linux/lib/test_fortify/test_fortify.h
Kees Cook be58f71037 fortify: Add compile-time FORTIFY_SOURCE tests
While the run-time testing of FORTIFY_SOURCE is already present in
LKDTM, there is no testing of the expected compile-time detections. In
preparation for correctly supporting FORTIFY_SOURCE under Clang, adding
additional FORTIFY_SOURCE defenses, and making sure FORTIFY_SOURCE
doesn't silently regress with GCC, introduce a build-time test suite that
checks each expected compile-time failure condition.

As this is relatively backwards from standard build rules in the
sense that a successful test is actually a compile _failure_, create
a wrapper script to check for the correct errors, and wire it up as
a dummy dependency to lib/string.o, collecting the results into a log
file artifact.

Signed-off-by: Kees Cook <keescook@chromium.org>
2021-10-18 12:28:52 -07:00

36 lines
775 B
C

/* SPDX-License-Identifier: GPL-2.0-only */
#include <linux/kernel.h>
#include <linux/printk.h>
#include <linux/slab.h>
#include <linux/string.h>
void do_fortify_tests(void);
#define __BUF_SMALL 16
#define __BUF_LARGE 32
struct fortify_object {
int a;
char buf[__BUF_SMALL];
int c;
};
#define LITERAL_SMALL "AAAAAAAAAAAAAAA"
#define LITERAL_LARGE "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
const char small_src[__BUF_SMALL] = LITERAL_SMALL;
const char large_src[__BUF_LARGE] = LITERAL_LARGE;
char small[__BUF_SMALL];
char large[__BUF_LARGE];
struct fortify_object instance;
size_t size;
void do_fortify_tests(void)
{
/* Normal initializations. */
memset(&instance, 0x32, sizeof(instance));
memset(small, 0xA5, sizeof(small));
memset(large, 0x5A, sizeof(large));
TEST;
}