Re: [PATCH 1/2] kasan: test: use underlying string helpers

From: Kees Cook
Date: Thu Oct 28 2021 - 16:42:13 EST


On Thu, Oct 28, 2021 at 01:15:26PM -0700, Andrew Morton wrote:
> On Thu, 14 Oct 2021 19:40:45 -0700 Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>
> >
> >
> > On October 14, 2021 1:12:54 AM PDT, Vincenzo Frascino <vincenzo.frascino@xxxxxxx> wrote:
> > >
> > >
> > >On 10/13/21 5:00 PM, Arnd Bergmann wrote:
> > >> From: Arnd Bergmann <arnd@xxxxxxxx>
> > >>
> > >> Calling memcmp() and memchr() with an intentional buffer overflow
> > >> is now caught at compile time:
> > >>
> > >> In function 'memcmp',
> > >> inlined from 'kasan_memcmp' at lib/test_kasan.c:897:2:
> > >> include/linux/fortify-string.h:263:25: error: call to '__read_overflow' declared with attribute error: detected read beyond size of object (1st parameter)
> > >> 263 | __read_overflow();
> > >> | ^~~~~~~~~~~~~~~~~
> > >> In function 'memchr',
> > >> inlined from 'kasan_memchr' at lib/test_kasan.c:872:2:
> > >> include/linux/fortify-string.h:277:17: error: call to '__read_overflow' declared with attribute error: detected read beyond size of object (1st parameter)
> > >> 277 | __read_overflow();
> > >> | ^~~~~~~~~~~~~~~~~
> > >>
> > >> Change the kasan tests to wrap those inside of a noinline function
> > >> to prevent the compiler from noticing the bug and let kasan find
> > >> it at runtime.
> > >>
> > >> Signed-off-by: Arnd Bergmann <arnd@xxxxxxxx>
> > >
> > >Reviewed-by: Vincenzo Frascino <vincenzo.frascino@xxxxxxx>
> >
> > How about just explicitly making the size invisible to the compiler?
> >
> > I did this for similar issues in the same source:
> >
> > https://lore.kernel.org/linux-hardening/20211006181544.1670992-1-keescook@xxxxxxxxxxxx/T/#u

This is already fixed in your tree with:

"kasan: test: consolidate workarounds for unwanted __alloc_size() protection"

which was based on this original patch (and my comments).

--
Kees Cook