| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240415183454.GB1011455@dev-arch.thelio-3990X>
Date: Mon, 15 Apr 2024 11:34:54 -0700
From: Nathan Chancellor <nathan@...nel.org>
To: Kees Cook <keescook@...omium.org>
Cc: Marco Elver <elver@...gle.com>, Justin Stitt <justinstitt@...gle.com>,
Andrey Konovalov <andreyknvl@...il.com>,
Andrey Ryabinin <ryabinin.a.a@...il.com>,
Andrew Morton <akpm@...ux-foundation.org>,
kasan-dev@...glegroups.com, linux-hardening@...r.kernel.org,
Nick Desaulniers <ndesaulniers@...gle.com>,
Bill Wendling <morbo@...gle.com>, linux-kernel@...r.kernel.org,
llvm@...ts.linux.dev
Subject: Re: [PATCH] ubsan: Add awareness of signed integer overflow traps
On Mon, Apr 15, 2024 at 11:28:35AM -0700, Kees Cook wrote:
> On arm64, UBSAN traps can be decoded from the trap instruction. Add the
> add, sub, and mul overflow trap codes now that CONFIG_UBSAN_SIGNED_WRAP
> exists. Seen under clang 19:
>
> Internal error: UBSAN: unrecognized failure code: 00000000f2005515 [#1] PREEMPT SMP
>
> Reported-by: Nathan Chancellor <nathan@...nel.org>
> Closes: https://lore.kernel.org/lkml/20240411-fix-ubsan-in-hardening-config-v1-0-e0177c80ffaa@kernel.org
> Fixes: 557f8c582a9b ("ubsan: Reintroduce signed overflow sanitizer")
> Signed-off-by: Kees Cook <keescook@...omium.org>
As I mentioned, CONFIG_UBSAN_SIGNED_INTEGER_WRAP needs to be
CONFIG_UBSAN_SIGNED_WRAP. I applied this change with that fix up and the
warning now becomes:
Internal error: UBSAN: integer subtraction overflow: 00000000f2005515 [#1] PREEMPT SMP
So:
Tested-by: Nathan Chancellor <nathan@...nel.org>
> ---
> Cc: Marco Elver <elver@...gle.com>
> Cc: Justin Stitt <justinstitt@...gle.com>
> Cc: Andrey Konovalov <andreyknvl@...il.com>
> Cc: Andrey Ryabinin <ryabinin.a.a@...il.com>
> Cc: Andrew Morton <akpm@...ux-foundation.org>
> Cc: kasan-dev@...glegroups.com
> Cc: linux-hardening@...r.kernel.org
> ---
> lib/ubsan.c | 18 ++++++++++++++++--
> 1 file changed, 16 insertions(+), 2 deletions(-)
>
> diff --git a/lib/ubsan.c b/lib/ubsan.c
> index 5fc107f61934..ad32beb8c058 100644
> --- a/lib/ubsan.c
> +++ b/lib/ubsan.c
> @@ -44,9 +44,10 @@ const char *report_ubsan_failure(struct pt_regs *regs, u32 check_type)
> case ubsan_shift_out_of_bounds:
> return "UBSAN: shift out of bounds";
> #endif
> -#ifdef CONFIG_UBSAN_DIV_ZERO
> +#if defined(CONFIG_UBSAN_DIV_ZERO) || defined(CONFIG_UBSAN_SIGNED_INTEGER_WRAP)
> /*
> - * SanitizerKind::IntegerDivideByZero emits
> + * SanitizerKind::IntegerDivideByZero and
> + * SanitizerKind::SignedIntegerOverflow emit
> * SanitizerHandler::DivremOverflow.
> */
> case ubsan_divrem_overflow:
> @@ -77,6 +78,19 @@ const char *report_ubsan_failure(struct pt_regs *regs, u32 check_type)
> return "UBSAN: alignment assumption";
> case ubsan_type_mismatch:
> return "UBSAN: type mismatch";
> +#endif
> +#ifdef CONFIG_UBSAN_SIGNED_INTEGER_WRAP
> + /*
> + * SanitizerKind::SignedIntegerOverflow emits
> + * SanitizerHandler::AddOverflow, SanitizerHandler::SubOverflow,
> + * or SanitizerHandler::MulOverflow.
> + */
> + case ubsan_add_overflow:
> + return "UBSAN: integer addition overflow";
> + case ubsan_sub_overflow:
> + return "UBSAN: integer subtraction overflow";
> + case ubsan_mul_overflow:
> + return "UBSAN: integer multiplication overflow";
> #endif
> default:
> return "UBSAN: unrecognized failure code";
> --
> 2.34.1
>
Powered by blists - more mailing lists