New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Patch ubsan - Fix undefined references to ubsan functions #6813
Conversation
Please fix the checkpatch issues. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @Abhishek-brcm, thanks for the patch!
Please change the subject to "core: fix undefined references to ubsan functions".
We don't need the "Resolves:" nor the "Files affected:" lines.
Better write "Add UBSan handlers..." than "Added UBSan handlers" (imperative mood).
Your Signed-off-by: is missing an email address.
See my other comment below.
core/arch/arm/kernel/boot.c
Outdated
/* | ||
Checks if seed is 8-byte aligned, and performs alignment if needed. | ||
If removed while CFG_CORE_SANITIZE_UNDEFINED is set, it may cause a ubsan panic | ||
*/ | ||
if (((uint64_t)seed & 7) != 0) { | ||
seed = (uint64_t *)((unsigned long)seed + (8 - ((unsigned long)seed & 7))); | ||
} | ||
|
||
return fdt64_to_cpu(*seed); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can't change the address of the seed. The correct fix is:
/* | |
Checks if seed is 8-byte aligned, and performs alignment if needed. | |
If removed while CFG_CORE_SANITIZE_UNDEFINED is set, it may cause a ubsan panic | |
*/ | |
if (((uint64_t)seed & 7) != 0) { | |
seed = (uint64_t *)((unsigned long)seed + (8 - ((unsigned long)seed & 7))); | |
} | |
return fdt64_to_cpu(*seed); | |
return fdt64_to_cpu(fdt64_ld(seed)); |
Please make this a separate fix ("core: arm: use fdt64_ld() to read possibly unaligned kaslr-seed").
Once this is merged I'd like we have a QEMUv8 CI job with
|
Thanks for you feedback! Should I create a separate PR for the latter? |
Thanks. No need for a separate PR, please make this one two patches, one to fix the ASLR seed and the other one to fix UBSan. |
All fixes have been pushed to the branch. Thanks |
Please squash the fixup patches. Thanks! |
Please address the checkpatch issues. Then for both commits:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
With the checkpatch issues fixed please apply: |
checkpatch cannot find the |
Update on the xtest results: I have prepared fixes for both issues. However, The panic can be avoided if we add a high bit mask during left shift operations (example below):
Is it okay to patch this file? |
The commit 'Author' needs to match the first 'Signed-off-by'. To address this issue, you should first fix your Git configuration:
Then amend the two commits:
Thanks! |
Nice.
That file is imported from LibTomcrypt (https://github.com/libtom/libtomcrypt) and from what I can tell by looking at the file history in LibTomcrypt:
Therefore I think it is safe to further edit the file.
A better fix would be to make
As I said above, yes I think so. My suggestion is to first fix the issue upstream first in the LibTomcrypt project by creating a pull request there and get feedback from the maintainers. In parallel also create a pull request here so that we can get the fix without having to wait for a full update of the library. |
Thanks for the help! Updated the commit messages. |
Please also fix the code style issues reported by checkpatch (alignment). |
Can we ignore the |
Yes, checkpatch.pl is confused, it is clearly a false positive. |
The alignment is still not good :/ |
Hopefully, the current version works.
|
No. Please wrap the lines correctly and with the proper alignment (tabs then spaces to align until after the opening parenthesis). |
If you can't do it I can fix the patch manually when merging. My editor knows how to align code properly ;) |
Add UBSan handlers for `__ubsan_handle_type_mismatch_v1` and `__ubsan_handle_pointer_overflow` to remove undefined references error. Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Abhishek Revadekar <abhishek.rvdkr@yahoo.com>
Read possibly unaligned kaslr-seed using `fdt64_ld()` to avoid ubsan panic while booting with `CFG_CORE_ASLR=y` Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Abhishek Revadekar <abhishek.rvdkr@yahoo.com>
I think I got it this time!
Should've used vi for the changes! |
Resolves: Issue #6463
Added UBSan handlers for
__ubsan_handle_type_mismatch_v1
and__ubsan_handle_pointer_overflow
to remove the undefined references error.Files affected:
core/kernel/ubsan.c
Additional Fixes:
Issue: UBSan causes a kernel panic with
CFG_CORE_ASLR=y
with a 'type_mismatch_v1' inboot.c
->get_aslr_seed()
Cause:seed
variable inget_asrl_seed()
is not 8-byte aligned.Fix: Before passing the
seed
tofdt64_to_cpu()
, check if it is 8-byte aligned, and if not, make it so.Affected file: core/arch/arm/kernel/boot.c
Signed-off-by: Abhishek Revadekar