From: Peter Zijlstra <peterz@infradead.org>
To: Segher Boessenkool <segher@kernel.crashing.org>
Cc: Mark Rutland <mark.rutland@arm.com>,
Nick Desaulniers <ndesaulniers@google.com>,
Borislav Petkov <bp@alien8.de>,
Nathan Chancellor <nathan@kernel.org>, x86-ml <x86@kernel.org>,
lkml <linux-kernel@vger.kernel.org>,
llvm@lists.linux.dev, Josh Poimboeuf <jpoimboe@redhat.com>,
linux-toolchains@vger.kernel.org
Subject: Re: clang memcpy calls
Date: Mon, 28 Mar 2022 18:16:37 +0200 [thread overview]
Message-ID: <YkHfZbCE0ycVWyxz@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <20220328155957.GK614@gate.crashing.org>
On Mon, Mar 28, 2022 at 10:59:57AM -0500, Segher Boessenkool wrote:
> I do not see how that follows. Maybe that is obvious from how you look
> at your use case, but it is not from the viewpoint of people who just
> want to do sanitation.
It's a substitution issue:
either:
memcpy() equals: "asan instrumentation" + "memcpy implementation"
or:
memcpy() equals: "memcpy implementation"
It can not be both, since they're not equivalent.
So if the compiler does the substitution, it needs some sense of
equivalence. All we're asking is that it be consistent (my preference is
for the latter).
> So what is the goal here? Why do you need to
> prevent sanitation on anything called from this function, at all cost?
Kernel entry code might not have reached a point where instrumentation
assumptions are valid yet. Consider calling into C before the kernel
page-tables are swapped in. KASAN instrumentation would insta-explode
simply because the environment it expects (the shadow data etc..) isn't
there.
next prev parent reply other threads:[~2022-03-28 16:16 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <YjxTt3pFIcV3lt8I@zn.tnic>
2022-03-24 18:43 ` clang memcpy calls Nick Desaulniers
2022-03-24 22:54 ` David Laight
2022-03-25 12:15 ` Mark Rutland
2022-03-25 14:13 ` Peter Zijlstra
2022-03-25 15:12 ` Segher Boessenkool
2022-03-28 9:52 ` Mark Rutland
2022-03-28 10:20 ` Jakub Jelinek
2022-03-28 11:54 ` Peter Zijlstra
2022-03-28 12:55 ` Mark Rutland
2022-03-28 13:12 ` Jakub Jelinek
2022-03-28 13:44 ` Mark Rutland
2022-03-30 14:45 ` Marco Elver
2022-03-28 14:22 ` Segher Boessenkool
2022-03-28 14:58 ` Mark Rutland
2022-03-28 15:59 ` Segher Boessenkool
2022-03-28 16:16 ` Peter Zijlstra [this message]
2022-03-28 16:58 ` Segher Boessenkool
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YkHfZbCE0ycVWyxz@hirez.programming.kicks-ass.net \
--to=peterz@infradead.org \
--cc=bp@alien8.de \
--cc=jpoimboe@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-toolchains@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=mark.rutland@arm.com \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=segher@kernel.crashing.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox