Commit c9cf87ea authored May 11, 2018 by Dmitry Vyukov Committed by Linus Torvalds May 11, 2018

KASAN: prohibit KASAN+STRUCTLEAK combination

Currently STRUCTLEAK inserts initialization out of live scope of variables
from KASAN point of view.  This leads to KASAN false positive reports.
Prohibit this combination for now.

Link: http://lkml.kernel.org/r/20180419172451.104700-1-dvyukov@google.com


Signed-off-by: Dmitry Vyukov <dvyukov@google.com>
Acked-by: Kees Cook <keescook@chromium.org>
Cc: Fengguang Wu <fengguang.wu@intel.com>
Cc: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: Dennis Zhou <dennisszhou@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

parent 1d1c8e5f

arch/Kconfig

+4 −0

Original line number	Diff line number	Diff line
		@@ -464,6 +464,10 @@ config GCC_PLUGIN_LATENT_ENTROPY
		config GCC_PLUGIN_STRUCTLEAK
		bool "Force initialization of variables containing userspace addresses"
		depends on GCC_PLUGINS
		# Currently STRUCTLEAK inserts initialization out of live scope of
		# variables from KASAN point of view. This leads to KASAN false
		# positive reports. Prohibit this combination for now.
		depends on !KASAN_EXTRA
		help
		This plugin zero-initializes any structures containing a
		__user attribute. This can prevent some classes of information