From patchwork Mon Oct 2 08:40:55 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnd Bergmann X-Patchwork-Id: 9980417 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 45C1460365 for ; Mon, 2 Oct 2017 08:42:15 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 375C3200E7 for ; Mon, 2 Oct 2017 08:42:15 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2BABB28992; Mon, 2 Oct 2017 08:42:15 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A32B1200E7 for ; Mon, 2 Oct 2017 08:42:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751214AbdJBImA (ORCPT ); Mon, 2 Oct 2017 04:42:00 -0400 Received: from mout.kundenserver.de ([212.227.17.24]:53058 "EHLO mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751065AbdJBIl6 (ORCPT ); Mon, 2 Oct 2017 04:41:58 -0400 Received: from wuerfel.lan ([95.208.190.237]) by mrelayeu.kundenserver.de (mreue104 [212.227.15.145]) with ESMTPA (Nemesis) id 0M8hRj-1d3n5s3ex1-00wIAV; Mon, 02 Oct 2017 10:41:32 +0200 From: Arnd Bergmann To: Andrey Ryabinin Cc: David Laight , Mauro Carvalho Chehab , "David S . Miller" , Alexander Potapenko , Dmitry Vyukov , Masahiro Yamada , Andrew Morton , Kees Cook , Geert Uytterhoeven , Greg Kroah-Hartman , "linux-media @ vger . kernel . org" , "linux-kernel @ vger . kernel . org" , "kasan-dev @ googlegroups . com" , "linux-kbuild @ vger . kernel . org" , Arnd Bergmann Subject: [PATCH] string.h: work around for increased stack usage Date: Mon, 2 Oct 2017 10:40:55 +0200 Message-Id: <20171002084119.3504771-1-arnd@arndb.de> X-Mailer: git-send-email 2.9.0 In-Reply-To: References: X-Provags-ID: V03:K0:75S+xZeSKGSni+9Gu17JpitItEVmdpklWDvtrVYSjdXmcohSpYg XWG0aQDTIaODPomtHFQT/ZVkgXkTRVJLPRBV+OQ6H6+tCjq3vL1zjDi+9v7bEG3RxGIk0QJ csJHP9zTOnraUwZpXTeNvaOgVjvZC6qmtTenCFMSntrhcXdzr6reh2kcbsfNjRuBfQXFS/S JEIuKQi207uAcLm7t6k3g== X-UI-Out-Filterresults: notjunk:1; V01:K0:kqev8UrKyno=:FwTjtDNnfwWhha6TU6ICvt fxTiLmtk2uYtCT8DJzZoj0ijHxNmOUPPWRX1vmMjpQWPJV/iUFK68B9RGgtbWrdJGImXJTsxU 7t6eBTCAbpyTKpRNGFDTxt+fCwyxCxcTgjw/TdvTrkVHpYsXRUKLZsUGAB0whpMhPT+hob2xZ EDyK6L8s+MIjD0b6xJXc5AwZx6zGg9XRNDAnBnFJz3NB9ujpPw3vLm5PC30hII3yRGHLwPw5o ZN1XLW4kJmqv7x63WbKm6DKS8GxEGt8QGwp9wDSxZU8AYRnlhWm21jFRGXiSB3OfAJvoizZMc OR2jjaCa/KgqFNglTjE5PG/C+qL5XEFluS5xy9j3zOQn6kCprvPw7ux2WlDXnRPREV6DbbluO V2fEGbcSdljerjgATPAx2rL2QP48VJ5RJ342tiitwlbSwSzTru0+E+tcE4yOvTMVyHpCRApgG dJjOAMgYpZTgeUKsk66dAXiv2r78BnVbGn3AC4tEZy3GrvOJ5fvdA+/2iWWrXJJ7Z9lhb+Csk DhUct3AaLRaxD+LVvExZEb2+qT+yz1P9bd2luB+dfmQbn5ZdW77cmqM3qcO7xGnyJyrBm7dCh 2dQcs3pgpMDJGYpP/K17TP6BrwWdY9InDeNcmgqG75rBIVadKQLfKTv9xdVkComjFVLBWNqPb Zdd43EtdUd61JuLtQo+EQACa0HcwLpuj5V3SLJTAidlk2OYbPvUIiTdByJHenVqlUPaoPTwfs /50NcNVG2eCx14mR5H/RcYQ/Rt3nacsRB3BHBA== Sender: linux-kbuild-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kbuild@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The hardened strlen() function causes rather large stack usage in at least one file in the kernel when CONFIG_KASAN is enabled: drivers/media/usb/em28xx/em28xx-dvb.c: In function 'em28xx_dvb_init': drivers/media/usb/em28xx/em28xx-dvb.c:2062:1: error: the frame size of 3256 bytes is larger than 204 bytes [-Werror=frame-larger-than=] Analyzing this problem led to the discovery that gcc fails to merge the stack slots for the i2c_board_info[] structures after we strlcpy() into them, due to the 'noreturn' attribute on the source string length check. The compiler behavior should get fixed in gcc-8, but for users of existing gcc versions, we can work around it using an empty inline assembly statement before the call to fortify_panic(). The workaround is unfortunately very ugly, and I tried my best to limit it being applied to affected versions of gcc when KASAN is used. Alternative suggestions welcome. Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82365 Signed-off-by: Arnd Bergmann --- include/linux/string.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/include/linux/string.h b/include/linux/string.h index c7a1132cdc93..1bf5ecdf8e01 100644 --- a/include/linux/string.h +++ b/include/linux/string.h @@ -228,6 +228,16 @@ static inline const char *kbasename(const char *path) #define __RENAME(x) __asm__(#x) void fortify_panic(const char *name) __noreturn __cold; + +/* work around GCC PR82365 */ +#if defined(CONFIG_KASAN) && !defined(__clang__) && GCC_VERSION <= 80000 +#define fortify_panic(x) \ + do { \ + asm volatile(""); \ + fortify_panic(x); \ + } while (0) +#endif + void __read_overflow(void) __compiletime_error("detected read beyond size of object passed as 1st parameter"); void __read_overflow2(void) __compiletime_error("detected read beyond size of object passed as 2nd parameter"); void __read_overflow3(void) __compiletime_error("detected read beyond size of object passed as 3rd parameter");