On Wednesday, 31 January 2024 02:52:11 CST Andi Kleen wrote:
> Elizabeth Figura <zfigura@xxxxxxxxxxxxxxx> writes:
>
> > +TEST(test_wait_any)
> > +{
> > + struct ntsync_mutex_args mutex_args = {0};
> > + struct ntsync_wait_args wait_args = {0};
> > + struct ntsync_sem_args sem_args = {0};
> > + __u32 owner, index, count;
> > + struct timespec timeout;
> > + int objs[2], fd, ret;
> > +
> > + clock_gettime(CLOCK_MONOTONIC, &timeout);
> > +
> > + fd = open("/dev/ntsync", O_CLOEXEC | O_RDONLY);
> > + ASSERT_LE(0, fd);
> > +
> > + sem_args.count = 2;
> > + sem_args.max = 3;
> > + sem_args.sem = 0xdeadbeef;
> > + ret = ioctl(fd, NTSYNC_IOC_CREATE_SEM, &sem_args);
> > + EXPECT_EQ(0, ret);
> > + EXPECT_NE(0xdeadbeef, sem_args.sem);
> > +
> > + mutex_args.owner = 0;
> > + mutex_args.count = 0;
> > + mutex_args.mutex = 0xdeadbeef;
> > + ret = ioctl(fd, NTSYNC_IOC_CREATE_MUTEX, &mutex_args);
> > + EXPECT_EQ(0, ret);
> > + EXPECT_NE(0xdeadbeef, mutex_args.mutex);
>
> It seems your tests are missing test cases for exceeding any limits,
> especially overflow/underflow cases. Since these are the most likely
> for any security problems it would be good to have extra coverage here.
> The fuzzers will hopefully hit it too.
>
> Also some stress testing with multiple threads would be useful.
Thanks, I'll add these.
