From: Andrey Ryabinin <[email protected]>
commit c5caf21ab0cf884ef15b25af234f620e4a233139 upstream.
In the upcoming gcc7 release, the -fsanitize=kernel-address option at
first implied new -fsanitize-address-use-after-scope option. This would
cause link errors on older kernels because they don't have two new
functions required for use-after-scope support. Therefore, gcc7 changed
default to -fno-sanitize-address-use-after-scope.
Now the kernel has everything required for that feature since commit
828347f8f9a5 ("kasan: support use-after-scope detection"). So, to make it
work, we just have to enable use-after-scope in CFLAGS.
Link: http://lkml.kernel.org/r/[email protected]
Signed-off-by: Andrey Ryabinin <[email protected]>
Acked-by: Dmitry Vyukov <[email protected]>
Cc: Alexander Potapenko <[email protected]>
Cc: Andrey Konovalov <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Andrey Konovalov <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
scripts/Makefile.kasan | 2 ++
1 file changed, 2 insertions(+)
--- a/scripts/Makefile.kasan
+++ b/scripts/Makefile.kasan
@@ -29,6 +29,8 @@ else
endif
endif
+CFLAGS_KASAN += $(call cc-option, -fsanitize-address-use-after-scope)
+
CFLAGS_KASAN_NOSANITIZE := -fno-builtin
endif
On 5/6/19 5:32 PM, Greg Kroah-Hartman wrote:
> From: Andrey Ryabinin <[email protected]>
>
> commit c5caf21ab0cf884ef15b25af234f620e4a233139 upstream.
>
> In the upcoming gcc7 release, the -fsanitize=kernel-address option at
> first implied new -fsanitize-address-use-after-scope option. This would
> cause link errors on older kernels because they don't have two new
> functions required for use-after-scope support. Therefore, gcc7 changed
> default to -fno-sanitize-address-use-after-scope.
>
> Now the kernel has everything required for that feature since commit
> 828347f8f9a5 ("kasan: support use-after-scope detection"). So, to make it
> work, we just have to enable use-after-scope in CFLAGS.
>
> Link: http://lkml.kernel.org/r/[email protected]
> Signed-off-by: Andrey Ryabinin <[email protected]>
> Acked-by: Dmitry Vyukov <[email protected]>
> Cc: Alexander Potapenko <[email protected]>
> Cc: Andrey Konovalov <[email protected]>
> Signed-off-by: Andrew Morton <[email protected]>
> Signed-off-by: Linus Torvalds <[email protected]>
> Signed-off-by: Andrey Konovalov <[email protected]>
> Signed-off-by: Greg Kroah-Hartman <[email protected]>
>
> ---
> scripts/Makefile.kasan | 2 ++
> 1 file changed, 2 insertions(+)
>
> --- a/scripts/Makefile.kasan
> +++ b/scripts/Makefile.kasan
> @@ -29,6 +29,8 @@ else
> endif
> endif
>
> +CFLAGS_KASAN += $(call cc-option, -fsanitize-address-use-after-scope)
> +
> CFLAGS_KASAN_NOSANITIZE := -fno-builtin
>
> endif
>
>
This shouldn't be in the -stable.
On Mon, May 06, 2019 at 05:55:54PM +0300, Andrey Ryabinin wrote:
>
>
> On 5/6/19 5:32 PM, Greg Kroah-Hartman wrote:
> > From: Andrey Ryabinin <[email protected]>
> >
> > commit c5caf21ab0cf884ef15b25af234f620e4a233139 upstream.
> >
> > In the upcoming gcc7 release, the -fsanitize=kernel-address option at
> > first implied new -fsanitize-address-use-after-scope option. This would
> > cause link errors on older kernels because they don't have two new
> > functions required for use-after-scope support. Therefore, gcc7 changed
> > default to -fno-sanitize-address-use-after-scope.
> >
> > Now the kernel has everything required for that feature since commit
> > 828347f8f9a5 ("kasan: support use-after-scope detection"). So, to make it
> > work, we just have to enable use-after-scope in CFLAGS.
> >
> > Link: http://lkml.kernel.org/r/[email protected]
> > Signed-off-by: Andrey Ryabinin <[email protected]>
> > Acked-by: Dmitry Vyukov <[email protected]>
> > Cc: Alexander Potapenko <[email protected]>
> > Cc: Andrey Konovalov <[email protected]>
> > Signed-off-by: Andrew Morton <[email protected]>
> > Signed-off-by: Linus Torvalds <[email protected]>
> > Signed-off-by: Andrey Konovalov <[email protected]>
> > Signed-off-by: Greg Kroah-Hartman <[email protected]>
> >
> > ---
> > scripts/Makefile.kasan | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > --- a/scripts/Makefile.kasan
> > +++ b/scripts/Makefile.kasan
> > @@ -29,6 +29,8 @@ else
> > endif
> > endif
> >
> > +CFLAGS_KASAN += $(call cc-option, -fsanitize-address-use-after-scope)
> > +
> > CFLAGS_KASAN_NOSANITIZE := -fno-builtin
> >
> > endif
> >
> >
>
> This shouldn't be in the -stable.
Why not? Does no one use gcc7 with this kernel and kasan?
thanks,
greg k-h
On 5/6/19 6:10 PM, Greg Kroah-Hartman wrote:
> On Mon, May 06, 2019 at 05:55:54PM +0300, Andrey Ryabinin wrote:
>>
>>
>> On 5/6/19 5:32 PM, Greg Kroah-Hartman wrote:
>>> From: Andrey Ryabinin <[email protected]>
>>>
>>> commit c5caf21ab0cf884ef15b25af234f620e4a233139 upstream.
>>>
>>> In the upcoming gcc7 release, the -fsanitize=kernel-address option at
>>> first implied new -fsanitize-address-use-after-scope option. This would
>>> cause link errors on older kernels because they don't have two new
>>> functions required for use-after-scope support. Therefore, gcc7 changed
>>> default to -fno-sanitize-address-use-after-scope.
>>>
>>> Now the kernel has everything required for that feature since commit
>>> 828347f8f9a5 ("kasan: support use-after-scope detection"). So, to make it
>>> work, we just have to enable use-after-scope in CFLAGS.
>>>
>>> Link: http://lkml.kernel.org/r/[email protected]
>>> Signed-off-by: Andrey Ryabinin <[email protected]>
>>> Acked-by: Dmitry Vyukov <[email protected]>
>>> Cc: Alexander Potapenko <[email protected]>
>>> Cc: Andrey Konovalov <[email protected]>
>>> Signed-off-by: Andrew Morton <[email protected]>
>>> Signed-off-by: Linus Torvalds <[email protected]>
>>> Signed-off-by: Andrey Konovalov <[email protected]>
>>> Signed-off-by: Greg Kroah-Hartman <[email protected]>
>>>
>>> ---
>>> scripts/Makefile.kasan | 2 ++
>>> 1 file changed, 2 insertions(+)
>>>
>>> --- a/scripts/Makefile.kasan
>>> +++ b/scripts/Makefile.kasan
>>> @@ -29,6 +29,8 @@ else
>>> endif
>>> endif
>>>
>>> +CFLAGS_KASAN += $(call cc-option, -fsanitize-address-use-after-scope)
>>> +
>>> CFLAGS_KASAN_NOSANITIZE := -fno-builtin
>>>
>>> endif
>>>
>>>
>>
>> This shouldn't be in the -stable.
>
> Why not? Does no one use gcc7 with this kernel and kasan?
>
You don't need this patch to use kasan on this kernel with gcc7.
This patch only enables detection of use-after-scope bugs. This feature appeared to be useless,
hence it disabled recently by commit 7771bdbbfd3d ("kasan: remove use after scope bugs detection.")
The link errors mentioned in changelog was the problem only for some period of time in the development branch of GCC 7.
The released GCC7 version doesn't have this problem.
On Mon, May 06, 2019 at 06:36:45PM +0300, Andrey Ryabinin wrote:
>
>
> On 5/6/19 6:10 PM, Greg Kroah-Hartman wrote:
> > On Mon, May 06, 2019 at 05:55:54PM +0300, Andrey Ryabinin wrote:
> >>
> >>
> >> On 5/6/19 5:32 PM, Greg Kroah-Hartman wrote:
> >>> From: Andrey Ryabinin <[email protected]>
> >>>
> >>> commit c5caf21ab0cf884ef15b25af234f620e4a233139 upstream.
> >>>
> >>> In the upcoming gcc7 release, the -fsanitize=kernel-address option at
> >>> first implied new -fsanitize-address-use-after-scope option. This would
> >>> cause link errors on older kernels because they don't have two new
> >>> functions required for use-after-scope support. Therefore, gcc7 changed
> >>> default to -fno-sanitize-address-use-after-scope.
> >>>
> >>> Now the kernel has everything required for that feature since commit
> >>> 828347f8f9a5 ("kasan: support use-after-scope detection"). So, to make it
> >>> work, we just have to enable use-after-scope in CFLAGS.
> >>>
> >>> Link: http://lkml.kernel.org/r/[email protected]
> >>> Signed-off-by: Andrey Ryabinin <[email protected]>
> >>> Acked-by: Dmitry Vyukov <[email protected]>
> >>> Cc: Alexander Potapenko <[email protected]>
> >>> Cc: Andrey Konovalov <[email protected]>
> >>> Signed-off-by: Andrew Morton <[email protected]>
> >>> Signed-off-by: Linus Torvalds <[email protected]>
> >>> Signed-off-by: Andrey Konovalov <[email protected]>
> >>> Signed-off-by: Greg Kroah-Hartman <[email protected]>
> >>>
> >>> ---
> >>> scripts/Makefile.kasan | 2 ++
> >>> 1 file changed, 2 insertions(+)
> >>>
> >>> --- a/scripts/Makefile.kasan
> >>> +++ b/scripts/Makefile.kasan
> >>> @@ -29,6 +29,8 @@ else
> >>> endif
> >>> endif
> >>>
> >>> +CFLAGS_KASAN += $(call cc-option, -fsanitize-address-use-after-scope)
> >>> +
> >>> CFLAGS_KASAN_NOSANITIZE := -fno-builtin
> >>>
> >>> endif
> >>>
> >>>
> >>
> >> This shouldn't be in the -stable.
> >
> > Why not? Does no one use gcc7 with this kernel and kasan?
> >
>
> You don't need this patch to use kasan on this kernel with gcc7.
> This patch only enables detection of use-after-scope bugs. This feature appeared to be useless,
> hence it disabled recently by commit 7771bdbbfd3d ("kasan: remove use after scope bugs detection.")
Ah, didn't notice that, nice!
Ok, I'll go drop this, thanks for letting me know.
> The link errors mentioned in changelog was the problem only for some period of time in the development branch of GCC 7.
> The released GCC7 version doesn't have this problem.
Also good to know, thanks!
greg k-h