| Message ID | 20220213183232.4038718-1-keescook@chromium.org (mailing list archive) |
|---|---|
| State | Mainlined |
| Commit | 9622c0be0973f236c8413f936d0d14af5ea2a71e |
| Headers | show |
| Series | kasan: test: Silence allocation warnings from GCC 12 | expand |
On Sun, Feb 13, 2022 at 7:32 PM Kees Cook <keescook@chromium.org> wrote: > > GCC 12 is able to see more problems with allocation sizes at compile > time, so these must be silenced so the runtime checks will still be > available. Use OPTIMIZER_HIDE_VAR() to silence the new warnings: > > lib/test_kasan.c: In function 'ksize_uaf': Hm, the warning mentions ksize_uaf, but none of the changes touch it. > lib/test_kasan.c:781:61: warning: array subscript 120 is outside array bounds of 'void[120]' [-Warray-bounds] > 781 | KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[size]); > | ~~~~~~~~~~~~~~~~~~~~~~^~~~~~ > lib/test_kasan.c:96:9: note: in definition of macro 'KUNIT_EXPECT_KASAN_FAIL' > 96 | expression; \ > | ^~~~~~~~~~ > In function 'kmalloc', > inlined from 'ksize_uaf' at lib/test_kasan.c:775:8: > ./include/linux/slab.h:581:24: note: at offset 120 into object of size 120 allocated by 'kmem_cache_alloc_trace' > 581 | return kmem_cache_alloc_trace( > | ^~~~~~~~~~~~~~~~~~~~~~~ > 582 | kmalloc_caches[kmalloc_type(flags)][index], > | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > 583 | flags, size); > | ~~~~~~~~~~~~ > > Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> > Cc: Alexander Potapenko <glider@google.com> > Cc: Andrey Konovalov <andreyknvl@gmail.com> > Cc: Dmitry Vyukov <dvyukov@google.com> > Cc: kasan-dev@googlegroups.com > Signed-off-by: Kees Cook <keescook@chromium.org> > --- > lib/test_kasan.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/lib/test_kasan.c b/lib/test_kasan.c > index 26a5c9007653..a19b3d608e3e 100644 > --- a/lib/test_kasan.c > +++ b/lib/test_kasan.c > @@ -124,6 +124,7 @@ static void kmalloc_oob_right(struct kunit *test) > > ptr = kmalloc(size, GFP_KERNEL); > KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); > + OPTIMIZER_HIDE_VAR(ptr); > > /* > * An unaligned access past the requested kmalloc size. > @@ -185,6 +186,7 @@ static void kmalloc_pagealloc_oob_right(struct kunit *test) > ptr = kmalloc(size, GFP_KERNEL); > KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); > > + OPTIMIZER_HIDE_VAR(ptr); > KUNIT_EXPECT_KASAN_FAIL(test, ptr[size + OOB_TAG_OFF] = 0); > > kfree(ptr); > @@ -265,6 +267,7 @@ static void kmalloc_large_oob_right(struct kunit *test) > ptr = kmalloc(size, GFP_KERNEL); > KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); > > + OPTIMIZER_HIDE_VAR(ptr); > KUNIT_EXPECT_KASAN_FAIL(test, ptr[size] = 0); > kfree(ptr); > } > @@ -748,6 +751,7 @@ static void ksize_unpoisons_memory(struct kunit *test) > > ptr = kmalloc(size, GFP_KERNEL); > KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); > + OPTIMIZER_HIDE_VAR(ptr); > real_size = ksize(ptr); > > /* This access shouldn't trigger a KASAN report. */ > -- > 2.30.2 >
On Wed, Feb 16, 2022 at 04:26:46PM +0100, Andrey Konovalov wrote: > On Sun, Feb 13, 2022 at 7:32 PM Kees Cook <keescook@chromium.org> wrote: > > > > GCC 12 is able to see more problems with allocation sizes at compile > > time, so these must be silenced so the runtime checks will still be > > available. Use OPTIMIZER_HIDE_VAR() to silence the new warnings: > > > > lib/test_kasan.c: In function 'ksize_uaf': > > Hm, the warning mentions ksize_uaf, but none of the changes touch it. Excellent point -- let me go re-test this. -Kees > > > lib/test_kasan.c:781:61: warning: array subscript 120 is outside array bounds of 'void[120]' [-Warray-bounds] > > 781 | KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[size]); > > | ~~~~~~~~~~~~~~~~~~~~~~^~~~~~ > > lib/test_kasan.c:96:9: note: in definition of macro 'KUNIT_EXPECT_KASAN_FAIL' > > 96 | expression; \ > > | ^~~~~~~~~~ > > In function 'kmalloc', > > inlined from 'ksize_uaf' at lib/test_kasan.c:775:8: > > ./include/linux/slab.h:581:24: note: at offset 120 into object of size 120 allocated by 'kmem_cache_alloc_trace' > > 581 | return kmem_cache_alloc_trace( > > | ^~~~~~~~~~~~~~~~~~~~~~~ > > 582 | kmalloc_caches[kmalloc_type(flags)][index], > > | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > 583 | flags, size); > > | ~~~~~~~~~~~~ > > > > Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> > > Cc: Alexander Potapenko <glider@google.com> > > Cc: Andrey Konovalov <andreyknvl@gmail.com> > > Cc: Dmitry Vyukov <dvyukov@google.com> > > Cc: kasan-dev@googlegroups.com > > Signed-off-by: Kees Cook <keescook@chromium.org> > > --- > > lib/test_kasan.c | 4 ++++ > > 1 file changed, 4 insertions(+) > > > > diff --git a/lib/test_kasan.c b/lib/test_kasan.c > > index 26a5c9007653..a19b3d608e3e 100644 > > --- a/lib/test_kasan.c > > +++ b/lib/test_kasan.c > > @@ -124,6 +124,7 @@ static void kmalloc_oob_right(struct kunit *test) > > > > ptr = kmalloc(size, GFP_KERNEL); > > KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); > > + OPTIMIZER_HIDE_VAR(ptr); > > > > /* > > * An unaligned access past the requested kmalloc size. > > @@ -185,6 +186,7 @@ static void kmalloc_pagealloc_oob_right(struct kunit *test) > > ptr = kmalloc(size, GFP_KERNEL); > > KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); > > > > + OPTIMIZER_HIDE_VAR(ptr); > > KUNIT_EXPECT_KASAN_FAIL(test, ptr[size + OOB_TAG_OFF] = 0); > > > > kfree(ptr); > > @@ -265,6 +267,7 @@ static void kmalloc_large_oob_right(struct kunit *test) > > ptr = kmalloc(size, GFP_KERNEL); > > KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); > > > > + OPTIMIZER_HIDE_VAR(ptr); > > KUNIT_EXPECT_KASAN_FAIL(test, ptr[size] = 0); > > kfree(ptr); > > } > > @@ -748,6 +751,7 @@ static void ksize_unpoisons_memory(struct kunit *test) > > > > ptr = kmalloc(size, GFP_KERNEL); > > KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); > > + OPTIMIZER_HIDE_VAR(ptr); > > real_size = ksize(ptr); > > > > /* This access shouldn't trigger a KASAN report. */ > > -- > > 2.30.2 > >
diff --git a/lib/test_kasan.c b/lib/test_kasan.c index 26a5c9007653..a19b3d608e3e 100644 --- a/lib/test_kasan.c +++ b/lib/test_kasan.c @@ -124,6 +124,7 @@ static void kmalloc_oob_right(struct kunit *test) ptr = kmalloc(size, GFP_KERNEL); KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); + OPTIMIZER_HIDE_VAR(ptr); /* * An unaligned access past the requested kmalloc size. @@ -185,6 +186,7 @@ static void kmalloc_pagealloc_oob_right(struct kunit *test) ptr = kmalloc(size, GFP_KERNEL); KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); + OPTIMIZER_HIDE_VAR(ptr); KUNIT_EXPECT_KASAN_FAIL(test, ptr[size + OOB_TAG_OFF] = 0); kfree(ptr); @@ -265,6 +267,7 @@ static void kmalloc_large_oob_right(struct kunit *test) ptr = kmalloc(size, GFP_KERNEL); KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); + OPTIMIZER_HIDE_VAR(ptr); KUNIT_EXPECT_KASAN_FAIL(test, ptr[size] = 0); kfree(ptr); } @@ -748,6 +751,7 @@ static void ksize_unpoisons_memory(struct kunit *test) ptr = kmalloc(size, GFP_KERNEL); KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); + OPTIMIZER_HIDE_VAR(ptr); real_size = ksize(ptr); /* This access shouldn't trigger a KASAN report. */
GCC 12 is able to see more problems with allocation sizes at compile time, so these must be silenced so the runtime checks will still be available. Use OPTIMIZER_HIDE_VAR() to silence the new warnings: lib/test_kasan.c: In function 'ksize_uaf': lib/test_kasan.c:781:61: warning: array subscript 120 is outside array bounds of 'void[120]' [-Warray-bounds] 781 | KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[size]); | ~~~~~~~~~~~~~~~~~~~~~~^~~~~~ lib/test_kasan.c:96:9: note: in definition of macro 'KUNIT_EXPECT_KASAN_FAIL' 96 | expression; \ | ^~~~~~~~~~ In function 'kmalloc', inlined from 'ksize_uaf' at lib/test_kasan.c:775:8: ./include/linux/slab.h:581:24: note: at offset 120 into object of size 120 allocated by 'kmem_cache_alloc_trace' 581 | return kmem_cache_alloc_trace( | ^~~~~~~~~~~~~~~~~~~~~~~ 582 | kmalloc_caches[kmalloc_type(flags)][index], | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 583 | flags, size); | ~~~~~~~~~~~~ Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Konovalov <andreyknvl@gmail.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: kasan-dev@googlegroups.com Signed-off-by: Kees Cook <keescook@chromium.org> --- lib/test_kasan.c | 4 ++++ 1 file changed, 4 insertions(+)