Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp739247rwb; Tue, 29 Nov 2022 04:55:57 -0800 (PST) X-Google-Smtp-Source: AA0mqf6ldPSc00lW9hwOFSASH9wKr9ceVnia+4x+iV5UVp4vzPut4p8IZgrJpvAjuBbZkP7C9CUC X-Received: by 2002:a17:90a:710b:b0:218:725:c820 with SMTP id h11-20020a17090a710b00b002180725c820mr59908336pjk.170.1669726557045; Tue, 29 Nov 2022 04:55:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669726557; cv=none; d=google.com; s=arc-20160816; b=aOFsAWR+ZOAivsyGxv93iKvgtXMLOzuOLMnWta6Mebj81DcYmAL59K+wSTbusdxq0k zQWE2nuqoRX3WKlxkpoJeO12ncErGCtxyXTsSmlxTi5tIqlK0qefdJ5USnPGmyRrxunp kUEySAiPNFJ6WyvkTNS+urCNwSvA39ciCx6TkNBzaH3i3MRw8KKX7+i8og7JgEjh7HsM ZY2qyGtzNU2TTxQchURN4HxoJ9wFyy2iLS9Q9lwvzb4SSSwPOv4FIuuO8NhIEWeTYuNw Q+1UOS8+QWltOkKMwyA8FM4u+c5EbiyccsXJXSjyUVn32OeNqV61V+1GqMUz7//4Puwm gobQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:subject:cc:to:from:date:references:in-reply-to :message-id:mime-version:user-agent:feedback-id:dkim-signature :dkim-signature; bh=IqZipqd0JqL5tnglRr5e29BfFvwlHJufO9Ma0d1pQ0E=; b=u4gVl7QioQDO81XkGS1zkZ7UrQnxPXzMM1AuCa40ODWBSagfrzytimBK6/zR0YHJZn BMNjWKaG2ysuen47+T2FeoS7A+9LucTro1AKJv6Ke54daBn1Z2xLp84jdc/QpJ+ucSNF P1SFB5bC5UfC/GNDclshjmYAgWuwOhdet3DmAiw3xk1P6+ZJaDTnaJ024yvDx01/O53W cBzSS5185vlDFXS29hEsiPkiBxI/nAfBa8AmWESAraC6Zx0GFunmWj6wjtL0UAn35QKQ WfSk+LS2Idwfb+7IcC3bzmDMpyS/ltm5sbgj/WH+dbOIoXwK4ugpjPqtDgzE+b62t/PX N3Fg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@arndb.de header.s=fm1 header.b=eHpcM6SZ; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=HkCxwtOs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j3-20020a170903028300b00186bb2e85c4si6168699plr.429.2022.11.29.04.55.46; Tue, 29 Nov 2022 04:55:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@arndb.de header.s=fm1 header.b=eHpcM6SZ; dkim=pass header.i=@messagingengine.com header.s=fm1 header.b=HkCxwtOs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233461AbiK2Mdk (ORCPT + 83 others); Tue, 29 Nov 2022 07:33:40 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56428 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229630AbiK2Mdi (ORCPT ); Tue, 29 Nov 2022 07:33:38 -0500 Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C232324F3C; Tue, 29 Nov 2022 04:33:37 -0800 (PST) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 571E25C00BC; Tue, 29 Nov 2022 07:33:35 -0500 (EST) Received: from imap51 ([10.202.2.101]) by compute3.internal (MEProxy); Tue, 29 Nov 2022 07:33:35 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=arndb.de; h=cc :cc:content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm1; t=1669725215; x=1669811615; bh=IqZipqd0Jq L5tnglRr5e29BfFvwlHJufO9Ma0d1pQ0E=; b=eHpcM6SZLoo4/CPogT3l+vk4mD 6RQvCq32VDsRJ+RrliP3bJ/vEjyVomm3xgMNMNjA0eDKPjJ1JmlQ4JQo8BukXEL9 h358hsP8VJOH9aAszO25g8chHvG2mUZbZhyqY6h+qeomtcWAWL+6qJL691CnFAGe HhxQm1LcSF/Q8cqyhD8mpB8BiQTrNjDfbIEQ4BBEPTlUEfJExg5/hqVm3VcCBCDR ae6Q2S6iDzGBRtaB7ljYLh/8r8+WXxJLxqfF7WWa5sEsv8qPUWfuvUNskdNa6QiA rcLu4ddclbeWBN/aWsW/K6/V+ihYVpBjMhhXMU8bjtbA9M2uOe1GJUSssaTQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; t=1669725215; x=1669811615; bh=IqZipqd0JqL5tnglRr5e29BfFvwl HJufO9Ma0d1pQ0E=; b=HkCxwtOsOLvnCGcKAxedQxQ7kUYyjzjIEvch79MlAP5I WtFDVLIsaJ16v0yvGZBUVmyv6axgav4MS77qa2k1fx2OCOFg+fQMr25J9z0bNA/Y bskE4Xo+lnxTz/N8+2itEvXCstSvhL5KX5DlhohADAVzjbz4wFtgvbRURgHSYvNk mvlvt4Y6KGrPsNm7DBxk6UO02+nG11YfQiGvrGl+di6A+JJOKiwr41PnT9z/YhWJ Wz10XTOW57VG6VRIbgNJy18+fCTpZHNPEJFkpP3tRZBbSG0ApFO6r6KwYAfFeJH7 Fimdg+0BsEoat3qlESRAM+Qdpe6eEe4/TiDee5SdPw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrtddtgdduudcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefofgggkfgjfhffhffvvefutgesthdtredtreertdenucfhrhhomhepfdetrhhn ugcuuegvrhhgmhgrnhhnfdcuoegrrhhnugesrghrnhgusgdruggvqeenucggtffrrghtth gvrhhnpeeigfeiieeiheejjeeiudekleevvddvffetieehteeikeeigeeiffdttdeftdeg gfenucffohhmrghinhepghhnuhdrohhrghenucevlhhushhtvghrufhiiigvpedtnecurf grrhgrmhepmhgrihhlfhhrohhmpegrrhhnugesrghrnhgusgdruggv X-ME-Proxy: Feedback-ID: i56a14606:Fastmail Received: by mailuser.nyi.internal (Postfix, from userid 501) id 9B4EAB60086; Tue, 29 Nov 2022 07:33:33 -0500 (EST) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.7.0-alpha0-1115-g8b801eadce-fm-20221102.001-g8b801ead Mime-Version: 1.0 Message-Id: <63ced4a4-33b9-4c03-8d7a-987ceb1fc2c7@app.fastmail.com> In-Reply-To: References: <20221101222520.never.109-kees@kernel.org> Date: Tue, 29 Nov 2022 13:33:03 +0100 From: "Arnd Bergmann" To: "Conor.Dooley" , "Kees Cook" Cc: "Vlastimil Babka" , "David Gow" , "Christoph Lameter" , "Pekka Enberg" , "David Rientjes" , "Joonsoo Kim" , "Roman Gushchin" , "Hyeonggon Yoo" <42.hyeyoo@gmail.com>, "Rasmus Villemoes" , "Guenter Roeck" , "Andy Shevchenko" , "Paolo Abeni" , "Geert Uytterhoeven" , "Nathan Chancellor" , "Nick Desaulniers" , "Tom Rix" , linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-hardening@vger.kernel.org, llvm@lists.linux.dev Subject: Re: [PATCH 0/6] slab: Provide full coverage for __alloc_size attribute Content-Type: text/plain X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Nov 29, 2022, at 13:24, Conor Dooley wrote: > On Tue, Nov 01, 2022 at 03:33:08PM -0700, Kees Cook wrote: >> Hi, >> >> This is a series to work around a deficiency in GCC (>=11) and Clang >> (<16) where the __alloc_size attribute does not apply to inlines. :( >> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96503 >> >> This manifests as reduced overflow detection coverage for many allocation >> sites under CONFIG_FORTIFY_SOURCE=y, where the allocation size was >> not actually being propagated to __builtin_dynamic_object_size(). In >> addition to working around the issue, expand use of __alloc_size (and >> __realloc_size) to more places and provide KUnit tests to validate all >> the covered allocator APIs. > > Hello Kees! > > It would appear that one of the macros you've added here is doing Bad > Things^TM to allmodconfig on RISC-V since the 22nd: > > ../lib/fortify_kunit.c: In function 'alloc_size_kmalloc_const_test': > ../lib/fortify_kunit.c:140:1: error: the frame size of 2384 bytes is > larger than 2048 bytes [-Werror=frame-larger-than=] > 140 | } > \ > | ^ > ../lib/fortify_kunit.c:209:1: note: in expansion of macro > 'DEFINE_ALLOC_SIZE_TEST_PAIR' > 209 | DEFINE_ALLOC_SIZE_TEST_PAIR(kmalloc) > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ > cc1: all warnings being treated as errors > > CONFIG_GCC_VERSION=110100 > CONFIG_AS_VERSION=23700 > CONFIG_LD_VERSION=23700 > > The report came out of my CI (which I should have passed on sooner) so > I do not have anything other than stderr - I can get you anything else > you'd like/need though if you LMK. There is generally a conflict between kunit and the structleak gcc plugin, I think the Makefile needs a line like CFLAGS_fortify_kunit.o += $(DISABLE_STRUCTLEAK_PLUGIN) Arnd