Re: [PATCH] kasan: Always respect CONFIG_KASAN_STACK

[Palmer Dabbelt]

On Thu, 23 Sep 2021 07:59:46 PDT (-0700), nathan@xxxxxxxxxx wrote:
> On Thu, Sep 23, 2021 at 12:07:17PM +0200, Marco Elver wrote:
> > On Wed, 22 Sept 2021 at 22:55, Nathan Chancellor <nathan@xxxxxxxxxx> wrote:
> > > Currently, the asan-stack parameter is only passed along if
> > > CFLAGS_KASAN_SHADOW is not empty, which requires KASAN_SHADOW_OFFSET to
> > > be defined in Kconfig so that the value can be checked. In RISC-V's
> > > case, KASAN_SHADOW_OFFSET is not defined in Kconfig, which means that
> > > asan-stack does not get disabled with clang even when CONFIG_KASAN_STACK
> > > is disabled, resulting in large stack warnings with allmodconfig:
> > >
> > > drivers/video/fbdev/omap2/omapfb/displays/panel-lgphilips-lb035q02.c:117:12:
> > > error: stack frame size (14400) exceeds limit (2048) in function
> > > 'lb035q02_connect' [-Werror,-Wframe-larger-than]
> > > static int lb035q02_connect(struct omap_dss_device *dssdev)
> > >            ^
> > > 1 error generated.
> > >
> > > Ensure that the value of CONFIG_KASAN_STACK is always passed along to
> > > the compiler so that these warnings do not happen when
> > > CONFIG_KASAN_STACK is disabled.
> > >
> > > Link: https://github.com/ClangBuiltLinux/linux/issues/1453
> > > References: 6baec880d7a5 ("kasan: turn off asan-stack for clang-8 and earlier")
> > > Signed-off-by: Nathan Chancellor <nathan@xxxxxxxxxx>
> >
> > Reviewed-by: Marco Elver <elver@xxxxxxxxxx>
>
> Thanks!
>
> > [ Which tree are you planning to take it through? ]
>
> Gah, I was intending for it to go through -mm, then I cc'd neither
> Andrew nor linux-mm... :/ Andrew, do you want me to resend or can you
> grab it from LKML?

Acked-by: Palmer Dabbelt <palmerdabbelt@xxxxxxxxxx>

(assuming you still want it through somewhere else)

> > Note, arch/riscv/include/asm/kasan.h mentions KASAN_SHADOW_OFFSET in
> > comment (copied from arm64). Did RISC-V just forget to copy over the
> > Kconfig option?
>
> I do see it defined in that file as well but you are right that they did
> not copy the Kconfig logic, even though it was present in the tree when
> RISC-V KASAN was implemented. Perhaps they should so that they get
> access to the other flags in the "else" branch?

Ya, looks like we just screwed this up.  I'm seeing some warnings like

   cc1: warning: ‘-fsanitize=kernel-address’ with stack protection is not supported without ‘-fasan-shadow-offset=’ for this target

which is how I ended up here, I'm assuming that's what you're talking 
about here?  LMK if you were planning on sending along a fix or if you 
want me to go figure it out.

> > > ---
> > >  scripts/Makefile.kasan | 3 ++-
> > >  1 file changed, 2 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/scripts/Makefile.kasan b/scripts/Makefile.kasan
> > > index 801c415bac59..b9e94c5e7097 100644
> > > --- a/scripts/Makefile.kasan
> > > +++ b/scripts/Makefile.kasan
> > > @@ -33,10 +33,11 @@ else
> > >         CFLAGS_KASAN := $(CFLAGS_KASAN_SHADOW) \
> > >          $(call cc-param,asan-globals=1) \
> > >          $(call cc-param,asan-instrumentation-with-call-threshold=$(call_threshold)) \
> > > -        $(call cc-param,asan-stack=$(stack_enable)) \
> > >          $(call cc-param,asan-instrument-allocas=1)
> > >  endif
> > >
> > > +CFLAGS_KASAN += $(call cc-param,asan-stack=$(stack_enable))
> > > +
> > >  endif # CONFIG_KASAN_GENERIC
> > >
> > >  ifdef CONFIG_KASAN_SW_TAGS
> > >
> > > base-commit: 4057525736b159bd456732d11270af2cc49ec21f
> > > --
> > > 2.33.0.514.g99c99ed825
> > >
> > >