[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 1/4] x86/entry: Work around Clang __bdos() bug

  • To: Kees Cook <keescook@xxxxxxxxxxxx>, linux-hardening@xxxxxxxxxxxxxxx
  • From: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>
  • Date: Tue, 20 Sep 2022 20:07:09 -0400
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wxAj1dsooMLWYa9kQGpGQGYctB2FsJobVOJeISzzBiQ=; b=AdqobtVAo90/oGD5DdrGx0EtNRrU3pz1Ya7umfZTphC7jWw2NynkXdMHT5UJUwTVaFY1LPVQp6ggJsUBMfO42us1kIruVYxOAzhJCTWwkMg0tnb+gxl44uFt9HGsKg38IKeGDdSykmcfPfXH39xKMF/VnKswPkLbnp0MYemgW/9caZHRn5MxtbhTPT/C9aezsqQsQJUkRthQArOZ5W5pI9oWtwRVaDJ9PyecJ1RUom/QVIRyBEdIPwFcQgX3eTc3E5jVN56na46sEZPzllInT1OZQ244O7h5y/TihprKW6n4amX8UklgbBwpbqhHGFM/Et2+sv6M7/kvov+q//9yzg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ENv2E60xm7mvnRSUw2Uwm9PEy+jTVG3Unpy6/EyXOuEM3AngvpqS81IG/iq9zNy22ohgZ1B7/+GcE+8SjaEMKjXJJ9b4Zz90Sifkp/egQeaP5EWCp7m+now+2lFCS2o1DnGfTM7HQvrfYtbzEo+aMSXE3Kjbk+OO0QQFK7muywoFd47vzjjlBh476D9tX9fT7VO1VipARW1IYaB5PRkCVKgSuTD7L3NfA1rWkOzEeeEDSP8PKFGcEe68jz2GLJuUInsI1cmYYg7jQlNKzgZGza4PMLM4VreWAP8lH4XSqC4LucipOGSdW5dCc5+FD/NpBlsv335Jt3gVCF4RWN/YZA==
  • Cc: Juergen Gross <jgross@xxxxxxxx>, Nathan Chancellor <nathan@xxxxxxxxxx>, Nick Desaulniers <ndesaulniers@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, llvm@xxxxxxxxxxxxxxx, Siddhesh Poyarekar <siddhesh@xxxxxxxxxx>, Arnd Bergmann <arnd@xxxxxxxx>, Tom Rix <trix@xxxxxxxxxx>, Miguel Ojeda <ojeda@xxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx
  • Delivery-date: Wed, 21 Sep 2022 00:07:52 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 9/20/22 3:21 PM, Kees Cook wrote:

After expanding bounds checking to use __builtin_dynamic_object_size(),
Clang produces a false positive when building with CONFIG_FORTIFY_SOURCE=y
and CONFIG_UBSAN_BOUNDS=y when operating on an array with a dynamic
offset. Work around this by using a direct assignment of an empty
instance. Avoids this warning:

../include/linux/fortify-string.h:309:4: warning: call to 
__write_overflow_field declared with 'warn
ing' attribute: detected write beyond size of field (1st parameter); maybe use 
struct_group()? [-Wat
tribute-warning]
                         __write_overflow_field(p_size_field, size);
                         ^

which was isolated to the memset() call in xen_load_idt().

Note that this looks very much like another bug that was worked around:
https://github.com/ClangBuiltLinux/linux/issues/1592

Cc: Juergen Gross <jgross@xxxxxxxx>
Cc: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>
Cc: Nathan Chancellor <nathan@xxxxxxxxxx>
Cc: Nick Desaulniers <ndesaulniers@xxxxxxxxxx>
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx
Cc: llvm@xxxxxxxxxxxxxxx
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>



Reviewed-by: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.