From c9cf87ea6a4725bc586cc5776c3fb6042a264b7d Mon Sep 17 00:00:00 2001 From: Dmitry Vyukov Date: Fri, 11 May 2018 16:01:35 -0700 Subject: [PATCH] KASAN: prohibit KASAN+STRUCTLEAK combination Currently STRUCTLEAK inserts initialization out of live scope of variables from KASAN point of view. This leads to KASAN false positive reports. Prohibit this combination for now. Link: http://lkml.kernel.org/r/20180419172451.104700-1-dvyukov@google.com Signed-off-by: Dmitry Vyukov Acked-by: Kees Cook Cc: Fengguang Wu Cc: Sergey Senozhatsky Cc: Andrey Ryabinin Cc: Dennis Zhou Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- arch/Kconfig | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/Kconfig b/arch/Kconfig index 8e0d665c8d53..75dd23acf133 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -464,6 +464,10 @@ config GCC_PLUGIN_LATENT_ENTROPY config GCC_PLUGIN_STRUCTLEAK bool "Force initialization of variables containing userspace addresses" depends on GCC_PLUGINS + # Currently STRUCTLEAK inserts initialization out of live scope of + # variables from KASAN point of view. This leads to KASAN false + # positive reports. Prohibit this combination for now. + depends on !KASAN_EXTRA help This plugin zero-initializes any structures containing a __user attribute. This can prevent some classes of information -- 2.30.2