lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240411-fix-ubsan-in-hardening-config-v1-0-e0177c80ffaa@kernel.org>
Date: Thu, 11 Apr 2024 11:11:05 -0700
From: Nathan Chancellor <nathan@...nel.org>
To: keescook@...omium.org
Cc: gustavoars@...nel.org, justinstitt@...gle.com, 
 linux-hardening@...r.kernel.org, patches@...ts.linux.dev, 
 Nathan Chancellor <nathan@...nel.org>
Subject: [PATCH 0/2] configs/hardening: Some fixes for UBSAN

Hi all,

This series was spurred by a couple of recent UBSAN reports in our
continuous integration that appear to be related to
CONFIG_UBSAN_SIGNED_WRAP (which gets enabled with hardening.config due
to 'default UBSAN'), as they only appear with clang-19 and newer:

  https://github.com/ClangBuiltLinux/continuous-integration2/actions/runs/8646488985/job/23709324479#step:6:500
  https://github.com/ClangBuiltLinux/continuous-integration2/actions/runs/8646488985/job/23709330815#step:6:651

I'll include the information that I have gathered so far on these
specific instances below but I think that it is debatable whether
CONFIG_UBSAN_SIGNED_WRAP should be enabled by hardening.config at this
point in time, as it does not seem "production ready" to me, given that
there has not been many resources towards getting the majority of
instances cleaned up yet from what I can tell. This is particularly
problematic since hardening.config enables CONFIG_UBSAN_TRAP, so all
instances of this problem will break the kernel at runtime, which does
not seem great to me, hence patch 2. Patch 1 seems rather
uncontroversial to me :)

As for the actual crash itself, which seems like it should still be
addressed, I landed on commit 1211f3b21c2a ("workqueue: Preserve OFFQ
bits in cancel[_sync] paths") in -next for both crashes. Not immediately
obvious to me what it is complaining about though.

  [    0.000000] Linux version 6.9.0-rc1-00001-g1211f3b21c2a (nathan@...-arch.thelio-3990X) (ClangBuiltLinux clang version 19.0.0git (https://github.com/llvm/llvm-project be10070f91b86a6f126d2451852242bfcb2cd366), ClangBuiltLinux LLD 19.0.0) #1 SMP PREEMPT Thu Apr 11 11:02:26 MST 2024
  ...
  [    0.189542] Internal error: UBSAN: unrecognized failure code: 00000000f2005515 [#1] PREEMPT SMP
  [    0.193125] Modules linked in:
  [    0.193865] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.9.0-rc1-00001-g1211f3b21c2a #1
  [    0.194185] Hardware name: linux,dummy-virt (DT)
  [    0.194464] pstate: 010000c9 (nzcv daIF -PAN -UAO -TCO +DIT -SSBS BTYPE=--)
  [    0.194778] pc : cancel_delayed_work+0x54/0x94
  [    0.195742] lr : cancel_delayed_work+0x40/0x94
  [    0.195877] sp : ffff80008000ba30
  [    0.195990] x29: ffff80008000ba40 x28: 0000000000000000 x27: 0000000000000000
  [    0.196315] x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000
  [    0.196528] x23: ffff9ce4d84ac000 x22: 0000000000000000 x21: fff000000294b480
  [    0.196746] x20: ffff9ce4d8c5e000 x19: ffff9ce4d8b28c30 x18: ffff80008000d058
  [    0.196955] x17: 0000000000000000 x16: 0000000000000000 x15: dead000000000100
  [    0.197173] x14: 0000000000000001 x13: 0000000000000075 x12: 00000a0000000000
  [    0.197383] x11: fff0000002b10018 x10: 0008b1020000f0ff x9 : 7058149bb97ccd00
  [    0.197619] x8 : 00000000000000e1 x7 : 3d4d455453595342 x6 : 000000004e514553
  [    0.197828] x5 : fff0000002b1026b x4 : fff000001fbdaef0 x3 : 0000000000003400
  [    0.198038] x2 : ffff80008000ba30 x1 : 0000000000000000 x0 : 0000000000000000
  [    0.198326] Call trace:
  [    0.198544]  cancel_delayed_work+0x54/0x94
  [    0.198810]  deferred_probe_extend_timeout+0x20/0x6c
  [    0.198988]  driver_register+0xa8/0x10c
  [    0.199122]  __platform_driver_register+0x28/0x38
  [    0.199258]  tegra194_cbb_init+0x24/0x34
  [    0.199393]  do_one_initcall+0xec/0x2d0
  [    0.199543]  do_initcall_level+0xa4/0xd0
  [    0.199663]  do_initcalls+0x78/0xcc
  [    0.199770]  do_basic_setup+0x24/0x34
  [    0.199880]  kernel_init_freeable+0x110/0x180
  [    0.200014]  kernel_init+0x28/0x1b8
  [    0.200123]  ret_from_fork+0x10/0x20
  [    0.200547] Code: 54ffff60 37f80080 39400268 371001c8 (d42aa2a0) 
  [    0.200996] ---[ end trace 0000000000000000 ]---

---
Nathan Chancellor (2):
      configs/hardening: Fix disabling UBSAN configurations
      configs/hardening: Disable CONFIG_UBSAN_SIGNED_WRAP

 kernel/configs/hardening.config | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)
---
base-commit: fec50db7033ea478773b159e0e2efb135270e3b7
change-id: 20240410-fix-ubsan-in-hardening-config-92f66df06c4e

Best regards,
-- 
Nathan Chancellor <nathan@...nel.org>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ