lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAG_fn=Ubagz667ZEM2wyabshZhY-wyJRFUzqxZkBj3AES+KnXg@mail.gmail.com>
Date:   Thu, 2 Mar 2023 16:17:11 +0100
From:   Alexander Potapenko <glider@...gle.com>
To:     Marco Elver <elver@...gle.com>
Cc:     linux-kernel@...r.kernel.org, linux-mm@...ck.org,
        tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, x86@...nel.org,
        dave.hansen@...ux.intel.com, hpa@...or.com,
        akpm@...ux-foundation.org, dvyukov@...gle.com, nathan@...nel.org,
        ndesaulniers@...gle.com, kasan-dev@...glegroups.com,
        Kees Cook <keescook@...omium.org>
Subject: Re: [PATCH 1/4] x86: kmsan: Don't rename memintrinsics in
 uninstrumented files

On Thu, Mar 2, 2023 at 4:13 PM Marco Elver <elver@...gle.com> wrote:
>
> On Thu, 2 Mar 2023 at 15:28, Alexander Potapenko <glider@...gle.com> wrote:
> >
> > On Thu, Mar 2, 2023 at 12:14 PM Marco Elver <elver@...gle.com> wrote:
> > >
> > > On Wed, 1 Mar 2023 at 15:39, Alexander Potapenko <glider@...gle.com> wrote:
> > > >
> > > > KMSAN should be overriding calls to memset/memcpy/memmove and their
> > >
> > > You mean that the compiler will override calls?
> > > All supported compilers that have fsanitize=kernel-memory replace
> > > memintrinsics with __msan_mem*() calls, right?
> >
> > Right. Changed to:
> >
> > KMSAN already replaces calls to to memset/memcpy/memmove and their
> > __builtin_ versions with __msan_memset/__msan_memcpy/__msan_memmove in
> > instrumented files, so there is no need to override them.
>
> But it's not KMSAN - KMSAN is the combined end result of runtime and
> compiler - in this case we need to be specific and point out it's the
> compiler that's doing it. There is no code in the Linux kernel that
> does this replacement.

Agreed. I'll replace with "clang -fsanitize=kernel-memory"

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ