On Mon, 14 Apr 2025 16:35:00 +0200, Geert Uytterhoeven wrote:
> Enabling a (modular) test should not silently enable additional kernel
> functionality, as that may increase the attack vector of a product.
>
> Fix this by making PRIME_NUMBERS_KUNIT_TEST depend on PRIME_NUMBERS
> instead of selecting it.
>
> After this, one can safely enable CONFIG_KUNIT_ALL_TESTS=m to build
> modules for all appropriate tests for ones system, without pulling in
> extra unwanted functionality, while still allowing a tester to manually
> enable PRIME_NUMBERS and this test suite on a system where PRIME_NUMBERS
> is not enabled by default. Resurrect CONFIG_PRIME_NUMBERS=m in
> tools/testing/selftests/lib/config for the latter use case.
>
> [...]
Applied to for-linus/hardening, thanks!
[1/1] lib: PRIME_NUMBERS_KUNIT_TEST should not select PRIME_NUMBERS
https://git.kernel.org/kees/c/3f2925174f8b
Take care,
--
Kees Cook
