Received: by 2002:ac0:aed5:0:0:0:0:0 with SMTP id t21csp5990898imb; Fri, 8 Mar 2019 07:02:27 -0800 (PST) X-Google-Smtp-Source: APXvYqxnxaDKYCAiDPozcxId40eOcUdIkfvbdiq2eezUMix2SYbI2z8QqujN9qXnmEQXgjFIqW4K X-Received: by 2002:aa7:8019:: with SMTP id j25mr18910015pfi.82.1552057347498; Fri, 08 Mar 2019 07:02:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1552057347; cv=none; d=google.com; s=arc-20160816; b=LWACuA4qFX/2TWTRAvEJLGuGMgHiG6Ziat+JbX0TxQlLXlMYsQgYVqI0LMGCng19FF 4Jhn0XWPRpvCZ1nuxULWQSUQDjlNYipRuac4kvJIXBa/nZSK8oeylg+RxX/t5S71OtKE HfIicAvQL8LnEVaX8ugJtMW1rrQIfuLyS6LRfecFzMKDeUQglioQB2Jsl3JdNm+IjTQQ MeEZcKGCuMX+e84PRDiTH2d3rg8rIPmK3fo0w7WOJWvstTFtKA9MGUuAQngWiK3KiEA7 kKxv+8QexdjoomTpi/un+VbA/7uGKb3O4ctHmsJotQlBQ+hPLIaKoirr1o3TK7oByaYl NrLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=s2PQ1tS+zDL2cVdzhmJWwkwJYd4qinJa4EfCi6rozVw=; b=RyUYrnUC+1l19byL5gTCyIZNmvAGb1GyYxzeJbxJ2vsYRlbA9JwGgtTglS+VLLNWfD ruaC5lyp+8r+k/UOHsBFdxrkpJvck2XJ5k+sEHc3W+FOnC0dikbnQCvbRC0Zh7E381Ht EHGGCPIc41oEXsEAWrnBYlXwvQSQwmOa/HQg1zdn68fEX5yoLXIjCiRKBEgjQ1IdcCsu uCpwBQgt+hOeu00SNnLVtwH3zbNpRsgpRMh+Ug3jzKehSK++pGD/NE75G5T8CuH+uE6v a2SdlR4wggEJYBWu3QfB/49NnTxaAwP1sU0DnSKOQsDvn6/D9q6TAXNNng3BrAEjkHuP TsyA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t13si7332153pfa.98.2019.03.08.07.02.11; Fri, 08 Mar 2019 07:02:27 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726800AbfCHPBR (ORCPT + 99 others); Fri, 8 Mar 2019 10:01:17 -0500 Received: from mx1.redhat.com ([209.132.183.28]:7245 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726680AbfCHPBR (ORCPT ); Fri, 8 Mar 2019 10:01:17 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B8A18821EF; Fri, 8 Mar 2019 15:01:16 +0000 (UTC) Received: from treble (ovpn-120-61.rdu2.redhat.com [10.10.120.61]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DC8AE608AC; Fri, 8 Mar 2019 15:01:13 +0000 (UTC) Date: Fri, 8 Mar 2019 09:01:11 -0600 From: Josh Poimboeuf To: Peter Zijlstra Cc: Linus Torvalds , Thomas Gleixner , Peter Anvin , Julien Thierry , Will Deacon , Andy Lutomirski , Ingo Molnar , Catalin Marinas , James Morse , valentin.schneider@arm.com, Brian Gerst , Andrew Lutomirski , Borislav Petkov , Denys Vlasenko , Linux List Kernel Mailing , Dmitry Vyukov , Steven Rostedt Subject: Re: [PATCH 18/20] objtool: Add UACCESS validation Message-ID: <20190308150111.xciejdvvmphzlb3u@treble> References: <20190307114511.870090179@infradead.org> <20190307115200.697533978@infradead.org> <20190307174135.GJ32477@hirez.programming.kicks-ass.net> <20190307184813.GL32477@hirez.programming.kicks-ass.net> <20190307190313.GA4572@worktop.programming.kicks-ass.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20190307190313.GA4572@worktop.programming.kicks-ass.net> User-Agent: NeoMutt/20180716 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Fri, 08 Mar 2019 15:01:17 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Mar 07, 2019 at 08:03:13PM +0100, Peter Zijlstra wrote: > On Thu, Mar 07, 2019 at 07:48:13PM +0100, Peter Zijlstra wrote: > > On Thu, Mar 07, 2019 at 09:54:14AM -0800, Linus Torvalds wrote: > > > On Thu, Mar 7, 2019 at 9:41 AM Peter Zijlstra wrote: > > > > > > > > > > What's the call site that made you go "just add __memset() to the list"? > > > > > > > > __asan_{,un}poinson_stack_memory() > > > > kasan_{,un}poison_shadow() > > > > __memset() > > > > > > Ugh. I think I almost just agree with your decision to just let that > > > memset go unchecked. > > > > > > I'm not saying it's right, but it doesn't seem to be a fight worth fighting. > > > > One think I could do; is add a filter to each function and only allow > > __memset from the kasan code, and not from anywhere else. > > Ah.. how about I feed objtool a text file with all these symbol names; > and I have Makefile compose file that from fragments. > > Then only KASAN builds will have memset whitelisted, and any other build > will still flag memset abuse. > > Now I only have to figure out how to make Makefile do something like > that :-) Instead of adding all those additional moving parts, I would much rather either: a) have kasan call a special whitelisted version of memset (like hpa suggested); or b) just don't use the objtool --uaccess flag for KASAN builds. -- Josh