All of lore.kernel.org
 help / color / mirror / Atom feed
From: Samuel Thibault <samuel.thibault@ens-lyon.org>
To: Arnd Bergmann <arnd@arndb.de>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	kasan-dev <kasan-dev@googlegroups.com>,
	Dmitry Vyukov <dvyukov@google.com>,
	Alexander Potapenko <glider@google.com>,
	Andrey Ryabinin <aryabinin@virtuozzo.com>,
	Networking <netdev@vger.kernel.org>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	Arend van Spriel <arend.vanspriel@broadcom.com>,
	Jiri Slaby <jslaby@suse.com>,
	Dmitry Torokhov <dmitry.torokhov@gmail.com>
Subject: Re: [PATCH v2 03/11] tty: kbd: reduce stack size with KASAN
Date: Fri, 16 Jun 2017 17:58:59 +0200	[thread overview]
Message-ID: <20170616155859.gn2einuermlncaku@var.youpi.perso.aquilenet.fr> (raw)
In-Reply-To: <CAK8P3a2upDpcxGCLomyjvsXHfyeTyPmSj9qvymSsgf4pE+spDg@mail.gmail.com>

Arnd Bergmann, on ven. 16 juin 2017 17:41:47 +0200, wrote:
> The problem are the 'ch' and 'flag' variables that are passed into
> tty_insert_flip_char by value, and from there into
> tty_insert_flip_string_flags by reference.  In this case, kasan tries
> to detect whether tty_insert_flip_string_flags() does any out-of-bounds
> access on the pointers and adds 64 bytes redzone around each of
> the two variables.

Ouch.

> gcc-6.3.1 happens to inline 16 calls of tty_insert_flip_char() into
> kbd_keycode(), so the stack size grows from 168 bytes to
> 168+(16*2*64) = 2216 bytes. There are 10 calls to put_queue()
> in to_utf8(), 12 in emulate_raw() and another 4 in kbd_keycode()
> itself.

That's why I agreed for put_queue :)

I'm however afraid we'd have to mark a lot of static functions that way,
depending on the aggressivity of gcc... I'd indeed really argue that gcc
should consider stack usage when inlining.

static int f(int foo) {
	char c[256];
	g(c, foo);
}

is really not something that I'd want to see the compiler to inline.

> > And no, we shouldn't need to do this.  It sounds like ksan is the
> > problem here...
> 
> Of course kasan is the problem, but it really just does whatever we
> asked it to do, and cannot do any better as long as we inline many
> copies of tty_insert_flip_char() into kbd_keycode().

We didn't ask to inline put_queue into kbd_keycode.

Samuel

  reply	other threads:[~2017-06-16 15:59 UTC|newest]

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-06-14 21:15 [PATCH v2 00/11] bring back stack frame warning with KASAN Arnd Bergmann
2017-06-14 21:15 ` [PATCH v2 01/11] compiler: introduce noinline_if_stackbloat annotation Arnd Bergmann
2017-06-14 21:15 ` [PATCH v2 02/11] netlink: mark nla_put_{u8,u16,u32} noinline_if_stackbloat Arnd Bergmann
2017-06-14 21:15 ` [PATCH v2 03/11] tty: kbd: reduce stack size with KASAN Arnd Bergmann
2017-06-14 21:28   ` Samuel Thibault
2017-06-14 21:56     ` Arnd Bergmann
2017-06-14 22:16       ` Samuel Thibault
2017-06-15  4:52   ` Greg Kroah-Hartman
2017-06-15  4:53     ` Greg Kroah-Hartman
2017-06-16 12:01       ` Arnd Bergmann
2017-06-16 13:02         ` Greg Kroah-Hartman
2017-06-16 15:41           ` Arnd Bergmann
2017-06-16 15:58             ` Samuel Thibault [this message]
2017-06-16 17:29               ` Dmitry Torokhov
2017-06-16 20:56                 ` Arnd Bergmann
2017-06-16 21:07                   ` Dmitry Torokhov
2017-06-16 17:14             ` Andrey Ryabinin
2017-06-14 21:15 ` [PATCH v2 04/11] rocker: mark rocker_tlv_put_* functions as noinline_if_stackbloat Arnd Bergmann
2017-06-14 21:15 ` [PATCH v2 05/11] mtd: cfi: reduce stack size with KASAN Arnd Bergmann
2017-06-14 21:15   ` Arnd Bergmann
2017-08-04  7:42   ` Boris Brezillon
2017-08-04  9:09     ` Arnd Bergmann
2017-08-04 10:56       ` Boris Brezillon
2017-08-04 10:57   ` Boris Brezillon
2017-06-14 21:15 ` [PATCH v2 06/11] dvb-frontends: reduce stack size in i2c access Arnd Bergmann
2017-06-24 19:49   ` Mauro Carvalho Chehab
2017-06-14 21:15 ` [PATCH v2 07/11] r820t: mark register functions as noinline_if_stackbloat Arnd Bergmann
2017-06-14 21:15 ` [PATCH v2 08/11] brcmsmac: make some local variables 'static const' to reduce stack size Arnd Bergmann
2017-06-15 14:56   ` Kalle Valo
2017-06-14 21:15 ` [PATCH v2 09/11] brcmsmac: split up wlc_phy_workarounds_nphy Arnd Bergmann
2017-06-14 21:15 ` [PATCH v2 10/11] brcmsmac: reindent split functions Arnd Bergmann
2017-06-14 21:15 ` [PATCH v2 11/11] kasan: rework Kconfig settings Arnd Bergmann
2017-06-15  7:02   ` Dmitry Vyukov
2017-06-16 11:42     ` Arnd Bergmann
2017-06-16 11:44       ` Dmitry Vyukov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170616155859.gn2einuermlncaku@var.youpi.perso.aquilenet.fr \
    --to=samuel.thibault@ens-lyon.org \
    --cc=akpm@linux-foundation.org \
    --cc=arend.vanspriel@broadcom.com \
    --cc=arnd@arndb.de \
    --cc=aryabinin@virtuozzo.com \
    --cc=dmitry.torokhov@gmail.com \
    --cc=dvyukov@google.com \
    --cc=glider@google.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=jslaby@suse.com \
    --cc=kasan-dev@googlegroups.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.