| Message ID | 1449708123-7340-1-git-send-email-dja@axtens.net (mailing list archive) |
|---|---|
| State | RFC |
| Headers | show |
On 10/12/15 11:42, Daniel Axtens wrote: > This hooks up UBSAN support for PowerPC. > > So far it's found some interesting cases where we don't properly sanitise > input to shifts, including one in our futex handling. Nothing critical, > but interesting and worth fixing. > > CC: Andrey Ryabinin <aryabinin@virtuozzo.com> > --- > > This to be applied on top of next with Andrey's patches: > 1) https://patchwork.kernel.org/patch/7761341/ > 2) https://patchwork.kernel.org/patch/7761351/ > 3) https://patchwork.kernel.org/patch/7761361/ > 4) https://patchwork.kernel.org/patch/7785791/ > > This is RFC for a couple of reasons: > > - I'd like the original patches to > s/ARCH_HAS_UBSAN_SANTIZE_ALL/ARCH_HAS_UBSAN_SAN*I*TIZE_ALL/ > (I'm about to send an email about that) > > - I've only tested on LE pseries so far - I want to test on powernv, > and on BE. > > Signed-off-by: Daniel Axtens <dja@axtens.net> I tested this patch as found in linux-next, along with the SANITIZE_ALL typo fix, on a big-endian BML system, with gcc 5.2.1. It successfully picked up one of the shift input issues that Daniel found, so therefore... Tested-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig index 25283796a02e..e197de45d517 100644 --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig @@ -156,6 +156,7 @@ config PPC select EDAC_ATOMIC_SCRUB select ARCH_HAS_DMA_SET_COHERENT_MASK select HAVE_ARCH_SECCOMP_FILTER + select ARCH_HAS_UBSAN_SANTIZE_ALL config GENERIC_CSUM def_bool CPU_LITTLE_ENDIAN diff --git a/arch/powerpc/kernel/Makefile b/arch/powerpc/kernel/Makefile index ba336930d448..794f22adf99d 100644 --- a/arch/powerpc/kernel/Makefile +++ b/arch/powerpc/kernel/Makefile @@ -136,12 +136,18 @@ endif obj-$(CONFIG_EPAPR_PARAVIRT) += epapr_paravirt.o epapr_hcalls.o obj-$(CONFIG_KVM_GUEST) += kvm.o kvm_emul.o -# Disable GCOV in odd or sensitive code +# Disable GCOV & sanitizers in odd or sensitive code GCOV_PROFILE_prom_init.o := n +UBSAN_SANITIZE_prom_init.o := n GCOV_PROFILE_ftrace.o := n +UBSAN_SANITIZE_ftrace.o := n GCOV_PROFILE_machine_kexec_64.o := n +UBSAN_SANITIZE_machine_kexec_64.o := n GCOV_PROFILE_machine_kexec_32.o := n +UBSAN_SANITIZE_machine_kexec_32.o := n GCOV_PROFILE_kprobes.o := n +UBSAN_SANITIZE_kprobes.o := n +UBSAN_SANITIZE_vdso.o := n extra-$(CONFIG_PPC_FPU) += fpu.o extra-$(CONFIG_ALTIVEC) += vector.o diff --git a/arch/powerpc/kernel/vdso32/Makefile b/arch/powerpc/kernel/vdso32/Makefile index 6abffb7a8cd9..cbabd143acae 100644 --- a/arch/powerpc/kernel/vdso32/Makefile +++ b/arch/powerpc/kernel/vdso32/Makefile @@ -15,6 +15,7 @@ targets := $(obj-vdso32) vdso32.so vdso32.so.dbg obj-vdso32 := $(addprefix $(obj)/, $(obj-vdso32)) GCOV_PROFILE := n +UBSAN_SANITIZE := n ccflags-y := -shared -fno-common -fno-builtin ccflags-y += -nostdlib -Wl,-soname=linux-vdso32.so.1 \ diff --git a/arch/powerpc/kernel/vdso64/Makefile b/arch/powerpc/kernel/vdso64/Makefile index 8c8f2ae43935..c710802b8fb6 100644 --- a/arch/powerpc/kernel/vdso64/Makefile +++ b/arch/powerpc/kernel/vdso64/Makefile @@ -8,6 +8,7 @@ targets := $(obj-vdso64) vdso64.so vdso64.so.dbg obj-vdso64 := $(addprefix $(obj)/, $(obj-vdso64)) GCOV_PROFILE := n +UBSAN_SANITIZE := n ccflags-y := -shared -fno-common -fno-builtin ccflags-y += -nostdlib -Wl,-soname=linux-vdso64.so.1 \ diff --git a/arch/powerpc/xmon/Makefile b/arch/powerpc/xmon/Makefile index 1278788d96e3..436062dbb6e2 100644 --- a/arch/powerpc/xmon/Makefile +++ b/arch/powerpc/xmon/Makefile @@ -3,6 +3,7 @@ subdir-ccflags-$(CONFIG_PPC_WERROR) := -Werror GCOV_PROFILE := n +UBSAN_SANITIZE := n ccflags-$(CONFIG_PPC64) := $(NO_MINIMAL_TOC)
This hooks up UBSAN support for PowerPC. So far it's found some interesting cases where we don't properly sanitise input to shifts, including one in our futex handling. Nothing critical, but interesting and worth fixing. CC: Andrey Ryabinin <aryabinin@virtuozzo.com> --- This to be applied on top of next with Andrey's patches: 1) https://patchwork.kernel.org/patch/7761341/ 2) https://patchwork.kernel.org/patch/7761351/ 3) https://patchwork.kernel.org/patch/7761361/ 4) https://patchwork.kernel.org/patch/7785791/ This is RFC for a couple of reasons: - I'd like the original patches to s/ARCH_HAS_UBSAN_SANTIZE_ALL/ARCH_HAS_UBSAN_SAN*I*TIZE_ALL/ (I'm about to send an email about that) - I've only tested on LE pseries so far - I want to test on powernv, and on BE. Signed-off-by: Daniel Axtens <dja@axtens.net> --- arch/powerpc/Kconfig | 1 + arch/powerpc/kernel/Makefile | 8 +++++++- arch/powerpc/kernel/vdso32/Makefile | 1 + arch/powerpc/kernel/vdso64/Makefile | 1 + arch/powerpc/xmon/Makefile | 1 + 5 files changed, 11 insertions(+), 1 deletion(-)