review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Paul Lawrence <paullawrence@google.com>
	Tue, 6 Feb 2018 23:36:11 +0000 (15:36 -0800)
committer	Linus Torvalds <torvalds@linux-foundation.org>
	Wed, 7 Feb 2018 02:32:42 +0000 (18:32 -0800)
commit	342061ee4ef3d80001d1ae494378f3979c861dba
tree	0441486ae0c2df8e8edad38a70aa62515235eb02	tree \| snapshot
parent	1a69e7ce8391a8bc808baf04e06d88ab4024ca47	commit \| diff

kasan: support alloca() poisoning

clang's AddressSanitizer implementation adds redzones on either side of
alloca()ed buffers. These redzones are 32-byte aligned and at least 32
bytes long.

__asan_alloca_poison() is passed the size and address of the allocated
buffer, *excluding* the redzones on either side. The left redzone will
always be to the immediate left of this buffer; but AddressSanitizer may
need to add padding between the end of the buffer and the right redzone.
If there are any 8-byte chunks inside this padding, we should poison
those too.

__asan_allocas_unpoison() is just passed the top and bottom of the dynamic
stack area, so unpoisoning is simpler.

Link: http://lkml.kernel.org/r/20171204191735.132544-4-paullawrence@google.com
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Signed-off-by: Paul Lawrence <paullawrence@google.com>
Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: Alexander Potapenko <glider@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: Matthias Kaehlcke <mka@chromium.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

mm/kasan/kasan.c		diff \| blob \| history
mm/kasan/kasan.h		diff \| blob \| history
mm/kasan/report.c		diff \| blob \| history
scripts/Makefile.kasan		diff \| blob \| history