This is an archive of the discontinued LLVM Phabricator instance.

[sanitizer] [SystemZ] Abort if the kernel might be vulnerable to CVE-2016-2143.
ClosedPublic

Authored by koriakin on Apr 26 2016, 7:06 PM.

Details

Summary

In short, CVE-2016-2143 will crash the machine if a process uses both >4TB
virtual addresses and fork(). ASan, TSan, and MSan will, by necessity, map
a sizable chunk of virtual address space, which is much larger than 4TB.
Even worse, sanitizers will always use fork() for llvm-symbolizer when a bug
is detected. Disable all three by aborting on process initialization if
the running kernel version is not known to contain a fix.

Unfortunately, there's no reliable way to detect the fix without crashing
the kernel. So, we rely on whitelisting - I've included a list of upstream
kernel versions that will work. In case someone uses a distribution kernel
or applied the fix themselves, an override switch is also included.

Diff Detail

Repository
rL LLVM

Event Timeline

koriakin retitled this revision from to [sanitizer] [SystemZ] Abort if the kernel might be vulnerable to CVE-2016-2143..
koriakin updated this object.
koriakin added a reviewer: kcc.
koriakin set the repository for this revision to rL LLVM.
koriakin added a project: Restricted Project.
koriakin added a subscriber: llvm-commits.

Second attempt at D18915. Compared to the previous version:

  • function is declared in sanitizer_common.h, called unconditionally, and is an empty stub on everything but s390x-linux
  • code is moved to sanitizer_linux_s390.cc
  • I've added a call in lsan and dfsan init as well, as they also involve huge memory reservations
kcc accepted this revision.Apr 27 2016, 10:43 AM
kcc edited edge metadata.

LGTM

This revision is now accepted and ready to land.Apr 27 2016, 10:43 AM
This revision was automatically updated to reflect the committed changes.