| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Sep 2021 07:59:46 -0700
From: Nathan Chancellor <nathan@...nel.org>
To: Marco Elver <elver@...gle.com>,
Andrew Morton <akpm@...ux-foundation.org>
Cc: Andrey Ryabinin <ryabinin.a.a@...il.com>,
Alexander Potapenko <glider@...gle.com>,
Andrey Konovalov <andreyknvl@...il.com>,
Dmitry Vyukov <dvyukov@...gle.com>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Arnd Bergmann <arnd@...db.de>, kasan-dev@...glegroups.com,
linux-kernel@...r.kernel.org, llvm@...ts.linux.dev,
linux-riscv <linux-riscv@...ts.infradead.org>,
Paul Walmsley <paul.walmsley@...ive.com>,
Palmer Dabbelt <palmer@...belt.com>,
Albert Ou <aou@...s.berkeley.edu>, linux-mm@...ck.org
Subject: Re: [PATCH] kasan: Always respect CONFIG_KASAN_STACK
On Thu, Sep 23, 2021 at 12:07:17PM +0200, Marco Elver wrote:
> On Wed, 22 Sept 2021 at 22:55, Nathan Chancellor <nathan@...nel.org> wrote:
> > Currently, the asan-stack parameter is only passed along if
> > CFLAGS_KASAN_SHADOW is not empty, which requires KASAN_SHADOW_OFFSET to
> > be defined in Kconfig so that the value can be checked. In RISC-V's
> > case, KASAN_SHADOW_OFFSET is not defined in Kconfig, which means that
> > asan-stack does not get disabled with clang even when CONFIG_KASAN_STACK
> > is disabled, resulting in large stack warnings with allmodconfig:
> >
> > drivers/video/fbdev/omap2/omapfb/displays/panel-lgphilips-lb035q02.c:117:12:
> > error: stack frame size (14400) exceeds limit (2048) in function
> > 'lb035q02_connect' [-Werror,-Wframe-larger-than]
> > static int lb035q02_connect(struct omap_dss_device *dssdev)
> > ^
> > 1 error generated.
> >
> > Ensure that the value of CONFIG_KASAN_STACK is always passed along to
> > the compiler so that these warnings do not happen when
> > CONFIG_KASAN_STACK is disabled.
> >
> > Link: https://github.com/ClangBuiltLinux/linux/issues/1453
> > References: 6baec880d7a5 ("kasan: turn off asan-stack for clang-8 and earlier")
> > Signed-off-by: Nathan Chancellor <nathan@...nel.org>
>
> Reviewed-by: Marco Elver <elver@...gle.com>
Thanks!
> [ Which tree are you planning to take it through? ]
Gah, I was intending for it to go through -mm, then I cc'd neither
Andrew nor linux-mm... :/ Andrew, do you want me to resend or can you
grab it from LKML?
> Note, arch/riscv/include/asm/kasan.h mentions KASAN_SHADOW_OFFSET in
> comment (copied from arm64). Did RISC-V just forget to copy over the
> Kconfig option?
I do see it defined in that file as well but you are right that they did
not copy the Kconfig logic, even though it was present in the tree when
RISC-V KASAN was implemented. Perhaps they should so that they get
access to the other flags in the "else" branch?
> > ---
> > scripts/Makefile.kasan | 3 ++-
> > 1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/scripts/Makefile.kasan b/scripts/Makefile.kasan
> > index 801c415bac59..b9e94c5e7097 100644
> > --- a/scripts/Makefile.kasan
> > +++ b/scripts/Makefile.kasan
> > @@ -33,10 +33,11 @@ else
> > CFLAGS_KASAN := $(CFLAGS_KASAN_SHADOW) \
> > $(call cc-param,asan-globals=1) \
> > $(call cc-param,asan-instrumentation-with-call-threshold=$(call_threshold)) \
> > - $(call cc-param,asan-stack=$(stack_enable)) \
> > $(call cc-param,asan-instrument-allocas=1)
> > endif
> >
> > +CFLAGS_KASAN += $(call cc-param,asan-stack=$(stack_enable))
> > +
> > endif # CONFIG_KASAN_GENERIC
> >
> > ifdef CONFIG_KASAN_SW_TAGS
> >
> > base-commit: 4057525736b159bd456732d11270af2cc49ec21f
> > --
> > 2.33.0.514.g99c99ed825
> >
> >
Powered by blists - more mailing lists