Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/drivers/firmware
History
Andrey Ryabinin c6d308534a UBSAN: run-time undefined behavior sanity checker 
UBSAN uses compile-time instrumentation to catch undefined behavior
(UB).  Compiler inserts code that perform certain kinds of checks before
operations that could cause UB.  If check fails (i.e.  UB detected)
__ubsan_handle_* function called to print error message.

So the most of the work is done by compiler.  This patch just implements
ubsan handlers printing errors.

GCC has this capability since 4.9.x [1] (see -fsanitize=undefined
option and its suboptions).
However GCC 5.x has more checkers implemented [2].
Article [3] has a bit more details about UBSAN in the GCC.

[1] - https://gcc.gnu.org/onlinedocs/gcc-4.9.0/gcc/Debugging-Options.html
[2] - https://gcc.gnu.org/onlinedocs/gcc/Debugging-Options.html
[3] - http://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/

Issues which UBSAN has found thus far are:

Found bugs:

 * out-of-bounds access - 97840cb67f ("netfilter: nfnetlink: fix
   insufficient validation in nfnetlink_bind")

undefined shifts:

 * d48458d4a7 ("jbd2: use a better hash function for the revoke
   table")

 * 10632008b9 ("clockevents: Prevent shift out of bounds")

 * 'x << -1' shift in ext4 -
   http://lkml.kernel.org/r/<5444EF21.8020501@samsung.com>

 * undefined rol32(0) -
   http://lkml.kernel.org/r/<1449198241-20654-1-git-send-email-sasha.levin@oracle.com>

 * undefined dirty_ratelimit calculation -
   http://lkml.kernel.org/r/<566594E2.3050306@odin.com>

 * undefined roundown_pow_of_two(0) -
   http://lkml.kernel.org/r/<1449156616-11474-1-git-send-email-sasha.levin@oracle.com>

 * [WONTFIX] undefined shift in __bpf_prog_run -
   http://lkml.kernel.org/r/<CACT4Y+ZxoR3UjLgcNdUm4fECLMx2VdtfrENMtRRCdgHB2n0bJA@mail.gmail.com>

   WONTFIX here because it should be fixed in bpf program, not in kernel.

signed overflows:

 * 32a8df4e0b ("sched: Fix odd values in effective_load()
   calculations")

 * mul overflow in ntp -
   http://lkml.kernel.org/r/<1449175608-1146-1-git-send-email-sasha.levin@oracle.com>

 * incorrect conversion into rtc_time in rtc_time64_to_tm() -
   http://lkml.kernel.org/r/<1449187944-11730-1-git-send-email-sasha.levin@oracle.com>

 * unvalidated timespec in io_getevents() -
   http://lkml.kernel.org/r/<CACT4Y+bBxVYLQ6LtOKrKtnLthqLHcw-BMp3aqP3mjdAvr9FULQ@mail.gmail.com>

 * [NOTABUG] signed overflow in ktime_add_safe() -
   http://lkml.kernel.org/r/<CACT4Y+aJ4muRnWxsUe1CMnA6P8nooO33kwG-c8YZg=0Xc8rJqw@mail.gmail.com>

[akpm@linux-foundation.org: fix unused local warning]
[akpm@linux-foundation.org: fix __int128 build woes]
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Sasha Levin <sasha.levin@oracle.com>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Michal Marek <mmarek@suse.cz>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Yury Gribov <y.gribov@samsung.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Konstantin Khlebnikov <koct9i@gmail.com>
Cc: Kostya Serebryany <kcc@google.com>
Cc: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
 		2016-01-20 17:09:18 -08:00
..
broadcom drivers/firmware/broadcom/bcm47xx_nvram.c: use __ioread32_copy() instead of open-coding 2016-01-20 17:09:18 -08:00
efi UBSAN: run-time undefined behavior sanity checker 2016-01-20 17:09:18 -08:00
google firmware: google memconsole driver fixes 2014-02-15 11:30:28 -08:00
Kconfig ARM: 8478/2: arm/arm64: add arm-smccc 2016-01-04 16:19:57 +00:00
Makefile Merge tag 'arm/soc/for-4.4/rpi-drivers' of https://github.com/Broadcom/stblinux into next/drivers 2015-10-26 10:39:22 +09:00
arm_scpi.c firmware: arm_scpi: Extend to support sensors 2015-10-09 11:05:52 +01:00
dcdbas.c firmware: drop owner assignment from platform_drivers 2014-10-20 16:20:31 +02:00
dcdbas.h
dell_rbu.c
dmi-id.c
dmi-sysfs.c firmware: dmi_scan: add SBMIOS entry and DMI tables 2015-06-25 09:06:56 +02:00
dmi_scan.c firmware: dmi_scan: Save SMBIOS Type 9 System Slots 2016-01-15 22:08:45 +01:00
edd.c
iscsi_ibft.c iscsi_ibft: filter null v4-mapped v6 addresses 2015-06-05 21:07:02 -04:00
iscsi_ibft_find.c efi: Make 'efi_enabled' a function to query EFI facilities 2013-01-30 11:51:59 -08:00
memmap.c drivers/firmware/memmap.c: fix kernel-doc format 2015-06-25 17:00:41 -07:00
pcdp.c serial: 8250_early: Remove setup_early_serial8250_console() 2015-03-26 17:25:27 +01:00
pcdp.h
psci.c ARM: 8481/2: drivers: psci: replace psci firmware calls 2016-01-04 16:24:45 +00:00
qcom_scm-32.c qcom-scm: fix endianess issue in __qcom_scm_is_call_available 2015-10-14 14:51:21 -05:00
qcom_scm-64.c firmware: qcom: scm: Add function stubs for ARM64 2015-09-23 12:00:43 -05:00
qcom_scm.c firmware: qcom: scm: Add HDCP Support 2015-05-28 10:47:45 -05:00
qcom_scm.h firmware: qcom: scm: Add HDCP Support 2015-05-28 10:47:45 -05:00
raspberrypi.c ARM: bcm2835: Add the Raspberry Pi firmware driver 2015-10-14 15:30:06 -07:00