| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 14 May 2016 11:30:16 +0800 From: Chen Gang <chengang@...ndsoft.com.cn> To: Alexander Potapenko <glider@...gle.com> CC: Dmitry Vyukov <dvyukov@...gle.com>, Andrew Morton <akpm@...ux-foundation.org>, Andrey Ryabinin <aryabinin@...tuozzo.com>, kasan-dev <kasan-dev@...glegroups.com>, LKML <linux-kernel@...r.kernel.org>, "linux-mm@...ck.org" <linux-mm@...ck.org>, Chen Gang <gang.chen.5i5j@...il.com> Subject: Re: [PATCH] mm/kasan/kasan.h: Fix boolean checking issue for kasan_report_enabled() Hello all: Shall I send patch v2 for it? (if really need, please let me know, and I shall try). Default, I shall continue to try to find and send another patches for mm in "include/linux/*.h". Thanks. On 5/3/16 00:38, Chen Gang wrote: > On 5/3/16 00:23, Chen Gang wrote: >> On 5/2/16 23:35, Alexander Potapenko wrote: >>> On Mon, May 2, 2016 at 5:13 PM, Chen Gang <chengang@...ndsoft.com.cn> wrote: >>>> >>>> OK. But it does not look quite easy to use kasan_disable_current() for >>>> INIT_KASAN which is used in INIT_TASK. >>>> >>>> If we have to set "kasan_depth == 1", we have to use kasan_depth-- in >>>> kasan_enable_current(). >>> Agreed, decrementing the counter in kasan_enable_current() is more natural. >>> I can fix this together with the comments. >> >> OK, thanks. And need I also send patch v2 for include/linux/kasan.h? (or >> you will fix them together). >> >>>> >>>> If we don't prevent the overflow, it will have negative effect with the >>>> caller. When we issue an warning, it means the caller's hope fail, but >>>> can not destroy the caller's original work. In our case: >>>> >>>> - Assume "kasan_depth-- for kasan_enable_current()", the first enable >>>> will let kasan_depth be 0. >>> Sorry, I'm not sure I follow. >>> If we start with kasan_depth=0 (which is the default case for every >>> task except for the init, which also gets kasan_depth=0 short after >>> the kernel starts), >>> then the first call to kasan_disable_current() will make kasan_depth >>> nonzero and will disable KASAN. >>> The subsequent call to kasan_enable_current() will enable KASAN back. >>> >>> There indeed is a problem when someone calls kasan_enable_current() >>> without previously calling kasan_disable_current(). >>> In this case we need to check that kasan_depth was zero and print a >>> warning if it was. >>> It actually does not matter whether we modify kasan_depth after that >>> warning or not, because we are already in inconsistent state. >>> But I think we should modify kasan_depth anyway to ease the debugging. >>> > > Oh, sorry, I forgot one of our original discussing content: > > - If we use signed int kasan_depth, and kasan_depth <= 0 means enable, I > guess, we can always modify kasan_depth. > > - When overflow/underflow (singed int overflow), we can use BUG_ON(), > since it should be rarely happen. > > Thanks. > >> >> For me, BUG_ON() will be better for debugging, but it is really not well >> for using. For WARN_ON(), it already print warnings, so I am not quite >> sure "always modifying kasan_depth will be ease the debugging". >> >> When we are in inconsistent state, for me, what we can do is: >> >> - Still try to do correct things within our control: "when the caller >> make a mistake, if kasan_enable_current() notices about it, it need >> issue warning, and prevent itself to make mistake (causing disable). >> >> - "try to let negative effect smaller to user", e.g. let users "loose >> hope" (call enable has no effect) instead of destroying users' >> original work (call enable, but get disable). >> >> Thanks. >> > -- Chen Gang (陈刚) Managing Natural Environments is the Duty of Human Beings.
Powered by blists - more mailing lists