lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 28 Oct 2021 13:15:26 -0700
From:   Andrew Morton <akpm@...ux-foundation.org>
To:     Kees Cook <keescook@...omium.org>
Cc:     Vincenzo Frascino <vincenzo.frascino@....com>,
        Arnd Bergmann <arnd@...nel.org>,
        linux-hardening@...r.kernel.org, Kees Cook <keescook@...mium.org>,
        Andrey Ryabinin <ryabinin.a.a@...il.com>,
        Alexander Potapenko <glider@...gle.com>,
        Andrey Konovalov <andreyknvl@...il.com>,
        Dmitry Vyukov <dvyukov@...gle.com>, kasan-dev@...glegroups.com,
        Arnd Bergmann <arnd@...db.de>, Marco Elver <elver@...gle.com>,
        Catalin Marinas <catalin.marinas@....com>,
        Peter Collingbourne <pcc@...gle.com>,
        Patricia Alfonso <trishalfonso@...gle.com>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] kasan: test: use underlying string helpers

On Thu, 14 Oct 2021 19:40:45 -0700 Kees Cook <keescook@...omium.org> wrote:

> 
> 
> On October 14, 2021 1:12:54 AM PDT, Vincenzo Frascino <vincenzo.frascino@....com> wrote:
> >
> >
> >On 10/13/21 5:00 PM, Arnd Bergmann wrote:
> >> From: Arnd Bergmann <arnd@...db.de>
> >> 
> >> Calling memcmp() and memchr() with an intentional buffer overflow
> >> is now caught at compile time:
> >> 
> >> In function 'memcmp',
> >>     inlined from 'kasan_memcmp' at lib/test_kasan.c:897:2:
> >> include/linux/fortify-string.h:263:25: error: call to '__read_overflow' declared with attribute error: detected read beyond size of object (1st parameter)
> >>   263 |                         __read_overflow();
> >>       |                         ^~~~~~~~~~~~~~~~~
> >> In function 'memchr',
> >>     inlined from 'kasan_memchr' at lib/test_kasan.c:872:2:
> >> include/linux/fortify-string.h:277:17: error: call to '__read_overflow' declared with attribute error: detected read beyond size of object (1st parameter)
> >>   277 |                 __read_overflow();
> >>       |                 ^~~~~~~~~~~~~~~~~
> >> 
> >> Change the kasan tests to wrap those inside of a noinline function
> >> to prevent the compiler from noticing the bug and let kasan find
> >> it at runtime.
> >> 
> >> Signed-off-by: Arnd Bergmann <arnd@...db.de>
> >
> >Reviewed-by: Vincenzo Frascino <vincenzo.frascino@....com>
> 
> How about just explicitly making the size invisible to the compiler?
> 
> I did this for similar issues in the same source:
> 
> https://lore.kernel.org/linux-hardening/20211006181544.1670992-1-keescook@chromium.org/T/#u
> 

Arnd?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ