| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 28 May 2024 17:45:12 +0200 From: Brian Johannesmeyer <bjohannesmeyer@...il.com> To: Alexander Potapenko <glider@...gle.com> Cc: Marco Elver <elver@...gle.com>, Dmitry Vyukov <dvyukov@...gle.com>, Andrew Morton <akpm@...ux-foundation.org>, kasan-dev@...glegroups.com, linux-mm@...ck.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] kmsan: introduce test_unpoison_memory() On Tue, May 28, 2024 at 12:20:15PM +0200, Alexander Potapenko wrote: > You are right with your analysis. > KMSAN stores a single origin for every aligned four-byte granule of > memory, so we lose some information when more than one uninitialized > value is combined in that granule. > When writing an uninitialized value to memory, a viable strategy is to > always update the origin. But if we partially initialize the granule > with a store, it is better to preserve that granule's origin to > prevent false negatives, so we need to check the resulting shadow slot > before updating the origin. > This is what the compiler instrumentation does, so > kmsan_internal_set_shadow_origin() should behave in the same way. > I found a similar bug in kmsan_internal_memmove_metadata() last year, > but missed this one. I appreciate the explanation. Makes sense. > I am going to send a patch fixing this along with your test (with an > updated description), if you don't object. Yes, that's fine. Thank you. -Brian
Powered by blists - more mailing lists