/kunit/kunit-test.c | 45 +++++++++++++++++++++++++++++++++++++++++-
> 1 file changed, 44 insertions(+), 1 deletion(-)
>
> diff --git a/lib/kunit/kunit-test.c b/lib/kunit/kunit-test.c
> index f7980ef236a3..0fdca5fffaec 100644
> --- a/lib/kunit/kunit-test.c
> +++ b/lib/kunit/kunit-test.c
> @@ -109,6 +109,48 @@ static struct kunit_suite kunit_try_catch_test_suite = {
> .test_cases = kunit_try_catch_test_cases,
> };
>
> +#ifndef CONFIG_UML
> +
> +static void kunit_test_null_dereference(void *data)
> +{
> + struct kunit *test = data;
> + int *null = NULL;
> +
> + *null = 0;
> +
> + KUNIT_FAIL(test, "This line should never be reached\n");
> +}
> +
> +static void kunit_test_fault_null_dereference(struct kunit *test)
> +{
> + struct kunit_try_catch_test_context *ctx = test->priv;
> + struct kunit_try_catch *try_catch = ctx->try_catch;
> +
> + kunit_try_catch_init(try_catch,
> + test,
> + kunit_test_null_dereference,
> + kunit_test_catch);
> + kunit_try_catch_run(try_catch, test);
> +
> + KUNIT_EXPECT_EQ(test, try_catch->try_result, -EINTR);
> + KUNIT_EXPECT_TRUE(test, ctx->function_called);
> +}
> +
> +#endif /* !CONFIG_UML */
> +
> +static struct kunit_case kunit_fault_test_cases[] = {
> +#ifndef CONFIG_UML
> + KUNIT_CASE(kunit_test_fault_null_dereference),
> +#endif /* !CONFIG_UML */
> + {}
> +};
> +
> +static struct kunit_suite kunit_fault_test_suite = {
> + .name = "kunit_fault",
> + .init = kunit_try_catch_test_init,
> + .test_cases = kunit_fault_test_cases,
> +};
> +
> /*
> * Context for testing test managed resources
> * is_resource_initialized is used to test arbitrary resources
> @@ -826,6 +868,7 @@ static struct kunit_suite kunit_current_test_suite = {
>
> kunit_test_suites(&kunit_try_catch_test_suite, &kunit_resource_test_suite,
> &kunit_log_test_suite, &kunit_status_test_suite,
> - &kunit_current_test_suite, &kunit_device_test_suite);
> + &kunit_current_test_suite, &kunit_device_test_suite,
> + &kunit_fault_test_suite);
>
> MODULE_LICENSE("GPL v2");
> --
> 2.44.0
>
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 4014 bytes --]
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH v2 4/7] kunit: Handle test faults
2024-03-01 19:40 ` [PATCH v2 4/7] kunit: Handle test faults Mickaël Salaün
2024-03-11 21:21 ` Rae Moar
@ 2024-03-12 5:05 ` David Gow
2024-03-12 12:15 ` Mickaël Salaün
1 sibling, 1 reply; 22+ messages in thread
From: David Gow @ 2024-03-12 5:05 UTC (permalink / raw
To: Mickaël Salaün
Cc: Brendan Higgins, Kees Cook, Rae Moar, Shuah Khan, Alan Maguire,
Borislav Petkov, Dave Hansen, H . Peter Anvin, Ingo Molnar,
James Morris, Luis Chamberlain, Madhavan T . Venkataraman,
Marco Pagani, Paolo Bonzini, Sean Christopherson, Stephen Boyd,
Thara Gopinath, Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li,
Zahra Tarkhani, kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
[-- Attachment #1: Type: text/plain, Size: 5730 bytes --]
On Sat, 2 Mar 2024 at 03:40, Mickaël Salaün <mic@digikod.net> wrote:
>
> Previously, when a kernel test thread crashed (e.g. NULL pointer
> dereference, general protection fault), the KUnit test hanged for 30
> seconds and exited with a timeout error.
>
> Fix this issue by waiting on task_struct->vfork_done instead of the
> custom kunit_try_catch.try_completion, and track the execution state by
> initially setting try_result with -EFAULT and only setting it to 0 if
> the test passed.
>
> Fix kunit_generic_run_threadfn_adapter() signature by returning 0
> instead of calling kthread_complete_and_exit(). Because thread's exit
> code is never checked, always set it to 0 to make it clear.
>
> Fix the -EINTR error message, which couldn't be reached until now.
>
> This is tested with a following patch.
>
> Cc: Brendan Higgins <brendanhiggins@google.com>
> Cc: David Gow <davidgow@google.com>
> Cc: Rae Moar <rmoar@google.com>
> Cc: Shuah Khan <skhan@linuxfoundation.org>
> Reviewed-by: Kees Cook <keescook@chromium.org>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> Link: https://lore.kernel.org/r/20240301194037.532117-5-mic@digikod.net
> ---
This works fine here, and looks good.
The use of task_struct->vfork_done is a bit confusing, as there's no
documentation (that I could find) about what vfork_done means for
kthreads. From the code, it looks to just be a copy of
kthread->exited, which is much more obvious a name.
Would it make sense to either (a) replace this with a call to
to_kthread(), and kthread->exited, or (b) add a comment explaining
what vfork_done means here. kthread_stop() itself is using
to_kthread() and kthread->exited -- even though task_struct is also
there -- so I'd feel a bit more comfortable with that option.
Otherwise,
Reviewed-by: David Gow <davidgow@google.com>
Cheers,
-- David
>
> Changes since v1:
> * Added Kees's Reviewed-by.
> ---
> include/kunit/try-catch.h | 3 ---
> lib/kunit/try-catch.c | 14 +++++++-------
> 2 files changed, 7 insertions(+), 10 deletions(-)
>
> diff --git a/include/kunit/try-catch.h b/include/kunit/try-catch.h
> index c507dd43119d..7c966a1adbd3 100644
> --- a/include/kunit/try-catch.h
> +++ b/include/kunit/try-catch.h
> @@ -14,13 +14,11 @@
>
> typedef void (*kunit_try_catch_func_t)(void *);
>
> -struct completion;
> struct kunit;
>
> /**
> * struct kunit_try_catch - provides a generic way to run code which might fail.
> * @test: The test case that is currently being executed.
> - * @try_completion: Completion that the control thread waits on while test runs.
> * @try_result: Contains any errno obtained while running test case.
> * @try: The function, the test case, to attempt to run.
> * @catch: The function called if @try bails out.
> @@ -46,7 +44,6 @@ struct kunit;
> struct kunit_try_catch {
> /* private: internal use only. */
> struct kunit *test;
> - struct completion *try_completion;
> int try_result;
> kunit_try_catch_func_t try;
> kunit_try_catch_func_t catch;
> diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
> index cab8b24b5d5a..c6ee4db0b3bd 100644
> --- a/lib/kunit/try-catch.c
> +++ b/lib/kunit/try-catch.c
> @@ -18,7 +18,7 @@
> void __noreturn kunit_try_catch_throw(struct kunit_try_catch *try_catch)
> {
> try_catch->try_result = -EFAULT;
> - kthread_complete_and_exit(try_catch->try_completion, -EFAULT);
> + kthread_exit(0);
> }
> EXPORT_SYMBOL_GPL(kunit_try_catch_throw);
>
> @@ -26,9 +26,12 @@ static int kunit_generic_run_threadfn_adapter(void *data)
> {
> struct kunit_try_catch *try_catch = data;
>
> + try_catch->try_result = -EINTR;
> try_catch->try(try_catch->context);
> + if (try_catch->try_result == -EINTR)
> + try_catch->try_result = 0;
>
> - kthread_complete_and_exit(try_catch->try_completion, 0);
> + return 0;
> }
>
> static unsigned long kunit_test_timeout(void)
> @@ -58,13 +61,11 @@ static unsigned long kunit_test_timeout(void)
>
> void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> {
> - DECLARE_COMPLETION_ONSTACK(try_completion);
> struct kunit *test = try_catch->test;
> struct task_struct *task_struct;
> int exit_code, time_remaining;
>
> try_catch->context = context;
> - try_catch->try_completion = &try_completion;
> try_catch->try_result = 0;
> task_struct = kthread_create(kunit_generic_run_threadfn_adapter,
> try_catch, "kunit_try_catch_thread");
> @@ -75,8 +76,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> }
> get_task_struct(task_struct);
> wake_up_process(task_struct);
> -
> - time_remaining = wait_for_completion_timeout(&try_completion,
> + time_remaining = wait_for_completion_timeout(task_struct->vfork_done,
> kunit_test_timeout());
> if (time_remaining == 0) {
> try_catch->try_result = -ETIMEDOUT;
> @@ -92,7 +92,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> if (exit_code == -EFAULT)
> try_catch->try_result = 0;
> else if (exit_code == -EINTR)
> - kunit_err(test, "wake_up_process() was never called\n");
> + kunit_err(test, "try faulted\n");
> else if (exit_code == -ETIMEDOUT)
> kunit_err(test, "try timed out\n");
> else if (exit_code)
> --
> 2.44.0
>
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 4014 bytes --]
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH v2 4/7] kunit: Handle test faults
2024-03-11 21:21 ` Rae Moar
@ 2024-03-12 12:15 ` Mickaël Salaün
0 siblings, 0 replies; 22+ messages in thread
From: Mickaël Salaün @ 2024-03-12 12:15 UTC (permalink / raw
To: Rae Moar
Cc: Brendan Higgins, David Gow, Kees Cook, Shuah Khan, Alan Maguire,
Borislav Petkov, Dave Hansen, H . Peter Anvin, Ingo Molnar,
James Morris, Luis Chamberlain, Madhavan T . Venkataraman,
Marco Pagani, Paolo Bonzini, Sean Christopherson, Stephen Boyd,
Thara Gopinath, Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li,
Zahra Tarkhani, kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
On Mon, Mar 11, 2024 at 05:21:11PM -0400, Rae Moar wrote:
> On Fri, Mar 1, 2024 at 2:40 PM Mickaël Salaün <mic@digikod.net> wrote:
> >
> > Previously, when a kernel test thread crashed (e.g. NULL pointer
> > dereference, general protection fault), the KUnit test hanged for 30
> > seconds and exited with a timeout error.
> >
> > Fix this issue by waiting on task_struct->vfork_done instead of the
> > custom kunit_try_catch.try_completion, and track the execution state by
> > initially setting try_result with -EFAULT and only setting it to 0 if
>
> Hello!
>
> Thanks for your patch! This has been tested and seems pretty good to
> me but I just have a few questions. First, do you mean here "setting
> try_result with -EINTR" instead?
Good catch, I indeed meant -EINTR.
>
> But happy to add the tested-by.
>
> Tested-by: Rae Moar <rmoar@google.com>
>
> Thanks!
> -Rae
>
> > the test passed.
> >
> > Fix kunit_generic_run_threadfn_adapter() signature by returning 0
> > instead of calling kthread_complete_and_exit(). Because thread's exit
> > code is never checked, always set it to 0 to make it clear.
> >
> > Fix the -EINTR error message, which couldn't be reached until now.
> >
> > This is tested with a following patch.
> >
> > Cc: Brendan Higgins <brendanhiggins@google.com>
> > Cc: David Gow <davidgow@google.com>
> > Cc: Rae Moar <rmoar@google.com>
> > Cc: Shuah Khan <skhan@linuxfoundation.org>
> > Reviewed-by: Kees Cook <keescook@chromium.org>
> > Signed-off-by: Mickaël Salaün <mic@digikod.net>
> > Link: https://lore.kernel.org/r/20240301194037.532117-5-mic@digikod.net
> > ---
> >
> > Changes since v1:
> > * Added Kees's Reviewed-by.
> > ---
> > include/kunit/try-catch.h | 3 ---
> > lib/kunit/try-catch.c | 14 +++++++-------
> > 2 files changed, 7 insertions(+), 10 deletions(-)
> >
> > diff --git a/include/kunit/try-catch.h b/include/kunit/try-catch.h
> > index c507dd43119d..7c966a1adbd3 100644
> > --- a/include/kunit/try-catch.h
> > +++ b/include/kunit/try-catch.h
> > @@ -14,13 +14,11 @@
> >
> > typedef void (*kunit_try_catch_func_t)(void *);
> >
> > -struct completion;
> > struct kunit;
> >
> > /**
> > * struct kunit_try_catch - provides a generic way to run code which might fail.
> > * @test: The test case that is currently being executed.
> > - * @try_completion: Completion that the control thread waits on while test runs.
> > * @try_result: Contains any errno obtained while running test case.
> > * @try: The function, the test case, to attempt to run.
> > * @catch: The function called if @try bails out.
> > @@ -46,7 +44,6 @@ struct kunit;
> > struct kunit_try_catch {
> > /* private: internal use only. */
> > struct kunit *test;
> > - struct completion *try_completion;
> > int try_result;
> > kunit_try_catch_func_t try;
> > kunit_try_catch_func_t catch;
> > diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
> > index cab8b24b5d5a..c6ee4db0b3bd 100644
> > --- a/lib/kunit/try-catch.c
> > +++ b/lib/kunit/try-catch.c
> > @@ -18,7 +18,7 @@
> > void __noreturn kunit_try_catch_throw(struct kunit_try_catch *try_catch)
> > {
> > try_catch->try_result = -EFAULT;
> > - kthread_complete_and_exit(try_catch->try_completion, -EFAULT);
> > + kthread_exit(0);
> > }
> > EXPORT_SYMBOL_GPL(kunit_try_catch_throw);
> >
> > @@ -26,9 +26,12 @@ static int kunit_generic_run_threadfn_adapter(void *data)
> > {
> > struct kunit_try_catch *try_catch = data;
> >
> > + try_catch->try_result = -EINTR;
> > try_catch->try(try_catch->context);
> > + if (try_catch->try_result == -EINTR)
> > + try_catch->try_result = 0;
> >
> > - kthread_complete_and_exit(try_catch->try_completion, 0);
> > + return 0;
>
> Really my only question is why we do not need to still do a
> kthread_exit(0) here? I realize we are not checking the thread's exit
> code but isn't it safer to call kthread_exit(). I'm new to kthread so
> I am not too sure.
This function is the body of the thread, and as we can see in the
signature it should return an integer that will then be passed to
kthread_exit() (by kthread-specific code). It is then useless to
directly call kthread_exit() here, and it is cleaner to follow common
thread function signature.
>
> > }
> >
> > static unsigned long kunit_test_timeout(void)
> > @@ -58,13 +61,11 @@ static unsigned long kunit_test_timeout(void)
> >
> > void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> > {
> > - DECLARE_COMPLETION_ONSTACK(try_completion);
> > struct kunit *test = try_catch->test;
> > struct task_struct *task_struct;
> > int exit_code, time_remaining;
> >
> > try_catch->context = context;
> > - try_catch->try_completion = &try_completion;
> > try_catch->try_result = 0;
> > task_struct = kthread_create(kunit_generic_run_threadfn_adapter,
> > try_catch, "kunit_try_catch_thread");
> > @@ -75,8 +76,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> > }
> > get_task_struct(task_struct);
> > wake_up_process(task_struct);
> > -
> > - time_remaining = wait_for_completion_timeout(&try_completion,
> > + time_remaining = wait_for_completion_timeout(task_struct->vfork_done,
> > kunit_test_timeout());
> > if (time_remaining == 0) {
> > try_catch->try_result = -ETIMEDOUT;
> > @@ -92,7 +92,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> > if (exit_code == -EFAULT)
> > try_catch->try_result = 0;
> > else if (exit_code == -EINTR)
> > - kunit_err(test, "wake_up_process() was never called\n");
> > + kunit_err(test, "try faulted\n");
> > else if (exit_code == -ETIMEDOUT)
> > kunit_err(test, "try timed out\n");
> > else if (exit_code)
> > --
> > 2.44.0
> >
>
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH v2 4/7] kunit: Handle test faults
2024-03-12 5:05 ` David Gow
@ 2024-03-12 12:15 ` Mickaël Salaün
0 siblings, 0 replies; 22+ messages in thread
From: Mickaël Salaün @ 2024-03-12 12:15 UTC (permalink / raw
To: David Gow
Cc: Brendan Higgins, Kees Cook, Rae Moar, Shuah Khan, Alan Maguire,
Borislav Petkov, Dave Hansen, H . Peter Anvin, Ingo Molnar,
James Morris, Luis Chamberlain, Madhavan T . Venkataraman,
Marco Pagani, Paolo Bonzini, Sean Christopherson, Stephen Boyd,
Thara Gopinath, Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li,
Zahra Tarkhani, kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
On Tue, Mar 12, 2024 at 01:05:37PM +0800, David Gow wrote:
> On Sat, 2 Mar 2024 at 03:40, Mickaël Salaün <mic@digikod.net> wrote:
> >
> > Previously, when a kernel test thread crashed (e.g. NULL pointer
> > dereference, general protection fault), the KUnit test hanged for 30
> > seconds and exited with a timeout error.
> >
> > Fix this issue by waiting on task_struct->vfork_done instead of the
> > custom kunit_try_catch.try_completion, and track the execution state by
> > initially setting try_result with -EFAULT and only setting it to 0 if
> > the test passed.
> >
> > Fix kunit_generic_run_threadfn_adapter() signature by returning 0
> > instead of calling kthread_complete_and_exit(). Because thread's exit
> > code is never checked, always set it to 0 to make it clear.
> >
> > Fix the -EINTR error message, which couldn't be reached until now.
> >
> > This is tested with a following patch.
> >
> > Cc: Brendan Higgins <brendanhiggins@google.com>
> > Cc: David Gow <davidgow@google.com>
> > Cc: Rae Moar <rmoar@google.com>
> > Cc: Shuah Khan <skhan@linuxfoundation.org>
> > Reviewed-by: Kees Cook <keescook@chromium.org>
> > Signed-off-by: Mickaël Salaün <mic@digikod.net>
> > Link: https://lore.kernel.org/r/20240301194037.532117-5-mic@digikod.net
> > ---
>
> This works fine here, and looks good.
>
> The use of task_struct->vfork_done is a bit confusing, as there's no
> documentation (that I could find) about what vfork_done means for
> kthreads. From the code, it looks to just be a copy of
> kthread->exited, which is much more obvious a name.
Indeed
>
> Would it make sense to either (a) replace this with a call to
> to_kthread(), and kthread->exited, or (b) add a comment explaining
> what vfork_done means here. kthread_stop() itself is using
> to_kthread() and kthread->exited -- even though task_struct is also
> there -- so I'd feel a bit more comfortable with that option.
I used vfork_done because to_kthread() and struct kthread are private.
As for a vfork(2), vfork_done is useful to wait for the end of a task.
Feel free to add a comment explaining vfork_done. Thanks
>
> Otherwise,
> Reviewed-by: David Gow <davidgow@google.com>
>
> Cheers,
> -- David
>
> >
> > Changes since v1:
> > * Added Kees's Reviewed-by.
> > ---
> > include/kunit/try-catch.h | 3 ---
> > lib/kunit/try-catch.c | 14 +++++++-------
> > 2 files changed, 7 insertions(+), 10 deletions(-)
> >
> > diff --git a/include/kunit/try-catch.h b/include/kunit/try-catch.h
> > index c507dd43119d..7c966a1adbd3 100644
> > --- a/include/kunit/try-catch.h
> > +++ b/include/kunit/try-catch.h
> > @@ -14,13 +14,11 @@
> >
> > typedef void (*kunit_try_catch_func_t)(void *);
> >
> > -struct completion;
> > struct kunit;
> >
> > /**
> > * struct kunit_try_catch - provides a generic way to run code which might fail.
> > * @test: The test case that is currently being executed.
> > - * @try_completion: Completion that the control thread waits on while test runs.
> > * @try_result: Contains any errno obtained while running test case.
> > * @try: The function, the test case, to attempt to run.
> > * @catch: The function called if @try bails out.
> > @@ -46,7 +44,6 @@ struct kunit;
> > struct kunit_try_catch {
> > /* private: internal use only. */
> > struct kunit *test;
> > - struct completion *try_completion;
> > int try_result;
> > kunit_try_catch_func_t try;
> > kunit_try_catch_func_t catch;
> > diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
> > index cab8b24b5d5a..c6ee4db0b3bd 100644
> > --- a/lib/kunit/try-catch.c
> > +++ b/lib/kunit/try-catch.c
> > @@ -18,7 +18,7 @@
> > void __noreturn kunit_try_catch_throw(struct kunit_try_catch *try_catch)
> > {
> > try_catch->try_result = -EFAULT;
> > - kthread_complete_and_exit(try_catch->try_completion, -EFAULT);
> > + kthread_exit(0);
> > }
> > EXPORT_SYMBOL_GPL(kunit_try_catch_throw);
> >
> > @@ -26,9 +26,12 @@ static int kunit_generic_run_threadfn_adapter(void *data)
> > {
> > struct kunit_try_catch *try_catch = data;
> >
> > + try_catch->try_result = -EINTR;
> > try_catch->try(try_catch->context);
> > + if (try_catch->try_result == -EINTR)
> > + try_catch->try_result = 0;
> >
> > - kthread_complete_and_exit(try_catch->try_completion, 0);
> > + return 0;
> > }
> >
> > static unsigned long kunit_test_timeout(void)
> > @@ -58,13 +61,11 @@ static unsigned long kunit_test_timeout(void)
> >
> > void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> > {
> > - DECLARE_COMPLETION_ONSTACK(try_completion);
> > struct kunit *test = try_catch->test;
> > struct task_struct *task_struct;
> > int exit_code, time_remaining;
> >
> > try_catch->context = context;
> > - try_catch->try_completion = &try_completion;
> > try_catch->try_result = 0;
> > task_struct = kthread_create(kunit_generic_run_threadfn_adapter,
> > try_catch, "kunit_try_catch_thread");
> > @@ -75,8 +76,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> > }
> > get_task_struct(task_struct);
> > wake_up_process(task_struct);
> > -
> > - time_remaining = wait_for_completion_timeout(&try_completion,
> > + time_remaining = wait_for_completion_timeout(task_struct->vfork_done,
> > kunit_test_timeout());
> > if (time_remaining == 0) {
> > try_catch->try_result = -ETIMEDOUT;
> > @@ -92,7 +92,7 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> > if (exit_code == -EFAULT)
> > try_catch->try_result = 0;
> > else if (exit_code == -EINTR)
> > - kunit_err(test, "wake_up_process() was never called\n");
> > + kunit_err(test, "try faulted\n");
> > else if (exit_code == -ETIMEDOUT)
> > kunit_err(test, "try timed out\n");
> > else if (exit_code)
> > --
> > 2.44.0
> >
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH v2 6/7] kunit: Print last test location on fault
2024-03-12 4:54 ` David Gow
@ 2024-03-12 12:15 ` Mickaël Salaün
0 siblings, 0 replies; 22+ messages in thread
From: Mickaël Salaün @ 2024-03-12 12:15 UTC (permalink / raw
To: David Gow
Cc: Brendan Higgins, Kees Cook, Rae Moar, Shuah Khan, Alan Maguire,
Borislav Petkov, Dave Hansen, H . Peter Anvin, Ingo Molnar,
James Morris, Luis Chamberlain, Madhavan T . Venkataraman,
Marco Pagani, Paolo Bonzini, Sean Christopherson, Stephen Boyd,
Thara Gopinath, Thomas Gleixner, Vitaly Kuznetsov, Wanpeng Li,
Zahra Tarkhani, kvm, linux-hardening, linux-hyperv, linux-kernel,
linux-security-module, linux-um, x86
On Tue, Mar 12, 2024 at 12:54:48PM +0800, David Gow wrote:
> On Sat, 2 Mar 2024 at 03:40, Mickaël Salaün <mic@digikod.net> wrote:
> >
> > This helps identify the location of test faults.
> >
> > Cc: Brendan Higgins <brendanhiggins@google.com>
> > Cc: David Gow <davidgow@google.com>
> > Cc: Rae Moar <rmoar@google.com>
> > Cc: Shuah Khan <skhan@linuxfoundation.org>
> > Reviewed-by: Kees Cook <keescook@chromium.org>
> > Signed-off-by: Mickaël Salaün <mic@digikod.net>
> > Link: https://lore.kernel.org/r/20240301194037.532117-7-mic@digikod.net
> > ---
>
> I like the idea of this, but am a little bit worried about how
> confusing it might be, given that the location only updates on those
> particular macros.
>
> Maybe the answer is to make the __KUNIT_SAVE_LOC() macro, or something
> equivalent, a supported API.
>
> One possibility would be to have a KUNIT_MARKER() macro. If we really
> wanted to, we could expand it to take a string so we can have a more
> user-friendly KUNIT_MARKER(test, "parsing packet") description of
> where things went wrong. Another could be to extend this to use the
> code tagging framework[1], if that lands.
>
> That being said, I think this is still an improvement without any of
> those features. I've left a few comments below. Let me know what you
> think.
This patch adds opportunistic markers to test code. Because an uncaught
fault would be a bug, I think in practice nobody would use
KUNIT_MARKER() explicitly. I found _KUNIT_SAVE_LOC() to be useful while
writing tests or debugging them. With this patch, it is still possible
to call KUNIT_SUCCESS() if someone wants to add an explicit mark, and I
think it would make more sense.
>
> Cheers,
> -- David
>
> [1]: https://lwn.net/Articles/906660/
> >
> > Changes since v1:
> > * Added Kees's Reviewed-by.
> > ---
> > include/kunit/test.h | 24 +++++++++++++++++++++---
> > lib/kunit/try-catch.c | 10 +++++++---
> > 2 files changed, 28 insertions(+), 6 deletions(-)
> >
> > diff --git a/include/kunit/test.h b/include/kunit/test.h
> > index fcb4a4940ace..f3aa66eb0087 100644
> > --- a/include/kunit/test.h
> > +++ b/include/kunit/test.h
> > @@ -301,6 +301,8 @@ struct kunit {
> > struct list_head resources; /* Protected by lock. */
> >
> > char status_comment[KUNIT_STATUS_COMMENT_SIZE];
> > + /* Saves the last seen test. Useful to help with faults. */
> > + struct kunit_loc last_seen;
> > };
> >
> > static inline void kunit_set_failure(struct kunit *test)
> > @@ -567,6 +569,15 @@ void __printf(2, 3) kunit_log_append(struct string_stream *log, const char *fmt,
> > #define kunit_err(test, fmt, ...) \
> > kunit_printk(KERN_ERR, test, fmt, ##__VA_ARGS__)
> >
> > +/*
> > + * Must be called at the beginning of each KUNIT_*_ASSERTION().
> > + * Cf. KUNIT_CURRENT_LOC.
> > + */
> > +#define _KUNIT_SAVE_LOC(test) do { \
> > + WRITE_ONCE(test->last_seen.file, __FILE__); \
> > + WRITE_ONCE(test->last_seen.line, __LINE__); \
> > +} while (0)
>
> Can we get rid of the leading '_', make this public, and document it?
> If we want to rename it to KUNIT_MARKER() or similar, that might work
> better, too.
We can do that but I'm not convinced it would be useful.
>
> > +
> > /**
> > * KUNIT_SUCCEED() - A no-op expectation. Only exists for code clarity.
> > * @test: The test context object.
> > @@ -575,7 +586,7 @@ void __printf(2, 3) kunit_log_append(struct string_stream *log, const char *fmt,
> > * words, it does nothing and only exists for code clarity. See
> > * KUNIT_EXPECT_TRUE() for more information.
> > */
> > -#define KUNIT_SUCCEED(test) do {} while (0)
> > +#define KUNIT_SUCCEED(test) _KUNIT_SAVE_LOC(test)
> >
> > void __noreturn __kunit_abort(struct kunit *test);
> >
> > @@ -601,14 +612,16 @@ void __kunit_do_failed_assertion(struct kunit *test,
> > } while (0)
> >
> >
> > -#define KUNIT_FAIL_ASSERTION(test, assert_type, fmt, ...) \
> > +#define KUNIT_FAIL_ASSERTION(test, assert_type, fmt, ...) do { \
> > + _KUNIT_SAVE_LOC(test); \
> > _KUNIT_FAILED(test, \
> > assert_type, \
> > kunit_fail_assert, \
> > kunit_fail_assert_format, \
> > {}, \
> > fmt, \
> > - ##__VA_ARGS__)
> > + ##__VA_ARGS__); \
> > +} while (0)
> >
> > /**
> > * KUNIT_FAIL() - Always causes a test to fail when evaluated.
> > @@ -637,6 +650,7 @@ void __kunit_do_failed_assertion(struct kunit *test,
> > fmt, \
> > ...) \
> > do { \
> > + _KUNIT_SAVE_LOC(test); \
> > if (likely(!!(condition_) == !!expected_true_)) \
> > break; \
> > \
> > @@ -698,6 +712,7 @@ do { \
> > .right_text = #right, \
> > }; \
> > \
> > + _KUNIT_SAVE_LOC(test); \
> > if (likely(__left op __right)) \
> > break; \
> > \
> > @@ -758,6 +773,7 @@ do { \
> > .right_text = #right, \
> > }; \
> > \
> > + _KUNIT_SAVE_LOC(test); \
> > if (likely((__left) && (__right) && (strcmp(__left, __right) op 0))) \
> > break; \
> > \
> > @@ -791,6 +807,7 @@ do { \
> > .right_text = #right, \
> > }; \
> > \
> > + _KUNIT_SAVE_LOC(test); \
> > if (likely(__left && __right)) \
> > if (likely(memcmp(__left, __right, __size) op 0)) \
> > break; \
> > @@ -815,6 +832,7 @@ do { \
> > do { \
> > const typeof(ptr) __ptr = (ptr); \
> > \
> > + _KUNIT_SAVE_LOC(test); \
> > if (!IS_ERR_OR_NULL(__ptr)) \
> > break; \
> > \
> > diff --git a/lib/kunit/try-catch.c b/lib/kunit/try-catch.c
> > index c6ee4db0b3bd..2ec21c6918f3 100644
> > --- a/lib/kunit/try-catch.c
> > +++ b/lib/kunit/try-catch.c
> > @@ -91,9 +91,13 @@ void kunit_try_catch_run(struct kunit_try_catch *try_catch, void *context)
> >
> > if (exit_code == -EFAULT)
> > try_catch->try_result = 0;
> > - else if (exit_code == -EINTR)
> > - kunit_err(test, "try faulted\n");
> > - else if (exit_code == -ETIMEDOUT)
> > + else if (exit_code == -EINTR) {
> > + if (test->last_seen.file)
> > + kunit_err(test, "try faulted after %s:%d\n",
> > + test->last_seen.file, test->last_seen.line);
>
> It's possibly a bit confusing to just say "after file:line",
> particularly if we then loop or call a function "higher up" in the
> file. Maybe something like "try faulted: last line seen %s:%d" is
> clearer.
OK
>
> > + else
> > + kunit_err(test, "try faulted before the first test\n");
>
> I don't like using "test" here, as it introduces ambiguity between
> "kunit tests" and "assertions/expectations" if we call them both
> tests. Maybe just "try faulted" here, or "try faulted (no markers
> seen)" or similar?
I agree that "try faulted" would be enough. I'm totally OK for you to
update this patch directly. Please let me know if you'd prefer me to
send another version with these fixes though.
Do you plan to merge this patches with the v6.9 merge window?
>
>
> > + } else if (exit_code == -ETIMEDOUT)
> > kunit_err(test, "try timed out\n");
> > else if (exit_code)
> > kunit_err(test, "Unknown error: %d\n", exit_code);
> > --
> > 2.44.0
> >
^ permalink raw reply [flat|nested] 22+ messages in thread
end of thread, other threads:[~2024-03-12 12:16 UTC | newest]
Thread overview: 22+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-03-01 19:40 [PATCH v2 0/7] Handle faults in KUnit tests Mickaël Salaün
2024-03-01 19:40 ` [PATCH v2 1/7] kunit: Handle thread creation error Mickaël Salaün
2024-03-05 20:57 ` Rae Moar
2024-03-12 4:53 ` David Gow
2024-03-01 19:40 ` [PATCH v2 2/7] kunit: Fix kthread reference Mickaël Salaün
2024-03-05 20:57 ` Rae Moar
2024-03-12 4:53 ` David Gow
2024-03-01 19:40 ` [PATCH v2 3/7] kunit: Fix timeout message Mickaël Salaün
2024-03-05 20:58 ` Rae Moar
2024-03-12 4:53 ` David Gow
2024-03-01 19:40 ` [PATCH v2 4/7] kunit: Handle test faults Mickaël Salaün
2024-03-11 21:21 ` Rae Moar
2024-03-12 12:15 ` Mickaël Salaün
2024-03-12 5:05 ` David Gow
2024-03-12 12:15 ` Mickaël Salaün
2024-03-01 19:40 ` [PATCH v2 5/7] kunit: Fix KUNIT_SUCCESS() calls in iov_iter tests Mickaël Salaün
2024-03-12 4:54 ` David Gow
2024-03-01 19:40 ` [PATCH v2 6/7] kunit: Print last test location on fault Mickaël Salaün
2024-03-12 4:54 ` David Gow
2024-03-12 12:15 ` Mickaël Salaün
2024-03-01 19:40 ` [PATCH v2 7/7] kunit: Add tests for fault Mickaël Salaün
2024-03-12 4:54 ` David Gow
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).