ubsan/overflow: Enable pattern exclusions

To make integer wrap-around mitigation actually useful, the associated
sanitizers must not instrument cases where the wrap-around is explicitly
defined (e.g. "-2UL"), being tested for (e.g. "if (a + b < a)"), or
where it has no impact on code flow (e.g. "while (var--)"). Enable
pattern exclusions for the integer wrap sanitizers.

Reviewed-by: Justin Stitt <justinstitt@google.com>
Link: https://lore.kernel.org/r/20250307041914.937329-2-kees@kernel.org
Signed-off-by: Kees Cook <kees@kernel.org>

diff --git a/lib/Kconfig.ubsan b/lib/Kconfig.ubsan
index 63e5622010e0f771c1a0f01039398adca8f1fd0a..888c2e72c586e001c65f80e15bacefe5d87f8e4c 100644 (file)
--- a/lib/Kconfig.ubsan
+++ b/lib/Kconfig.ubsan
@@ -120,6 +120,7 @@ config UBSAN_INTEGER_WRAP
        bool "Perform checking for integer arithmetic wrap-around"
        default UBSAN
        depends on !COMPILE_TEST
+       depends on $(cc-option,-fsanitize-undefined-ignore-overflow-pattern=all)
        depends on $(cc-option,-fsanitize=signed-integer-overflow)
        depends on $(cc-option,-fsanitize=unsigned-integer-overflow)
        depends on $(cc-option,-fsanitize=implicit-signed-integer-truncation)

diff --git a/scripts/Makefile.ubsan b/scripts/Makefile.ubsan
index 4fad9afed24cf9ee91159e8c492e81dc64629a90..233379c193a75433b7d380ec96160168e18a81e0 100644 (file)
--- a/scripts/Makefile.ubsan
+++ b/scripts/Makefile.ubsan
@@ -15,6 +15,7 @@ ubsan-cflags-$(CONFIG_UBSAN_TRAP)             += $(call cc-option,-fsanitize-trap=undefined
 export CFLAGS_UBSAN := $(ubsan-cflags-y)
 
 ubsan-integer-wrap-cflags-$(CONFIG_UBSAN_INTEGER_WRAP)     +=  \
+       -fsanitize-undefined-ignore-overflow-pattern=all        \
        -fsanitize=signed-integer-overflow                      \
        -fsanitize=unsigned-integer-overflow                    \
        -fsanitize=implicit-signed-integer-truncation           \