[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230705215128.486054-1-jannh@google.com>
Date: Wed, 5 Jul 2023 23:51:27 +0200
From: Jann Horn <jannh@...gle.com>
To: Kees Cook <keescook@...omium.org>
Cc: Nathan Chancellor <nathan@...nel.org>,
linux-kernel@...r.kernel.org, Jann Horn <jannh@...gle.com>
Subject: [PATCH] ubsan: Clarify Kconfig text for CONFIG_UBSAN_TRAP
Make it clearer in the one-line description and the verbose description
text that CONFIG_UBSAN_TRAP as currently implemented involves a tradeoff of
much less helpful oops messages in exchange for a smaller kernel image.
(With the additional effect of turning UBSAN warnings into crashes, which
may or may not be desired.)
Signed-off-by: Jann Horn <jannh@...gle.com>
---
lib/Kconfig.ubsan | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/lib/Kconfig.ubsan b/lib/Kconfig.ubsan
index efae7e011956..e4f19ba9a029 100644
--- a/lib/Kconfig.ubsan
+++ b/lib/Kconfig.ubsan
@@ -13,7 +13,7 @@ menuconfig UBSAN
if UBSAN
config UBSAN_TRAP
- bool "On Sanitizer warnings, abort the running kernel code"
+ bool "Abort on Sanitizer warnings (smaller kernel but less verbose)"
depends on !COMPILE_TEST
help
Building kernels with Sanitizer features enabled tends to grow
@@ -26,6 +26,14 @@ config UBSAN_TRAP
the system. For some system builders this is an acceptable
trade-off.
+ CAUTION: Selecting Y will (depending on architecture) cause your
+ kernel to oops with an undefined instruction error with no further
+ details when a UBSAN violation occurs.
+ (arm64 can show some basic information.)
+ This may make it hard to determine whether an oops was caused by
+ UBSAN or to figure out the details of a UBSAN violation.
+ It makes the kernel log output less useful for bug reports.
+
config CC_HAS_UBSAN_BOUNDS_STRICT
def_bool $(cc-option,-fsanitize=bounds-strict)
help
base-commit: d528014517f2b0531862c02865b9d4c908019dc4
--
2.41.0.255.g8b1d071c50-goog
Powered by blists - more mailing lists