lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Mon, 20 Oct 2014 14:54:58 +0400
From:	Andrey Ryabinin <a.ryabinin@...sung.com>
To:	Andrew Morton <akpm@...ux-foundation.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>,
	"H. Peter Anvin" <hpa@...or.com>,
	Peter Zijlstra <peterz@...radead.org>,
	Michal Marek <mmarek@...e.cz>,
	Sasha Levin <sasha.levin@...cle.com>, x86@...nel.org,
	linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org
Cc:	Andrey Ryabinin <a.ryabinin@...sung.com>,
	Theodore Ts'o <tytso@....edu>,
	Andreas Dilger <adilger.kernel@...ger.ca>,
	Dmitry Vyukov <dvyukov@...gle.com>,
	Konstantin Khlebnikov <koct9i@...il.com>
Subject: [RFC] UBSan: run-time undefined behavior sanity checker

Hi

This is yet another sanitizer for linux kernel.

UBSan uses copile-time instumentation to catch undefined behavior (UB).
Compiler inserts code that perform certain kinds of
checks before operations that could cause UB.
If check fails (i.e. UB detected) __ubsan_handle_* function called.
to print error message.

Patch is also available via git:
	git://github.com/aryabinin/linux --branch ubsan/v1

GCC supports this since 4.9, however upcoming GCC 5.0 has
more checkers implemented.

Different kinds of checkers could be enabled via boot parameter:
ubsan_handle=OEAINVBSLF.
If ubsan_handle not present in cmdline default options are used: ELNVBSLF

	O - different kinds of overflows
	E - negation overflow, division overflow, division by zero.
	A - misaligned memory access.
	I - load from/store to an object with insufficient space.
	N - null argument declared with nonnull attribute,
		returned null from function which never returns null, null ptr dereference.
	V - variable size array with non-positive length
	B - out-of-bounds memory accesses.
	S - shifting out-of-bounds.
	L - load of invalid value (value out of range for the enum type, loading other then 0/1 to bool type)
	F - call to function through pointer with incorrect function type
		(AFAIK this is not implemented in gcc yet, probably works with clang,
		though I didn't check it).


Andrey Ryabinin (1):
  UBSan: run-time undefined behavior sanity checker

 Makefile                              |  12 +-
 arch/x86/Kconfig                      |   1 +
 arch/x86/boot/Makefile                |   1 +
 arch/x86/boot/compressed/Makefile     |   1 +
 arch/x86/realmode/rm/Makefile         |   1 +
 arch/x86/vdso/Makefile                |   2 +
 drivers/firmware/efi/libstub/Makefile |   1 +
 include/linux/sched.h                 |   4 +
 kernel/printk/Makefile                |   1 +
 lib/Kconfig.debug                     |  23 ++
 lib/Makefile                          |   3 +
 lib/ubsan.c                           | 559 ++++++++++++++++++++++++++++++++++
 lib/ubsan.h                           |  84 +++++
 scripts/Makefile.lib                  |   6 +
 14 files changed, 698 insertions(+), 1 deletion(-)
 create mode 100644 lib/ubsan.c
 create mode 100644 lib/ubsan.h

-- 
2.1.2

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists