| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <168669e65cff4bc1b2fbed842cea5dec@AcuMS.aculab.com>
Date: Fri, 8 Dec 2017 11:14:34 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Andrey Ryabinin' <aryabinin@...tuozzo.com>,
Andrew Morton <akpm@...ux-foundation.org>
CC: Ding Tianhong <dingtianhong@...wei.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
LinuxArm <linuxarm@...wei.com>
Subject: RE: [PATCH v2] ubsan: don't handle misaligned address when support
unaligned access
From: Andrey Ryabinin
> Sent: 08 December 2017 10:49
...
> CONFIG_UBSAN_ALIGNMENT is already disabled by default for HAVE_EFFICIENT_UNALIGNED_ACCESS=y because it's noisy,
> but we still allow users to enable it if they want to.
>
> I don't think we should completely forbid enabling it for HAVE_EFFICIENT_UNALIGNED_ACCESS=y.
> Unaligned access is still a bug in non-arch code and outside of sections like #ifdef HAVE_EFFICIENT_UNALIGNED_ACCESS .. #endif .
Don't think so.
Code that knows that unaligned accesses don't fault can set up pointers
that non-arch code dereferences.
Happens all the time in the networking stack.
...
> And one day, GCC might start doing optimizations based on this, e.g.:
>
> u64 *ptr;
> ...
> x = *ptr;
> ...
> if (ptr & 7) // Compiler can assume that this statement is always false, because 'ptr' was deferenced, so it must be aligned
> do_something();
Ugg - shoot the gcc developers :-)
David
Powered by blists - more mailing lists