| Message ID | 1539079863-19645-1-git-send-email-chunhui.li@mediatek.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | kasan: avoid out-of-bounds in unwind_frame | expand |
On Tue, Oct 09, 2018 at 06:11:03PM +0800, Chunhui Li wrote: > From: "chunhui.li" <chunhui.li@mediatek.com> > > kasan detect unwind_frame out-of-bounds error when one task > dump another, log as below > BUG: KASAN: out-of-bounds in unwind_frame+0x140/0x20c Read of > size 8 at addr ffffffea1e2378e0 by task AnrMonitorThrea/1111 > avoid kasan out-of-bounds error by disable kasan for stacktrace.c This doesn't look right. Since unwind_frame uses READ_ONCE_NOCHECK(), we should never perform an access that KASAN complains about. I don't think that we should completely disable instrumentation of stacktrace.c. Can you please figure out precisely which line KASAN is complaining about? i.e. use scripts/faddr2line. Thanks, Mark. > > Signed-off-by: chunhui.li <chunhui.li@mediatek.com> > --- > arch/arm64/kernel/Makefile | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/arch/arm64/kernel/Makefile b/arch/arm64/kernel/Makefile > index 95ac737..606d0e2 100644 > --- a/arch/arm64/kernel/Makefile > +++ b/arch/arm64/kernel/Makefile > @@ -57,6 +57,8 @@ arm64-obj-$(CONFIG_CRASH_DUMP) += crash_dump.o > arm64-obj-$(CONFIG_ARM_SDE_INTERFACE) += sdei.o > arm64-obj-$(CONFIG_ARM64_SSBD) += ssbd.o > > +KASAN_SANITIZE_stacktrace.o := n > + > obj-y += $(arm64-obj-y) vdso/ probes/ > obj-m += $(arm64-obj-m) > head-y := head.o > -- > 1.9.1 >
On Wed, Oct 10, 2018 at 06:45:17AM +0000, Chunhui Li (李春辉) wrote: > Hi Mark, > > kasan detect out-of-bounds in stacktrace.c line 70, it's already over READ_ONCE_NOCHECK, but still crash > kernel-4.9/arch/arm64/kernel/stacktrace.c > 69frame->sp = fp + 0x10; > 70frame->fp = READ_ONCE_NOCHECK(*(unsigned long *)(fp)); > > we test on Android platform, kernel-4.9 build with clang 6.0.2, we will do experiment to clarify whether compiler related issue. > > READ_ONCE_NOCHECK->__read_once_size_nocheck with __no_sanitize_address if enable CONFIG_KASAN > > kernel-4.9/include/linux/compiler-gcc.h > #define __no_sanitize_address __attribute__((no_sanitize_address)) > > kernel-4.9/include/linux/compiler-clang.h > #define __no_sanitize_address __attribute__((no_sanitize("address"))) If READ_ONCE_NOCHECK() isn't working as intended, then this is a compiler issue, and there are bigger problems regardless. If we need to workaround some compiler issue, that should be done in the implementation of READ_ONCE_NOCHECK(). Please note that there are other issues with using clang to compile the kernel; at minimum 7.0.0 is required to build a mainline kernel (and even then, the LSE atomics have to be explicitly disabled), so if this only affects 6.0.x, I don't think we need to carry any workaround upstream. > there is patch from internet, avoid kasan by wrapping with kasan_disable_current, it seems better. > https://lore.kernel.org/patchwork/patch/644463 > such as: > +kasan_disable_current(); > // access fp > +kasan_enable_current(); Please note that the solution later in the thread [1] was to use READ_ONCE_NOCHECK(). Thanks, Mark. [1] https://lore.kernel.org/patchwork/patch/644463/#829858
diff --git a/arch/arm64/kernel/Makefile b/arch/arm64/kernel/Makefile index 95ac737..606d0e2 100644 --- a/arch/arm64/kernel/Makefile +++ b/arch/arm64/kernel/Makefile @@ -57,6 +57,8 @@ arm64-obj-$(CONFIG_CRASH_DUMP) += crash_dump.o arm64-obj-$(CONFIG_ARM_SDE_INTERFACE) += sdei.o arm64-obj-$(CONFIG_ARM64_SSBD) += ssbd.o +KASAN_SANITIZE_stacktrace.o := n + obj-y += $(arm64-obj-y) vdso/ probes/ obj-m += $(arm64-obj-m) head-y := head.o