| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <yduqbthmtpc5e2n4u73ofbp326chk3qdkgdiyrgmwcbhgeqceq@yybbkifwt4zk> Date: Fri, 7 Mar 2025 15:12:35 -0800 From: Justin Stitt <justinstitt@...gle.com> To: Kees Cook <kees@...nel.org> Cc: "Gustavo A. R. Silva" <gustavoars@...nel.org>, Masahiro Yamada <masahiroy@...nel.org>, Nathan Chancellor <nathan@...nel.org>, Nicolas Schier <nicolas@...sle.eu>, Marco Elver <elver@...gle.com>, Andrey Konovalov <andreyknvl@...il.com>, Andrey Ryabinin <ryabinin.a.a@...il.com>, linux-kbuild@...r.kernel.org, kasan-dev@...glegroups.com, linux-hardening@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, Miguel Ojeda <ojeda@...nel.org>, Nick Desaulniers <ndesaulniers@...gle.com>, Hao Luo <haoluo@...gle.com>, Przemek Kitszel <przemyslaw.kitszel@...el.com>, Bill Wendling <morbo@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Tony Ambardar <tony.ambardar@...il.com>, Alexander Potapenko <glider@...gle.com>, Jan Hendrik Farr <kernel@...rr.cc>, Alexander Lobakin <aleksander.lobakin@...el.com>, linux-kernel@...r.kernel.org, llvm@...ts.linux.dev Subject: Re: [PATCH 2/3] ubsan/overflow: Enable pattern exclusions Hi, On Thu, Mar 06, 2025 at 08:19:10PM -0800, Kees Cook wrote: > To make integer wrap-around mitigation actually useful, the associated > sanitizers must not instrument cases where the wrap-around is explicitly > defined (e.g. "-2UL"), being tested for (e.g. "if (a + b < a)"), or > where it has no impact on code flow (e.g. "while (var--)"). Enable > pattern exclusions for the integer wrap sanitizers. > > Signed-off-by: Kees Cook <kees@...nel.org> > --- > Cc: Justin Stitt <justinstitt@...gle.com> > Cc: "Gustavo A. R. Silva" <gustavoars@...nel.org> > Cc: Masahiro Yamada <masahiroy@...nel.org> > Cc: Nathan Chancellor <nathan@...nel.org> > Cc: Nicolas Schier <nicolas@...sle.eu> > Cc: Marco Elver <elver@...gle.com> > Cc: Andrey Konovalov <andreyknvl@...il.com> > Cc: Andrey Ryabinin <ryabinin.a.a@...il.com> > Cc: linux-kbuild@...r.kernel.org > Cc: kasan-dev@...glegroups.com > Cc: linux-hardening@...r.kernel.org > --- > lib/Kconfig.ubsan | 1 + > scripts/Makefile.ubsan | 1 + > 2 files changed, 2 insertions(+) > > diff --git a/lib/Kconfig.ubsan b/lib/Kconfig.ubsan > index 63e5622010e0..888c2e72c586 100644 > --- a/lib/Kconfig.ubsan > +++ b/lib/Kconfig.ubsan > @@ -120,6 +120,7 @@ config UBSAN_INTEGER_WRAP > bool "Perform checking for integer arithmetic wrap-around" > default UBSAN > depends on !COMPILE_TEST > + depends on $(cc-option,-fsanitize-undefined-ignore-overflow-pattern=all) This option group "all" may be expanded in the future, e.g., negations of unsigned integers (not just unsigned integer literals). As these are deliberately designed for the kernel, I think we will want them anyways. So, all is good. > depends on $(cc-option,-fsanitize=signed-integer-overflow) > depends on $(cc-option,-fsanitize=unsigned-integer-overflow) > depends on $(cc-option,-fsanitize=implicit-signed-integer-truncation) > diff --git a/scripts/Makefile.ubsan b/scripts/Makefile.ubsan > index 4fad9afed24c..233379c193a7 100644 > --- a/scripts/Makefile.ubsan > +++ b/scripts/Makefile.ubsan > @@ -15,6 +15,7 @@ ubsan-cflags-$(CONFIG_UBSAN_TRAP) += $(call cc-option,-fsanitize-trap=undefined > export CFLAGS_UBSAN := $(ubsan-cflags-y) > > ubsan-integer-wrap-cflags-$(CONFIG_UBSAN_INTEGER_WRAP) += \ > + -fsanitize-undefined-ignore-overflow-pattern=all \ > -fsanitize=signed-integer-overflow \ > -fsanitize=unsigned-integer-overflow \ > -fsanitize=implicit-signed-integer-truncation \ > -- > 2.34.1 > Reviewed-by: Justin Stitt <justinstitt@...gle.com> Justin
Powered by blists - more mailing lists