Commit e378fa17 authored by Nick Desaulniers's avatar Nick Desaulniers Committed by Ingo Molnar
Browse files

objtool: Documentation: document UACCESS warnings 

Compiling with Clang and CONFIG_KASAN=y was exposing a few warnings:

  call to memset() with UACCESS enabled

Document how to fix these for future travelers.

Link: https://github.com/ClangBuiltLinux/linux/issues/876


Suggested-by: default avatarKamalesh Babulal <kamalesh@linux.vnet.ibm.com>
Suggested-by: default avatarMatt Helsley <mhelsley@vmware.com>
Suggested-by: default avatarPeter Zijlstra <peterz@infradead.org>
Suggested-by: default avatarRandy Dunlap <rdunlap@infradead.org>
Signed-off-by: default avatarNick Desaulniers <ndesaulniers@google.com>
Signed-off-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
parent 6f8ca676

tools/objtool/Documentation/stack-validation.txt

+26 −0
Original line number Diff line number Diff line
@@ -289,6 +289,32 @@ they mean, and suggestions for how to fix them. 
      might be corrupt due to a gcc bug.  For more details, see:

      https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70646



9. file.o: warning: objtool: funcA() call to funcB() with UACCESS enabled



   This means that an unexpected call to a non-whitelisted function exists

   outside of arch-specific guards.

   X86: SMAP (stac/clac): __uaccess_begin()/__uaccess_end()

   ARM: PAN: uaccess_enable()/uaccess_disable()



   These functions should be called to denote a minimal critical section around

   access to __user variables. See also: https://lwn.net/Articles/517475/



   The intention of the warning is to prevent calls to funcB() from eventually

   calling schedule(), potentially leaking the AC flags state, and not

   restoring them correctly.



   It also helps verify that there are no unexpected calls to funcB() which may

   access user space pages with protections against doing so disabled.



   To fix, either:

   1) remove explicit calls to funcB() from funcA().

   2) add the correct guards before and after calls to low level functions like

      __get_user_size()/__put_user_size().

   3) add funcB to uaccess_safe_builtin whitelist in tools/objtool/check.c, if

      funcB obviously does not call schedule(), and is marked notrace (since

      function tracing inserts additional calls, which is not obvious from the

      sources).





If the error doesn't seem to make sense, it could be a bug in objtool.

Feel free to ask the objtool maintainer for help.

CRA Git | Maintained and supported by SUSTech CRA and CCSE