From: Marco Elver <elver@google.com>
To: George Popescu <georgepope@google.com>
Cc: Kees Cook <keescook@chromium.org>,
maz@kernel.org, Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>,
Masahiro Yamada <masahiroy@kernel.org>,
Michal Marek <michal.lkml@markovi.net>,
Linux ARM <linux-arm-kernel@lists.infradead.org>,
kvmarm@lists.cs.columbia.edu, LKML <linux-kernel@vger.kernel.org>,
Linux Kbuild mailing list <linux-kbuild@vger.kernel.org>,
clang-built-linux <clang-built-linux@googlegroups.com>,
james.morse@arm.com, julien.thierry.kdev@gmail.com,
suzuki.poulose@arm.com,
Nathan Chancellor <natechancellor@gmail.com>,
Nick Desaulniers <ndesaulniers@google.com>,
David Brazdil <dbrazdil@google.com>,
broonie@kernel.org, Fangrui Song <maskray@google.com>,
Andrew Scull <ascull@google.com>,
Andrew Morton <akpm@linux-foundation.org>,
Dmitry Vyukov <dvyukov@google.com>,
Thomas Gleixner <tglx@linutronix.de>,
Arnd Bergmann <arnd@arndb.de>,
kasan-dev@googlegroups.com, andreyknvl@google.com,
glider@google.com
Subject: Re: [PATCH 06/14] Fix CFLAGS for UBSAN_BOUNDS on Clang
Date: Wed, 16 Sep 2020 15:40:29 +0200 [thread overview]
Message-ID: <20200916134029.GA1146904@elver.google.com> (raw)
In-Reply-To: <20200916121401.GA3362356@google.com>
On Wed, Sep 16, 2020 at 12:14PM +0000, George Popescu wrote:
> On Wed, Sep 16, 2020 at 10:32:40AM +0200, Marco Elver wrote:
> > On Wed, 16 Sep 2020 at 09:40, George Popescu <georgepope@google.com> wrote:
> > > On Tue, Sep 15, 2020 at 07:32:28PM +0200, Marco Elver wrote:
> > > > On Tue, 15 Sep 2020 at 14:01, George Popescu <georgepope@google.com> wrote:
> > > > > On Tue, Sep 15, 2020 at 01:18:11PM +0200, Marco Elver wrote:
> > > > > > On Tue, 15 Sep 2020 at 12:25, George Popescu <georgepope@google.com> wrote:
> > > > > > > On Mon, Sep 14, 2020 at 03:13:14PM -0700, Kees Cook wrote:
> > > > > > > > On Mon, Sep 14, 2020 at 05:27:42PM +0000, George-Aurelian Popescu wrote:
> > > > > > > > > From: George Popescu <georgepope@google.com>
> > > > > > > > >
> > > > > > > > > When the kernel is compiled with Clang, UBSAN_BOUNDS inserts a brk after
> > > > > > > > > the handler call, preventing it from printing any information processed
> > > > > > > > > inside the buffer.
> > > > > > > > > For Clang -fsanitize=bounds expands to -fsanitize=array-bounds and
> > > > > > > > > -fsanitize=local-bounds, and the latter adds a brk after the handler
> > > > > > > > > call
> > > > > > > >
> > > > > > > This would mean losing the local-bounds coverage. I tried to test it without
> > > > > > > local-bounds and with a locally defined array on the stack and it works fine
> > > > > > > (the handler is called and the error reported). For me it feels like
> > > > > > > --array-bounds and --local-bounds are triggered for the same type of
> > > > > > > undefined_behaviours but they are handling them different.
> > > > > >
> > > > > > Does -fno-sanitize-trap=bounds help?
[...]
> > Your full config would be good, because it includes compiler version etc.
> My full config is:
Thanks. Yes, I can reproduce, and the longer I keep digging I start
wondering why we have local-bounds at all.
It appears that local-bounds finds a tiny subset of the issues that
KASAN finds:
http://lists.llvm.org/pipermail/cfe-commits/Week-of-Mon-20131021/091536.html
http://llvm.org/viewvc/llvm-project?view=revision&revision=193205
fsanitize=undefined also does not include local-bounds:
https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#available-checks
And the reason is that we do want to enable KASAN and UBSAN together;
but local-bounds is useless overhead if we already have KASAN.
I'm inclined to say that what you propose is reasonable (but the commit
message needs to be more detailed explaining the relationship with
KASAN) -- but I have no idea if this is going to break somebody's
usecase (e.g. find some OOB bugs, but without KASAN -- but then why not
use KASAN?!)
I'll ask some more people on LLVM side.
Thanks,
-- Marco
next prev parent reply other threads:[~2020-09-16 18:52 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-14 17:27 [PATCH 00/14] UBSan Enablement for hyp/nVHE code George-Aurelian Popescu
2020-09-14 17:27 ` [PATCH 01/14] KVM: arm64: Enable UBSan instrumentation in nVHE hyp code George-Aurelian Popescu
2020-09-14 17:27 ` [PATCH 02/14] KVM: arm64: Define a macro for storing a value inside a per_cpu variable George-Aurelian Popescu
2020-09-14 17:27 ` [PATCH 03/14] KVM: arm64: Add support for creating and checking a logging buffer inside hyp/nVHE George-Aurelian Popescu
2020-10-01 10:07 ` Andrew Scull
2020-09-14 17:27 ` [PATCH 04/14] KVM: arm64: Add support for buffer usage George-Aurelian Popescu
2020-09-14 17:27 ` [PATCH 05/14] KVM: arm64: Define a buffer that can pass UBSan data from hyp/nVHE to kernel George-Aurelian Popescu
2020-09-15 13:25 ` George Popescu
2020-10-01 10:51 ` Andrew Scull
2020-09-14 17:27 ` [PATCH 06/14] Fix CFLAGS for UBSAN_BOUNDS on Clang George-Aurelian Popescu
2020-09-14 21:17 ` Nick Desaulniers
2020-09-14 22:13 ` Kees Cook
2020-09-15 10:24 ` George Popescu
2020-09-15 11:18 ` Marco Elver
2020-09-15 12:01 ` George Popescu
2020-09-15 17:32 ` Marco Elver
2020-09-16 7:40 ` George Popescu
2020-09-16 8:32 ` Marco Elver
[not found] ` <20200916121401.GA3362356@google.com>
2020-09-16 13:40 ` Marco Elver [this message]
2020-09-17 6:37 ` Marco Elver
2020-09-17 11:35 ` George Popescu
2020-09-17 22:21 ` Kees Cook
2020-09-17 22:17 ` Kees Cook
2020-09-14 17:27 ` [PATCH 07/14] KVM: arm64: Enable UBSAN_BOUNDS for the both the kernel and hyp/nVHE George-Aurelian Popescu
2020-10-01 10:57 ` Andrew Scull
2020-09-14 17:27 ` [PATCH 08/14] KVM: arm64: Enable UBsan check for unreachable code inside hyp/nVHE code George-Aurelian Popescu
2020-09-14 17:27 ` [PATCH 09/14] KVM: arm64: Enable shift out of bounds undefined behaviour check for hyp/nVHE George-Aurelian Popescu
2020-09-14 17:27 ` [PATCH 10/14] KVM: arm64: __ubsan_handle_load_invalid_value hyp/nVHE implementation George-Aurelian Popescu
2020-09-14 17:27 ` [PATCH 11/14] KVM: arm64: Detect type mismatch undefined behaviour from hyp/nVHE code George-Aurelian Popescu
2020-09-14 17:27 ` [PATCH 12/14] KVM: arm64: Detect arithmetic overflow is inside hyp/nVHE George-Aurelian Popescu
2020-09-14 17:27 ` [PATCH 13/14] KVM: arm64: Enable the CONFIG_TEST UBSan for PKVM George-Aurelian Popescu
2020-09-14 17:27 ` [PATCH 14/14] DO NOT MERGE: Enable configs to test the patch series George-Aurelian Popescu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200916134029.GA1146904@elver.google.com \
--to=elver@google.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@google.com \
--cc=arnd@arndb.de \
--cc=ascull@google.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=clang-built-linux@googlegroups.com \
--cc=dbrazdil@google.com \
--cc=dvyukov@google.com \
--cc=georgepope@google.com \
--cc=glider@google.com \
--cc=james.morse@arm.com \
--cc=julien.thierry.kdev@gmail.com \
--cc=kasan-dev@googlegroups.com \
--cc=keescook@chromium.org \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=maskray@google.com \
--cc=maz@kernel.org \
--cc=michal.lkml@markovi.net \
--cc=natechancellor@gmail.com \
--cc=ndesaulniers@google.com \
--cc=suzuki.poulose@arm.com \
--cc=tglx@linutronix.de \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).