xref: /openbmc/linux/lib/test_ubsan.c (revision aeefc1a0)
1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/init.h>
3 #include <linux/kernel.h>
4 #include <linux/module.h>
5 
6 typedef void(*test_ubsan_fp)(void);
7 
8 #define UBSAN_TEST(config, ...)	do {					\
9 		pr_info("%s " __VA_ARGS__ "%s(%s=%s)\n", __func__,	\
10 			sizeof(" " __VA_ARGS__) > 2 ? " " : "",		\
11 			#config, IS_ENABLED(config) ? "y" : "n");	\
12 	} while (0)
13 
14 static void test_ubsan_add_overflow(void)
15 {
16 	volatile int val = INT_MAX;
17 	volatile unsigned int uval = UINT_MAX;
18 
19 	UBSAN_TEST(CONFIG_UBSAN_SIGNED_OVERFLOW);
20 	val += 2;
21 
22 	UBSAN_TEST(CONFIG_UBSAN_UNSIGNED_OVERFLOW);
23 	uval += 2;
24 }
25 
26 static void test_ubsan_sub_overflow(void)
27 {
28 	volatile int val = INT_MIN;
29 	volatile unsigned int uval = 0;
30 	volatile int val2 = 2;
31 
32 	UBSAN_TEST(CONFIG_UBSAN_SIGNED_OVERFLOW);
33 	val -= val2;
34 
35 	UBSAN_TEST(CONFIG_UBSAN_UNSIGNED_OVERFLOW);
36 	uval -= val2;
37 }
38 
39 static void test_ubsan_mul_overflow(void)
40 {
41 	volatile int val = INT_MAX / 2;
42 	volatile unsigned int uval = UINT_MAX / 2;
43 
44 	UBSAN_TEST(CONFIG_UBSAN_SIGNED_OVERFLOW);
45 	val *= 3;
46 
47 	UBSAN_TEST(CONFIG_UBSAN_UNSIGNED_OVERFLOW);
48 	uval *= 3;
49 }
50 
51 static void test_ubsan_negate_overflow(void)
52 {
53 	volatile int val = INT_MIN;
54 
55 	UBSAN_TEST(CONFIG_UBSAN_SIGNED_OVERFLOW);
56 	val = -val;
57 }
58 
59 static void test_ubsan_divrem_overflow(void)
60 {
61 	volatile int val = 16;
62 	volatile int val2 = 0;
63 
64 	UBSAN_TEST(CONFIG_UBSAN_DIV_ZERO);
65 	val /= val2;
66 }
67 
68 static void test_ubsan_shift_out_of_bounds(void)
69 {
70 	volatile int neg = -1, wrap = 4;
71 	int val1 = 10;
72 	int val2 = INT_MAX;
73 
74 	UBSAN_TEST(CONFIG_UBSAN_SHIFT, "negative exponent");
75 	val1 <<= neg;
76 
77 	UBSAN_TEST(CONFIG_UBSAN_SHIFT, "left overflow");
78 	val2 <<= wrap;
79 }
80 
81 static void test_ubsan_out_of_bounds(void)
82 {
83 	volatile int i = 4, j = 5, k = -1;
84 	volatile char above[4] = { }; /* Protect surrounding memory. */
85 	volatile int arr[4];
86 	volatile char below[4] = { }; /* Protect surrounding memory. */
87 
88 	above[0] = below[0];
89 
90 	UBSAN_TEST(CONFIG_UBSAN_BOUNDS, "above");
91 	arr[j] = i;
92 
93 	UBSAN_TEST(CONFIG_UBSAN_BOUNDS, "below");
94 	arr[k] = i;
95 }
96 
97 enum ubsan_test_enum {
98 	UBSAN_TEST_ZERO = 0,
99 	UBSAN_TEST_ONE,
100 	UBSAN_TEST_MAX,
101 };
102 
103 static void test_ubsan_load_invalid_value(void)
104 {
105 	volatile char *dst, *src;
106 	bool val, val2, *ptr;
107 	enum ubsan_test_enum eval, eval2, *eptr;
108 	unsigned char c = 0xff;
109 
110 	UBSAN_TEST(CONFIG_UBSAN_BOOL, "bool");
111 	dst = (char *)&val;
112 	src = &c;
113 	*dst = *src;
114 
115 	ptr = &val2;
116 	val2 = val;
117 
118 	UBSAN_TEST(CONFIG_UBSAN_ENUM, "enum");
119 	dst = (char *)&eval;
120 	src = &c;
121 	*dst = *src;
122 
123 	eptr = &eval2;
124 	eval2 = eval;
125 }
126 
127 static void test_ubsan_null_ptr_deref(void)
128 {
129 	volatile int *ptr = NULL;
130 	int val;
131 
132 	UBSAN_TEST(CONFIG_UBSAN_OBJECT_SIZE);
133 	val = *ptr;
134 }
135 
136 static void test_ubsan_misaligned_access(void)
137 {
138 	volatile char arr[5] __aligned(4) = {1, 2, 3, 4, 5};
139 	volatile int *ptr, val = 6;
140 
141 	UBSAN_TEST(CONFIG_UBSAN_ALIGNMENT);
142 	ptr = (int *)(arr + 1);
143 	*ptr = val;
144 }
145 
146 static void test_ubsan_object_size_mismatch(void)
147 {
148 	/* "((aligned(8)))" helps this not into be misaligned for ptr-access. */
149 	volatile int val __aligned(8) = 4;
150 	volatile long long *ptr, val2;
151 
152 	UBSAN_TEST(CONFIG_UBSAN_OBJECT_SIZE);
153 	ptr = (long long *)&val;
154 	val2 = *ptr;
155 }
156 
157 static const test_ubsan_fp test_ubsan_array[] = {
158 	test_ubsan_add_overflow,
159 	test_ubsan_sub_overflow,
160 	test_ubsan_mul_overflow,
161 	test_ubsan_negate_overflow,
162 	test_ubsan_shift_out_of_bounds,
163 	test_ubsan_out_of_bounds,
164 	test_ubsan_load_invalid_value,
165 	test_ubsan_misaligned_access,
166 	test_ubsan_object_size_mismatch,
167 };
168 
169 /* Excluded because they Oops the module. */
170 static const test_ubsan_fp skip_ubsan_array[] = {
171 	test_ubsan_divrem_overflow,
172 	test_ubsan_null_ptr_deref,
173 };
174 
175 static int __init test_ubsan_init(void)
176 {
177 	unsigned int i;
178 
179 	for (i = 0; i < ARRAY_SIZE(test_ubsan_array); i++)
180 		test_ubsan_array[i]();
181 
182 	return 0;
183 }
184 module_init(test_ubsan_init);
185 
186 static void __exit test_ubsan_exit(void)
187 {
188 	/* do nothing */
189 }
190 module_exit(test_ubsan_exit);
191 
192 MODULE_AUTHOR("Jinbum Park <jinb.park7@gmail.com>");
193 MODULE_LICENSE("GPL v2");
194