* [to-be-updated] ubsan-introducing-config_ubsan_bounds_local-for-clang.patch removed from -mm tree
@ 2020-09-22 17:06 akpm
0 siblings, 0 replies; only message in thread
From: akpm @ 2020-09-22 17:06 UTC (permalink / raw)
To: mm-commits, ndesaulniers, natechancellor, michal.lkml, masahiroy,
keescook, georgepope, elver, dvyukov, dbrazdil, arnd,
a.p.zijlstra, georgepope
The patch titled
Subject: ubsan: introduce CONFIG_UBSAN_BOUNDS_LOCAL for Clang
has been removed from the -mm tree. Its filename was
ubsan-introducing-config_ubsan_bounds_local-for-clang.patch
This patch was dropped because an updated version will be merged
------------------------------------------------------
From: George Popescu <georgepope@google.com>
Subject: ubsan: introduce CONFIG_UBSAN_BOUNDS_LOCAL for Clang
When the kernel is compiled with Clang, -fsanitize=bounds expands to
-fsanitize=array-bounds and -fsanitize=local-bounds.
Enabling -fsanitize=local-bounds with Clang has the unfortunate
side-effect of inserting traps; this goes back to its original intent,
which was as a hardening and not a debugging feature [1]. The same
feature made its way into -fsanitize=bounds, but the traps remained. For
that reason, -fsanitize=bounds was split into 'array-bounds' and
'local-bounds' [2].
Since 'local-bounds' doesn't behave like a normal sanitizer, enable it
with Clang only if trapping behaviour was requested by
CONFIG_UBSAN_TRAP=y.
Add the UBSAN_BOUNDS_LOCAL config to Kconfig.ubsan to enable the
'local-bounds' option by default when UBSAN_TRAP is enabled.
[1] http://lists.llvm.org/pipermail/llvm-dev/2012-May/049972.html
[2] http://lists.llvm.org/pipermail/cfe-commits/Week-of-Mon-20131021/091536.html
Link: https://lkml.kernel.org/r/20200918133632.4038538-1-georgepope@google.com
Signed-off-by: George Popescu <georgepope@android.com>
Suggested-by: Marco Elver <elver@google.com>
Reviewed-by: David Brazdil <dbrazdil@google.com>
Cc: Masahiro Yamada <masahiroy@kernel.org>
Cc: Michal Marek <michal.lkml@markovi.net>
Cc: Nathan Chancellor <natechancellor@gmail.com>
Cc: Nick Desaulniers <ndesaulniers@google.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: David Brazdil <dbrazdil@google.com>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---
lib/Kconfig.ubsan | 14 ++++++++++++++
scripts/Makefile.ubsan | 10 +++++++++-
2 files changed, 23 insertions(+), 1 deletion(-)
--- a/lib/Kconfig.ubsan~ubsan-introducing-config_ubsan_bounds_local-for-clang
+++ a/lib/Kconfig.ubsan
@@ -47,6 +47,20 @@ config UBSAN_BOUNDS
to the {str,mem}*cpy() family of functions (that is addressed
by CONFIG_FORTIFY_SOURCE).
+config UBSAN_BOUNDS_LOCAL
+ bool "Perform array local bounds checking"
+ depends on UBSAN_TRAP
+ depends on CC_IS_CLANG
+ depends on !UBSAN_KCOV_BROKEN
+ help
+ This option enables -fsanitize=local-bounds which traps when an
+ exception/error is detected. Therefore, it should be enabled only
+ if trapping is expected.
+ Enabling this option detects errors due to accesses through a
+ pointer that is derived from an object of a statically-known size,
+ where an added offset (which may not be known statically) is
+ out-of-bounds.
+
config UBSAN_MISC
bool "Enable all other Undefined Behavior sanity checks"
default UBSAN
--- a/scripts/Makefile.ubsan~ubsan-introducing-config_ubsan_bounds_local-for-clang
+++ a/scripts/Makefile.ubsan
@@ -4,7 +4,15 @@ ifdef CONFIG_UBSAN_ALIGNMENT
endif
ifdef CONFIG_UBSAN_BOUNDS
- CFLAGS_UBSAN += $(call cc-option, -fsanitize=bounds)
+ ifdef CONFIG_CC_IS_CLANG
+ CFLAGS_UBSAN += -fsanitize=array-bounds
+ else
+ CFLAGS_UBSAN += $(call cc-option, -fsanitize=bounds)
+ endif
+endif
+
+ifdef CONFIG_UBSAN_LOCAL_BOUNDS
+ CFLAGS_UBSAN += -fsanitize=local-bounds
endif
ifdef CONFIG_UBSAN_MISC
_
Patches currently in -mm which might be from georgepope@google.com are
ubsan-introducing-config_ubsan_local_bounds-for-clang.patch
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2020-09-22 17:06 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-22 17:06 [to-be-updated] ubsan-introducing-config_ubsan_bounds_local-for-clang.patch removed from -mm tree akpm
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.