lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 24 Sep 2018 10:04:58 +0200
From:   Dmitry Vyukov <dvyukov@...gle.com>
To:     Arnd Bergmann <arnd@...db.de>
Cc:     Andrey Ryabinin <aryabinin@...tuozzo.com>,
        Andy Lutomirski <luto@...nel.org>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        Alexander Potapenko <glider@...gle.com>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>
Subject: Re: [PATCH] framewarn: expand KASAN_EXTRA exception to KASAN

On Sat, Sep 22, 2018 at 4:56 PM, Arnd Bergmann <arnd@...db.de> wrote:
> On Fri, Sep 21, 2018 at 2:45 AM Dmitry Vyukov <dvyukov@...gle.com> wrote:
>>
>> On Fri, Sep 21, 2018 at 11:25 AM, Andrey Ryabinin
>> <aryabinin@...tuozzo.com> wrote:
>> > On 09/21/2018 04:50 AM, Andy Lutomirski wrote:
>> >> This patch seems reasonable, but you emailed the wrong people :)
>> >>
>> >> On Thu, Sep 20, 2018 at 5:15 PM Jason A. Donenfeld <Jason@...c4.com> wrote:
>> >>>
>> >>> It turns out that KASAN in general will bloat stack frames in unexpected
>> >>> ways, not just KASAN_EXTRA. So, this patch trivially changes that
>> >>> default to be associated with KASAN instead of KASAN_EXTRA.
>> >>>
>> >
>> > KASAN_EXTRA bloats stack more than just KASAN, that's why the limit is higher than just for KASAN.
>> > If want more details, tead the changelog from commit e7c52b84fb18f08ce49b6067ae6285aca79084a8
>> >
>> > If anything causes "stack frame > 2048" warning for KASAN we should at least try to fix it,
>> > I mean reduce stack usage.
>>
>>
>> +Nick who is also hitting these warnings on clang/arm64 build. As far
>> as I understand the situation there is much worse.
>>
>> I would be good to understand/fix the worst offenders. But the stack
>> size increase with KASAN is a real, inherent thing. So if we live very
>> close the edge, we can get people using different compilers and/or
>> versions of compilers constantly breaking each other. And clang hits
>> this warnings in lots of places today just because the current code
>> was tailored to gcc over long period, i.e. allowing more locals where
>> gcc happened to handle that better and having fewer locals where gcc
>> happened to handle it worse. But for another compiler all these
>> assumptions are significantly perturbed.
>>
>> Nick, do you know what frame size limit eliminates the bulk of
>> warnings on clang? Is 3072 a reasonable limit allowing to fix the
>> remaining outliners?
>
> I do not consider 3072 a reasonable limit at all. For gcc, we managed to fix or
> work around all the bugs that caused excessive stack usage. In almost all
> cases there was something seriously wrong with code generation. I added
> the KASAN_EXTRA option for the one thing that added an inherent significant
> overhead to the stack usage.
>
> llvm apparently has a similar bug to what we fixed in gcc. I created a
> reduced test case for one of the file at:
> https://bugs.llvm.org/show_bug.cgi?id=38809
>
> Unfortunately, nobody has commented on that so far, but in the
> meantime I think the best workaround would be to disable asan-stack
> entirely when building with clang, and moving it to KASAN_EXTRA
> there, like we did with the scope check on gcc.

Good point. I CCed more people on https://bugs.llvm.org/show_bug.cgi?id=38809

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ