Received: by 2002:ab2:1c04:0:b0:1f7:53ba:1ebe with SMTP id f4csp137837lqg; Fri, 26 Apr 2024 10:49:54 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXhfQYEHu9wl6JDqDroc/PYOiri1fQGs7ooQza2PiH7NiHxwtw/kYjZ5Seoqqtyf9hYx93e0hH507sWn665+GZyVCLooVJtdD4gSir1Cg== X-Google-Smtp-Source: AGHT+IFcsvWIPq7xkYkk+GU9LNhngcYSoVNCHYgLwTNuKFDmxPuSw7hOdz5ajDKtHTQMTfdRK7GU X-Received: by 2002:a17:90a:6fe2:b0:2a4:6ce7:37ad with SMTP id e89-20020a17090a6fe200b002a46ce737admr5405511pjk.5.1714153793759; Fri, 26 Apr 2024 10:49:53 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714153793; cv=pass; d=google.com; s=arc-20160816; b=wKBXGroc4ab8A4tzz2b8DYsjENbXuBfvyPcld+D3Idan8JzZNtRZ4QzZHJvyInaiII nZaE0WlR9zxITxVOtqhsiwf+C1jNdi50NdoHls9yfmViMPbrSr0TPaRCxMmmAc3OLxv3 7wwi6+pjSf6OJSo9OOkphTMFy7IUQxdjsC8kYv0CjCzfnzDMQBEDpftjQAEgOKfm5OS2 9ziOvKvuQf30kT28xOIOPW4ZxvIQqHGMheghhjcw7ERkiTVWxw31Q9cFt7u4CBYC21PC pb+DONY1XsgtYmhe/79c3kzMqs324HiF/30TvfVkZmfa8KKCqvqq+cM190ck5gZv3fWq UEnA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=fe5EQQLoTXZFn1bLQXPTwoyrsdAh1Ibszp1SAcmbFC8=; fh=s2DUDp1s6XhCCvcI9eEh+J/TVMMDL5Ek3FPgyCtRWQo=; b=FSbpDVlo4enReEHqu3TXDsNka6Sc1800Bky5jwbvXLdNS36w2EsRShdRRu0NGW2VPu CrT3AzToo2ubeRQMWwPgOuWPdrv2B5hzjZ+Y/AAjEJrp354slUu/+gPMKE3CA3SwY6ok p2vxe9cXGCzYRi9swP8VV0S39m52iw9ZlPppu5Nagl8DxIefl9siY8oTyVPqJ13NTcuK tYkY6YmjpSlVGZbRh28qlWqUeGP+nR7rX9WcqKk8UMQygZRzPvoCd/7N4KLHpgrDM3m0 7h4l/7OTiJnzfaoMpNo/Yx8tLh51XoMLwFFQDyusvd04aIlsUIo16atyWmGHMPASPLWk FcUg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=d3MiS9GB; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-160507-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-160507-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id g5-20020a17090a7d0500b002ae2bfe1374si8737445pjl.7.2024.04.26.10.49.53 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Apr 2024 10:49:53 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-160507-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=d3MiS9GB; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-160507-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-160507-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 10275B21132 for ; Fri, 26 Apr 2024 17:38:49 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 66ED815CD51; Fri, 26 Apr 2024 17:38:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="d3MiS9GB" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8311C145B0F; Fri, 26 Apr 2024 17:38:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714153120; cv=none; b=QNdbrQ0TJKQkpTb2y1JSKp8GKW6duRZB/o8pBmvJVp/A/tLl8Q6VQInG5B53CMiSML+4m5fyUhIWdVxnb5wO6FshD0vTr1j8M0jFIFYx70MAT2ANCjXYpmR1WKGp6lqDf1btkNR1lzCue9N5k3IZzMfS/YEY7q4CzawEyjZ5SjQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714153120; c=relaxed/simple; bh=9dYAdp7FYAzvqo+YtXaejtQOOLyFel2BTjwOXrzYgIw=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=AQSibZ66ciQAilhFvuY7ufDmGH6N6grlNT4Szej1MdOeB1BVVzNqEo+XIU3yzG62FWt9IIqz4XQRvnJM9fvKsGLPcVwhLnMGid/1R4CUgcNsUdinBjrr+odtAQzTSyxZn8XBXlg1Zl3cvaLAzuk6J2+moRyG6BfZjQSr0nnmBQ0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=d3MiS9GB; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4FFB6C113CD; Fri, 26 Apr 2024 17:38:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1714153120; bh=9dYAdp7FYAzvqo+YtXaejtQOOLyFel2BTjwOXrzYgIw=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=d3MiS9GBcE02pQF/hUdEhcY8Jrd3HjPDJRoRZYM6P24EiFsuIAlMOpyye+SRee4Ww mSziF0M5DhgCyyzXRVUSVPAWnWpelqzXho4mmPWelGSkT3dDNGSNo9/UW9P8/KASl6 jpnXzHmxxWNMqFobWEa51GqcyCOVyiT4dGpw1fqVEyDGn+HFeTylDNX03aodoKyjga YHetRVFCnjAPx5TnX2qspH6JwukVUsje2SucvO/9eh499tT5uwfdz49o5oXuBufQVI V/O9+R7BBMX7iBbT0AizMdVQUG+/85y0RrS2o2Zs59BXis/FYbD1SHXJPhFh3NdJkJ EgF6ntP1Q3lhA== Date: Fri, 26 Apr 2024 10:38:37 -0700 From: Nathan Chancellor To: Kees Cook Cc: Marco Elver , Erhard Furtner , Andrey Konovalov , Andrey Ryabinin , Nick Desaulniers , Bill Wendling , Justin Stitt , llvm@lists.linux.dev, kasan-dev@googlegroups.com, linux-hardening@vger.kernel.org, Andrew Morton , linux-kernel@vger.kernel.org Subject: Re: [PATCH v2] ubsan: Avoid i386 UBSAN handler crashes with Clang Message-ID: <20240426173837.GA2744190@dev-arch.thelio-3990X> References: <20240424224026.it.216-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240424224026.it.216-kees@kernel.org> On Wed, Apr 24, 2024 at 03:40:29PM -0700, Kees Cook wrote: > When generating Runtime Calls, Clang doesn't respect the -mregparm=3 > option used on i386. Hopefully this will be fixed correctly in Clang 19: > https://github.com/llvm/llvm-project/pull/89707 > but we need to fix this for earlier Clang versions today. Force the > calling convention to use non-register arguments. > > Reported-by: Erhard Furtner > Closes: https://github.com/KSPP/linux/issues/350 > Signed-off-by: Kees Cook Acked-by: Nathan Chancellor > --- > Cc: Marco Elver > Cc: Andrey Konovalov > Cc: Andrey Ryabinin > Cc: Nathan Chancellor > Cc: Nick Desaulniers > Cc: Bill Wendling > Cc: Justin Stitt > Cc: llvm@lists.linux.dev > Cc: kasan-dev@googlegroups.com > Cc: linux-hardening@vger.kernel.org > v2: > - use email address in Reported-by > - link to upstream llvm bug in ubsan.h comment > - drop needless /**/ > - explicitly test Clang version > v1: https://lore.kernel.org/lkml/20240424162942.work.341-kees@kernel.org/ > --- > lib/ubsan.h | 41 +++++++++++++++++++++++++++-------------- > 1 file changed, 27 insertions(+), 14 deletions(-) > > diff --git a/lib/ubsan.h b/lib/ubsan.h > index 50ef50811b7c..07e37d4429b4 100644 > --- a/lib/ubsan.h > +++ b/lib/ubsan.h > @@ -124,19 +124,32 @@ typedef s64 s_max; > typedef u64 u_max; > #endif > > -void __ubsan_handle_add_overflow(void *data, void *lhs, void *rhs); > -void __ubsan_handle_sub_overflow(void *data, void *lhs, void *rhs); > -void __ubsan_handle_mul_overflow(void *data, void *lhs, void *rhs); > -void __ubsan_handle_negate_overflow(void *_data, void *old_val); > -void __ubsan_handle_divrem_overflow(void *_data, void *lhs, void *rhs); > -void __ubsan_handle_type_mismatch(struct type_mismatch_data *data, void *ptr); > -void __ubsan_handle_type_mismatch_v1(void *_data, void *ptr); > -void __ubsan_handle_out_of_bounds(void *_data, void *index); > -void __ubsan_handle_shift_out_of_bounds(void *_data, void *lhs, void *rhs); > -void __ubsan_handle_builtin_unreachable(void *_data); > -void __ubsan_handle_load_invalid_value(void *_data, void *val); > -void __ubsan_handle_alignment_assumption(void *_data, unsigned long ptr, > - unsigned long align, > - unsigned long offset); > +/* > + * When generating Runtime Calls, Clang doesn't respect the -mregparm=3 > + * option used on i386: https://github.com/llvm/llvm-project/issues/89670 > + * Fix this for earlier Clang versions by forcing the calling convention > + * to use non-register arguments. > + */ > +#if defined(CONFIG_X86_32) && \ > + defined(CONFIG_CC_IS_CLANG) && CONFIG_CLANG_VERSION < 190000 > +# define ubsan_linkage asmlinkage > +#else > +# define ubsan_linkage > +#endif > + > +void ubsan_linkage __ubsan_handle_add_overflow(void *data, void *lhs, void *rhs); > +void ubsan_linkage __ubsan_handle_sub_overflow(void *data, void *lhs, void *rhs); > +void ubsan_linkage __ubsan_handle_mul_overflow(void *data, void *lhs, void *rhs); > +void ubsan_linkage __ubsan_handle_negate_overflow(void *_data, void *old_val); > +void ubsan_linkage __ubsan_handle_divrem_overflow(void *_data, void *lhs, void *rhs); > +void ubsan_linkage __ubsan_handle_type_mismatch(struct type_mismatch_data *data, void *ptr); > +void ubsan_linkage __ubsan_handle_type_mismatch_v1(void *_data, void *ptr); > +void ubsan_linkage __ubsan_handle_out_of_bounds(void *_data, void *index); > +void ubsan_linkage __ubsan_handle_shift_out_of_bounds(void *_data, void *lhs, void *rhs); > +void ubsan_linkage __ubsan_handle_builtin_unreachable(void *_data); > +void ubsan_linkage __ubsan_handle_load_invalid_value(void *_data, void *val); > +void ubsan_linkage __ubsan_handle_alignment_assumption(void *_data, unsigned long ptr, > + unsigned long align, > + unsigned long offset); > > #endif > -- > 2.34.1 >