lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri,  2 Nov 2018 16:56:58 +0100
From:   Arnd Bergmann <arnd@...db.de>
To:     Andrew Morton <akpm@...ux-foundation.org>
Cc:     Masahiro Yamada <yamada.masahiro@...ionext.com>,
        Al Viro <viro@...iv.linux.org.uk>,
        Arnd Bergmann <arnd@...db.de>,
        Changbin Du <changbin.du@...il.com>,
        Marc Zyngier <marc.zyngier@....com>,
        Alex Bennée <alex.bennee@...aro.org>,
        Dave Martin <Dave.Martin@....com>,
        Kees Cook <keescook@...omium.org>,
        "Levin, Alexander (Sasha Levin)" <alexander.levin@...izon.com>,
        linux-kernel@...r.kernel.org
Subject: [PATCH] copy_{to,from}_user(): fix compile-time sanity checks with gcc -Og

When CONFIG_CC_OPTIMIZE_FOR_DEBUGGING is set, we get countless warnings
like

In function 'check_copy_size',
    inlined from 'copy_from_user' at include/linux/uaccess.h:146:6,
    inlined from '__copy_siginfo_from_user' at kernel/signal.c:3032:6:
include/linux/thread_info.h:147:4: error: call to '__bad_copy_to' declared with attribute error: copy destination size is too small

It seems that constant propagation doesn't work well enough to make
this code reliable, so turn it off for that configuration.

Cc: Changbin Du<changbin.du@...il.com>
Cc: Al Viro <viro@...iv.linux.org.uk>
Signed-off-by: Arnd Bergmann <arnd@...db.de>
---
 include/linux/thread_info.h | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/include/linux/thread_info.h b/include/linux/thread_info.h
index 8d8821b3689a..762f379bdf5d 100644
--- a/include/linux/thread_info.h
+++ b/include/linux/thread_info.h
@@ -138,6 +138,11 @@ static __always_inline bool
 check_copy_size(const void *addr, size_t bytes, bool is_source)
 {
 	int sz = __compiletime_object_size(addr);
+
+	/* constant propagation doesn't work well with -Og */
+	if (IS_ENABLED(CONFIG_CC_OPTIMIZE_FOR_DEBUGGING))
+		return true;
+
 	if (unlikely(sz >= 0 && sz < bytes)) {
 		if (!__builtin_constant_p(bytes))
 			copy_overflow(sz, bytes);
-- 
2.18.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ