lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240415183454.GB1011455@dev-arch.thelio-3990X>
Date: Mon, 15 Apr 2024 11:34:54 -0700
From: Nathan Chancellor <nathan@...nel.org>
To: Kees Cook <keescook@...omium.org>
Cc: Marco Elver <elver@...gle.com>, Justin Stitt <justinstitt@...gle.com>,
	Andrey Konovalov <andreyknvl@...il.com>,
	Andrey Ryabinin <ryabinin.a.a@...il.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	kasan-dev@...glegroups.com, linux-hardening@...r.kernel.org,
	Nick Desaulniers <ndesaulniers@...gle.com>,
	Bill Wendling <morbo@...gle.com>, linux-kernel@...r.kernel.org,
	llvm@...ts.linux.dev
Subject: Re: [PATCH] ubsan: Add awareness of signed integer overflow traps

On Mon, Apr 15, 2024 at 11:28:35AM -0700, Kees Cook wrote:
> On arm64, UBSAN traps can be decoded from the trap instruction. Add the
> add, sub, and mul overflow trap codes now that CONFIG_UBSAN_SIGNED_WRAP
> exists. Seen under clang 19:
> 
>   Internal error: UBSAN: unrecognized failure code: 00000000f2005515 [#1] PREEMPT SMP
> 
> Reported-by: Nathan Chancellor <nathan@...nel.org>
> Closes: https://lore.kernel.org/lkml/20240411-fix-ubsan-in-hardening-config-v1-0-e0177c80ffaa@kernel.org
> Fixes: 557f8c582a9b ("ubsan: Reintroduce signed overflow sanitizer")
> Signed-off-by: Kees Cook <keescook@...omium.org>

As I mentioned, CONFIG_UBSAN_SIGNED_INTEGER_WRAP needs to be
CONFIG_UBSAN_SIGNED_WRAP. I applied this change with that fix up and the
warning now becomes:

  Internal error: UBSAN: integer subtraction overflow: 00000000f2005515 [#1] PREEMPT SMP

So:

Tested-by: Nathan Chancellor <nathan@...nel.org>

> ---
> Cc: Marco Elver <elver@...gle.com>
> Cc: Justin Stitt <justinstitt@...gle.com>
> Cc: Andrey Konovalov <andreyknvl@...il.com>
> Cc: Andrey Ryabinin <ryabinin.a.a@...il.com>
> Cc: Andrew Morton <akpm@...ux-foundation.org>
> Cc: kasan-dev@...glegroups.com
> Cc: linux-hardening@...r.kernel.org
> ---
>  lib/ubsan.c | 18 ++++++++++++++++--
>  1 file changed, 16 insertions(+), 2 deletions(-)
> 
> diff --git a/lib/ubsan.c b/lib/ubsan.c
> index 5fc107f61934..ad32beb8c058 100644
> --- a/lib/ubsan.c
> +++ b/lib/ubsan.c
> @@ -44,9 +44,10 @@ const char *report_ubsan_failure(struct pt_regs *regs, u32 check_type)
>  	case ubsan_shift_out_of_bounds:
>  		return "UBSAN: shift out of bounds";
>  #endif
> -#ifdef CONFIG_UBSAN_DIV_ZERO
> +#if defined(CONFIG_UBSAN_DIV_ZERO) || defined(CONFIG_UBSAN_SIGNED_INTEGER_WRAP)
>  	/*
> -	 * SanitizerKind::IntegerDivideByZero emits
> +	 * SanitizerKind::IntegerDivideByZero and
> +	 * SanitizerKind::SignedIntegerOverflow emit
>  	 * SanitizerHandler::DivremOverflow.
>  	 */
>  	case ubsan_divrem_overflow:
> @@ -77,6 +78,19 @@ const char *report_ubsan_failure(struct pt_regs *regs, u32 check_type)
>  		return "UBSAN: alignment assumption";
>  	case ubsan_type_mismatch:
>  		return "UBSAN: type mismatch";
> +#endif
> +#ifdef CONFIG_UBSAN_SIGNED_INTEGER_WRAP
> +	/*
> +	 * SanitizerKind::SignedIntegerOverflow emits
> +	 * SanitizerHandler::AddOverflow, SanitizerHandler::SubOverflow,
> +	 * or SanitizerHandler::MulOverflow.
> +	 */
> +	case ubsan_add_overflow:
> +		return "UBSAN: integer addition overflow";
> +	case ubsan_sub_overflow:
> +		return "UBSAN: integer subtraction overflow";
> +	case ubsan_mul_overflow:
> +		return "UBSAN: integer multiplication overflow";
>  #endif
>  	default:
>  		return "UBSAN: unrecognized failure code";
> -- 
> 2.34.1
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ