lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 19 Feb 2019 20:25:23 -0500
From:   Qian Cai <>
To:     Kostya Serebryany <>,
        Nick Desaulniers <>
Cc:     Arnd Bergmann <>,
        Andrey Ryabinin <>,
        Masahiro Yamada <>,
        Michal Marek <>,
        Andrew Morton <>,
        Dmitry Vyukov <>,
        Mark Brown <>,
        Alexander Potapenko <>,
        Martin Schwidefsky <>,
        Christoph Lameter <>,
        Andrey Konovalov <>,
        LKML <>,
        Linux Kbuild mailing list <>,
        kasan-dev <>,
        Evgenii Stepanov <>
Subject: Re: [PATCH] kasan: turn off asan-stack for clang-8 and earlier

On 2/19/19 7:33 PM, Kostya Serebryany wrote:
>>> Well, I am using clang 8.0 on arm64 and running the kernel just fine for a few
>>> weeks now and never trigger a single stack overflow (THREAD_SHIFT = 15) because
>>> I never use any of those drivers you mentioned above. I don't think it is a good
>>> idea to blankly remove the testing coverage here and affect people don't use all
>>> those offensive functions at all.
>> Thanks for the patch, Arnd!  Hopefully we can fix that up in Clang
>> soon.  Qian, I guess the alternative would be to add `-mllvm
>> -asan-stack=0` on potentially up to 140 Makefiles?

Depends on the exact stack consumption of those 140 functions. For example, I
don't care if you turn-off -asan-stack if the current stack size is < 32k.

For those functions always consume like a lot of stack like 8k or more, fix them
in Makefile if not too many of them.

Powered by blists - more mailing lists