lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 21 Sep 2018 11:45:07 +0200
From:   Dmitry Vyukov <dvyukov@...gle.com>
To:     Andrey Ryabinin <aryabinin@...tuozzo.com>
Cc:     Andy Lutomirski <luto@...nel.org>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        Alexander Potapenko <glider@...gle.com>,
        Arnd Bergmann <arnd@...db.de>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>
Subject: Re: [PATCH] framewarn: expand KASAN_EXTRA exception to KASAN

On Fri, Sep 21, 2018 at 11:25 AM, Andrey Ryabinin
<aryabinin@...tuozzo.com> wrote:
> On 09/21/2018 04:50 AM, Andy Lutomirski wrote:
>> This patch seems reasonable, but you emailed the wrong people :)
>>
>> On Thu, Sep 20, 2018 at 5:15 PM Jason A. Donenfeld <Jason@...c4.com> wrote:
>>>
>>> It turns out that KASAN in general will bloat stack frames in unexpected
>>> ways, not just KASAN_EXTRA. So, this patch trivially changes that
>>> default to be associated with KASAN instead of KASAN_EXTRA.
>>>
>
> KASAN_EXTRA bloats stack more than just KASAN, that's why the limit is higher than just for KASAN.
> If want more details, tead the changelog from commit e7c52b84fb18f08ce49b6067ae6285aca79084a8
>
> If anything causes "stack frame > 2048" warning for KASAN we should at least try to fix it,
> I mean reduce stack usage.


+Nick who is also hitting these warnings on clang/arm64 build. As far
as I understand the situation there is much worse.

I would be good to understand/fix the worst offenders. But the stack
size increase with KASAN is a real, inherent thing. So if we live very
close the edge, we can get people using different compilers and/or
versions of compilers constantly breaking each other. And clang hits
this warnings in lots of places today just because the current code
was tailored to gcc over long period, i.e. allowing more locals where
gcc happened to handle that better and having fewer locals where gcc
happened to handle it worse. But for another compiler all these
assumptions are significantly perturbed.

Nick, do you know what frame size limit eliminates the bulk of
warnings on clang? Is 3072 a reasonable limit allowing to fix the
remaining outliners?


>>> Signed-off-by: Jason A. Donenfeld <Jason@...c4.com>
>>> ---
>>>  lib/Kconfig.debug | 2 +-
>>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
>>> index 4966c4fbe7f7..39078a080e29 100644
>>> --- a/lib/Kconfig.debug
>>> +++ b/lib/Kconfig.debug
>>> @@ -222,7 +222,7 @@ config ENABLE_MUST_CHECK
>>>  config FRAME_WARN
>>>         int "Warn for stack frames larger than (needs gcc 4.4)"
>>>         range 0 8192
>>> -       default 3072 if KASAN_EXTRA
>>> +       default 3072 if KASAN
>>>         default 2048 if GCC_PLUGIN_LATENT_ENTROPY
>>>         default 1280 if (!64BIT && PARISC)
>>>         default 1024 if (!64BIT && !PARISC)
>>> --
>>> 2.19.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ