lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 21 Sep 2018 10:59:07 -0700
From:   Nick Desaulniers <ndesaulniers@...gle.com>
To:     Dmitry Vyukov <dvyukov@...gle.com>
Cc:     Andrey Ryabinin <aryabinin@...tuozzo.com>, luto@...nel.org,
        Jason@...c4.com, Alexander Potapenko <glider@...gle.com>,
        Arnd Bergmann <arnd@...db.de>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] framewarn: expand KASAN_EXTRA exception to KASAN

On Fri, Sep 21, 2018 at 2:45 AM Dmitry Vyukov <dvyukov@...gle.com> wrote:
>
> On Fri, Sep 21, 2018 at 11:25 AM, Andrey Ryabinin
> <aryabinin@...tuozzo.com> wrote:
> > On 09/21/2018 04:50 AM, Andy Lutomirski wrote:
> >> This patch seems reasonable, but you emailed the wrong people :)
> >>
> >> On Thu, Sep 20, 2018 at 5:15 PM Jason A. Donenfeld <Jason@...c4.com> wrote:
> >>>
> >>> It turns out that KASAN in general will bloat stack frames in unexpected
> >>> ways, not just KASAN_EXTRA. So, this patch trivially changes that
> >>> default to be associated with KASAN instead of KASAN_EXTRA.
> >>>
> >
> > KASAN_EXTRA bloats stack more than just KASAN, that's why the limit is higher than just for KASAN.
> > If want more details, tead the changelog from commit e7c52b84fb18f08ce49b6067ae6285aca79084a8
> >
> > If anything causes "stack frame > 2048" warning for KASAN we should at least try to fix it,
> > I mean reduce stack usage.
>
>
> +Nick who is also hitting these warnings on clang/arm64 build. As far
> as I understand the situation there is much worse.
>
> I would be good to understand/fix the worst offenders. But the stack
> size increase with KASAN is a real, inherent thing. So if we live very
> close the edge, we can get people using different compilers and/or
> versions of compilers constantly breaking each other. And clang hits
> this warnings in lots of places today just because the current code
> was tailored to gcc over long period, i.e. allowing more locals where
> gcc happened to handle that better and having fewer locals where gcc
> happened to handle it worse. But for another compiler all these
> assumptions are significantly perturbed.
>
> Nick, do you know what frame size limit eliminates the bulk of
> warnings on clang? Is 3072 a reasonable limit allowing to fix the
> remaining outliners?

Here's a plot of the distribution from an arm64 clang build with
allyesconfig minus LSE_ATOMICS, BIG_ENDIAN, and GCOV:
https://github.com/ClangBuiltLinux/linux/issues/39#issuecomment-423621655

A value of 3072 would ignore 79 out of the 128 instances (62%).

Some values are huge outliers.

>
>
> >>> Signed-off-by: Jason A. Donenfeld <Jason@...c4.com>
> >>> ---
> >>>  lib/Kconfig.debug | 2 +-
> >>>  1 file changed, 1 insertion(+), 1 deletion(-)
> >>>
> >>> diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
> >>> index 4966c4fbe7f7..39078a080e29 100644
> >>> --- a/lib/Kconfig.debug
> >>> +++ b/lib/Kconfig.debug
> >>> @@ -222,7 +222,7 @@ config ENABLE_MUST_CHECK
> >>>  config FRAME_WARN
> >>>         int "Warn for stack frames larger than (needs gcc 4.4)"
> >>>         range 0 8192
> >>> -       default 3072 if KASAN_EXTRA
> >>> +       default 3072 if KASAN
> >>>         default 2048 if GCC_PLUGIN_LATENT_ENTROPY
> >>>         default 1280 if (!64BIT && PARISC)
> >>>         default 1024 if (!64BIT && !PARISC)
> >>> --
> >>> 2.19.0



-- 
Thanks,
~Nick Desaulniers

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ