lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250419090631.GB31874@1wt.eu>
Date: Sat, 19 Apr 2025 11:06:31 +0200
From: Willy Tarreau <w@....eu>
To: Thomas Weißschuh <linux@...ssschuh.net>
Cc: "Paul E. McKenney" <paulmck@...nel.org>, Shuah Khan <shuah@...nel.org>,
        linux-kernel@...r.kernel.org, linux-kselftest@...r.kernel.org
Subject: Re: [PATCH 2/6] tools/nolibc: disable function sanitizer for
 _start_c()

On Wed, Apr 16, 2025 at 08:40:17PM +0200, Thomas Weißschuh wrote:
> Both constructors and main() may be executed with different function
> signatures than they are actually using.
> This is intentional but trips up UBSAN.
> 
> Disable the function sanitizer of UBSAN in _start_c().
> 
> Signed-off-by: Thomas Weißschuh <linux@...ssschuh.net>
> ---
>  tools/include/nolibc/crt.h | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/tools/include/nolibc/crt.h b/tools/include/nolibc/crt.h
> index c4b10103bbec50f1a3a0a4562e34fdbd1b43ce6f..961cfe777c3564e705dfdd581de828b374d05b0b 100644
> --- a/tools/include/nolibc/crt.h
> +++ b/tools/include/nolibc/crt.h
> @@ -7,6 +7,8 @@
>  #ifndef _NOLIBC_CRT_H
>  #define _NOLIBC_CRT_H
>  
> +#include "compiler.h"
> +
>  char **environ __attribute__((weak));
>  const unsigned long *_auxv __attribute__((weak));
>  
> @@ -25,6 +27,9 @@ extern void (*const __fini_array_end[])(void) __attribute__((weak));
>  
>  void _start_c(long *sp);
>  __attribute__((weak,used))
> +#if __nolibc_has_feature(undefined_behavior_sanitizer)
> +	__attribute__((no_sanitize("function")))
> +#endif

I'm wondering if it wouldn't be more reliable with:

  #if __nolibc_has_attribute(no_sanitize)
	__attribute__((no_sanitize("function")))
  #endif

Because in the end, what you want is to always place that attribute
whenever it's supported, no ?

>  void _start_c(long *sp)
>  {
>  	long argc;

Willy

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ