| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 28 Mar 2022 18:16:37 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: Segher Boessenkool <segher@...nel.crashing.org>
Cc: Mark Rutland <mark.rutland@....com>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Borislav Petkov <bp@...en8.de>,
Nathan Chancellor <nathan@...nel.org>, x86-ml <x86@...nel.org>,
lkml <linux-kernel@...r.kernel.org>, llvm@...ts.linux.dev,
Josh Poimboeuf <jpoimboe@...hat.com>,
linux-toolchains@...r.kernel.org
Subject: Re: clang memcpy calls
On Mon, Mar 28, 2022 at 10:59:57AM -0500, Segher Boessenkool wrote:
> I do not see how that follows. Maybe that is obvious from how you look
> at your use case, but it is not from the viewpoint of people who just
> want to do sanitation.
It's a substitution issue:
either:
memcpy() equals: "asan instrumentation" + "memcpy implementation"
or:
memcpy() equals: "memcpy implementation"
It can not be both, since they're not equivalent.
So if the compiler does the substitution, it needs some sense of
equivalence. All we're asking is that it be consistent (my preference is
for the latter).
> So what is the goal here? Why do you need to
> prevent sanitation on anything called from this function, at all cost?
Kernel entry code might not have reached a point where instrumentation
assumptions are valid yet. Consider calling into C before the kernel
page-tables are swapped in. KASAN instrumentation would insta-explode
simply because the environment it expects (the shadow data etc..) isn't
there.
Powered by blists - more mailing lists