All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] KASAN: prohibit KASAN+STRUCTLEAK combination
@ 2018-04-19  9:48 Dmitry Vyukov
  2018-04-19 17:21 ` Andrey Ryabinin
  0 siblings, 1 reply; 3+ messages in thread
From: Dmitry Vyukov @ 2018-04-19  9:48 UTC (permalink / raw)
  To: linux-mm, akpm
  Cc: Dmitry Vyukov, kasan-dev, Fengguang Wu, Sergey Senozhatsky,
	Andrey Ryabinin, Kees Cook

Currently STRUCTLEAK inserts initialization out of live scope of
variables from KASAN point of view. This leads to KASAN false
positive reports. Prohibit this combination for now.

Signed-off-by: Dmitry Vyukov <dvyukov@google.com>
Cc: linux-mm@kvack.org
Cc: kasan-dev@googlegroups.com
Cc: Fengguang Wu <fengguang.wu@intel.com>
Cc: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: Kees Cook <keescook@google.com>

---

This combination leads to periodic confusion
and pointless debugging:

https://marc.info/?l=linux-kernel&m=151991367323082
https://marc.info/?l=linux-kernel&m=151992229326243
https://lkml.org/lkml/2017/11/30/33
---
 arch/Kconfig | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/Kconfig b/arch/Kconfig
index 8e0d665c8d53..983578c44cca 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -464,6 +464,10 @@ config GCC_PLUGIN_LATENT_ENTROPY
 config GCC_PLUGIN_STRUCTLEAK
 	bool "Force initialization of variables containing userspace addresses"
 	depends on GCC_PLUGINS
+	# Currently STRUCTLEAK inserts initialization out of live scope of
+	# variables from KASAN point of view. This leads to KASAN false
+	# positive reports. Prohibit this combination for now.
+	depends on !KASAN
 	help
 	  This plugin zero-initializes any structures containing a
 	  __user attribute. This can prevent some classes of information
-- 
2.17.0.484.g0c8726318c-goog

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH] KASAN: prohibit KASAN+STRUCTLEAK combination
  2018-04-19  9:48 [PATCH] KASAN: prohibit KASAN+STRUCTLEAK combination Dmitry Vyukov
@ 2018-04-19 17:21 ` Andrey Ryabinin
  2018-04-19 17:25   ` Dmitry Vyukov
  0 siblings, 1 reply; 3+ messages in thread
From: Andrey Ryabinin @ 2018-04-19 17:21 UTC (permalink / raw)
  To: Dmitry Vyukov, linux-mm, akpm
  Cc: kasan-dev, Fengguang Wu, Sergey Senozhatsky, Kees Cook



On 04/19/2018 12:48 PM, Dmitry Vyukov wrote:

> --- a/arch/Kconfig
> +++ b/arch/Kconfig
> @@ -464,6 +464,10 @@ config GCC_PLUGIN_LATENT_ENTROPY
>  config GCC_PLUGIN_STRUCTLEAK
>  	bool "Force initialization of variables containing userspace addresses"
>  	depends on GCC_PLUGINS
> +	# Currently STRUCTLEAK inserts initialization out of live scope of
> +	# variables from KASAN point of view. This leads to KASAN false
> +	# positive reports. Prohibit this combination for now.
> +	depends on !KASAN
                    KASAN_EXTRA

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH] KASAN: prohibit KASAN+STRUCTLEAK combination
  2018-04-19 17:21 ` Andrey Ryabinin
@ 2018-04-19 17:25   ` Dmitry Vyukov
  0 siblings, 0 replies; 3+ messages in thread
From: Dmitry Vyukov @ 2018-04-19 17:25 UTC (permalink / raw)
  To: Andrey Ryabinin
  Cc: Linux-MM, Andrew Morton, kasan-dev, Fengguang Wu,
	Sergey Senozhatsky, Kees Cook

On Thu, Apr 19, 2018 at 7:21 PM, Andrey Ryabinin
<aryabinin@virtuozzo.com> wrote:
>
>
> On 04/19/2018 12:48 PM, Dmitry Vyukov wrote:
>
>> --- a/arch/Kconfig
>> +++ b/arch/Kconfig
>> @@ -464,6 +464,10 @@ config GCC_PLUGIN_LATENT_ENTROPY
>>  config GCC_PLUGIN_STRUCTLEAK
>>       bool "Force initialization of variables containing userspace addresses"
>>       depends on GCC_PLUGINS
>> +     # Currently STRUCTLEAK inserts initialization out of live scope of
>> +     # variables from KASAN point of view. This leads to KASAN false
>> +     # positive reports. Prohibit this combination for now.
>> +     depends on !KASAN
>                     KASAN_EXTRA

Remailed, thanks.

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-04-19 17:25 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-04-19  9:48 [PATCH] KASAN: prohibit KASAN+STRUCTLEAK combination Dmitry Vyukov
2018-04-19 17:21 ` Andrey Ryabinin
2018-04-19 17:25   ` Dmitry Vyukov

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.