The following commit has been merged into the objtool/core branch of tip: Commit-ID: dc18ab3b7b48aff9c41808af4a830636b3499578 Gitweb: https://git.kernel.org/tip/dc18ab3b7b48aff9c41808af4a830636b3499578 Author: Nick Desaulniers <ndesaulniers@xxxxxxxxxx> AuthorDate: Thu, 26 Mar 2020 11:37:06 -07:00 Committer: Josh Poimboeuf <jpoimboe@xxxxxxxxxx> CommitterDate: Tue, 14 Apr 2020 10:39:25 -05:00 objtool: Documentation: document UACCESS warnings Compiling with Clang and CONFIG_KASAN=y was exposing a few warnings: call to memset() with UACCESS enabled Document how to fix these for future travelers. Link: https://github.com/ClangBuiltLinux/linux/issues/876 Suggested-by: Kamalesh Babulal <kamalesh@xxxxxxxxxxxxxxxxxx> Suggested-by: Matt Helsley <mhelsley@xxxxxxxxxx> Suggested-by: Peter Zijlstra <peterz@xxxxxxxxxxxxx> Suggested-by: Randy Dunlap <rdunlap@xxxxxxxxxxxxx> Signed-off-by: Nick Desaulniers <ndesaulniers@xxxxxxxxxx> Signed-off-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx> --- tools/objtool/Documentation/stack-validation.txt | 26 +++++++++++++++- 1 file changed, 26 insertions(+) diff --git a/tools/objtool/Documentation/stack-validation.txt b/tools/objtool/Documentation/stack-validation.txt index de09467..faa47c3 100644 --- a/tools/objtool/Documentation/stack-validation.txt +++ b/tools/objtool/Documentation/stack-validation.txt @@ -289,6 +289,32 @@ they mean, and suggestions for how to fix them. might be corrupt due to a gcc bug. For more details, see: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70646 +9. file.o: warning: objtool: funcA() call to funcB() with UACCESS enabled + + This means that an unexpected call to a non-whitelisted function exists + outside of arch-specific guards. + X86: SMAP (stac/clac): __uaccess_begin()/__uaccess_end() + ARM: PAN: uaccess_enable()/uaccess_disable() + + These functions should be called to denote a minimal critical section around + access to __user variables. See also: https://lwn.net/Articles/517475/ + + The intention of the warning is to prevent calls to funcB() from eventually + calling schedule(), potentially leaking the AC flags state, and not + restoring them correctly. + + It also helps verify that there are no unexpected calls to funcB() which may + access user space pages with protections against doing so disabled. + + To fix, either: + 1) remove explicit calls to funcB() from funcA(). + 2) add the correct guards before and after calls to low level functions like + __get_user_size()/__put_user_size(). + 3) add funcB to uaccess_safe_builtin whitelist in tools/objtool/check.c, if + funcB obviously does not call schedule(), and is marked notrace (since + function tracing inserts additional calls, which is not obvious from the + sources). + If the error doesn't seem to make sense, it could be a bug in objtool. Feel free to ask the objtool maintainer for help.