{"id":817719,"url":"http://patchwork.ozlabs.org/api/patches/817719/?format=json","web_url":"http://patchwork.ozlabs.org/project/netdev/patch/20170922212930.620249-10-arnd@arndb.de/","project":{"id":7,"url":"http://patchwork.ozlabs.org/api/projects/7/?format=json","name":"Linux network development","link_name":"netdev","list_id":"netdev.vger.kernel.org","list_email":"netdev@vger.kernel.org","web_url":null,"scm_url":null,"webscm_url":null,"list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<20170922212930.620249-10-arnd@arndb.de>","list_archive_url":null,"date":"2017-09-22T21:29:20","name":"[v4,9/9] kasan: rework Kconfig settings","commit_ref":null,"pull_url":null,"state":"not-applicable","archived":true,"hash":"a73234457a3321297ceee809c0ff912d5e22a1da","submitter":{"id":30,"url":"http://patchwork.ozlabs.org/api/people/30/?format=json","name":"Arnd Bergmann","email":"arnd@arndb.de"},"delegate":{"id":34,"url":"http://patchwork.ozlabs.org/api/users/34/?format=json","username":"davem","first_name":"David","last_name":"Miller","email":"davem@davemloft.net"},"mbox":"http://patchwork.ozlabs.org/project/netdev/patch/20170922212930.620249-10-arnd@arndb.de/mbox/","series":[{"id":4712,"url":"http://patchwork.ozlabs.org/api/series/4712/?format=json","web_url":"http://patchwork.ozlabs.org/project/netdev/list/?series=4712","date":"2017-09-22T21:29:16","name":"bring back stack frame warning with KASAN","version":4,"mbox":"http://patchwork.ozlabs.org/series/4712/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/817719/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/817719/checks/","tags":{},"related":[],"headers":{"Return-Path":"<netdev-owner@vger.kernel.org>","X-Original-To":"patchwork-incoming@ozlabs.org","Delivered-To":"patchwork-incoming@ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)","Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xzRYY6ngPz9s9Y\n\tfor <patchwork-incoming@ozlabs.org>;\n\tSat, 23 Sep 2017 07:33:37 +1000 (AEST)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1752852AbdIVVdU (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);\n\tFri, 22 Sep 2017 17:33:20 -0400","from mout.kundenserver.de ([212.227.126.134]:60659 \"EHLO\n\tmout.kundenserver.de\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S1752325AbdIVVdR (ORCPT\n\t<rfc822;netdev@vger.kernel.org>); Fri, 22 Sep 2017 17:33:17 -0400","from wuerfel.lan ([95.208.190.237]) by mrelayeu.kundenserver.de\n\t(mreue002 [212.227.15.129]) with ESMTPA (Nemesis) id\n\t0MYGci-1drEDi0O4O-00UtyA; Fri, 22 Sep 2017 23:31:46 +0200"],"From":"Arnd Bergmann <arnd@arndb.de>","To":"Andrey Ryabinin <aryabinin@virtuozzo.com>,\n\tMasahiro Yamada <yamada.masahiro@socionext.com>,\n\tMichal Marek <mmarek@suse.com>, Andrew Morton <akpm@linux-foundation.org>","Cc":"Arnd Bergmann <arnd@arndb.de>,\n\tMauro Carvalho Chehab <mchehab@kernel.org>, Jiri Pirko\n\t<jiri@resnulli.us>, Arend van Spriel <arend.vanspriel@broadcom.com>,\n\tKalle Valo <kvalo@codeaurora.org>, \n\t\"David S. Miller\" <davem@davemloft.net>, Alexander Potapenko\n\t<glider@google.com>,         Dmitry Vyukov <dvyukov@google.com>,\n\tKees Cook <keescook@chromium.org>, \n\tGeert Uytterhoeven <geert@linux-m68k.org>, Greg Kroah-Hartman\n\t<gregkh@linuxfoundation.org>, linux-media@vger.kernel.org,\n\tlinux-kernel@vger.kernel.org, netdev@vger.kernel.org,\n\tlinux-wireless@vger.kernel.org, brcm80211-dev-list.pdl@broadcom.com,\n\tbrcm80211-dev-list@cypress.com, kasan-dev@googlegroups.com, \n\tlinux-kbuild@vger.kernel.org, Jakub Jelinek <jakub@gcc.gnu.org>, \n\t=?utf-8?q?Martin_Li=C5=A1ka?= <marxin@gcc.gnu.org>","Subject":"[PATCH v4 9/9] kasan: rework Kconfig settings","Date":"Fri, 22 Sep 2017 23:29:20 +0200","Message-Id":"<20170922212930.620249-10-arnd@arndb.de>","X-Mailer":"git-send-email 2.9.0","In-Reply-To":"<20170922212930.620249-1-arnd@arndb.de>","References":"<20170922212930.620249-1-arnd@arndb.de>","X-Provags-ID":"V03:K0:E/22O72qXCfDFZnPJoBKmFmUNxpwmX7z8uOwJ+VpmZKhgIgTR2D\n\tHeQTtggISI0nVHxvLXpkmx4czai3ULCgFT+nix/RTB38Jq2fbt5KNwTaqLeZA7iOMkydqeb\n\tY8C3uEGCGipgusGCeIU8GZC50/mWXSvpK/DbHge0rRFKSpYcDVLm3p8FTz8TizyI6erQm41\n\t3gjg2IV6IXPyV0BwcmRjw==","X-UI-Out-Filterresults":"notjunk:1; V01:K0:mRWjQFpXM1w=:+Du9FlkZ79sFZCGUid/LS6\n\t1wNS26/3aeSYWLRV90FFGw8uSCgqk8TtFhKEBNbttuUbb5QlzhQb7pxC3Yqf2VhuvXCrt0AY2\n\tupP+3DUHSQmseQv4M08xUzhkYKp9pjCtgKtt714tDhugk4sE31jh4Aig0owtOgmglgo5/KQ8K\n\tgxMyuDXcGJGFlLo+5Cr8md8oDr/GL6YSc7F1VYxMgGRS6vp3M6kH4H6sfV1b+m1UWlryHLuGc\n\tx8J9wAojR9jFvlAEQIYGG1pvNOnG2aP6gzVZv/C5BWoeoT0U3TogFFAUgWYXzfkkWxt3+qS55\n\tKUUxNR5Qc4F9M7dcgh1RKkpfDJqvNkpKk9urOVJUYTsmoT+qr9BxBRJG+J9yCnnMkDM8KwVl7\n\tGZY48Gf2iWznbPwd7l7tJbyxlT55MhhiVdJo3n8tsrXUTi0JJ6kUCwRwnOxClwg3v5HZi321z\n\t/2hqefaueSGkvnDyqcEmX4it7K9olKYAg1B/Gv/OFUx7TRQ3Ma+n049MxMzvakz1XtoHAezUC\n\t/jNpzyhk81+SE3ublLwXrcHetngNeb9XnhL+96AEW6cERrJ2iFIjaoZFHRKJ4A4+VpGgIPdHs\n\tGFTMaFBew1DpLkKrgVcsFU9cFl2RYSFbUAlwfxqQDOZrQmxd70XIxyT4vArwdGuBFg0PtQM1F\n\tUyn+XhYwiOyizIJxUErrMi1r/Eajtc5hwZ79K7izHAnnD2fAOuxJraUTUbwjZowaj+kIhNDXd\n\t/YlXCuN+8BGKtFKOii3ZMmPJ5vUzcinzuZBAqQ==","Sender":"netdev-owner@vger.kernel.org","Precedence":"bulk","List-ID":"<netdev.vger.kernel.org>","X-Mailing-List":"netdev@vger.kernel.org"},"content":"We get a lot of very large stack frames using gcc-7.0.1 with the default\n-fsanitize-address-use-after-scope --param asan-stack=1 options, which\ncan easily cause an overflow of the kernel stack, e.g.\n\ndrivers/gpu/drm/i915/gvt/handlers.c:2407:1: error: the frame size of 31216 bytes is larger than 2048 bytes\ndrivers/net/wireless/ralink/rt2x00/rt2800lib.c:5650:1: error: the frame size of 23632 bytes is larger than 2048 bytes\ndrivers/scsi/fnic/fnic_trace.c:451:1: error: the frame size of 5152 bytes is larger than 2048 bytes\nfs/btrfs/relocation.c:1202:1: error: the frame size of 4256 bytes is larger than 2048 bytes\nfs/fscache/stats.c:287:1: error: the frame size of 6552 bytes is larger than 2048 bytes\nlib/atomic64_test.c:250:1: error: the frame size of 12616 bytes is larger than 2048 bytes\nmm/vmscan.c:1367:1: error: the frame size of 5080 bytes is larger than 2048 bytes\nnet/wireless/nl80211.c:1905:1: error: the frame size of 4232 bytes is larger than 2048 bytes\n\nTo reduce this risk, -fsanitize-address-use-after-scope is now split\nout into a separate CONFIG_KASAN_EXTRA Kconfig option, leading to stack\nframes that are smaller than 2 kilobytes most of the time on x86_64. An\nearlier version of this patch also prevented combining KASAN_EXTRA with\nKASAN_INLINE, but that is no longer necessary with gcc-7.0.1.\n\nA lot of warnings with KASAN_EXTRA go away if we disable KMEMCHECK,\nas -fsanitize-address-use-after-scope seems to understand the builtin\nmemcpy, but adds checking code around an extern memcpy call. I had to work\naround a circular dependency, as DEBUG_SLAB/SLUB depended on !KMEMCHECK,\nwhile KASAN did it the other way round. Now we handle both the same way\nand make KASAN and KMEMCHECK mutually exclusive.\n\nAll patches to get the frame size below 2048 bytes with CONFIG_KASAN=y\nand CONFIG_KASAN_EXTRA=n have been submitted along with this patch, so\nwe can bring back that default now. KASAN_EXTRA=y still causes lots of\nwarnings but now defaults to !COMPILE_TEST to disable it in allmodconfig,\nand it remains disabled in all other defconfigs since it is a new option.\nI arbitrarily raise the warning limit for KASAN_EXTRA to 3072 to reduce\nthe noise, but an allmodconfig kernel still has around 50 warnings\non gcc-7.\n\nI experimented a bit more with smaller stack frames and have another\nfollow-up series that reduces the warning limit for 64-bit architectures\nto 1280 bytes (without CONFIG_KASAN).\n\nWith earlier versions of this patch series, I also had patches to\naddress the warnings we get with KASAN and/or KASAN_EXTRA, using a\n\"noinline_if_stackbloat\" annotation. That annotation now got replaced with\na gcc-8 bugfix (see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715)\nand a workaround for older compilers, which means that KASAN_EXTRA is\nnow just as bad as before and will lead to an instant stack overflow in\na few extreme cases.\n\nThis reverts parts of commit commit 3f181b4 (\"lib/Kconfig.debug: disable\n-Wframe-larger-than warnings with KASAN=y\").\n\nSigned-off-by: Arnd Bergmann <arnd@arndb.de>\n---\n lib/Kconfig.debug      |  4 ++--\n lib/Kconfig.kasan      | 13 ++++++++++++-\n lib/Kconfig.kmemcheck  |  1 +\n scripts/Makefile.kasan |  3 +++\n 4 files changed, 18 insertions(+), 3 deletions(-)","diff":"diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug\nindex b19c491cbc4e..5755875d4a80 100644\n--- a/lib/Kconfig.debug\n+++ b/lib/Kconfig.debug\n@@ -217,7 +217,7 @@ config ENABLE_MUST_CHECK\n config FRAME_WARN\n \tint \"Warn for stack frames larger than (needs gcc 4.4)\"\n \trange 0 8192\n-\tdefault 0 if KASAN\n+\tdefault 3072 if KASAN_EXTRA\n \tdefault 2048 if GCC_PLUGIN_LATENT_ENTROPY\n \tdefault 1024 if !64BIT\n \tdefault 2048 if 64BIT\n@@ -503,7 +503,7 @@ config DEBUG_OBJECTS_ENABLE_DEFAULT\n \n config DEBUG_SLAB\n \tbool \"Debug slab memory allocations\"\n-\tdepends on DEBUG_KERNEL && SLAB && !KMEMCHECK\n+\tdepends on DEBUG_KERNEL && SLAB && !KMEMCHECK && !KASAN\n \thelp\n \t  Say Y here to have the kernel do limited verification on memory\n \t  allocation as well as poisoning memory on free to catch use of freed\ndiff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan\nindex bd38aab05929..db799e6e9dba 100644\n--- a/lib/Kconfig.kasan\n+++ b/lib/Kconfig.kasan\n@@ -5,7 +5,7 @@ if HAVE_ARCH_KASAN\n \n config KASAN\n \tbool \"KASan: runtime memory debugger\"\n-\tdepends on SLUB || (SLAB && !DEBUG_SLAB)\n+\tdepends on SLUB || SLAB\n \tselect CONSTRUCTORS\n \tselect STACKDEPOT\n \thelp\n@@ -20,6 +20,17 @@ config KASAN\n \t  Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB\n \t  (the resulting kernel does not boot).\n \n+config KASAN_EXTRA\n+\tbool \"KAsan: extra checks\"\n+\tdepends on KASAN && DEBUG_KERNEL && !COMPILE_TEST\n+\thelp\n+\t  This enables further checks in the kernel address sanitizer, for now\n+\t  it only includes the address-use-after-scope check that can lead\n+\t  to excessive kernel stack usage, frame size warnings and longer\n+\t  compile time.\n+\t  https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715 has more\n+\n+\n choice\n \tprompt \"Instrumentation type\"\n \tdepends on KASAN\ndiff --git a/lib/Kconfig.kmemcheck b/lib/Kconfig.kmemcheck\nindex 846e039a86b4..1a534e638635 100644\n--- a/lib/Kconfig.kmemcheck\n+++ b/lib/Kconfig.kmemcheck\n@@ -7,6 +7,7 @@ menuconfig KMEMCHECK\n \tbool \"kmemcheck: trap use of uninitialized memory\"\n \tdepends on DEBUG_KERNEL\n \tdepends on !X86_USE_3DNOW\n+\tdepends on !KASAN\n \tdepends on SLUB || SLAB\n \tdepends on !CC_OPTIMIZE_FOR_SIZE\n \tdepends on !FUNCTION_TRACER\ndiff --git a/scripts/Makefile.kasan b/scripts/Makefile.kasan\nindex 9576775a86f6..3b3148faf866 100644\n--- a/scripts/Makefile.kasan\n+++ b/scripts/Makefile.kasan\n@@ -29,5 +29,8 @@ else\n     endif\n endif\n \n+ifdef CONFIG_KASAN_EXTRA\n CFLAGS_KASAN += $(call cc-option, -fsanitize-address-use-after-scope)\n endif\n+\n+endif\n","prefixes":["v4","9/9"]}