lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 9 Sep 2021 13:46:01 +0200
From:   Marco Elver <elver@...gle.com>
To:     elver@...gle.com, Andrew Morton <akpm@...ux-foundation.org>
Cc:     linux-kernel@...r.kernel.org, kasan-dev@...glegroups.com,
        Arnd Bergmann <arnd@...nel.org>,
        Christoph Hellwig <hch@...radead.org>,
        Guenter Roeck <linux@...ck-us.net>,
        Nathan Chancellor <nathan@...nel.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Aleksandr Nogikh <nogikh@...gle.com>,
        Alexander Potapenko <glider@...gle.com>,
        Andrey Konovalov <andreyknvl@...il.com>,
        Dmitry Vyukov <dvyukov@...gle.com>,
        Taras Madan <tarasmadan@...gle.com>, linux-mm@...ck.org,
        llvm@...ts.linux.dev
Subject: Re: [PATCH] kasan: double -Wframe-larger-than threshold if KASAN

On Thu, 9 Sept 2021 at 12:49, Marco Elver <elver@...gle.com> wrote:
> All architectures at least double stack size when using one of the KASAN
> software modes that rely on compiler instrumentation.
>
> Until now, warnings emitted by -Wframe-larger-than could easily be
> ignored, as we would still get a working kernel.
>
> However, with the introduction of -Werror (CONFIG_WERROR=y), it makes
> sense to at least double the -Wframe-larger-than threshold for
> software-based KASAN modes to reflect the already increased stack sizes
> when building a kernel with KASAN enabled.
>
> Link: https://lkml.kernel.org/r/YTbOs13waorzamZ6@Ryzen-9-3900X.localdomain
> Signed-off-by: Marco Elver <elver@...gle.com>

FWIW, there's still no consensus if this is what we want, and the
discussion continues at:
https://lkml.kernel.org/r/CANpmjNPBdx4b7bp=reNJPMzSNetdyrk+503_1LLoxNMYwUhSHg@mail.gmail.com

> ---
>  lib/Kconfig.debug | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
> index ed4a31e34098..2055bbb6724a 100644
> --- a/lib/Kconfig.debug
> +++ b/lib/Kconfig.debug
> @@ -345,6 +345,8 @@ endif # DEBUG_INFO
>  config FRAME_WARN
>         int "Warn for stack frames larger than"
>         range 0 8192
> +       default 4096 if 64BIT && (KASAN_GENERIC || KASAN_SW_TAGS)
> +       default 2048 if !64BIT && (KASAN_GENERIC || KASAN_SW_TAGS)
>         default 2048 if GCC_PLUGIN_LATENT_ENTROPY
>         default 1536 if (!64BIT && PARISC)
>         default 1024 if (!64BIT && !PARISC)
> --
> 2.33.0.153.gba50c8fa24-goog
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ