lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 21 Apr 2023 17:28:28 +0200
From:   "Arnd Bergmann" <arnd@...db.de>
To:     "Tudor Ambarus" <tudor.ambarus@...aro.org>,
        "Nathan Chancellor" <nathan@...nel.org>,
        "Nick Desaulniers" <ndesaulniers@...gle.com>,
        "Tom Rix" <trix@...hat.com>,
        "Andrew Morton" <akpm@...ux-foundation.org>
Cc:     joneslee@...gle.com, "Peter Zijlstra" <peterz@...radead.org>,
        "Kees Cook" <keescook@...omium.org>,
        "Josh Poimboeuf" <jpoimboe@...nel.org>, zhaoyang.huang@...soc.com,
        "Liam R. Howlett" <liam.howlett@...cle.com>,
        "Randy Dunlap" <rdunlap@...radead.org>,
        "Geert Uytterhoeven" <geert+renesas@...der.be>,
        linux-kernel@...r.kernel.org, llvm@...ts.linux.dev,
        "Mark Brown" <broonie@...nel.org>,
        "Dmitry Vyukov" <dvyukov@...gle.com>, nogikh@...gle.com
Subject: Re: [PATCH] Kconfig.debug: disable CONFIG_FRAME_WARN for KASAN_STACK &&
 CC_IS_CLANG by default

On Fri, Apr 21, 2023, at 17:10, Tudor Ambarus wrote:
> On 4/21/23 15:30, Arnd Bergmann wrote:
>> On Fri, Apr 21, 2023, at 15:01, Tudor Ambarus wrote:
>> 
>>> The conclusion is that when KASAN is enabled the stack usage increases a
>>> bit, but nothing unmanageable ~30-70 bytes, whereas when enabling
>>> KASAN_STACK the stack usage is excessive, from ~1.7K to ~5.8K for these
>>> cases.
>>>
>>> Disable CONFIG_FRAME_WARN for KASAN_STACK && CC_IS_CLANG by default.
>>> Adventurers can still override the default value by input prompt or
>>> explicit values in defconfigs in case they feel that some real warnings
>>> are missed.
>>>
>>> Signed-off-by: Tudor Ambarus <tudor.ambarus@...aro.org>
>> 
>> I think we are still better off with the warning enabled. When someone
>> really wants to run a kernel with KASAN_STACK enabled, they should have
>> a chance to see what they are getting into and not report any runtime
>> bugs that come from stack overflow. 
>> 
>
> Are such stack overflows warnings reliable when we know that stack
> instrumentation causes excessive stack usage? Until clang is fixed one
> shall hunt frame-larger-than warnings with KASAN_STACK disabled.

The main problem with stack frame usage is that the compiler cannot know
during compile time what the other functions are going to use, so it's
always a bit of guesswork, and we just try to make the limit as small
as possible without causing too much work addressing the warnings.

Only if the frame usage grows beyond the actual available stack size,
it's guaranteed to crash (I've seen 80KB for a single function, clearly
larger than 16kb of total stack size), but the larger it gets, the
more problems you'll run into.

We already discussed years ago how clang can improve a lot of the
cases here by reworking the amount of padding between variables
similar to how gcc does it. This won't work for all files, but for
a lot of them, and once clang gets fixed, we can address the
remaining ones by working around them in the kernel.

     Arnd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ