Re: [PATCH] ubsan: Implement __ubsan_handle_alignment_assumption

From: Nick Desaulniers <ndesaulniers@google.com>
To: Nathan Chancellor <natechancellor@gmail.com>
Cc: Kees Cook <keescook@chromium.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	LKML <linux-kernel@vger.kernel.org>,
	clang-built-linux <clang-built-linux@googlegroups.com>
Subject: Re: [PATCH] ubsan: Implement __ubsan_handle_alignment_assumption
Date: Tue, 12 Jan 2021 13:15:42 -0800	[thread overview]
Message-ID: <CAKwvOd=yrVKBn9TN2cP8SiB7A8=c2g41PyodKGJu+xEQwAmnDA@mail.gmail.com> (raw)
In-Reply-To: <20210112205542.1375847-1-natechancellor@gmail.com>

On Tue, Jan 12, 2021 at 12:55 PM Nathan Chancellor
<natechancellor@gmail.com> wrote:
>
> When building ARCH=mips 32r2el_defconfig with CONFIG_UBSAN_ALIGNMENT:
>
> ld.lld: error: undefined symbol: __ubsan_handle_alignment_assumption
> >>> referenced by slab.h:557 (include/linux/slab.h:557)
> >>>               main.o:(do_initcalls) in archive init/built-in.a
> >>> referenced by slab.h:448 (include/linux/slab.h:448)
> >>>               do_mounts_rd.o:(rd_load_image) in archive init/built-in.a
> >>> referenced by slab.h:448 (include/linux/slab.h:448)
> >>>               do_mounts_rd.o:(identify_ramdisk_image) in archive init/built-in.a
> >>> referenced 1579 more times
>
> Implement this for the kernel based on LLVM's
> handleAlignmentAssumptionImpl because the kernel is not linked against
> the compiler runtime.
>
> Link: https://github.com/ClangBuiltLinux/linux/issues/1245
> Link: https://github.com/llvm/llvm-project/blob/llvmorg-11.0.1/compiler-rt/lib/ubsan/ubsan_handlers.cpp#L151-L190
> Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
> ---
>  lib/ubsan.c | 28 ++++++++++++++++++++++++++++
>  lib/ubsan.h |  6 ++++++
>  2 files changed, 34 insertions(+)
>
> diff --git a/lib/ubsan.c b/lib/ubsan.c
> index 3e3352f3d0da..a1e6cc9993f8 100644
> --- a/lib/ubsan.c
> +++ b/lib/ubsan.c
> @@ -427,3 +427,31 @@ void __ubsan_handle_load_invalid_value(void *_data, void *val)
>         ubsan_epilogue();
>  }
>  EXPORT_SYMBOL(__ubsan_handle_load_invalid_value);
> +
> +void __ubsan_handle_alignment_assumption(void *_data, unsigned long ptr,
> +                                        unsigned long align,
> +                                        unsigned long offset)
> +{
> +       struct alignment_assumption_data *data = _data;
> +       unsigned long real_ptr;
> +
> +       if (suppress_report(&data->location))
> +               return;
> +
> +       ubsan_prologue(&data->location, "alignment-assumption");
> +
> +       if (offset)
> +               pr_err("assumption of %lu byte alignment (with offset of %lu byte) for pointer of type %s failed",
> +                      align, offset, data->type->type_name);
> +       else
> +               pr_err("assumption of %lu byte alignment for pointer of type %s failed",
> +                      align, data->type->type_name);
> +
> +       real_ptr = ptr - offset;
> +       pr_err("%saddress is %lu aligned, misalignment offset is %lu bytes",
> +              offset ? "offset " : "", BIT(ffs(real_ptr)),

if real_ptr is an unsigned long, do we want to use `__ffs(real_ptr) +
1` here rather than ffs which takes an int?  It seems the kernel is
missing a definition of ffsl. :(

Otherwise code LGTM.

> +              real_ptr & (align - 1));
> +
> +       ubsan_epilogue();
> +}
> +EXPORT_SYMBOL(__ubsan_handle_alignment_assumption);
> diff --git a/lib/ubsan.h b/lib/ubsan.h
> index 7b56c09473a9..9a0b71c5ff9f 100644
> --- a/lib/ubsan.h
> +++ b/lib/ubsan.h
> @@ -78,6 +78,12 @@ struct invalid_value_data {
>         struct type_descriptor *type;
>  };
>
> +struct alignment_assumption_data {
> +       struct source_location location;
> +       struct source_location assumption_location;
> +       struct type_descriptor *type;
> +};
> +
>  #if defined(CONFIG_ARCH_SUPPORTS_INT128)
>  typedef __int128 s_max;
>  typedef unsigned __int128 u_max;
>
> base-commit: 7c53f6b671f4aba70ff15e1b05148b10d58c2837
> --
> 2.30.0
>

-- 
Thanks,
~Nick Desaulniers