+ kasan-prohibit-kasanstructleak-combination.patch added to -mm tree

akpm@xxxxxxxxxxxxxxxxxxxx · Thu, 19 Apr 2018 12:33:43 -0700

The patch titled
     Subject: KASAN: prohibit KASAN+STRUCTLEAK combination
has been added to the -mm tree.  Its filename is
     kasan-prohibit-kasanstructleak-combination.patch

This patch should soon appear at
    http://ozlabs.org/~akpm/mmots/broken-out/kasan-prohibit-kasanstructleak-combination.patch
and later at
    http://ozlabs.org/~akpm/mmotm/broken-out/kasan-prohibit-kasanstructleak-combination.patch

Before you just go and hit "reply", please:
   a) Consider who else should be cc'ed
   b) Prefer to cc a suitable mailing list as well
   c) Ideally: find the original patch on the mailing list and do a
      reply-to-all to that, adding suitable additional cc's

*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***

The -mm tree is included into linux-next and is updated
there every 3-4 working days

------------------------------------------------------
From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
Subject: KASAN: prohibit KASAN+STRUCTLEAK combination

Currently STRUCTLEAK inserts initialization out of live scope of variables
from KASAN point of view.  This leads to KASAN false positive reports. 
Prohibit this combination for now.

Link: http://lkml.kernel.org/r/20180419172451.104700-1-dvyukov@xxxxxxxxxx
Signed-off-by: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
Cc: Fengguang Wu <fengguang.wu@xxxxxxxxx>
Cc: Sergey Senozhatsky <sergey.senozhatsky.work@xxxxxxxxx>
Cc: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>
Cc: Kees Cook <keescook@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---

 arch/Kconfig |    4 ++++
 1 file changed, 4 insertions(+)

diff -puN arch/Kconfig~kasan-prohibit-kasanstructleak-combination arch/Kconfig

--- a/arch/Kconfig~kasan-prohibit-kasanstructleak-combination
+++ a/arch/Kconfig
@@ -464,6 +464,10 @@ config GCC_PLUGIN_LATENT_ENTROPY
 config GCC_PLUGIN_STRUCTLEAK
 	bool "Force initialization of variables containing userspace addresses"
 	depends on GCC_PLUGINS
+	# Currently STRUCTLEAK inserts initialization out of live scope of
+	# variables from KASAN point of view. This leads to KASAN false
+	# positive reports. Prohibit this combination for now.
+	depends on !KASAN_EXTRA
 	help
 	  This plugin zero-initializes any structures containing a
 	  __user attribute. This can prevent some classes of information
_

Patches currently in -mm which might be from dvyukov@xxxxxxxxxx are

kasan-prohibit-kasanstructleak-combination.patch

--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html






