lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <202210182237.C65BCCE2@keescook>
Date:   Tue, 18 Oct 2022 22:45:05 -0700
From:   Kees Cook <keescook@...omium.org>
To:     David Gow <davidgow@...gle.com>
Cc:     linux-hardening@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] kunit/fortify: Validate __alloc_size attribute results

On Wed, Oct 19, 2022 at 11:35:40AM +0800, David Gow wrote:
> On Tue, Oct 18, 2022 at 4:27 PM Kees Cook <keescook@...omium.org> wrote:
> >
> > Validate the effect of the __alloc_size attribute on allocators. If the
> > compiler doesn't support __builtin_dynamic_object_size(), skip the test.
> >
> > Cc: linux-hardening@...r.kernel.org
> > Signed-off-by: Kees Cook <keescook@...omium.org>
> > ---
> > To pass this depends on the following patches:
> > https://lore.kernel.org/lkml/20221018073430.never.551-kees@kernel.org/
> > https://lore.kernel.org/lkml/20221018082232.never.213-kees@kernel.org/
> > To not be skipped, either GCC 12 or Clang is needed.
> > ---
> 
> While this _looks_ good, I can't actually get the tests to pass on my
> machine, with the following all having a
> __builtin_dynamic_object_size() of -1:
> - kmalloc_node(size++, gfp, NUMA_NO_NODE)
> - kzalloc(size++, gfp)
> - kzalloc_node(size++, gfp, NUMA_NO_NODE)
> - kcalloc(1, size++, gfp)
> - kcalloc_node(1, size++, gfp, NUMA_NO_NODE)
> - kmalloc_array(1, size++, gfp)
> - kmalloc_array_node(1, size++, gfp, NUMA_NO_NODE)
> 
> I've been using the following command to run the tests:
> ./tools/testing/kunit/kunit.py run --kconfig_add CONFIG_FORTIFY_SOURCE=y
> 
> And I've also tried it on x86_64 and arm64 under qemu, with both gcc
> 12.2.0 and clang 14.0.6-2, with the same failures.
> 
> Is there a dependency somewhere I've missed? (I've tried it on the
> ksefltest/kunit branch, with the mentioned dependencies applied, and
> also on your for-next/hardening branch, with the missing patches
> applied.)

I would expect this to pass with v6.1-rc1 when used with the above two
patches added, but it seems those _did_ pass, but not the k*alloc()
helpers for you? That is curious. Here's my testing:

$ ./tools/testing/kunit/kunit.py run --arch x86_64 \
	--kconfig_add CONFIG_FORTIFY_SOURCE=y --make_options LLVM=1 fortify
...
[22:43:32] =================== fortify (3 subtests) ===================
[22:43:32] [PASSED] known_sizes_test
[22:43:32] [PASSED] control_flow_split_test
[22:43:32] [PASSED] alloc_size_test
[22:43:32] ===================== [PASSED] fortify =====================
[22:43:32] ============================================================
[22:43:32] Testing complete. Ran 3 tests: passed: 3
[22:43:32] Elapsed time: 33.210s total, 3.369s configuring, 28.367s
building, 0.799s running

$ clang --version
ClangBuiltLinux clang version 16.0.0 (https://github.com/llvm/llvm-project.git 3291eac12340f465084f347720d99352241f621c)


-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ