lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 12 Mar 2021 15:07:30 +0100
From:   Andrey Konovalov <andreyknvl@...gle.com>
To:     Marco Elver <elver@...gle.com>
Cc:     Andrew Morton <akpm@...ux-foundation.org>,
        Alexander Potapenko <glider@...gle.com>,
        Andrey Ryabinin <aryabinin@...tuozzo.com>,
        Dmitry Vyukov <dvyukov@...gle.com>,
        kasan-dev <kasan-dev@...glegroups.com>,
        Linux Memory Management List <linux-mm@...ck.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 10/11] kasan: docs: update ignoring accesses section

On Fri, Mar 12, 2021 at 12:02 PM Marco Elver <elver@...gle.com> wrote:
>
> On Thu, Mar 11, 2021 at 10:37PM +0100, Andrey Konovalov wrote:
> [...]
> > +Other parts of the kernel might access metadata for allocated objects. Normally,
> > +KASAN detects and reports such accesses, but in certain cases (e.g., in memory
> > +allocators) these accesses are valid. Disabling instrumentation for memory
> > +allocators files helps with accesses that happen directly in that code for
> > +software KASAN modes. But it does not help when the accesses happen indirectly
> > +(through generic function calls) or with the hardware tag-based mode that does
> > +not use compiler instrumentation.
> > +
> > +To disable KASAN reports in a certain part of the kernel code:
> > +
> > +- For software modes, add a
> > +  ``kasan_disable_current()``/``kasan_enable_current()`` critical section.
>
> Should we mention function attribute __no_sanitize_address (and noinstr,
> which just applies to any kind of instrumentation) here? Perhaps with
> the note that called functions may still be instrumented, and in such
> cases would require combining with kasan_{disable,enable}_current().

Indeed, forgot about the attributes.. Will add, thank you!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ