Hi,
This series attempts to address the issues seen with UBSAN's object-size
sanitizer causing problems under GCC. In the process, the Kconfig and
Makefile are refactored to do all the cc-option calls in the Kconfig.
Additionally start to detangle -Wno-maybe-uninitialized, and disable
UBSAN_TRAP under COMPILE_TEST for wider build coverage.
Thanks!
-Kees
Kees Cook (4):
ubsan: Move cc-option tests into Kconfig
ubsan: Disable object-size sanitizer under GCC
ubsan: Force -Wno-maybe-uninitialized only for GCC
ubsan: Disable UBSAN_TRAP for all*config
lib/Kconfig.ubsan | 58 +++++++++++++++++++++++++++++++++++++++++-
scripts/Makefile.ubsan | 50 +++++++++++++-----------------------
2 files changed, 74 insertions(+), 34 deletions(-)
--
2.25.1
GCC's -fsanitize=object-size (as part of CONFIG_UBSAN_MISC) greatly
increases stack utilization. Do not allow this under GCC.
Suggested-by: Linus Torvalds <[email protected]>
Link: https://lore.kernel.org/lkml/CAHk-=wjPasyJrDuwDnpHJS2TuQfExwe=px-SzLeN8GFMAQJPmQ@mail.gmail.com/
Signed-off-by: Kees Cook <[email protected]>
---
lib/Kconfig.ubsan | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/Kconfig.ubsan b/lib/Kconfig.ubsan
index c0b801871e0b..aeb2cdea0b94 100644
--- a/lib/Kconfig.ubsan
+++ b/lib/Kconfig.ubsan
@@ -104,6 +104,9 @@ config UBSAN_UNSIGNED_OVERFLOW
config UBSAN_OBJECT_SIZE
def_bool UBSAN_MISC
+ # gcc hugely expands stack usage with -fsanitize=object-size
+ # https://lore.kernel.org/lkml/CAHk-=wjPasyJrDuwDnpHJS2TuQfExwe=px-SzLeN8GFMAQJPmQ@mail.gmail.com/
+ depends on !CC_IS_GCC
depends on $(cc-option,-fsanitize=object-size)
config UBSAN_BOOL
--
2.25.1
Doing all*config builds attempts build as much as possible. UBSAN_TRAP
effectively short-circuits lib/usban.c, so it should be disabled for
COMPILE_TEST so that the lib/ubsan.c code gets built.
Signed-off-by: Kees Cook <[email protected]>
---
lib/Kconfig.ubsan | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/Kconfig.ubsan b/lib/Kconfig.ubsan
index 1fc07f936e06..b5b9da0b635a 100644
--- a/lib/Kconfig.ubsan
+++ b/lib/Kconfig.ubsan
@@ -14,6 +14,7 @@ if UBSAN
config UBSAN_TRAP
bool "On Sanitizer warnings, abort the running kernel code"
+ depends on !COMPILE_TEST
depends on $(cc-option, -fsanitize-undefined-trap-on-error)
help
Building kernels with Sanitizer features enabled tends to grow
--
2.25.1
On Fri, Oct 02, 2020 at 03:15:25PM -0700, Kees Cook wrote:
> GCC's -fsanitize=object-size (as part of CONFIG_UBSAN_MISC) greatly
> increases stack utilization. Do not allow this under GCC.
>
> Suggested-by: Linus Torvalds <[email protected]>
> Signed-off-by: Kees Cook <[email protected]>
> Link: https://lore.kernel.org/lkml/CAHk-=wjPasyJrDuwDnpHJS2TuQfExwe=px-SzLeN8GFMAQJPmQ@mail.gmail.com/
Reviewed-by: Nathan Chancellor <[email protected]>
> ---
> lib/Kconfig.ubsan | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/lib/Kconfig.ubsan b/lib/Kconfig.ubsan
> index c0b801871e0b..aeb2cdea0b94 100644
> --- a/lib/Kconfig.ubsan
> +++ b/lib/Kconfig.ubsan
> @@ -104,6 +104,9 @@ config UBSAN_UNSIGNED_OVERFLOW
>
> config UBSAN_OBJECT_SIZE
> def_bool UBSAN_MISC
> + # gcc hugely expands stack usage with -fsanitize=object-size
> + # https://lore.kernel.org/lkml/CAHk-=wjPasyJrDuwDnpHJS2TuQfExwe=px-SzLeN8GFMAQJPmQ@mail.gmail.com/
> + depends on !CC_IS_GCC
> depends on $(cc-option,-fsanitize=object-size)
>
> config UBSAN_BOOL
> --
> 2.25.1
On Fri, Oct 02, 2020 at 03:15:27PM -0700, Kees Cook wrote:
> Doing all*config builds attempts build as much as possible. UBSAN_TRAP
> effectively short-circuits lib/usban.c, so it should be disabled for
> COMPILE_TEST so that the lib/ubsan.c code gets built.
>
> Signed-off-by: Kees Cook <[email protected]>
Reviewed-by: Nathan Chancellor <[email protected]>
> ---
> lib/Kconfig.ubsan | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/lib/Kconfig.ubsan b/lib/Kconfig.ubsan
> index 1fc07f936e06..b5b9da0b635a 100644
> --- a/lib/Kconfig.ubsan
> +++ b/lib/Kconfig.ubsan
> @@ -14,6 +14,7 @@ if UBSAN
>
> config UBSAN_TRAP
> bool "On Sanitizer warnings, abort the running kernel code"
> + depends on !COMPILE_TEST
> depends on $(cc-option, -fsanitize-undefined-trap-on-error)
> help
> Building kernels with Sanitizer features enabled tends to grow
> --
> 2.25.1