mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-23 12:14:10 +08:00
ubsan: remove CONFIG_UBSAN_OBJECT_SIZE
The object-size sanitizer is redundant to -Warray-bounds, and inappropriately performs its checks at run-time when all information needed for the evaluation is available at compile-time, making it quite difficult to use: https://bugzilla.kernel.org/show_bug.cgi?id=214861 With -Warray-bounds almost enabled globally, it doesn't make sense to keep this around. Link: https://lkml.kernel.org/r/20211203235346.110809-1-keescook@chromium.org Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Marco Elver <elver@google.com> Cc: Masahiro Yamada <masahiroy@kernel.org> Cc: Michal Marek <michal.lkml@markovi.net> Cc: Nick Desaulniers <ndesaulniers@google.com> Cc: Nathan Chancellor <nathan@kernel.org> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: "Peter Zijlstra (Intel)" <peterz@infradead.org> Cc: Stephen Rothwell <sfr@canb.auug.org.au> Cc: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
bece04b5b4
commit
69d0db01e2
@ -112,19 +112,6 @@ config UBSAN_UNREACHABLE
|
||||
This option enables -fsanitize=unreachable which checks for control
|
||||
flow reaching an expected-to-be-unreachable position.
|
||||
|
||||
config UBSAN_OBJECT_SIZE
|
||||
bool "Perform checking for accesses beyond the end of objects"
|
||||
default UBSAN
|
||||
# gcc hugely expands stack usage with -fsanitize=object-size
|
||||
# https://lore.kernel.org/lkml/CAHk-=wjPasyJrDuwDnpHJS2TuQfExwe=px-SzLeN8GFMAQJPmQ@mail.gmail.com/
|
||||
depends on !CC_IS_GCC
|
||||
depends on $(cc-option,-fsanitize=object-size)
|
||||
help
|
||||
This option enables -fsanitize=object-size which checks for accesses
|
||||
beyond the end of objects where the optimizer can determine both the
|
||||
object being operated on and its size, usually seen with bad downcasts,
|
||||
or access to struct members from NULL pointers.
|
||||
|
||||
config UBSAN_BOOL
|
||||
bool "Perform checking for non-boolean values used as boolean"
|
||||
default UBSAN
|
||||
|
@ -79,15 +79,6 @@ static void test_ubsan_load_invalid_value(void)
|
||||
eval2 = eval;
|
||||
}
|
||||
|
||||
static void test_ubsan_null_ptr_deref(void)
|
||||
{
|
||||
volatile int *ptr = NULL;
|
||||
int val;
|
||||
|
||||
UBSAN_TEST(CONFIG_UBSAN_OBJECT_SIZE);
|
||||
val = *ptr;
|
||||
}
|
||||
|
||||
static void test_ubsan_misaligned_access(void)
|
||||
{
|
||||
volatile char arr[5] __aligned(4) = {1, 2, 3, 4, 5};
|
||||
@ -98,29 +89,16 @@ static void test_ubsan_misaligned_access(void)
|
||||
*ptr = val;
|
||||
}
|
||||
|
||||
static void test_ubsan_object_size_mismatch(void)
|
||||
{
|
||||
/* "((aligned(8)))" helps this not into be misaligned for ptr-access. */
|
||||
volatile int val __aligned(8) = 4;
|
||||
volatile long long *ptr, val2;
|
||||
|
||||
UBSAN_TEST(CONFIG_UBSAN_OBJECT_SIZE);
|
||||
ptr = (long long *)&val;
|
||||
val2 = *ptr;
|
||||
}
|
||||
|
||||
static const test_ubsan_fp test_ubsan_array[] = {
|
||||
test_ubsan_shift_out_of_bounds,
|
||||
test_ubsan_out_of_bounds,
|
||||
test_ubsan_load_invalid_value,
|
||||
test_ubsan_misaligned_access,
|
||||
test_ubsan_object_size_mismatch,
|
||||
};
|
||||
|
||||
/* Excluded because they Oops the module. */
|
||||
static const test_ubsan_fp skip_ubsan_array[] = {
|
||||
test_ubsan_divrem_overflow,
|
||||
test_ubsan_null_ptr_deref,
|
||||
};
|
||||
|
||||
static int __init test_ubsan_init(void)
|
||||
|
@ -8,7 +8,6 @@ ubsan-cflags-$(CONFIG_UBSAN_LOCAL_BOUNDS) += -fsanitize=local-bounds
|
||||
ubsan-cflags-$(CONFIG_UBSAN_SHIFT) += -fsanitize=shift
|
||||
ubsan-cflags-$(CONFIG_UBSAN_DIV_ZERO) += -fsanitize=integer-divide-by-zero
|
||||
ubsan-cflags-$(CONFIG_UBSAN_UNREACHABLE) += -fsanitize=unreachable
|
||||
ubsan-cflags-$(CONFIG_UBSAN_OBJECT_SIZE) += -fsanitize=object-size
|
||||
ubsan-cflags-$(CONFIG_UBSAN_BOOL) += -fsanitize=bool
|
||||
ubsan-cflags-$(CONFIG_UBSAN_ENUM) += -fsanitize=enum
|
||||
ubsan-cflags-$(CONFIG_UBSAN_TRAP) += -fsanitize-undefined-trap-on-error
|
||||
|
Loading…
Reference in New Issue
Block a user