| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 Dec 2016 09:58:42 +0100
From: Dmitry Vyukov <dvyukov@...gle.com>
To: Maninder Singh <maninder1.s@...sung.com>
Cc: Andrey Ryabinin <aryabinin@...tuozzo.com>,
Alexander Potapenko <glider@...gle.com>,
Jonathan Corbet <corbet@....net>,
Michal Marek <mmarek@...e.com>,
Andrew Morton <akpm@...ux-foundation.org>,
kasan-dev <kasan-dev@...glegroups.com>,
linux-doc@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>,
"open list:KERNEL BUILD + fi..." <linux-kbuild@...r.kernel.org>,
PANKAJ MISHRA <pankaj.m@...sung.com>,
Ajeet Kumar Yadav <ajeet.y@...sung.com>,
Vaneet narang <v.narang@...sung.com>
Subject: Re: [PATCH v2] kasan: Support for r/w instrumentation control
On Tue, Dec 13, 2016 at 6:57 AM, Maninder Singh <maninder1.s@...sung.com> wrote:
> This provide option to control sanity of read and write operations
> Both read and write instrumentation increase size of uImage, So using
> this option read or write instrumentation can be avoided if not required.
> Useful in case of module sanity, using this uImage sanity can be avoided.
>
> Also user space ASAN provides this support for read/write instrumentation
> control.
>
> Signed-off-by: Vaneet narang <v.narang@...sung.com>
> Signed-off-by: Maninder Singh <maninder1.s@...sung.com>
> Reviewed-by: Ajeet Yadav <ajeet.y@...sung.com>
> ---
> v1 -> v2: Added Documentation for the same.
>
> Documentation/dev-tools/kasan.rst | 16 ++++++++++++++++
> lib/Kconfig.kasan | 16 ++++++++++++++++
> scripts/Makefile.kasan | 4 ++++
> 3 files changed, 36 insertions(+)
>
> diff --git a/Documentation/dev-tools/kasan.rst b/Documentation/dev-tools/kasan.rst
> index f7a18f2..b8147df 100644
> --- a/Documentation/dev-tools/kasan.rst
> +++ b/Documentation/dev-tools/kasan.rst
> @@ -40,6 +40,22 @@ similar to the following to the respective kernel Makefile:
>
> KASAN_SANITIZE := n
>
> +Control Over Read/Write Instrumentation of kernel::
double colon at the end of line
> +
> +- To Disable Read Instrumentation of kernel with:
Strange choice of capital letters.
> +
> + CONFIG_KASAN_READS = n
Are configs ever set to = n? I can't find any cases in my .config file.
I thought configs are disabled with:
# CONFIG_KASAN_READS is not set
> +
> +Because in some cases we need to check only memory write sanitization
> +for better performance, read instrumentation can be disabled.
> +
> +- To Disable Write Instrumentation of kernel with:
I am not a native speaker but this looks malformed.
I would say either "Disable write instrumentation of kernel with" or
"To disable write instrumentation of kernel set"
> + CONFIG_KASAN_WRITES = n
> +
> +In case when to instrument only external modules, not the entire kernel
> +for read or write intrumentation or both.
> +
I propose something along these lines:
--- a/Documentation/dev-tools/kasan.rst
+++ b/Documentation/dev-tools/kasan.rst
@@ -40,6 +40,14 @@ similar to the following to the respective kernel Makefile:
KASAN_SANITIZE := n
+Sometimes it may be useful to disable instrumentation of reads, or writes
+or both for the entire kernel. For example, if binary size is a concern,
+it may be useful to disable instrumentation of reads to reduce binary size but
+still catch more harmful bugs on writes. Or, if one is interested only in
+sanitization of a particular module and performance is a concern, she can
+disable instrumentation of both reads and writes for kernel code.
+Instrumentation can be disabled with CONFIG_KASAN_READS and
CONFIG_KASAN_WRITES.
+
Error reports
Powered by blists - more mailing lists