usercopy: add testcases to check zeroing on failure (4fbfeb8b) · Commits · e / devices / android_kernel_fairphone_FP4

lib/test_user_copy.c

+10 −0

Original line number	Diff line number	Diff line
		@@ -69,20 +69,30 @@ static int __init test_user_copy_init(void)
		"legitimate put_user failed");

		/* Invalid usage: none of these should succeed. */
		memset(kmem, 0x5a, PAGE_SIZE);
		memset(kmem + PAGE_SIZE, 0, PAGE_SIZE);
		ret \|= test(!copy_from_user(kmem, (char __user *)(kmem + PAGE_SIZE),
		PAGE_SIZE),
		"illegal all-kernel copy_from_user passed");
		ret \|= test(memcmp(kmem + PAGE_SIZE, kmem, PAGE_SIZE),
		"zeroing failure for illegal all-kernel copy_from_user");
		memset(bad_usermem, 0x5A, PAGE_SIZE);
		ret \|= test(!copy_from_user(bad_usermem, (char __user *)kmem,
		PAGE_SIZE),
		"illegal reversed copy_from_user passed");
		ret \|= test(memcmp(kmem + PAGE_SIZE, bad_usermem, PAGE_SIZE),
		"zeroing failure for illegal reversed copy_from_user");
		ret \|= test(!copy_to_user((char __user *)kmem, kmem + PAGE_SIZE,
		PAGE_SIZE),
		"illegal all-kernel copy_to_user passed");
		ret \|= test(!copy_to_user((char __user *)kmem, bad_usermem,
		PAGE_SIZE),
		"illegal reversed copy_to_user passed");
		memset(kmem, 0x5a, PAGE_SIZE);
		ret \|= test(!get_user(value, (unsigned long __user *)kmem),
		"illegal get_user passed");
		ret \|= test(memcmp(kmem + PAGE_SIZE, kmem, sizeof(value)),
		"zeroing failure for illegal get_user");
		ret \|= test(!put_user(value, (unsigned long __user *)kmem),
		"illegal put_user passed");