On Tue, Aug 01, 2023 at 11:43:29AM +0200, Ricardo Cañuelo wrote: > The lkdtm selftest config fragment enables CONFIG_UBSAN_TRAP to make the > ARRAY_BOUNDS test kill the calling process when an out-of-bound access > is detected by UBSAN. However, after this [1] commit, UBSAN is triggered > under many new scenarios that weren't detected before, such as in struct > definitions with fixed-size trailing arrays used as flexible arrays. As > a result, CONFIG_UBSAN_TRAP=y has become a very aggressive option to > enable except for specific situations. Yeah, that's fair. We need to actually get these issues reported and TRAP doesn't help with that. > > `make kselftest-merge` applies CONFIG_UBSAN_TRAP=y to the kernel config > for all selftests, which makes many of them fail because of system hangs > during boot. > > This change removes the config option from the lkdtm kselftest and also > the ARRAY_BOUNDS test to skip it rather than have it failing. If > out-of-bound array accesses need to be checked, there's > CONFIG_TEST_UBSAN for that. I *think* instead, we can turn off TRAP but retain the ARRAY_BOUNDS kselftest by looking for either WARN or TRAP results: -ARRAY_BOUNDS +ARRAY_BOUNDS call trace:|UBSAN: array-index-out-of-bounds Can test that and send a v2? -Kees -- Kees Cook
