lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 15 Oct 2021 15:04:51 +0200
From:   Alexandre ghiti <>
To:     Nathan Chancellor <>,
        Palmer Dabbelt <>
        Arnd Bergmann <>,,,,,
        Paul Walmsley <>,,
Subject: Re: [PATCH] kasan: Always respect CONFIG_KASAN_STACK

On 10/14/21 8:31 PM, Alex Ghiti wrote:
> Hi Nathan,
> Le 14/10/2021 à 18:55, Nathan Chancellor a écrit :
>> On Fri, Oct 08, 2021 at 11:46:55AM -0700, Palmer Dabbelt wrote:
>>> On Thu, 23 Sep 2021 07:59:46 PDT (-0700), wrote:
>>>> On Thu, Sep 23, 2021 at 12:07:17PM +0200, Marco Elver wrote:
>>>>> On Wed, 22 Sept 2021 at 22:55, Nathan Chancellor
>>>>> <> wrote:
>>>>>> Currently, the asan-stack parameter is only passed along if
>>>>>> CFLAGS_KASAN_SHADOW is not empty, which requires
>>>>>> be defined in Kconfig so that the value can be checked. In RISC-V's
>>>>>> case, KASAN_SHADOW_OFFSET is not defined in Kconfig, which means
>>>>>> that
>>>>>> asan-stack does not get disabled with clang even when
>>>>>> is disabled, resulting in large stack warnings with allmodconfig:
>>>>>> drivers/video/fbdev/omap2/omapfb/displays/panel-lgphilips-lb035q02.c:117:12:
>>>>>> error: stack frame size (14400) exceeds limit (2048) in function
>>>>>> 'lb035q02_connect' [-Werror,-Wframe-larger-than]
>>>>>> static int lb035q02_connect(struct omap_dss_device *dssdev)
>>>>>>             ^
>>>>>> 1 error generated.
>>>>>> Ensure that the value of CONFIG_KASAN_STACK is always passed
>>>>>> along to
>>>>>> the compiler so that these warnings do not happen when
>>>>>> CONFIG_KASAN_STACK is disabled.
>>>>>> Link:
>>>>>> References: 6baec880d7a5 ("kasan: turn off asan-stack for clang-8
>>>>>> and earlier")
>>>>>> Signed-off-by: Nathan Chancellor <>
>>>>> Reviewed-by: Marco Elver <>
>>>> Thanks!
>>>>> [ Which tree are you planning to take it through? ]
>>>> Gah, I was intending for it to go through -mm, then I cc'd neither
>>>> Andrew nor linux-mm... :/ Andrew, do you want me to resend or can you
>>>> grab it from LKML?
>>> Acked-by: Palmer Dabbelt <>
>>> (assuming you still want it through somewhere else)
>> Thanks, it is now in mainline as commit 19532869feb9 ("kasan: always
>> respect CONFIG_KASAN_STACK").
>>>>> Note, arch/riscv/include/asm/kasan.h mentions KASAN_SHADOW_OFFSET in
>>>>> comment (copied from arm64). Did RISC-V just forget to copy over the
>>>>> Kconfig option?
>>>> I do see it defined in that file as well but you are right that
>>>> they did
>>>> not copy the Kconfig logic, even though it was present in the tree
>>>> when
>>>> RISC-V KASAN was implemented. Perhaps they should so that they get
>>>> access to the other flags in the "else" branch?
>>> Ya, looks like we just screwed this up.  I'm seeing some warnings like
>>>     cc1: warning: ‘-fsanitize=kernel-address’ with stack protection
>>> is not supported without ‘-fasan-shadow-offset=’ for this target
>> Hmmm, I thought I did a GCC build with this change but I must not have
>> :/
>>> which is how I ended up here, I'm assuming that's what you're
>>> talking about
>>> here?  LMK if you were planning on sending along a fix or if you
>>> want me to
>>> go figure it out.
>> I took a look at moving the logic into Kconfig like arm64 before sending
>> this change and I did not really understand it well enough to do so. I
>> think it would be best if you were able to do that so that nothing gets
>> messed up.
> I'll do it tomorrow, I'm the last one who touched kasan on riscv :)

Adding KASAN_SHADOW_OFFSET config makes kasan kernel fails to boot.
It receives a *write* fault at the beginning of a memblock_alloc
function while populating the kernel shadow memory: the trap address is
in the kasan shadow virtual address range and this corresponds to a
kernel address in init_stack. The question is: how do I populate the
stack shadow mapping without using memblock API? It's weird, I don't
find anything on other architectures.

And just a short note: I have realized this will break with the sv48
patchset as we decide at runtime the address space width and the kasan
shadow start address is different between sv39 and sv48. I will have to
do like x86 and move the kasan shadow start at the end of the address
space so that it is the same for both sv39 and sv48.



> Thanks,
> Alex
>> Cheers,
>> Nathan
>> _______________________________________________
>> linux-riscv mailing list
> _______________________________________________
> linux-riscv mailing list

Powered by blists - more mailing lists