From patchwork Fri Aug 20 07:10:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 1518931 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=YZS2xE7l; dkim-atps=neutral Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GrXpZ0F6hz9sX3; Fri, 20 Aug 2021 17:10:30 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1mGyfa-00082y-9Y; Fri, 20 Aug 2021 07:10:26 +0000 Received: from mail-pf1-f182.google.com ([209.85.210.182]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1mGyfQ-00081I-Aq for kernel-team@lists.ubuntu.com; Fri, 20 Aug 2021 07:10:16 +0000 Received: by mail-pf1-f182.google.com with SMTP id y11so7818229pfl.13 for ; Fri, 20 Aug 2021 00:10:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=rqNAXILbq5SdqDSaGHVaFk0PGwdgENXUDvC9Ys09jck=; b=YZS2xE7lxbPdifr5Xy8CNBxmYmSzFTHwDgJfGBEE/yMDBanBQo59x6UzqYhqZEyvj8 FPWY95/C01rnmlNFxLPf9CdddqYUhUHbsiMlY8hMKojwxiBEg/yzLunDQzuNeFy63z4D lEKE3WMAYwdWUgWjWzduIkGmqk8YoGo/xfaG8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=rqNAXILbq5SdqDSaGHVaFk0PGwdgENXUDvC9Ys09jck=; b=j5ZQ3hiAQ0eOEnvi5CeW5qQ5PBy416CCObLONiGXyo8HVboPXdMPqIAHsubCF57MKS SaU22+6WpB56yknH2CSD3Ml2AHRJVTPVtlcRUVK/1u8wZynO4Zpdm4ewsNwXKhTKFm3P PC4B9qYyZNqN1Q2VxVfF7cPleBhqDjOWbL1FoM5fFRwtlCP42+Pcm04J2eUnzPYNl9h6 2VPy9FT20WL3m5xnZu658aZGE4n66eHPjurhoJqg1eKM2UFF1WZihYWTHJtyCpIqns8Y CIL9DIXIDhEqeeNFU+ezuEujQQTSuGrhIwpClU3wBBReH7YvGmcdg6BzP2KvDfpm5XsQ Teqw== X-Gm-Message-State: AOAM530W4NNkwZAbb+GEiZFQTt4m+KtlJ/mT25fuJJ6zXsdnFthAPY7j 7keiL+N/XCiOtu9zU2jJK6nMnw== X-Google-Smtp-Source: ABdhPJwPgMT5sUA/OqOY1dqHeF0OOxifMXzdlo82hzod49OOEDyL+6lBaAOwhtOZbXHYExr/Lh2DKQ== X-Received: by 2002:a65:494e:: with SMTP id q14mr17362592pgs.314.1629443415061; Fri, 20 Aug 2021 00:10:15 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id y5sm6452135pgs.27.2021.08.20.00.10.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 20 Aug 2021 00:10:13 -0700 (PDT) From: Kees Cook To: kernel-team@lists.ubuntu.com Subject: [PATCH 4/4] UBUNTU: [Config] Enable CONFIG_UBSAN_BOUNDS Date: Fri, 20 Aug 2021 00:10:02 -0700 Message-Id: <20210820071002.3560053-5-keescook@chromium.org> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210820071002.3560053-1-keescook@chromium.org> References: <20210820071002.3560053-1-keescook@chromium.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=3750; h=from:subject; bh=8wQ8Gkq50B+G4pcYJKNidftgxmZ6HcD5fXgEzxXV8is=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBhH1VJ71oBvEKoob8jg/1cUcsrR1r4EX9FXL1KTYQW +E5dMMKJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCYR9VSQAKCRCJcvTf3G3AJqiZD/ 9rlkdq8mQuSipT0ACN+U7OVDnCgtWDF1i+1fNKwWEkO/6E4O09Orsabc2EPxQ6RqS4Ii//yvFSLwqd 6+QqYR6CzjFPRMkbUnCaG/H7XJ5Cmbto8LRz/h2zLbLTbUrp2kKX+RfjvnmWTYYtUDSZapr+1XOpR8 bjo4yzde00Sq8dl5lgBKY0XoBetZdnXIIa5I8yb4ZgUOhqqaE+9aiaMH/3L1mEfimrNDeJWVO8Rt5o VnEsBWLZFjaLa5F5MSfMaQzgIqRyYPrFo7IeSr+gjvk6Fkb+SULrtIHFf0YaJ2sYPFNWLxDnpYhc7V pRynCaCdve5vrpVRGAskStbYv4Gf/NEQsnsdSZBHwNQ1zBmoZAB5uNCpSrRZJEy1ayQ3gEV6QM4HGy MUfdi8ghubM7ghUIFZyP3deiYW5GSE5VesmUTkVGrwKgRrJCIm2o4EhNBXrgumkc5T6r21f16nimig 3LO7axGFZnVI6/rmK6xu2mPDhnKun/0xPilTtVJWit3MYds0FkhTSW/14lsxDN42kzpN9gm6B7B25s ku27lxEIFy3EchY+tebTiMpJzjU9CvNH8FMu0jyVq7MNr11syzri8o+bSRtS9Ni3WNmCu/5fWpVjEy hdOIlnGXd0MUI3R+sgNQf/DgR+R2he5S4ycJYrnXXOloaP37hd15ZNt7NAWQ== X-Developer-Key: i=kees@ubuntu.com; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ubuntu-hardened@lists.ubuntu.com, Kees Cook Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Kees Cook This enables run-time array index bounds checking for arrays with compile-time known sizes. This catches some potentially serious issues at run-time with nearly zero performance impact. Syzkaller is still catching bugs with this. (See "array-index-out-of-bounds" reports at https://syzkaller.appspot.com/upstream) Using UBSAN_TRAP=y has nearly no impact on image size, though it makes caught conditions much less verbose. BugLink: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1914685 Signed-off-by: Kees Cook --- debian.master/config/annotations | 12 +++++++++++- debian.master/config/config.common.ubuntu | 12 +++++++++++- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/debian.master/config/annotations b/debian.master/config/annotations index 0c2d17076442..40f7743daf91 100644 --- a/debian.master/config/annotations +++ b/debian.master/config/annotations @@ -11409,7 +11409,17 @@ CONFIG_KDB_KEYBOARD policy<{'amd64': 'y', 'arm64': ' CONFIG_KDB_CONTINUE_CATASTROPHIC policy<{'amd64': '0', 'arm64': '0', 'armhf': '0', 'ppc64el': '0'}> # Menu: Kernel hacking >> Generic Kernel Debugging Instruments >> Undefined behaviour sanity checker -CONFIG_UBSAN policy<{'amd64': 'n', 'arm64': 'n', 'armhf': 'n', 'ppc64el': 'n', 's390x': 'n'}> +CONFIG_UBSAN policy<{'amd64': 'y', 'arm64': 'y', 'armhf': 'y', 'ppc64el': 'y', 's390x': 'y'}> +CONFIG_UBSAN_TRAP policy<{'amd64': 'y', 'arm64': 'y', 'armhf': 'y', 'ppc64el': 'y', 's390x': 'y'}> +CONFIG_UBSAN_BOUNDS policy<{'amd64': 'y', 'arm64': 'y', 'armhf': 'y', 'ppc64el': 'y', 's390x': 'y'}> +CONFIG_UBSAN_SHIFT policy<{'amd64': 'n', 'arm64': 'n', 'armhf': 'n', 'ppc64el': 'n'}> +CONFIG_UBSAN_DIV_ZERO policy<{'amd64': 'n', 'arm64': 'n', 'armhf': 'n', 'ppc64el': 'n'}> +CONFIG_UBSAN_UNREACHABLE policy<{'amd64': 'n', 'arm64': 'n', 'armhf': 'n', 'ppc64el': 'n'}> +CONFIG_UBSAN_OBJECT_SIZE policy<{'amd64': 'n', 'arm64': 'n', 'armhf': 'n', 'ppc64el': 'n'}> +CONFIG_UBSAN_BOOL policy<{'amd64': 'n', 'arm64': 'n', 'armhf': 'n', 'ppc64el': 'n'}> +CONFIG_UBSAN_ENUM policy<{'amd64': 'n', 'arm64': 'n', 'armhf': 'n', 'ppc64el': 'n'}> +CONFIG_UBSAN_ALIGNMENT policy<{'amd64': 'n', 'arm64': 'n', 'armhf': 'n', 'ppc64el': 'n'}> +CONFIG_UBSAN_SANITIZE_ALL policy<{'amd64': 'y', 'arm64': 'y', 'armhf': 'y', 'ppc64el': 'y', 's390x': 'y'}> # Menu: Kernel hacking >> Kernel Testing and Coverage CONFIG_MEMTEST policy<{'amd64': 'y', 'arm64': 'y', 'armhf': 'y', 'ppc64el': 'y'}> diff --git a/debian.master/config/config.common.ubuntu b/debian.master/config/config.common.ubuntu index 8bbd7d7a8d1d..e9396bd41b81 100644 --- a/debian.master/config/config.common.ubuntu +++ b/debian.master/config/config.common.ubuntu @@ -11219,7 +11219,17 @@ CONFIG_UBIFS_FS_SECURITY=y CONFIG_UBIFS_FS_XATTR=y CONFIG_UBIFS_FS_ZLIB=y CONFIG_UBIFS_FS_ZSTD=y -# CONFIG_UBSAN is not set +CONFIG_UBSAN=y +CONFIG_UBSAN_TRAP=y +CONFIG_UBSAN_BOUNDS=y +# CONFIG_UBSAN_SHIFT is not set +# CONFIG_UBSAN_DIV_ZERO is not set +# CONFIG_UBSAN_UNREACHABLE is not set +# CONFIG_UBSAN_OBJECT_SIZE is not set +# CONFIG_UBSAN_BOOL is not set +# CONFIG_UBSAN_ENUM is not set +# CONFIG_UBSAN_ALIGNMENT is not set +CONFIG_UBSAN_SANITIZE_ALL=y CONFIG_UBUNTU_HOST=m CONFIG_UBUNTU_ODM_DRIVERS=y CONFIG_UCB1400_CORE=m