lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <b109ad0d-6995-8ca2-5426-7e2627d2032c@virtuozzo.com>
Date:   Wed, 20 Feb 2019 20:00:37 +0300
From:   Andrey Ryabinin <aryabinin@...tuozzo.com>
To:     Arnd Bergmann <arnd@...db.de>,
        Andrey Konovalov <andreyknvl@...gle.com>
Cc:     Masahiro Yamada <yamada.masahiro@...ionext.com>,
        Michal Marek <michal.lkml@...kovi.net>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Dmitry Vyukov <dvyukov@...gle.com>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Mark Brown <broonie@...nel.org>, Qian Cai <cai@....pw>,
        Alexander Potapenko <glider@...gle.com>,
        Martin Schwidefsky <schwidefsky@...ibm.com>,
        Christoph Lameter <cl@...ux.com>,
        LKML <linux-kernel@...r.kernel.org>,
        Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
        kasan-dev <kasan-dev@...glegroups.com>
Subject: Re: [PATCH] kasan: turn off asan-stack for clang-8 and earlier



On 2/20/19 5:51 PM, Arnd Bergmann wrote:
> On Wed, Feb 20, 2019 at 3:45 PM Andrey Konovalov <andreyknvl@...gle.com> wrote:
>>
>> On Tue, Feb 19, 2019 at 10:49 PM Arnd Bergmann <arnd@...db.de> wrote:
>>>
>>> Building an arm64 allmodconfig kernel with clang results in over 140 warnings
>>> about overly large stack frames, the worst ones being:
>>>
>>> drivers/gpu/drm/panel/panel-sitronix-st7789v.c:196:12: error: stack frame size of 20224 bytes in function 'st7789v_prepare'
>>> drivers/video/fbdev/omap2/omapfb/displays/panel-tpo-td028ttec1.c:196:12: error: stack frame size of 13120 bytes in function 'td028ttec1_panel_enable'
>>> drivers/usb/host/max3421-hcd.c:1395:1: error: stack frame size of 10048 bytes in function 'max3421_spi_thread'
>>> drivers/net/wan/slic_ds26522.c:209:12: error: stack frame size of 9664 bytes in function 'slic_ds26522_probe'
>>> drivers/crypto/ccp/ccp-ops.c:2434:5: error: stack frame size of 8832 bytes in function 'ccp_run_cmd'
>>> drivers/media/dvb-frontends/stv0367.c:1005:12: error: stack frame size of 7840 bytes in function 'stv0367ter_algo'
>>>
>>> None of these happen with gcc today, and almost all of these are the result
>>> of a single known bug in llvm.  Hopefully it will eventually get fixed with the
>>> clang-9 release.
>>>
>>> In the meantime, the best idea I have is to turn off asan-stack for clang-8
>>> and earlier, so we can produce a kernel that is safe to run.
>>
>> Hi Arnd,
>>
>> I don't think it's good to disable KASAN stack instrumentation for the
>> whole kernel by default with clang. It makes more sense to disable
>> stack instrumentation only for these few drivers.
> 
> Do you mean just the 114 files that we get warnings for in allmodconfig,
> or also those that run into the same bug but stay below the warning limit,
> and the ones that don't warn in allmodconfig but do warn in other
> configurations?
> 
> I would have to some more research, but I expect several hundred
> patches before we get to a clean randconfig build with a broken
> compiler.

Manually maintaining asan-stack parameter for the sake of one broken compiler isn't a great idea either.

Couple alternative suggestions:

1) If we can't fix the problem or the cost of fixing is too high, maybe just hide it? Disable -Wframe-larger-then on pre clang-9 compilers.

2) Fallback cflags. The idea is to try to compile every the file with "-mllvm -asan-stack=1 -Wframe-larger-than=2048 -Werror" at first,
 and fallback to "-mllvm -asan-stack=0" if failed. So it would be something similar to $(call cc-option, -mllvm -asan-stack=1 -Wframe-larger-than=2048 -Werror, -mllvm -asan-stack=0)
 except that "cc-option" tries options only once on some code example while  we need to try options on every file that we actually compile.
 Honestly, I'm not sure that it's worthy to hack Kbuild engine for that particular use-case.
 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ