From nobody Wed Nov 17 14:27:27 2021 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 32B7B18502B9; Wed, 17 Nov 2021 14:27:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HvQHh0vk3z4mCD; Wed, 17 Nov 2021 14:27:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id F343122660; Wed, 17 Nov 2021 14:27:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1AHERR6p079986; Wed, 17 Nov 2021 14:27:27 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1AHERR3q079985; Wed, 17 Nov 2021 14:27:27 GMT (envelope-from git) Date: Wed, 17 Nov 2021 14:27:27 GMT Message-Id: <202111171427.1AHERR3q079985@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 3a15ccadf87e - stable/13 - kasan: Disable validation of function parameters passed by value List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 3a15ccadf87ec55068656e6a87c8b19eea1fd390 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=3a15ccadf87ec55068656e6a87c8b19eea1fd390 commit 3a15ccadf87ec55068656e6a87c8b19eea1fd390 Author: Mark Johnston AuthorDate: 2021-11-03 16:28:48 +0000 Commit: Mark Johnston CommitDate: 2021-11-17 14:27:16 +0000 kasan: Disable validation of function parameters passed by value It appears that the emitted code in the caller does not update shadow state for values passed on the stack to the callee, which it seemingly ought to do after pushing values on the stack and prior to the call itself. This leaves open a window where an interrupt handler can cause regions of the stack containing these values to be poisoned, resulting in rare false positive reports. This happens particularly in the amd64 TLB invalidation code, where we liberally pass cpuset_t's around by value. LLVM has a flag to disable validation of accesses of function parameters passed by value. Such validation is itself a relatively new feature. Turn it off for now. Reported by: pho, syzkaller Sponsored by: The FreeBSD Foundation (cherry picked from commit 2a519c3b14c29688e42d11f916655318b13c8409) --- sys/conf/kern.pre.mk | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sys/conf/kern.pre.mk b/sys/conf/kern.pre.mk index daba78135c79..e57c187f940d 100644 --- a/sys/conf/kern.pre.mk +++ b/sys/conf/kern.pre.mk @@ -114,7 +114,8 @@ SAN_CFLAGS+= -fsanitize=kernel-address \ -mllvm -asan-instrument-dynamic-allocas=true \ -mllvm -asan-globals=true \ -mllvm -asan-use-after-scope=true \ - -mllvm -asan-instrumentation-with-call-threshold=0 + -mllvm -asan-instrumentation-with-call-threshold=0 \ + -mllvm -asan-instrument-byval=false .endif KCSAN_ENABLED!= grep KCSAN opt_global.h || true ; echo