From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 7135FC61DA4 for ; Fri, 3 Feb 2023 19:26:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Subject:Cc:To:From:Date:Message-ID:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=5q8b3qkw7qnQYV8B36pvKi2O7MNM7+CvYGudpPDM6Z8=; b=UnpbyuZ80j/MlJ cbQ8QD14a17iObV/fTR2b7ZVRWeRfJl/HbbBBUb5myq6PEEANqNqrHoN52YpYYsQAlqap8YJIXZ+m nCwaZVcON/MtMkHJg0Xvt4pIZkVvjie0icAxEvwDjXhxJsSTCCr63tINrqNyVBLTiUMFqHzK2GbCY aE/JQqUyNGdZaloKZPpKwxqqRKBt7FapozGcRBf7TRHZEqEU14QbM+0vIeOvbRR31C3pS59jZqyR1 fwTf3fXWy29mHHwM9eaFTWKJ6uaZ60DBPJu7u+mPGMXTIVaFfJDGaqcGl4eybIN0X1QU95c7ak3Fr nb80VW+BWpXQGl5ihE0A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pO1g3-003ODE-0I; Fri, 03 Feb 2023 19:24:51 +0000 Received: from mail-pj1-x1032.google.com ([2607:f8b0:4864:20::1032]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pO1fy-003OCY-Is for linux-arm-kernel@lists.infradead.org; Fri, 03 Feb 2023 19:24:48 +0000 Received: by mail-pj1-x1032.google.com with SMTP id t12-20020a17090aae0c00b00229f4cff534so8539386pjq.1 for ; Fri, 03 Feb 2023 11:24:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=in-reply-to:content-disposition:mime-version:references:subject:cc :to:from:date:message-id:from:to:cc:subject:date:message-id:reply-to; bh=0tPk4sfZJKNFpNFIGP01Wf1d6d+4z4fWOS2PRxRpJ+E=; b=QXl2BnJHqyLgWtq5mVKGbYbUgudUOgtq6id4YzZbbuUJWlFhOJ3y4KYubpj278lKSA Fcjy5e5bxvPvceFrK0V4A+e7mkVtJq99nAz8sJ+fjrtrOzJ8UhGq7OUeU6G3v2K3BBGw JH740zRZlZ/O/KBqQEkaM5+wTWFmCdtkAATqk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:subject:cc :to:from:date:message-id:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=0tPk4sfZJKNFpNFIGP01Wf1d6d+4z4fWOS2PRxRpJ+E=; b=VeNzfwUkss57HQZ7TJEUcayfM3JRQLuAsYEUv1mntYyj3hoPtg1QZ4gYEeRcOMoh2n gYhuZ0kgKrGcdYzJJG77i9K/HTk4mFivxGSYB/gW6daJhKjlni/xBRWBcHHx3FOiXOxr a3fRCprZ4tfr8SBYfJihIWI7bFYGfmaQ0WJ5Hlg8h3U//Y9Fha87okbMpKup6L4ro388 Fc5c38iFP+fM28XskNl95JbIX+0UvQMyhcYKcXC+X3vCIT0P4VjtbmSEOjkIy2pBDICt ftXEEKcKeOUcasAt7+FqD+eXec0zFAggZP7v50reolneThU5WrFHdg06mbqBuKxyHqAt k95A== X-Gm-Message-State: AO0yUKWoe5wGmuhqb+0utKuenubFbo19ZQ9lac6f0AOQbT7WFzsZLAsb 9KXkuEkGrjAbKOXuGVnx5XbWSA== X-Google-Smtp-Source: AK7set9nb8IbFAca/MYa8HvF65jyp8xy0f7/JDopphMMG2OBivnP5gsUXEntugNeV5MaZ/75901RVg== X-Received: by 2002:a17:903:230d:b0:196:4fe3:21b1 with SMTP id d13-20020a170903230d00b001964fe321b1mr12827800plh.27.1675452282886; Fri, 03 Feb 2023 11:24:42 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id g1-20020a170902fe0100b00198ef93d556sm58432plj.147.2023.02.03.11.24.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 03 Feb 2023 11:24:42 -0800 (PST) Message-ID: <63dd5f7a.170a0220.d72b.022f@mx.google.com> X-Google-Original-Message-ID: <202302031918.@keescook> Date: Fri, 3 Feb 2023 19:24:41 +0000 From: Kees Cook To: Fangrui Song Cc: Catalin Marinas , Will Deacon , Mark Rutland , John Stultz , Yongqin Liu , Sami Tolvanen , Ard Biesheuvel , Yury Norov , Andrey Konovalov , Marco Elver , linux-arm-kernel@lists.infradead.org, llvm@lists.linux.dev, Nathan Chancellor , Nick Desaulniers , Tom Rix , Alexander Potapenko , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH v2] arm64: Support Clang UBSAN trap codes for better reporting References: <20230203173946.gonna.972-kees@kernel.org> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230203_112446_681206_564A40B5 X-CRM114-Status: GOOD ( 26.92 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Fri, Feb 03, 2023 at 11:14:49AM -0800, Fangrui Song wrote: > On Fri, Feb 3, 2023 at 9:39 AM Kees Cook wrote: > > > > When building with CONFIG_UBSAN_TRAP=y on arm64, Clang encodes the UBSAN > > check (handler) type in the esr. Extract this and actually report these > > traps as coming from the specific UBSAN check that tripped. > > > > Before: > > > > Internal error: BRK handler: 00000000f20003e8 [#1] PREEMPT SMP > > > > After: > > > > Internal error: UBSAN: shift out of bounds: 00000000f2005514 [#1] PREEMPT SMP > > > > Cc: Catalin Marinas > > Cc: Will Deacon > > Cc: Mark Rutland > > Cc: John Stultz > > Cc: Yongqin Liu > > Cc: Sami Tolvanen > > Cc: Ard Biesheuvel > > Cc: Yury Norov > > Cc: Andrey Konovalov > > Cc: Marco Elver > > Cc: linux-arm-kernel@lists.infradead.org > > Cc: llvm@lists.linux.dev > > Signed-off-by: Kees Cook > > --- > > v2: improve commit log, limit report strings to actual configs, document mappings > > v1: https://lore.kernel.org/lkml/20230202223653.never.473-kees@kernel.org/ > > Thanks. I'll add the Linux kernel use to > https://maskray.me/blog/2023-01-29-all-about-undefined-behavior-sanitizer > when this lands:) Oh nice post! Thanks for the pointer. :) > > > --- > > arch/arm64/include/asm/brk-imm.h | 2 + > > arch/arm64/kernel/traps.c | 21 ++++++++++ > > include/linux/ubsan.h | 9 +++++ > > lib/Makefile | 2 - > > lib/ubsan.c | 67 ++++++++++++++++++++++++++++++++ > > lib/ubsan.h | 32 +++++++++++++++ > > 6 files changed, 131 insertions(+), 2 deletions(-) > > create mode 100644 include/linux/ubsan.h > > > > diff --git a/arch/arm64/include/asm/brk-imm.h b/arch/arm64/include/asm/brk-imm.h > > index 6e000113e508..3f0f0d03268b 100644 > > --- a/arch/arm64/include/asm/brk-imm.h > > +++ b/arch/arm64/include/asm/brk-imm.h > > @@ -28,6 +28,8 @@ > > #define BUG_BRK_IMM 0x800 > > #define KASAN_BRK_IMM 0x900 > > #define KASAN_BRK_MASK 0x0ff > > +#define UBSAN_BRK_IMM 0x5500 > > +#define UBSAN_BRK_MASK 0x00ff > > Q: How is 0x5500 derived? This is 'U' << 8 from: https://github.com/llvm/llvm-project/blob/main/llvm/lib/Target/AArch64/AArch64InstrInfo.td#L7571 > [...] > > +#ifdef CONFIG_UBSAN_TRAP > > + register_kernel_break_hook(&ubsan_break_hook); > > #endif > > IIUC, the break hook is a list so CONFIG_KASAN_SW_TAGS > (kernel-hwaddress) can be used with CONFIG_UBSAN_TRAP. Should I be doing something different here? > [...] > > +#ifdef CONFIG_UBSAN_ALIGNMENT > > + /* > > + * SanitizerKind::Alignment emits SanitizerHandler::TypeMismatch > > + * or SanitizerHandler::AlignmentAssumption. > > + */ > > + case ubsan_alignment_assumption: > > + return "UBSAN: alignment assumption"; > > + case ubsan_type_mismatch: > > + return "UBSAN: type mismatch"; > > +#endif > > + default: > > + return "UBSAN: unrecognized failure code"; > > + } > > +} > > I wonder whether keeping the dash-prefixed name is better since that > matches compiler-rt/lib/ubsan. > People can search for "add-overflow" and get cross references from > compiler-rt/lib/ubsan, instead of needing to knowing that "addition > overflow" is another name for "add-overflow". I think that the consumer of these messages wants as much plain-language detail as possible, so I'd prefer to expand these into full phrasing. To make it all more discoverable, I included all the details about how the mapping worked in the comments. > [...] > Reviewed-by: Fangrui Song Thanks! -- Kees Cook _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel