| Message ID | 20161122225424.3739294-1-arnd@arndb.de (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 11/23/2016 01:54 AM, Arnd Bergmann wrote: > In the upcoming gcc-7 release, the -fsanitize=kernel-address option > implies -fsanitize-address-use-after-scope, which relies on the > definition of two global functions, causing many link errors if they > are not defined, e.g: > > arch/x86/built-in.o: In function `x86_pmu_handle_irq': > (.text+0x88e6): undefined reference to `__asan_unpoison_stack_memory' > arch/x86/built-in.o: In function `x86_pmu_handle_irq': > (.text+0x8ad7): undefined reference to `__asan_poison_stack_memory' > kernel/built-in.o: In function `perf_tp_event': > (.text+0x225472): undefined reference to `__asan_unpoison_stack_memory' > kernel/built-in.o: In function `perf_tp_event': > (.text+0x22583a): undefined reference to `__asan_unpoison_stack_memory' > kernel/built-in.o: In function `perf_tp_event': > (.text+0x2258ae): undefined reference to `__asan_poison_stack_memory' > kernel/built-in.o: In function `perf_event_aux_event': > > I think we really want to define those two functions so we can make > use of a helpful feature, but as I have no idea what they are supposed > to do, I'd suggest to turn the option off on existing kernels to allow > building with gcc-7 and kasan. > > For some reason, the problem showed up in only a few randconfig builds, > but it is easy to reproduce using an x86-64 tinyconfig build with > CONFIG_KASAN=y. > > If we decide to take this approach, we probably want to do the same > change on all stable kernels that support KASAN, i.e. v4.0 or higher. > We have implementation for this feature: "[PATCH] kasan: support use-after-scope detection" - http://lkml.kernel.org/r/<1479226045-145148-1-git-send-email-dvyukov@google.com> and given how simple it is I'd suggest to just backport implementation. BTW, we also need "[PATCH] kasan: update kasan_global for gcc 7" - http://lkml.kernel.org/r/<1479219743-28682-1-git-send-email-dvyukov@google.com> in v4.0+ stable. > Link: https://gcc.gnu.org/viewcvs/gcc?limit_changes=0&view=revision&revision=241896 > Cc: Martin Liška <marxin@gcc.gnu.org> > Cc: Andrey Ryabinin <a.ryabinin@samsung.com> > Cc: stable@vger.kernel.org > Signed-off-by: Arnd Bergmann <arnd@arndb.de> > --- > scripts/Makefile.kasan | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/scripts/Makefile.kasan b/scripts/Makefile.kasan > index 37323b0df374..0e68fef09f76 100644 > --- a/scripts/Makefile.kasan > +++ b/scripts/Makefile.kasan > @@ -29,3 +29,5 @@ else > endif > endif > endif > + > +CFLAGS_KASAN += $(call cc-option, -fno-sanitize-address-use-after-scope) > -- To unsubscribe from this list: send the line "unsubscribe linux-kbuild" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wednesday, November 23, 2016 11:25:49 AM CET Andrey Ryabinin wrote: > > We have implementation for this feature: > "[PATCH] kasan: support use-after-scope detection" - http://lkml.kernel.org/r/<1479226045-145148-1-git-send-email-dvyukov@google.com> > and given how simple it is I'd suggest to just backport implementation. > > BTW, we also need "[PATCH] kasan: update kasan_global for gcc 7" - http://lkml.kernel.org/r/<1479219743-28682-1-git-send-email-dvyukov@google.com> > in v4.0+ stable. Ah, good. What's the plan for this patch? Would you still expect to see that merged into v4.9, or get backported later once it's part of v4.10? Either way, you proabably want a Cc:stable tag on it to trigger the backport to older kernels. Arnd -- To unsubscribe from this list: send the line "unsubscribe linux-kbuild" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wed, Nov 23, 2016 at 9:46 AM, Arnd Bergmann <arnd@arndb.de> wrote: > On Wednesday, November 23, 2016 11:25:49 AM CET Andrey Ryabinin wrote: >> >> We have implementation for this feature: >> "[PATCH] kasan: support use-after-scope detection" - http://lkml.kernel.org/r/<1479226045-145148-1-git-send-email-dvyukov@google.com> >> and given how simple it is I'd suggest to just backport implementation. >> >> BTW, we also need "[PATCH] kasan: update kasan_global for gcc 7" - http://lkml.kernel.org/r/<1479219743-28682-1-git-send-email-dvyukov@google.com> >> in v4.0+ stable. > > Ah, good. What's the plan for this patch? Would you still expect to > see that merged into v4.9, or get backported later once it's part of v4.10? > > Either way, you proabably want a Cc:stable tag on it to trigger the > backport to older kernels. +Andrew, what is the plan for the "[PATCH] kasan: update kasan_global for gcc 7" patch? Do I need to remail to include Cc:stable? -- To unsubscribe from this list: send the line "unsubscribe linux-kbuild" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wed, 23 Nov 2016 10:33:41 +0100 Dmitry Vyukov <dvyukov@google.com> wrote: > On Wed, Nov 23, 2016 at 9:46 AM, Arnd Bergmann <arnd@arndb.de> wrote: > > On Wednesday, November 23, 2016 11:25:49 AM CET Andrey Ryabinin wrote: > >> > >> We have implementation for this feature: > >> "[PATCH] kasan: support use-after-scope detection" - http://lkml.kernel.org/r/<1479226045-145148-1-git-send-email-dvyukov@google.com> > >> and given how simple it is I'd suggest to just backport implementation. > >> > >> BTW, we also need "[PATCH] kasan: update kasan_global for gcc 7" - http://lkml.kernel.org/r/<1479219743-28682-1-git-send-email-dvyukov@google.com> > >> in v4.0+ stable. > > > > Ah, good. What's the plan for this patch? Would you still expect to > > see that merged into v4.9, or get backported later once it's part of v4.10? > > > > Either way, you proabably want a Cc:stable tag on it to trigger the > > backport to older kernels. > > +Andrew, what is the plan for the "[PATCH] kasan: update kasan_global > for gcc 7" patch? > Do I need to remail to include Cc:stable? I'm planning on merging it into 4.10-rc1. There's nothing in the changelog to indicate that it is more urgent than that. Please send out a new changelog which can be used to justify a merge into 4.9 and -stable. -- To unsubscribe from this list: send the line "unsubscribe linux-kbuild" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wed, Nov 23, 2016 at 7:49 PM, Andrew Morton <akpm@linux-foundation.org> wrote: > On Wed, 23 Nov 2016 10:33:41 +0100 Dmitry Vyukov <dvyukov@google.com> wrote: > >> On Wed, Nov 23, 2016 at 9:46 AM, Arnd Bergmann <arnd@arndb.de> wrote: >> > On Wednesday, November 23, 2016 11:25:49 AM CET Andrey Ryabinin wrote: >> >> >> >> We have implementation for this feature: >> >> "[PATCH] kasan: support use-after-scope detection" - http://lkml.kernel.org/r/<1479226045-145148-1-git-send-email-dvyukov@google.com> >> >> and given how simple it is I'd suggest to just backport implementation. >> >> >> >> BTW, we also need "[PATCH] kasan: update kasan_global for gcc 7" - http://lkml.kernel.org/r/<1479219743-28682-1-git-send-email-dvyukov@google.com> >> >> in v4.0+ stable. >> > >> > Ah, good. What's the plan for this patch? Would you still expect to >> > see that merged into v4.9, or get backported later once it's part of v4.10? >> > >> > Either way, you proabably want a Cc:stable tag on it to trigger the >> > backport to older kernels. >> >> +Andrew, what is the plan for the "[PATCH] kasan: update kasan_global >> for gcc 7" patch? >> Do I need to remail to include Cc:stable? > > I'm planning on merging it into 4.10-rc1. There's nothing in the > changelog to indicate that it is more urgent than that. > > Please send out a new changelog which can be used to justify a merge > into 4.9 and -stable. Remailed the patches with Cc: stable@vger.kernel.org # 4.0+ and with a note that without these patches KASAN is broken with gcc 7. -- To unsubscribe from this list: send the line "unsubscribe linux-kbuild" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/scripts/Makefile.kasan b/scripts/Makefile.kasan index 37323b0df374..0e68fef09f76 100644 --- a/scripts/Makefile.kasan +++ b/scripts/Makefile.kasan @@ -29,3 +29,5 @@ else endif endif endif + +CFLAGS_KASAN += $(call cc-option, -fno-sanitize-address-use-after-scope)
In the upcoming gcc-7 release, the -fsanitize=kernel-address option implies -fsanitize-address-use-after-scope, which relies on the definition of two global functions, causing many link errors if they are not defined, e.g: arch/x86/built-in.o: In function `x86_pmu_handle_irq': (.text+0x88e6): undefined reference to `__asan_unpoison_stack_memory' arch/x86/built-in.o: In function `x86_pmu_handle_irq': (.text+0x8ad7): undefined reference to `__asan_poison_stack_memory' kernel/built-in.o: In function `perf_tp_event': (.text+0x225472): undefined reference to `__asan_unpoison_stack_memory' kernel/built-in.o: In function `perf_tp_event': (.text+0x22583a): undefined reference to `__asan_unpoison_stack_memory' kernel/built-in.o: In function `perf_tp_event': (.text+0x2258ae): undefined reference to `__asan_poison_stack_memory' kernel/built-in.o: In function `perf_event_aux_event': I think we really want to define those two functions so we can make use of a helpful feature, but as I have no idea what they are supposed to do, I'd suggest to turn the option off on existing kernels to allow building with gcc-7 and kasan. For some reason, the problem showed up in only a few randconfig builds, but it is easy to reproduce using an x86-64 tinyconfig build with CONFIG_KASAN=y. If we decide to take this approach, we probably want to do the same change on all stable kernels that support KASAN, i.e. v4.0 or higher. Link: https://gcc.gnu.org/viewcvs/gcc?limit_changes=0&view=revision&revision=241896 Cc: Martin Liška <marxin@gcc.gnu.org> Cc: Andrey Ryabinin <a.ryabinin@samsung.com> Cc: stable@vger.kernel.org Signed-off-by: Arnd Bergmann <arnd@arndb.de> --- scripts/Makefile.kasan | 2 ++ 1 file changed, 2 insertions(+)