kunit/fortify: Do not spam logs with fortify WARNs

When running KUnit fortify tests, we're already doing precise tracking
of which warnings are getting hit. Don't fill the logs with WARNs unless
we've been explicitly built with DEBUG enabled.

Link: https://lore.kernel.org/r/20240429194342.2421639-2-keescook@chromium.org
Signed-off-by: Kees Cook <keescook@chromium.org>
This commit is contained in:
Kees Cook 2024-04-29 12:43:40 -07:00
parent a0d6677ec3
commit 091f79e8de

View File

@ -15,10 +15,17 @@
*/ */
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
/* We don't need to fill dmesg with the fortify WARNs during testing. */
#ifdef DEBUG
# define FORTIFY_REPORT_KUNIT(x...) __fortify_report(x)
#else
# define FORTIFY_REPORT_KUNIT(x...) do { } while (0)
#endif
/* Redefine fortify_panic() to track failures. */ /* Redefine fortify_panic() to track failures. */
void fortify_add_kunit_error(int write); void fortify_add_kunit_error(int write);
#define fortify_panic(func, write, avail, size, retfail) do { \ #define fortify_panic(func, write, avail, size, retfail) do { \
__fortify_report(FORTIFY_REASON(func, write), avail, size); \ FORTIFY_REPORT_KUNIT(FORTIFY_REASON(func, write), avail, size); \
fortify_add_kunit_error(write); \ fortify_add_kunit_error(write); \
return (retfail); \ return (retfail); \
} while (0) } while (0)