lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <d925ca37-ff0d-adba-6e1e-a7eaa47404b0@lca.pw>
Date:   Tue, 19 Feb 2019 20:25:23 -0500
From:   Qian Cai <cai@....pw>
To:     Kostya Serebryany <kcc@...gle.com>,
        Nick Desaulniers <ndesaulniers@...gle.com>
Cc:     Arnd Bergmann <arnd@...db.de>,
        Andrey Ryabinin <aryabinin@...tuozzo.com>,
        Masahiro Yamada <yamada.masahiro@...ionext.com>,
        Michal Marek <michal.lkml@...kovi.net>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Dmitry Vyukov <dvyukov@...gle.com>,
        Mark Brown <broonie@...nel.org>,
        Alexander Potapenko <glider@...gle.com>,
        Martin Schwidefsky <schwidefsky@...ibm.com>,
        Christoph Lameter <cl@...ux.com>,
        Andrey Konovalov <andreyknvl@...gle.com>,
        LKML <linux-kernel@...r.kernel.org>,
        Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
        kasan-dev <kasan-dev@...glegroups.com>,
        Evgenii Stepanov <eugenis@...gle.com>
Subject: Re: [PATCH] kasan: turn off asan-stack for clang-8 and earlier



On 2/19/19 7:33 PM, Kostya Serebryany wrote:
>>> Well, I am using clang 8.0 on arm64 and running the kernel just fine for a few
>>> weeks now and never trigger a single stack overflow (THREAD_SHIFT = 15) because
>>> I never use any of those drivers you mentioned above. I don't think it is a good
>>> idea to blankly remove the testing coverage here and affect people don't use all
>>> those offensive functions at all.
>>
>> Thanks for the patch, Arnd!  Hopefully we can fix that up in Clang
>> soon.  Qian, I guess the alternative would be to add `-mllvm
>> -asan-stack=0` on potentially up to 140 Makefiles?

Depends on the exact stack consumption of those 140 functions. For example, I
don't care if you turn-off -asan-stack if the current stack size is < 32k.

For those functions always consume like a lot of stack like 8k or more, fix them
in Makefile if not too many of them.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ