| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Feb 2023 19:58:55 +0100
From: Alexander Potapenko <glider@...gle.com>
To: Naresh Kamboju <naresh.kamboju@...aro.org>,
Peter Zijlstra <peterz@...radead.org>,
Marco Elver <elver@...gle.com>,
Jakub Jelinek <jakub@...hat.com>,
Peter Collingbourne <pcc@...gle.com>
Cc: kasan-dev <kasan-dev@...glegroups.com>,
open list <linux-kernel@...r.kernel.org>,
kunit-dev@...glegroups.com, lkft-triage@...ts.linaro.org,
regressions@...ts.linux.dev,
Anders Roxell <anders.roxell@...aro.org>,
Arnd Bergmann <arnd@...db.de>
Subject: Re: next: x86_64: kunit test crashed and kernel panic
>
> > <4>[ 38.796558] ? kmalloc_memmove_negative_size+0xeb/0x1f0
> > <4>[ 38.797376] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10
>
> Most certainly kmalloc_memmove_negative_size() is related.
> Looks like we fail to intercept the call to memmove() in this test,
> passing -2 to the actual __memmove().
This was introduced by 69d4c0d321869 ("entry, kasan, x86: Disallow
overriding mem*() functions")
There's Marco's "kasan: Emit different calls for instrumentable
memintrinsics", but it doesn't fix the problem for me (looking
closer...), and GCC support is still not there, right?
Failing to intercept memcpy/memset/memmove should normally result in
false negatives, but kmalloc_memmove_negative_size() makes a strong
assumption that KASAN will catch and prevent memmove(dst, src, -2).
Powered by blists - more mailing lists