kunit/fortify: Do not spam logs with fortify WARNs

[ Upstream commit 091f79e8de44736a1e677701d67334bba5b749e3 ] When running KUnit fortify tests, we're already doing precise tracking of which warnings are getting hit. Don't fill the logs with WARNs unless we've been explicitly built with DEBUG enabled. Link: https://lore.kernel.org/r/20240429194342.2421639-2-keescook@chromium.org Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-04-29 12:43:40 -07:00 · 2024-04-29 12:43:40 -07:00 · 4248888b54
commit 4248888b54
parent d9de710a34
1 changed files with 8 additions and 1 deletions
--- a/lib/fortify_kunit.c
+++ b/lib/fortify_kunit.c
@ -15,10 +15,17 @@
 */
 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt

+/* We don't need to fill dmesg with the fortify WARNs during testing. */
+#ifdef DEBUG
+# define FORTIFY_REPORT_KUNIT(x...) __fortify_report(x)
+#else
+# define FORTIFY_REPORT_KUNIT(x...) do { } while (0)
+#endif
+
 /* Redefine fortify_panic() to track failures. */
 void fortify_add_kunit_error(int write);
 #define fortify_panic(func, write, avail, size, retfail) do {		\
-	__fortify_report(FORTIFY_REASON(func, write), avail, size);	\
+	FORTIFY_REPORT_KUNIT(FORTIFY_REASON(func, write), avail, size);	\
 	fortify_add_kunit_error(write);					\
 	return (retfail);						\
 } while (0)