lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20200403162039.fubfeblv3x5pmphn@treble>
Date:   Fri, 3 Apr 2020 11:20:39 -0500
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     Nick Desaulniers <ndesaulniers@...gle.com>
Cc:     peterz@...radead.org,
        Kamalesh Babulal <kamalesh@...ux.vnet.ibm.com>,
        Matt Helsley <mhelsley@...are.com>,
        Randy Dunlap <rdunlap@...radead.org>,
        Jonathan Corbet <corbet@....net>,
        Mauro Carvalho Chehab <mchehab+samsung@...nel.org>,
        Petr Mladek <pmladek@...e.com>,
        Raphael Gault <raphael.gault@....com>,
        linux-kernel@...r.kernel.org, clang-built-linux@...glegroups.com
Subject: Re: [PATCH v2] objtool: Documentation: document UACCESS warnings

On Thu, Mar 26, 2020 at 11:37:06AM -0700, Nick Desaulniers wrote:
> Compiling with Clang and CONFIG_KASAN=y was exposing a few warnings:
>   call to memset() with UACCESS enabled
> 
> Document how to fix these for future travelers.
> 
> Link: https://github.com/ClangBuiltLinux/linux/issues/876
> Suggested-by: Kamalesh Babulal <kamalesh@...ux.vnet.ibm.com>
> Suggested-by: Matt Helsley <mhelsley@...are.com>
> Suggested-by: Peter Zijlstra <peterz@...radead.org>
> Suggested-by: Randy Dunlap <rdunlap@...radead.org>
> Signed-off-by: Nick Desaulniers <ndesaulniers@...gle.com>
> ---
> Changes V1 -> V2:
> * fix typo of listing uaccess_enable() twice rather than
>   uaccess_disable() as per Matt and Kamalesh.
> * fix type of "should called" to "should be called" as per Randy.
> * Mention non-obvious compiler instrumentation ie. -pg/mcount
>   -mfentry/fentry via tracing as per Peter.
> * Add sentence "It also helps verify..."
> * Add potential fix "1) remove explicit..."

Thanks, adding this one to the queue for tip.

-- 
Josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ