1. Patchew
  2. linux
  3. View series

[PATCH v2] lib: PRIME_NUMBERS_KUNIT_TEST should not select PRIME_NUMBERS

Geert Uytterhoeven posted 1 patch 8 months, 1 week ago 
lib/Kconfig.debug                  | 2 +-
tools/testing/selftests/lib/config | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
[PATCH v2] lib: PRIME_NUMBERS_KUNIT_TEST should not select PRIME_NUMBERS
Posted by Geert Uytterhoeven 8 months, 1 week ago 
Enabling a (modular) test should not silently enable additional kernel
functionality, as that may increase the attack vector of a product.

Fix this by making PRIME_NUMBERS_KUNIT_TEST depend on PRIME_NUMBERS
instead of selecting it.

After this, one can safely enable CONFIG_KUNIT_ALL_TESTS=m to build
modules for all appropriate tests for ones system, without pulling in
extra unwanted functionality, while still allowing a tester to manually
enable PRIME_NUMBERS and this test suite on a system where PRIME_NUMBERS
is not enabled by default.  Resurrect CONFIG_PRIME_NUMBERS=m in
tools/testing/selftests/lib/config for the latter use case.

Fixes: 313b38a6ecb46db4 ("lib/prime_numbers: convert self-test to KUnit")
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Acked-by: Tamir Duberstein <tamird@gmail.com>
---
v2:
  - Add Acked-by,
  - Resurrect CONFIG_PRIME_NUMBERS=m in
    tools/testing/selftests/lib/config.
---
 lib/Kconfig.debug                  | 2 +-
 tools/testing/selftests/lib/config | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
index 4060a89866626c0a..51722f5d041970aa 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -3326,7 +3326,7 @@ config GCD_KUNIT_TEST
 config PRIME_NUMBERS_KUNIT_TEST
 	tristate "Prime number generator test" if !KUNIT_ALL_TESTS
 	depends on KUNIT
-	select PRIME_NUMBERS
+	depends on PRIME_NUMBERS
 	default KUNIT_ALL_TESTS
 	help
 	  This option enables the KUnit test suite for the {is,next}_prime_number
diff --git a/tools/testing/selftests/lib/config b/tools/testing/selftests/lib/config
index 81a1f64a22e860a6..377b3699ff312933 100644
--- a/tools/testing/selftests/lib/config
+++ b/tools/testing/selftests/lib/config
@@ -1,2 +1,3 @@
 CONFIG_TEST_BITMAP=m
+CONFIG_PRIME_NUMBERS=m
 CONFIG_TEST_BITOPS=m
-- 
2.43.0
Re: [PATCH v2] lib: PRIME_NUMBERS_KUNIT_TEST should not select PRIME_NUMBERS
Posted by Mark Brown 8 months ago 
On Mon, Apr 14, 2025 at 04:35:00PM +0200, Geert Uytterhoeven wrote:
> Enabling a (modular) test should not silently enable additional kernel
> functionality, as that may increase the attack vector of a product.
> 
> Fix this by making PRIME_NUMBERS_KUNIT_TEST depend on PRIME_NUMBERS
> instead of selecting it.
> 
> After this, one can safely enable CONFIG_KUNIT_ALL_TESTS=m to build
> modules for all appropriate tests for ones system, without pulling in
> extra unwanted functionality, while still allowing a tester to manually
> enable PRIME_NUMBERS and this test suite on a system where PRIME_NUMBERS
> is not enabled by default.  Resurrect CONFIG_PRIME_NUMBERS=m in
> tools/testing/selftests/lib/config for the latter use case.

This commit, which is now in mainline, causes the prime numbers test to
vanish from my CI which is a regression - the selftests config fragment
is obviously not picked up by the kunit runner when it builds the
kernel.  You should add any KUnit tests to one of the configs in
tools/testing/kunit/configs/ - generally all_tests.config.
Re: [PATCH v2] lib: PRIME_NUMBERS_KUNIT_TEST should not select PRIME_NUMBERS
Posted by Kees Cook 8 months ago 
On Tue, Apr 22, 2025 at 01:10:47PM +0100, Mark Brown wrote:
> On Mon, Apr 14, 2025 at 04:35:00PM +0200, Geert Uytterhoeven wrote:
> > Enabling a (modular) test should not silently enable additional kernel
> > functionality, as that may increase the attack vector of a product.
> > 
> > Fix this by making PRIME_NUMBERS_KUNIT_TEST depend on PRIME_NUMBERS
> > instead of selecting it.
> > 
> > After this, one can safely enable CONFIG_KUNIT_ALL_TESTS=m to build
> > modules for all appropriate tests for ones system, without pulling in
> > extra unwanted functionality, while still allowing a tester to manually
> > enable PRIME_NUMBERS and this test suite on a system where PRIME_NUMBERS
> > is not enabled by default.  Resurrect CONFIG_PRIME_NUMBERS=m in
> > tools/testing/selftests/lib/config for the latter use case.
> 
> This commit, which is now in mainline, causes the prime numbers test to
> vanish from my CI which is a regression - the selftests config fragment
> is obviously not picked up by the kunit runner when it builds the
> kernel.  You should add any KUnit tests to one of the configs in
> tools/testing/kunit/configs/ - generally all_tests.config.

Ah! Thanks -- I forgot about these (apparently my memory horizon is at
most 2 years, considering commit 4d9060981f88 ("kunit: tool: Enable
CONFIG_FORTIFY_SOURCE under UML").

Does this look like you're expecting?

diff --git a/tools/testing/kunit/configs/all_tests.config b/tools/testing/kunit/configs/all_tests.config
index cdd9782f9646..554da9df02f2 100644
--- a/tools/testing/kunit/configs/all_tests.config
+++ b/tools/testing/kunit/configs/all_tests.config
@@ -51,3 +51,5 @@ CONFIG_SOUND=y
 CONFIG_SND=y
 CONFIG_SND_SOC=y
 CONFIG_SND_SOC_TOPOLOGY_BUILD=y
+
+CONFIG_PRIME_NUMBERS=y


-- 
Kees Cook
Re: [PATCH v2] lib: PRIME_NUMBERS_KUNIT_TEST should not select PRIME_NUMBERS
Posted by Mark Brown 8 months ago 
On Tue, Apr 22, 2025 at 08:03:09AM -0700, Kees Cook wrote:
> On Tue, Apr 22, 2025 at 01:10:47PM +0100, Mark Brown wrote:

> > This commit, which is now in mainline, causes the prime numbers test to
> > vanish from my CI which is a regression - the selftests config fragment
> > is obviously not picked up by the kunit runner when it builds the
> > kernel.  You should add any KUnit tests to one of the configs in
> > tools/testing/kunit/configs/ - generally all_tests.config.

> Ah! Thanks -- I forgot about these (apparently my memory horizon is at
> most 2 years, considering commit 4d9060981f88 ("kunit: tool: Enable
> CONFIG_FORTIFY_SOURCE under UML").

> Does this look like you're expecting?

Yes, in fact I actually have roughly that patch in my CI already.
Re: [PATCH v2] lib: PRIME_NUMBERS_KUNIT_TEST should not select PRIME_NUMBERS
Posted by Kees Cook 8 months, 1 week ago 
On Mon, 14 Apr 2025 16:35:00 +0200, Geert Uytterhoeven wrote:
> Enabling a (modular) test should not silently enable additional kernel
> functionality, as that may increase the attack vector of a product.
> 
> Fix this by making PRIME_NUMBERS_KUNIT_TEST depend on PRIME_NUMBERS
> instead of selecting it.
> 
> After this, one can safely enable CONFIG_KUNIT_ALL_TESTS=m to build
> modules for all appropriate tests for ones system, without pulling in
> extra unwanted functionality, while still allowing a tester to manually
> enable PRIME_NUMBERS and this test suite on a system where PRIME_NUMBERS
> is not enabled by default.  Resurrect CONFIG_PRIME_NUMBERS=m in
> tools/testing/selftests/lib/config for the latter use case.
> 
> [...]

Applied to for-linus/hardening, thanks!

[1/1] lib: PRIME_NUMBERS_KUNIT_TEST should not select PRIME_NUMBERS
      https://git.kernel.org/kees/c/3f2925174f8b

Take care,

-- 
Kees Cook

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.