lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <202003252251.771EF5EC5F@keescook>
Date:   Wed, 25 Mar 2020 22:57:02 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Josh Poimboeuf <jpoimboe@...hat.com>
Cc:     Peter Zijlstra <peterz@...radead.org>,
        Randy Dunlap <rdunlap@...radead.org>,
        Stephen Rothwell <sfr@...b.auug.org.au>,
        Linux Next Mailing List <linux-next@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: linux-next: Tree for Mar 18 (objtool)

On Tue, Mar 24, 2020 at 05:24:06PM -0500, Josh Poimboeuf wrote:
> On Tue, Mar 24, 2020 at 11:18:07AM -0700, Kees Cook wrote:
> > As far as I could tell, this needs patches to the UBSAN support in gcc
> > and clang. I have opened bugs for each:
> > 
> > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94307
> > https://bugs.llvm.org/show_bug.cgi?id=45295
> 
> So it sounds like this would replace the second UD2 with a "call
> some_ubsan_function()"?
> 
> That might be slightly better, though it would still need an objtool
> change to ignore unreachable warnings for such calls.

Well, there are basically two modes (actually three as I've just
discovered on the clang bug): warn and fail. I hadn't found a way to get
"small" warns, so I wired up the fail path which injects an
"unreachable" as part of its logic.

> In the meantime I can still change objtool to ignore unreachable UD2s if
> there aren't any better ideas.

It'll still need the objtool change for CONFIG_UBSAN_TRAP, though based on
the clang bug discussion, I'll probably _also_ be adding CONFIG_UBSAN_WARN
which won't have an unreachable (and won't bloat the kernel). Testing
still under way... it is possible that CONFIG_UBSAN_TRAP will go away
in the future, though. If that happens, should I also remove the change
at that time?

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ