This is an archive of the discontinued LLVM Phabricator instance.

Differential D76776

[compiler-rt] Use uname syscall in GetKernelAreaSize()
ClosedPublic

Authored by iii on Mar 25 2020, 7:54 AM.

Details

Reviewers
eugenis
uweigand
jonpa
Commits
rG2ca7fe379647: [compiler-rt] Use uname syscall in GetKernelAreaSize()
Summary

Commit 5f5fb56c68e4 ("[compiler-rt] Intercept the uname() function")
broke clang-cmake-thumbv7-full-sh build:

http://lab.llvm.org:8011/builders/clang-cmake-thumbv7-full-sh/builds/4296

This also affects i386.

The reason is that intercepted uname() is called by GetKernelAreaSize()
during ASAN initialization on 32-bit platforms, but the respective
interceptor is not initialized yet at this point, leading to null
pointer dereference.

Introduce internal_uname() wrapper around uname syscall, and use it in
GetKernelAreaSize() and in FixedCVE_2016_2143().

Diff Detail

Event Timeline

iii created this revision.Mar 25 2020, 7:54 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 25 2020, 7:54 AM
Herald added subscribers: Restricted Project, dberris. · View Herald Transcript
Harbormaster failed remote builds in B50393: Diff 252576!Mar 25 2020, 8:37 AM
eugenis added a comment.Mar 25 2020, 11:28 AM

I'm a bit worried about introducing dlsym on common code paths in sanitizer_common, as it would break in static binaries. HWASan, at least on Android, supports that, and now it is also available on gcc+glibc which I'm pretty sure will hit this code.

I think this has to be a system call.

iii added a comment.Mar 25 2020, 1:02 PM

Ok, I can do that.

The only thing is - do I need to support oldolduname and olduname? Or can I assume everyone uses a more or less recent kernel?

iii updated this revision to Diff 252655.Mar 25 2020, 1:23 PM

Use uname syscall. Don't try olduname and oldolduname fallbacks until we know we need them.

Also, give in and reformat the code the way clang-format wants to see it.

iii retitled this revision from [compiler-rt] Use real uname() in GetKernelAreaSize() to [compiler-rt] Use uname syscall in GetKernelAreaSize().Mar 25 2020, 1:24 PM
iii edited the summary of this revision. (Show Details)
Harbormaster failed remote builds in B50428: Diff 252655!Mar 25 2020, 2:06 PM
eugenis accepted this revision.Mar 25 2020, 4:41 PM

This is fine, I don't think we need to care about olduname.
LGTM.

This revision is now accepted and ready to land.Mar 25 2020, 4:41 PM
Closed by commit rG2ca7fe379647: [compiler-rt] Use uname syscall in GetKernelAreaSize() (authored by iii, committed by uweigand). · Explain WhyMar 26 2020, 5:55 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
compiler-rt/
lib/
sanitizer_common/
2 lines
11 lines
6 lines

Diff 252818

compiler-rt/lib/sanitizer_common/sanitizer_linux.h

Show All 19 Lines
#include "sanitizer_platform_limits_freebsd.h" #include "sanitizer_platform_limits_freebsd.h"
#include "sanitizer_platform_limits_netbsd.h" #include "sanitizer_platform_limits_netbsd.h"
#include "sanitizer_platform_limits_openbsd.h" #include "sanitizer_platform_limits_openbsd.h"
#include "sanitizer_platform_limits_posix.h" #include "sanitizer_platform_limits_posix.h"
#include "sanitizer_platform_limits_solaris.h" #include "sanitizer_platform_limits_solaris.h"
#include "sanitizer_posix.h" #include "sanitizer_posix.h"
struct link_map; // Opaque type returned by dlopen(). struct link_map; // Opaque type returned by dlopen().
struct utsname;
namespace __sanitizer { namespace __sanitizer {
// Dirent structure for getdents(). Note that this structure is different from // Dirent structure for getdents(). Note that this structure is different from
// the one in <dirent.h>, which is used by readdir(). // the one in <dirent.h>, which is used by readdir().
struct linux_dirent; struct linux_dirent;
struct ProcSelfMapsBuff { struct ProcSelfMapsBuff {
char *data; char *data;
Show All 23 Lines
// internal_sigaction instead. // internal_sigaction instead.
int internal_sigaction_norestorer(int signum, const void *act, void *oldact); int internal_sigaction_norestorer(int signum, const void *act, void *oldact);
void internal_sigdelset(__sanitizer_sigset_t *set, int signum); void internal_sigdelset(__sanitizer_sigset_t *set, int signum);
#if defined(__x86_64__) || defined(__mips__) || defined(__aarch64__) \ #if defined(__x86_64__) || defined(__mips__) || defined(__aarch64__) \
|| defined(__powerpc64__) || defined(__s390__) || defined(__i386__) \ || defined(__powerpc64__) || defined(__s390__) || defined(__i386__) \
|| defined(__arm__) || defined(__arm__)
uptr internal_clone(int (*fn)(void *), void *child_stack, int flags, void *arg, uptr internal_clone(int (*fn)(void *), void *child_stack, int flags, void *arg,
int *parent_tidptr, void *newtls, int *child_tidptr); int *parent_tidptr, void *newtls, int *child_tidptr);
int internal_uname(struct utsname *buf);
#endif #endif
#elif SANITIZER_FREEBSD #elif SANITIZER_FREEBSD
void internal_sigdelset(__sanitizer_sigset_t *set, int signum); void internal_sigdelset(__sanitizer_sigset_t *set, int signum);
#elif SANITIZER_NETBSD #elif SANITIZER_NETBSD
void internal_sigdelset(__sanitizer_sigset_t *set, int signum); void internal_sigdelset(__sanitizer_sigset_t *set, int signum);
uptr internal_clone(int (*fn)(void *), void *child_stack, int flags, void *arg); uptr internal_clone(int (*fn)(void *), void *child_stack, int flags, void *arg);
#endif // SANITIZER_LINUX #endif // SANITIZER_LINUX
▲ Show 20 LinesShow All 86 LinesShow Last 20 Lines

compiler-rt/lib/sanitizer_common/sanitizer_linux.cpp

Show First 20 LinesShow All 1,009 Lines▼ Show 20 Lines
#if !SANITIZER_ANDROID #if !SANITIZER_ANDROID
// Even if nothing is mapped, top Gb may still be accessible // Even if nothing is mapped, top Gb may still be accessible
// if we are running on 64-bit kernel. // if we are running on 64-bit kernel.
// Uname may report misleading results if personality type // Uname may report misleading results if personality type
// is modified (e.g. under schroot) so check this as well. // is modified (e.g. under schroot) so check this as well.
struct utsname uname_info; struct utsname uname_info;
int pers = personality(0xffffffffUL); int pers = personality(0xffffffffUL);
if (!(pers & PER_MASK) if (!(pers & PER_MASK) && internal_uname(&uname_info) == 0 &&
&& uname(&uname_info) == 0 internal_strstr(uname_info.machine, "64"))
&& internal_strstr(uname_info.machine, "64"))
return 0; return 0;
#endif // SANITIZER_ANDROID #endif // SANITIZER_ANDROID
// Top gigabyte is reserved for kernel. // Top gigabyte is reserved for kernel.
return gbyte; return gbyte;
#else #else
return 0; return 0;
#endif // SANITIZER_LINUX && !SANITIZER_X32 #endif // SANITIZER_LINUX && !SANITIZER_X32
▲ Show 20 LinesShow All 595 Lines▼ Show 20 Lines __asm__ __volatile__(
: "=r"(res) : "=r"(res)
: "r"(r0), "r"(r1), "r"(r2), "r"(r3), "r"(r4), "r"(r7), : "r"(r0), "r"(r1), "r"(r2), "r"(r3), "r"(r4), "r"(r7),
"i"(__NR_exit) "i"(__NR_exit)
: "memory"); : "memory");
return res; return res;
} }
#endif // defined(__x86_64__) && SANITIZER_LINUX #endif // defined(__x86_64__) && SANITIZER_LINUX
#if SANITIZER_LINUX
int internal_uname(struct utsname *buf) {
return internal_syscall(SYSCALL(uname), buf);
}
#endif
#if SANITIZER_ANDROID #if SANITIZER_ANDROID
#if __ANDROID_API__ < 21 #if __ANDROID_API__ < 21
extern "C" __attribute__((weak)) int dl_iterate_phdr( extern "C" __attribute__((weak)) int dl_iterate_phdr(
int (*)(struct dl_phdr_info *, size_t, void *), void *); int (*)(struct dl_phdr_info *, size_t, void *), void *);
#endif #endif
static int dl_iterate_phdr_test_cb(struct dl_phdr_info *info, size_t size, static int dl_iterate_phdr_test_cb(struct dl_phdr_info *info, size_t size,
void *data) { void *data) {
▲ Show 20 LinesShow All 520 LinesShow Last 20 Lines

compiler-rt/lib/sanitizer_common/sanitizer_linux_s390.cpp

Show First 20 LinesShow All 117 Lines▼ Show 20 Lines
#if SANITIZER_S390_64 #if SANITIZER_S390_64
static bool FixedCVE_2016_2143() { static bool FixedCVE_2016_2143() {
// Try to determine if the running kernel has a fix for CVE-2016-2143, // Try to determine if the running kernel has a fix for CVE-2016-2143,
// return false if in doubt (better safe than sorry). Distros may want to // return false if in doubt (better safe than sorry). Distros may want to
// adjust this for their own kernels. // adjust this for their own kernels.
struct utsname buf; struct utsname buf;
unsigned int major, minor, patch = 0; unsigned int major, minor, patch = 0;
// Depending on the concrete sanitizer being used, uname may or may not
// be intercepted. Make sure we use the libc version in either case.
using Uname = int (*)(struct utsname *);
Uname uname = reinterpret_cast<Uname>(dlsym(RTLD_NEXT, "uname"));
// This should never fail, but just in case... // This should never fail, but just in case...
if (uname == nullptr || uname(&buf)) if (internal_uname(&buf))
return false; return false;
const char *ptr = buf.release; const char *ptr = buf.release;
major = internal_simple_strtoll(ptr, &ptr, 10); major = internal_simple_strtoll(ptr, &ptr, 10);
// At least first 2 should be matched. // At least first 2 should be matched.
if (ptr[0] != '.') if (ptr[0] != '.')
return false; return false;
minor = internal_simple_strtoll(ptr+1, &ptr, 10); minor = internal_simple_strtoll(ptr+1, &ptr, 10);
// Third is optional. // Third is optional.
▲ Show 20 LinesShow All 87 LinesShow Last 20 Lines