github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-05-12 16:18:45 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
Linux kernel source tree
1,351,450 Commits 1 Branch 930 Tags 8.7 GiB
C 97%
Assembly 1%
Shell 0.6%
Rust 0.5%
Python 0.4%
Other 0.3%
9b044614be
Go to file
Mostafa Saleh 9b044614be ubsan: Fix panic from test_ubsan_out_of_bounds 
Running lib_ubsan.ko on arm64 (without CONFIG_UBSAN_TRAP) panics the
kernel:

[   31.616546] Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: test_ubsan_out_of_bounds+0x158/0x158 [test_ubsan]
[   31.646817] CPU: 3 UID: 0 PID: 179 Comm: insmod Not tainted 6.15.0-rc2 #1 PREEMPT
[   31.648153] Hardware name: linux,dummy-virt (DT)
[   31.648970] Call trace:
[   31.649345]  show_stack+0x18/0x24 (C)
[   31.650960]  dump_stack_lvl+0x40/0x84
[   31.651559]  dump_stack+0x18/0x24
[   31.652264]  panic+0x138/0x3b4
[   31.652812]  __ktime_get_real_seconds+0x0/0x10
[   31.653540]  test_ubsan_load_invalid_value+0x0/0xa8 [test_ubsan]
[   31.654388]  init_module+0x24/0xff4 [test_ubsan]
[   31.655077]  do_one_initcall+0xd4/0x280
[   31.655680]  do_init_module+0x58/0x2b4

That happens because the test corrupts other data in the stack:
400:   d5384108        mrs     x8, sp_el0
404:   f9426d08        ldr     x8, [x8, #1240]
408:   f85f83a9        ldur    x9, [x29, #-8]
40c:   eb09011f        cmp     x8, x9
410:   54000301        b.ne    470 <test_ubsan_out_of_bounds+0x154>  // b.any

As there is no guarantee the compiler will order the local variables
as declared in the module:
        volatile char above[4] = { }; /* Protect surrounding memory. */
        volatile int arr[4];
        volatile char below[4] = { }; /* Protect surrounding memory. */

There is another problem where the out-of-bound index is 5 which is larger
than the extra surrounding memory for protection.

So, use a struct to enforce the ordering, and fix the index to be 4.
Also, remove some of the volatiles and rely on OPTIMIZER_HIDE_VAR()

Signed-off-by: Mostafa Saleh <smostafa@google.com>
Link: https://lore.kernel.org/r/20250415203354.4109415-1-smostafa@google.com
Signed-off-by: Kees Cook <kees@kernel.org>
2025-04-15 13:50:17 -07:00
arch bpf-fixes 2025-04-12 12:48:10 -07:00
block treewide: Switch/rename to timer_delete[_sync]() 2025-04-05 10:30:12 +02:00
certs sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3 2024-09-20 19:52:48 +03:00
crypto This push fixes reverts the multibuffer hash testing as it is buggy. 2025-04-02 09:14:59 -07:00
Documentation A few more miscellaneous ext4 bug fixes and cleanups including some 2025-04-13 07:15:50 -07:00
drivers pwm: A set of fixes for pwm core and various drivers 2025-04-12 08:11:19 -07:00
fs Changes since last update: 2025-04-13 10:52:04 -07:00
include drm fixes for 6.15-rc2 2025-04-10 20:30:06 -07:00
init Miscellaneous scheduler fixes/updates: 2025-04-06 10:44:58 -07:00
io_uring io_uring/kbuf: reject zero sized provided buffers 2025-04-07 07:51:23 -06:00
ipc treewide: const qualify ctl_tables where applicable 2025-01-28 13:48:37 +01:00
kernel tracing fixes for v6.15 2025-04-12 15:37:40 -07:00
lib ubsan: Fix panic from test_ubsan_out_of_bounds 2025-04-15 13:50:17 -07:00
LICENSES LICENSES: add 0BSD license text 2024-09-01 20:43:24 -07:00
mm kasan: Add strscpy() test to trigger tag fault on arm64 2025-04-15 13:50:17 -07:00
net bpf-fixes 2025-04-12 12:48:10 -07:00
rust Kbuild updates for v6.15 2025-04-05 15:46:50 -07:00
samples treewide: Switch/rename to timer_delete[_sync]() 2025-04-05 10:30:12 +02:00
scripts Disable SLUB_TINY for build testing 2025-04-06 10:00:04 -07:00
security hardening: Disable GCC randstruct for COMPILE_TEST 2025-04-15 13:50:17 -07:00
sound soundwire fix for 6.15-rc1 2025-04-06 12:04:53 -07:00
tools memblock: fix build of memblock test 2025-04-13 07:11:33 -07:00
usr kbuild: hdrcheck: fix cross build with clang 2025-03-05 04:06:45 +09:00
virt ARM: 2025-04-08 13:47:55 -07:00
.clang-format clang-format: Update with v6.11-rc1's for_each macro list 2024-08-02 13:20:31 +02:00
.clippy.toml rust: give Clippy the minimum supported Rust version 2025-01-10 00:17:25 +01:00
.cocciconfig
.editorconfig .editorconfig: remove trim_trailing_whitespace option 2024-06-13 16:47:52 +02:00
.get_maintainer.ignore MAINTAINERS: Retire Ralf Baechle 2024-11-12 15:48:59 +01:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore kbuild: Create intermediate vmlinux build with relocations preserved 2025-03-17 00:29:50 +09:00
.mailmap mailmap: add an entry for Nicolas Schier 2025-04-01 15:20:45 -07:00
.rustfmt.toml rust: add .rustfmt.toml 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS Including fixes from netfilter. 2025-04-04 09:15:35 -07:00
Kbuild drm: ensure drm headers are self-contained and pass kernel-doc 2025-02-12 10:44:43 +02:00
Kconfig io_uring: Rename KConfig to Kconfig 2025-02-19 14:53:27 -07:00
MAINTAINERS MAINTAINERS: add more keywords for the GPIO subsystem entry 2025-04-08 10:41:58 +02:00
Makefile Linux 6.15-rc2 2025-04-13 11:54:49 -07:00
README README: Fix spelling 2024-03-18 03:36:32 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the reStructuredText markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.