Re: [PATCH v4 3/5] kasan: support alloca() poisoning

From: Andrey Ryabinin
Date: Tue Dec 05 2017 - 11:33:11 EST

Next message: Linus Torvalds: "Re: NFS crash, hashed pointers in backtrace"
Previous message: Andrey Ryabinin: "Re: [PATCH v4 1/5] kasan: add compiler support for clang"
In reply to: Paul Lawrence: "[PATCH v4 3/5] kasan: support alloca() poisoning"
Next in thread: Paul Lawrence: "[PATCH v4 4/5] kasan: Add tests for alloca poisoning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/04/2017 10:17 PM, Paul Lawrence wrote:
> clang's AddressSanitizer implementation adds redzones on either side of
> alloca()ed buffers. These redzones are 32-byte aligned and at least 32
> bytes long.
>
> __asan_alloca_poison() is passed the size and address of the allocated
> buffer, *excluding* the redzones on either side. The left redzone will
> always be to the immediate left of this buffer; but AddressSanitizer may
> need to add padding between the end of the buffer and the right redzone.
> If there are any 8-byte chunks inside this padding, we should poison
> those too.
>
> __asan_allocas_unpoison() is just passed the top and bottom of the
> dynamic stack area, so unpoisoning is simpler.
>
> Signed-off-by: Greg Hackmann <ghackmann@xxxxxxxxxx>
> Signed-off-by: Paul Lawrence <paullawrence@xxxxxxxxxx>
> ---

Acked-by: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>

Next message: Linus Torvalds: "Re: NFS crash, hashed pointers in backtrace"
Previous message: Andrey Ryabinin: "Re: [PATCH v4 1/5] kasan: add compiler support for clang"
In reply to: Paul Lawrence: "[PATCH v4 3/5] kasan: support alloca() poisoning"
Next in thread: Paul Lawrence: "[PATCH v4 4/5] kasan: Add tests for alloca poisoning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]