review.tizen.org Git - platform/upstream/llvm.git/commit

author	Marcin Koscielnicki <koriakin@0x04.net>
	Thu, 14 Apr 2016 12:56:24 +0000 (12:56 +0000)
committer	Marcin Koscielnicki <koriakin@0x04.net>
	Thu, 14 Apr 2016 12:56:24 +0000 (12:56 +0000)
commit	c8dda336bbb7edd22df9dfd257d64b7e68514c1f
tree	608a510219a33c4326cae4d36b23b65edf8cd95b	tree \| snapshot
parent	0ffa9eaa4a0f4ccbd30d30fed52ec15d8a0f70b8	commit \| diff

[sanitizer] [SystemZ] Abort if the kernel might be vulnerable to CVE-2016-2143.

In short, CVE-2016-2143 will crash the machine if a process uses both >4TB
virtual addresses and fork().  ASan, TSan, and MSan will, by necessity, map
a sizable chunk of virtual address space, which is much larger than 4TB.
Even worse, sanitizers will always use fork() for llvm-symbolizer when a bug
is detected.  Disable all three by aborting on process initialization if
the running kernel version is not known to contain a fix.

Unfortunately, there's no reliable way to detect the fix without crashing
the kernel.  So, we rely on whitelisting - I've included a list of upstream
kernel versions that will work.  In case someone uses a distribution kernel
or applied the fix themselves, an override switch is also included.

Differential Revision: http://reviews.llvm.org/D18915

llvm-svn: 266297

compiler-rt/lib/asan/asan_rtl.cc		diff \| blob \| history
compiler-rt/lib/msan/msan.cc		diff \| blob \| history
compiler-rt/lib/sanitizer_common/sanitizer_linux.cc		diff \| blob \| history
compiler-rt/lib/sanitizer_common/sanitizer_linux.h		diff \| blob \| history
compiler-rt/lib/tsan/rtl/tsan_platform_linux.cc		diff \| blob \| history