lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <201806210451.tOaA22Qm%fengguang.wu@intel.com>
Date:   Thu, 21 Jun 2018 04:36:48 +0800
From:   kbuild test robot <lkp@...el.com>
To:     Andrey Konovalov <andreyknvl@...gle.com>
Cc:     kbuild-all@...org, Andrey Ryabinin <aryabinin@...tuozzo.com>,
        Alexander Potapenko <glider@...gle.com>,
        Dmitry Vyukov <dvyukov@...gle.com>,
        Catalin Marinas <catalin.marinas@....com>,
        Will Deacon <will.deacon@....com>,
        Christoph Lameter <cl@...ux.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Mark Rutland <mark.rutland@....com>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Marc Zyngier <marc.zyngier@....com>,
        Dave Martin <dave.martin@....com>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        "Eric W . Biederman" <ebiederm@...ssion.com>,
        Ingo Molnar <mingo@...nel.org>,
        Paul Lawrence <paullawrence@...gle.com>,
        Geert Uytterhoeven <geert@...ux-m68k.org>,
        Arnd Bergmann <arnd@...db.de>,
        "Kirill A . Shutemov" <kirill.shutemov@...ux.intel.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Kate Stewart <kstewart@...uxfoundation.org>,
        Mike Rapoport <rppt@...ux.vnet.ibm.com>,
        kasan-dev@...glegroups.com, linux-doc@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
        linux-sparse@...r.kernel.org, linux-mm@...ck.org,
        linux-kbuild@...r.kernel.org, Kostya Serebryany <kcc@...gle.com>,
        Evgeniy Stepanov <eugenis@...gle.com>,
        Lee Smith <Lee.Smith@....com>,
        Ramana Radhakrishnan <Ramana.Radhakrishnan@....com>,
        Jacob Bramley <Jacob.Bramley@....com>,
        Ruben Ayrapetyan <Ruben.Ayrapetyan@....com>,
        Jann Horn <jannh@...gle.com>,
        Mark Brand <markbrand@...gle.com>,
        Chintan Pandya <cpandya@...eaurora.org>,
        Andrey Konovalov <andreyknvl@...gle.com>
Subject: Re: [PATCH v3 02/17] khwasan: move common kasan and khwasan code to
 common.c

Hi Andrey,

Thank you for the patch! Yet something to improve:

[auto build test ERROR on mmotm/master]
[also build test ERROR on v4.18-rc1 next-20180620]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]

url:    https://github.com/0day-ci/linux/commits/Andrey-Konovalov/khwasan-kernel-hardware-assisted-address-sanitizer/20180621-035912
base:   git://git.cmpxchg.org/linux-mmotm.git master
config: x86_64-randconfig-x011-201824 (attached as .config)
compiler: gcc-7 (Debian 7.3.0-16) 7.3.0
reproduce:
        # save the attached .config to linux build tree
        make ARCH=x86_64 

Note: the linux-review/Andrey-Konovalov/khwasan-kernel-hardware-assisted-address-sanitizer/20180621-035912 HEAD 0e30ed7118e854b38bb6ab96365e7c74a2518290 builds fine.
      It only hurts bisectibility.

All errors (new ones prefixed by >>):

>> mm//kasan/report.c:42:20: error: conflicting types for 'find_first_bad_addr'
    static const void *find_first_bad_addr(const void *addr, size_t size)
                       ^~~~~~~~~~~~~~~~~~~
   In file included from mm//kasan/report.c:33:0:
   mm//kasan/kasan.h:130:7: note: previous declaration of 'find_first_bad_addr' was here
    void *find_first_bad_addr(void *addr, size_t size);
          ^~~~~~~~~~~~~~~~~~~
>> mm//kasan/report.c:54:13: error: conflicting types for 'addr_has_shadow'
    static bool addr_has_shadow(struct kasan_access_info *info)
                ^~~~~~~~~~~~~~~
   In file included from mm//kasan/report.c:33:0:
   mm//kasan/kasan.h:120:20: note: previous definition of 'addr_has_shadow' was here
    static inline bool addr_has_shadow(const void *addr)
                       ^~~~~~~~~~~~~~~
   mm//kasan/report.c: In function 'get_shadow_bug_type':
   mm//kasan/report.c:86:2: error: duplicate case value
     case KASAN_KMALLOC_REDZONE:
     ^~~~
   mm//kasan/report.c:85:2: note: previously used here
     case KASAN_PAGE_REDZONE:
     ^~~~
   mm//kasan/report.c:98:2: error: duplicate case value
     case KASAN_FREE_PAGE:
     ^~~~
   mm//kasan/report.c:85:2: note: previously used here
     case KASAN_PAGE_REDZONE:
     ^~~~
   mm//kasan/report.c:99:2: error: duplicate case value
     case KASAN_KMALLOC_FREE:
     ^~~~
   mm//kasan/report.c:85:2: note: previously used here
     case KASAN_PAGE_REDZONE:
     ^~~~
   mm//kasan/report.c: At top level:
>> mm//kasan/report.c:128:20: error: static declaration of 'get_bug_type' follows non-static declaration
    static const char *get_bug_type(struct kasan_access_info *info)
                       ^~~~~~~~~~~~
   In file included from mm//kasan/report.c:33:0:
   mm//kasan/kasan.h:131:13: note: previous declaration of 'get_bug_type' was here
    const char *get_bug_type(struct kasan_access_info *info);
                ^~~~~~~~~~~~

vim +/find_first_bad_addr +42 mm//kasan/report.c

0b24becc Andrey Ryabinin  2015-02-13   41  
0b24becc Andrey Ryabinin  2015-02-13  @42  static const void *find_first_bad_addr(const void *addr, size_t size)
0b24becc Andrey Ryabinin  2015-02-13   43  {
0b24becc Andrey Ryabinin  2015-02-13   44  	u8 shadow_val = *(u8 *)kasan_mem_to_shadow(addr);
0b24becc Andrey Ryabinin  2015-02-13   45  	const void *first_bad_addr = addr;
0b24becc Andrey Ryabinin  2015-02-13   46  
0b24becc Andrey Ryabinin  2015-02-13   47  	while (!shadow_val && first_bad_addr < addr + size) {
0b24becc Andrey Ryabinin  2015-02-13   48  		first_bad_addr += KASAN_SHADOW_SCALE_SIZE;
0b24becc Andrey Ryabinin  2015-02-13   49  		shadow_val = *(u8 *)kasan_mem_to_shadow(first_bad_addr);
0b24becc Andrey Ryabinin  2015-02-13   50  	}
0b24becc Andrey Ryabinin  2015-02-13   51  	return first_bad_addr;
0b24becc Andrey Ryabinin  2015-02-13   52  }
0b24becc Andrey Ryabinin  2015-02-13   53  
5e82cd12 Andrey Konovalov 2017-05-03  @54  static bool addr_has_shadow(struct kasan_access_info *info)
5e82cd12 Andrey Konovalov 2017-05-03   55  {
5e82cd12 Andrey Konovalov 2017-05-03   56  	return (info->access_addr >=
5e82cd12 Andrey Konovalov 2017-05-03   57  		kasan_shadow_to_mem((void *)KASAN_SHADOW_START));
5e82cd12 Andrey Konovalov 2017-05-03   58  }
5e82cd12 Andrey Konovalov 2017-05-03   59  
5e82cd12 Andrey Konovalov 2017-05-03   60  static const char *get_shadow_bug_type(struct kasan_access_info *info)
0b24becc Andrey Ryabinin  2015-02-13   61  {
0952d87f Andrey Konovalov 2015-11-05   62  	const char *bug_type = "unknown-crash";
cdf6a273 Andrey Konovalov 2015-11-05   63  	u8 *shadow_addr;
0b24becc Andrey Ryabinin  2015-02-13   64  
0b24becc Andrey Ryabinin  2015-02-13   65  	info->first_bad_addr = find_first_bad_addr(info->access_addr,
0b24becc Andrey Ryabinin  2015-02-13   66  						info->access_size);
0b24becc Andrey Ryabinin  2015-02-13   67  
cdf6a273 Andrey Konovalov 2015-11-05   68  	shadow_addr = (u8 *)kasan_mem_to_shadow(info->first_bad_addr);
0b24becc Andrey Ryabinin  2015-02-13   69  
cdf6a273 Andrey Konovalov 2015-11-05   70  	/*
cdf6a273 Andrey Konovalov 2015-11-05   71  	 * If shadow byte value is in [0, KASAN_SHADOW_SCALE_SIZE) we can look
cdf6a273 Andrey Konovalov 2015-11-05   72  	 * at the next shadow byte to determine the type of the bad access.
cdf6a273 Andrey Konovalov 2015-11-05   73  	 */
cdf6a273 Andrey Konovalov 2015-11-05   74  	if (*shadow_addr > 0 && *shadow_addr <= KASAN_SHADOW_SCALE_SIZE - 1)
cdf6a273 Andrey Konovalov 2015-11-05   75  		shadow_addr++;
cdf6a273 Andrey Konovalov 2015-11-05   76  
cdf6a273 Andrey Konovalov 2015-11-05   77  	switch (*shadow_addr) {
0952d87f Andrey Konovalov 2015-11-05   78  	case 0 ... KASAN_SHADOW_SCALE_SIZE - 1:
cdf6a273 Andrey Konovalov 2015-11-05   79  		/*
cdf6a273 Andrey Konovalov 2015-11-05   80  		 * In theory it's still possible to see these shadow values
cdf6a273 Andrey Konovalov 2015-11-05   81  		 * due to a data race in the kernel code.
cdf6a273 Andrey Konovalov 2015-11-05   82  		 */
0952d87f Andrey Konovalov 2015-11-05   83  		bug_type = "out-of-bounds";
b8c73fc2 Andrey Ryabinin  2015-02-13   84  		break;
0316bec2 Andrey Ryabinin  2015-02-13   85  	case KASAN_PAGE_REDZONE:
0316bec2 Andrey Ryabinin  2015-02-13   86  	case KASAN_KMALLOC_REDZONE:
0952d87f Andrey Konovalov 2015-11-05   87  		bug_type = "slab-out-of-bounds";
0952d87f Andrey Konovalov 2015-11-05   88  		break;
bebf56a1 Andrey Ryabinin  2015-02-13   89  	case KASAN_GLOBAL_REDZONE:
0952d87f Andrey Konovalov 2015-11-05   90  		bug_type = "global-out-of-bounds";
0b24becc Andrey Ryabinin  2015-02-13   91  		break;
c420f167 Andrey Ryabinin  2015-02-13   92  	case KASAN_STACK_LEFT:
c420f167 Andrey Ryabinin  2015-02-13   93  	case KASAN_STACK_MID:
c420f167 Andrey Ryabinin  2015-02-13   94  	case KASAN_STACK_RIGHT:
c420f167 Andrey Ryabinin  2015-02-13   95  	case KASAN_STACK_PARTIAL:
0952d87f Andrey Konovalov 2015-11-05   96  		bug_type = "stack-out-of-bounds";
0952d87f Andrey Konovalov 2015-11-05   97  		break;
0952d87f Andrey Konovalov 2015-11-05   98  	case KASAN_FREE_PAGE:
0952d87f Andrey Konovalov 2015-11-05  @99  	case KASAN_KMALLOC_FREE:
0952d87f Andrey Konovalov 2015-11-05  100  		bug_type = "use-after-free";
c420f167 Andrey Ryabinin  2015-02-13  101  		break;
828347f8 Dmitry Vyukov    2016-11-30  102  	case KASAN_USE_AFTER_SCOPE:
828347f8 Dmitry Vyukov    2016-11-30  103  		bug_type = "use-after-scope";
828347f8 Dmitry Vyukov    2016-11-30  104  		break;
342061ee Paul Lawrence    2018-02-06  105  	case KASAN_ALLOCA_LEFT:
342061ee Paul Lawrence    2018-02-06  106  	case KASAN_ALLOCA_RIGHT:
342061ee Paul Lawrence    2018-02-06  107  		bug_type = "alloca-out-of-bounds";
342061ee Paul Lawrence    2018-02-06  108  		break;
0b24becc Andrey Ryabinin  2015-02-13  109  	}
0b24becc Andrey Ryabinin  2015-02-13  110  
5e82cd12 Andrey Konovalov 2017-05-03  111  	return bug_type;
5e82cd12 Andrey Konovalov 2017-05-03  112  }
5e82cd12 Andrey Konovalov 2017-05-03  113  
822d5ec2 Colin Ian King   2017-07-10  114  static const char *get_wild_bug_type(struct kasan_access_info *info)
5e82cd12 Andrey Konovalov 2017-05-03  115  {
5e82cd12 Andrey Konovalov 2017-05-03  116  	const char *bug_type = "unknown-crash";
5e82cd12 Andrey Konovalov 2017-05-03  117  
5e82cd12 Andrey Konovalov 2017-05-03  118  	if ((unsigned long)info->access_addr < PAGE_SIZE)
5e82cd12 Andrey Konovalov 2017-05-03  119  		bug_type = "null-ptr-deref";
5e82cd12 Andrey Konovalov 2017-05-03  120  	else if ((unsigned long)info->access_addr < TASK_SIZE)
5e82cd12 Andrey Konovalov 2017-05-03  121  		bug_type = "user-memory-access";
5e82cd12 Andrey Konovalov 2017-05-03  122  	else
5e82cd12 Andrey Konovalov 2017-05-03  123  		bug_type = "wild-memory-access";
5e82cd12 Andrey Konovalov 2017-05-03  124  
5e82cd12 Andrey Konovalov 2017-05-03  125  	return bug_type;
5e82cd12 Andrey Konovalov 2017-05-03  126  }
5e82cd12 Andrey Konovalov 2017-05-03  127  
7d418f7b Andrey Konovalov 2017-05-03 @128  static const char *get_bug_type(struct kasan_access_info *info)
7d418f7b Andrey Konovalov 2017-05-03  129  {
7d418f7b Andrey Konovalov 2017-05-03  130  	if (addr_has_shadow(info))
7d418f7b Andrey Konovalov 2017-05-03  131  		return get_shadow_bug_type(info);
7d418f7b Andrey Konovalov 2017-05-03  132  	return get_wild_bug_type(info);
7d418f7b Andrey Konovalov 2017-05-03  133  }
7d418f7b Andrey Konovalov 2017-05-03  134  

:::::: The code at line 42 was first introduced by commit
:::::: 0b24becc810dc3be6e3f94103a866f214c282394 kasan: add kernel address sanitizer infrastructure

:::::: TO: Andrey Ryabinin <a.ryabinin@...sung.com>
:::::: CC: Linus Torvalds <torvalds@...ux-foundation.org>

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation

Download attachment ".config.gz" of type "application/gzip" (35183 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ