--- /dev/null
+From 0e410e158e5baa1300bdf678cea4f4e0cf9d8b94 Mon Sep 17 00:00:00 2001
+From: Andrey Konovalov <andreyknvl@google.com>
+Date: Tue, 6 Feb 2018 15:36:00 -0800
+Subject: kasan: don't emit builtin calls when sanitization is off
+
+From: Andrey Konovalov <andreyknvl@google.com>
+
+commit 0e410e158e5baa1300bdf678cea4f4e0cf9d8b94 upstream.
+
+With KASAN enabled the kernel has two different memset() functions, one
+with KASAN checks (memset) and one without (__memset). KASAN uses some
+macro tricks to use the proper version where required. For example
+memset() calls in mm/slub.c are without KASAN checks, since they operate
+on poisoned slab object metadata.
+
+The issue is that clang emits memset() calls even when there is no
+memset() in the source code. They get linked with improper memset()
+implementation and the kernel fails to boot due to a huge amount of KASAN
+reports during early boot stages.
+
+The solution is to add -fno-builtin flag for files with KASAN_SANITIZE :=
+n marker.
+
+Link: http://lkml.kernel.org/r/8ffecfffe04088c52c42b92739c2bd8a0bcb3f5e.1516384594.git.andreyknvl@google.com
+Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
+Acked-by: Nick Desaulniers <ndesaulniers@google.com>
+Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
+Cc: Michal Marek <michal.lkml@markovi.net>
+Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
+Cc: Alexander Potapenko <glider@google.com>
+Cc: Dmitry Vyukov <dvyukov@google.com>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+[ Nick : Backported to 4.4 avoiding KUBSAN ]
+Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ Makefile | 3 ++-
+ scripts/Makefile.kasan | 3 +++
+ scripts/Makefile.lib | 2 +-
+ 3 files changed, 6 insertions(+), 2 deletions(-)
+
+--- a/Makefile
++++ b/Makefile
+@@ -418,7 +418,8 @@ export MAKE AWK GENKSYMS INSTALLKERNEL P
+ export HOSTCXX HOSTCXXFLAGS LDFLAGS_MODULE CHECK CHECKFLAGS
+
+ export KBUILD_CPPFLAGS NOSTDINC_FLAGS LINUXINCLUDE OBJCOPYFLAGS LDFLAGS
+-export KBUILD_CFLAGS CFLAGS_KERNEL CFLAGS_MODULE CFLAGS_GCOV CFLAGS_KASAN
++export KBUILD_CFLAGS CFLAGS_KERNEL CFLAGS_MODULE CFLAGS_GCOV
++export CFLAGS_KASAN CFLAGS_KASAN_NOSANITIZE
+ export KBUILD_AFLAGS AFLAGS_KERNEL AFLAGS_MODULE
+ export KBUILD_AFLAGS_MODULE KBUILD_CFLAGS_MODULE KBUILD_LDFLAGS_MODULE
+ export KBUILD_AFLAGS_KERNEL KBUILD_CFLAGS_KERNEL
+--- a/scripts/Makefile.kasan
++++ b/scripts/Makefile.kasan
+@@ -28,4 +28,7 @@ else
+ CFLAGS_KASAN := $(CFLAGS_KASAN_MINIMAL)
+ endif
+ endif
++
++CFLAGS_KASAN_NOSANITIZE := -fno-builtin
++
+ endif
+--- a/scripts/Makefile.lib
++++ b/scripts/Makefile.lib
+@@ -126,7 +126,7 @@ endif
+ ifeq ($(CONFIG_KASAN),y)
+ _c_flags += $(if $(patsubst n%,, \
+ $(KASAN_SANITIZE_$(basetarget).o)$(KASAN_SANITIZE)y), \
+- $(CFLAGS_KASAN))
++ $(CFLAGS_KASAN), $(CFLAGS_KASAN_NOSANITIZE))
+ endif
+
+ # If building the kernel in a separate objtree expand all occurrences
--- /dev/null
+From tiwai@suse.de Thu Aug 16 17:16:07 2018
+From: Takashi Iwai <tiwai@suse.de>
+Date: Wed, 15 Aug 2018 11:58:46 +0200
+Subject: tcp: Fix missing range_truesize enlargement in the backport
+To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: stable@vger.kernel.org, Eric Dumazet <edumazet@google.com>, "David S . Miller" <davem@davemloft.net>, linux-kernel@vger.kernel.org, Michal Kubecek <mkubecek@suse.cz>, Jiri Bohac <jbohac@suse.cz>
+Message-ID: <20180815095846.7734-1-tiwai@suse.de>
+
+From: Takashi Iwai <tiwai@suse.de>
+
+The 4.4.y stable backport dc6ae4dffd65 for the upstream commit
+3d4bf93ac120 ("tcp: detect malicious patterns in
+tcp_collapse_ofo_queue()") missed a line that enlarges the
+range_truesize value, which broke the whole check.
+
+Fixes: dc6ae4dffd65 ("tcp: detect malicious patterns in tcp_collapse_ofo_queue()")
+Signed-off-by: Takashi Iwai <tiwai@suse.de>
+Cc: Michal Kubecek <mkubecek@suse.cz>
+---
+
+Greg, this is a fix-up specific to 4.4.y stable backport that had a
+slightly different form from upstream fix. I haven't looked at the
+older trees, but 4.9.y and later took the upstream fix as is, so this
+patch isn't needed for them.
+
+The patch hasn't been tested with the real test case, though; let me
+know if the current code is intended. Thanks!
+
+
+ net/ipv4/tcp_input.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/net/ipv4/tcp_input.c
++++ b/net/ipv4/tcp_input.c
+@@ -4835,6 +4835,7 @@ static void tcp_collapse_ofo_queue(struc
+ end = TCP_SKB_CB(skb)->end_seq;
+ range_truesize = skb->truesize;
+ } else {
++ range_truesize += skb->truesize;
+ if (before(TCP_SKB_CB(skb)->seq, start))
+ start = TCP_SKB_CB(skb)->seq;
+ if (after(TCP_SKB_CB(skb)->end_seq, end))
projects / thirdparty / kernel / stable-queue.git / commitdiff
