Re: [PATCH 2/2] kasan: apply store-only mode in kasan kunit testcases

[Yeoreum Yun]

Hi Andrey,
> >
> > > Right now, KASAN tests are crafted to avoid/self-contain harmful
> > > memory corruptions that they do (e.g. make sure that OOB write
> > > accesses land in in-object kmalloc training space, etc.). If you turn
> > > read accesses in tests into write accesses, memory corruptions caused
> > > by the earlier tests will crash the kernel or the latter tests.
> >
> > That's why I run the store-only test when this mode is "sync"
> > In case of "async/asymm" as you mention since it reports "after",
> > there will be memory corruption.
> >
> > But in case of sync, when the MTE fault happens, it doesn't
> > write to memory so, I think it's fine.
>
> Does it not? I thought MTE gets disabled and we return from the fault
> handler and let the write instruction execute. But my memory on this
> is foggy. And I don't have a setup right now to test.

Right. when fault is hit the MTE gets disabled.
But in kasan_test_c.c -- See the KUNIT_EXPECT_KASAN_FAIL,
It re-enables for next test by calling kasan_enable_hw_tags().

So, the store-only with sync mode seems fine unless we wouldn't care
about failure (no fault happen) which makes memory corruption.

However, I'm not sure writing the seperate testcases for store-only
is right or now since
same tests which only are different of return value check will be
duplicate and half of these always skipped (when duplicate for
store-only, former should be skip and vice versa).

Thanks.

--
Sincerely,
Yeoreum Yun