Skip to content

Commit

Permalink
kasan: Disable Software Tag-Based KASAN with GCC
Browse files Browse the repository at this point in the history 
Syzbot reports a KASAN failure early during boot on arm64 when building
with GCC 12.2.0 and using the Software Tag-Based KASAN mode:

  | BUG: KASAN: invalid-access in smp_build_mpidr_hash arch/arm64/kernel/setup.c:133 [inline]
  | BUG: KASAN: invalid-access in setup_arch+0x984/0xd60 arch/arm64/kernel/setup.c:356
  | Write of size 4 at addr 03ff800086867e00 by task swapper/0
  | Pointer tag: [03], memory tag: [fe]

Initial triage indicates that the report is a false positive and a
thorough investigation of the crash by Mark Rutland revealed the root
cause to be a bug in GCC:

  > When GCC is passed `-fsanitize=hwaddress` or
  > `-fsanitize=kernel-hwaddress` it ignores
  > `__attribute__((no_sanitize_address))`, and instruments functions
  > we require are not instrumented.
  >
  > [...]
  >
  > All versions [of GCC] I tried were broken, from 11.3.0 to 14.2.0
  > inclusive.
  >
  > I think we have to disable KASAN_SW_TAGS with GCC until this is
  > fixed

Disable Software Tag-Based KASAN when building with GCC by making
CC_HAS_KASAN_SW_TAGS depend on !CC_IS_GCC.

Cc: Andrey Konovalov <[email protected]>
Suggested-by: Mark Rutland <[email protected]>
Reported-by: [email protected]
Link: https://lore.kernel.org/r/[email protected]
Link: https://lore.kernel.org/r/ZvFGwKfoC4yVjN_X@J2N7QTR9R3
Link: https://bugzilla.kernel.org/show_bug.cgi?id=218854
Reviewed-by: Andrey Konovalov <[email protected]>
Acked-by: Mark Rutland <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Will Deacon <[email protected]>
  • Loading branch information
@willdeacon
willdeacon committed Oct 15, 2024
1 parent f56d8d2 commit 7aed6a2
Showing 1 changed file with 5 additions and 2 deletions.
7 changes: 5 additions & 2 deletions lib/Kconfig.kasan
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,11 @@ config ARCH_DISABLE_KASAN_INLINE
config CC_HAS_KASAN_GENERIC
def_bool $(cc-option, -fsanitize=kernel-address)

# GCC appears to ignore no_sanitize_address when -fsanitize=kernel-hwaddress
# is passed. See https://bugzilla.kernel.org/show_bug.cgi?id=218854 (and
# the linked LKML thread) for more details.
config CC_HAS_KASAN_SW_TAGS
def_bool $(cc-option, -fsanitize=kernel-hwaddress)
def_bool !CC_IS_GCC && $(cc-option, -fsanitize=kernel-hwaddress)

# This option is only required for software KASAN modes.
# Old GCC versions do not have proper support for no_sanitize_address.
Expand Down Expand Up @@ -98,7 +101,7 @@ config KASAN_SW_TAGS
help
Enables Software Tag-Based KASAN.

Requires GCC 11+ or Clang.
Requires Clang.

Supported only on arm64 CPUs and relies on Top Byte Ignore.

Expand Down

0 comments on commit 7aed6a2

Please sign in to comment.