| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 29 Jan 2021 13:29:20 -0800
From: Brendan Higgins <brendanhiggins@...gle.com>
To: Kees Cook <keescook@...omium.org>
Cc: Arnd Bergmann <arnd@...nel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Arnd Bergmann <arnd@...db.de>,
Shuah Khan <skhan@...uxfoundation.org>,
Geert Uytterhoeven <geert+renesas@...der.be>,
Alan Maguire <alan.maguire@...cle.com>,
Dmitry Torokhov <dmitry.torokhov@...il.com>,
Mika Westerberg <mika.westerberg@...ux.intel.com>,
Vitor Massaru Iha <vitor@...saru.org>,
linux-hardening@...r.kernel.org,
"open list:KERNEL SELFTEST FRAMEWORK"
<linux-kselftest@...r.kernel.org>,
KUnit Development <kunit-dev@...glegroups.com>
Subject: Re: [RFC 0/3] kunit vs structleak
On Wed, Jan 27, 2021 at 12:15 PM Kees Cook <keescook@...omium.org> wrote:
>
> On Mon, Jan 25, 2021 at 01:45:25PM +0100, Arnd Bergmann wrote:
> > From: Arnd Bergmann <arnd@...db.de>
> >
> > I ran into a couple of problems with kunit tests taking too much stack
> > space, sometimes dangerously so. These the the three instances that
> > cause an increase over the warning limit of some architectures:
> >
> > lib/bitfield_kunit.c:93:1: error: the frame size of 7440 bytes is larger than 2048 bytes [-Werror=frame-larger-than=]
> > drivers/base/test/property-entry-test.c:481:1: error: the frame size of 2640 bytes is larger than 2048 bytes [-Werror=frame-larger-than=]
> > drivers/thunderbolt/test.c:1529:1: error: the frame size of 1176 bytes is larger than 1024 bytes [-Werror=frame-larger-than=]
> >
> > Ideally there should be a way to rewrite the kunit infrastructure
> > that avoids the explosion of stack data when the structleak plugin
> > is used.
> >
> > A rather drastic measure would be to use Kconfig logic to make
> > the two options mutually exclusive. This would clearly work, but
> > is probably not needed.
> >
> > As a simpler workaround, this disables the plugin for the three
> > files in which the excessive stack usage was observed.
> >
> > Arnd
> >
> > Arnd Bergmann (3):
> > bitfield: build kunit tests without structleak plugin
> > drivers/base: build kunit tests without structleak plugin
> > thunderbolt: build kunit tests without structleak plugin
> >
> > drivers/base/test/Makefile | 1 +
> > drivers/thunderbolt/Makefile | 1 +
> > lib/Makefile | 1 +
> > 3 files changed, 3 insertions(+)
>
> I think I'd prefer centralizing the disabling, as done with the other
> plugins, instead of sprinkling "open coded" command-line options around
> the kernel's Makefiles. :)
>
> For example:
>
>
> diff --git a/scripts/Makefile.gcc-plugins b/scripts/Makefile.gcc-plugins
> index 952e46876329..2d5009e3b593 100644
> --- a/scripts/Makefile.gcc-plugins
> +++ b/scripts/Makefile.gcc-plugins
> @@ -21,6 +21,10 @@ gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL) \
> += -fplugin-arg-structleak_plugin-byref-all
> gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STRUCTLEAK) \
> += -DSTRUCTLEAK_PLUGIN
> +ifdef CONFIG_GCC_PLUGIN_STRUCTLEAK
> + DISABLE_STRUCTLEAK_PLUGIN += -fplugin-arg-structleak_plugin-disable
> +endif
> +export DISABLE_STRUCTLEAK_PLUGIN
>
> gcc-plugin-$(CONFIG_GCC_PLUGIN_RANDSTRUCT) += randomize_layout_plugin.so
> gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_RANDSTRUCT) \
>
>
> And then use DISABLE_STRUCTLEAK_PLUGIN.
This looks fine to me. Does somebody want me to send this out as a
patch? Don't want to steal anyone's thunder :-)
Powered by blists - more mailing lists