From: Kees Cook <keescook@chromium.org>
To: Arnd Bergmann <arnd@arndb.de>
Cc: "Conor.Dooley" <conor.dooley@microchip.com>,
Vlastimil Babka <vbabka@suse.cz>, David Gow <davidgow@google.com>,
Christoph Lameter <cl@linux.com>,
Pekka Enberg <penberg@kernel.org>,
David Rientjes <rientjes@google.com>,
Joonsoo Kim <iamjoonsoo.kim@lge.com>,
Roman Gushchin <roman.gushchin@linux.dev>,
Hyeonggon Yoo <42.hyeyoo@gmail.com>,
Rasmus Villemoes <rasmus.villemoes@prevas.dk>,
Guenter Roeck <linux@roeck-us.net>,
Andy Shevchenko <andriy.shevchenko@intel.com>,
Paolo Abeni <pabeni@redhat.com>,
Geert Uytterhoeven <geert@linux-m68k.org>,
Nathan Chancellor <nathan@kernel.org>,
Nick Desaulniers <ndesaulniers@google.com>,
Tom Rix <trix@redhat.com>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
linux-hardening@vger.kernel.org, llvm@lists.linux.dev
Subject: Re: [PATCH 0/6] slab: Provide full coverage for __alloc_size attribute
Date: Thu, 1 Dec 2022 09:15:34 -0800 [thread overview]
Message-ID: <202212010915.ADB7D298@keescook> (raw)
In-Reply-To: <63ced4a4-33b9-4c03-8d7a-987ceb1fc2c7@app.fastmail.com>
On Tue, Nov 29, 2022 at 01:33:03PM +0100, Arnd Bergmann wrote:
> On Tue, Nov 29, 2022, at 13:24, Conor Dooley wrote:
> > On Tue, Nov 01, 2022 at 03:33:08PM -0700, Kees Cook wrote:
> >> Hi,
> >>
> >> This is a series to work around a deficiency in GCC (>=11) and Clang
> >> (<16) where the __alloc_size attribute does not apply to inlines. :(
> >> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96503
> >>
> >> This manifests as reduced overflow detection coverage for many allocation
> >> sites under CONFIG_FORTIFY_SOURCE=y, where the allocation size was
> >> not actually being propagated to __builtin_dynamic_object_size(). In
> >> addition to working around the issue, expand use of __alloc_size (and
> >> __realloc_size) to more places and provide KUnit tests to validate all
> >> the covered allocator APIs.
> >
> > Hello Kees!
> >
> > It would appear that one of the macros you've added here is doing Bad
> > Things^TM to allmodconfig on RISC-V since the 22nd:
> >
> > ../lib/fortify_kunit.c: In function 'alloc_size_kmalloc_const_test':
> > ../lib/fortify_kunit.c:140:1: error: the frame size of 2384 bytes is
> > larger than 2048 bytes [-Werror=frame-larger-than=]
> > 140 | }
> > \
> > | ^
> > ../lib/fortify_kunit.c:209:1: note: in expansion of macro
> > 'DEFINE_ALLOC_SIZE_TEST_PAIR'
> > 209 | DEFINE_ALLOC_SIZE_TEST_PAIR(kmalloc)
> > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~
> > cc1: all warnings being treated as errors
> >
> > CONFIG_GCC_VERSION=110100
> > CONFIG_AS_VERSION=23700
> > CONFIG_LD_VERSION=23700
> >
> > The report came out of my CI (which I should have passed on sooner) so
> > I do not have anything other than stderr - I can get you anything else
> > you'd like/need though if you LMK.
>
> There is generally a conflict between kunit and the structleak
> gcc plugin, I think the Makefile needs a line like
>
> CFLAGS_fortify_kunit.o += $(DISABLE_STRUCTLEAK_PLUGIN)
Thanks for the report! I've taken Anders's patch for this now.
--
Kees Cook
prev parent reply other threads:[~2022-12-01 17:15 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-01 22:33 [PATCH 0/6] slab: Provide full coverage for __alloc_size attribute Kees Cook
2022-11-01 22:33 ` [PATCH 1/6] slab: Clean up SLOB vs kmalloc() definition Kees Cook
2022-11-03 13:32 ` Hyeonggon Yoo
2022-11-01 22:33 ` [PATCH 2/6] slab: Remove special-casing of const 0 size allocations Kees Cook
2022-11-03 14:00 ` Hyeonggon Yoo
2022-11-01 22:33 ` [PATCH 3/6] slab: Provide functional __alloc_size() hints to kmalloc_trace*() Kees Cook
2022-11-03 14:16 ` Hyeonggon Yoo
2022-11-04 18:22 ` Kees Cook
2022-11-05 1:09 ` Hyeonggon Yoo
2022-11-05 6:45 ` Kees Cook
2022-11-01 22:33 ` [PATCH 4/6] string: Add __realloc_size hint to kmemdup() Kees Cook
2022-11-02 9:26 ` Rasmus Villemoes
2022-11-02 19:40 ` Kees Cook
2022-11-01 22:33 ` [PATCH 5/6] driver core: Add __alloc_size hint to devm allocators Kees Cook
2023-02-01 7:36 ` Yongqin Liu
2023-02-01 8:11 ` John Stultz
2023-02-01 8:16 ` John Stultz
2023-02-01 18:41 ` Andy Shevchenko
2023-02-02 17:18 ` Kees Cook
2023-02-02 18:56 ` John Stultz
2023-02-02 19:10 ` Kees Cook
2023-02-02 19:20 ` Ard Biesheuvel
2023-02-02 19:31 ` Nick Desaulniers
2023-02-02 19:49 ` Sami Tolvanen
2023-02-02 19:53 ` Kees Cook
2023-02-02 20:11 ` Sami Tolvanen
2023-02-02 20:43 ` Kees Cook
2022-11-01 22:33 ` [PATCH 6/6] kunit/fortify: Validate __alloc_size attribute results Kees Cook
2022-11-02 18:15 ` kernel test robot
2022-11-29 12:24 ` [PATCH 0/6] slab: Provide full coverage for __alloc_size attribute Conor Dooley
2022-11-29 12:33 ` Arnd Bergmann
2022-12-01 17:15 ` Kees Cook [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202212010915.ADB7D298@keescook \
--to=keescook@chromium.org \
--cc=42.hyeyoo@gmail.com \
--cc=andriy.shevchenko@intel.com \
--cc=arnd@arndb.de \
--cc=cl@linux.com \
--cc=conor.dooley@microchip.com \
--cc=davidgow@google.com \
--cc=geert@linux-m68k.org \
--cc=iamjoonsoo.kim@lge.com \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux@roeck-us.net \
--cc=llvm@lists.linux.dev \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=pabeni@redhat.com \
--cc=penberg@kernel.org \
--cc=rasmus.villemoes@prevas.dk \
--cc=rientjes@google.com \
--cc=roman.gushchin@linux.dev \
--cc=trix@redhat.com \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.