[PATCH] D19576: [sanitizer] [SystemZ] Abort if the kernel might be vulnerable to CVE-2016-2143.
Marcin KoĆcielnicki via llvm-commits
llvm-commits at lists.llvm.org
Tue Apr 26 19:06:03 PDT 2016
koriakin created this revision.
koriakin added a reviewer: kcc.
koriakin added a subscriber: llvm-commits.
koriakin set the repository for this revision to rL LLVM.
koriakin added a project: Sanitizers.
Herald added a subscriber: kubabrecka.
In short, CVE-2016-2143 will crash the machine if a process uses both >4TB
virtual addresses and fork(). ASan, TSan, and MSan will, by necessity, map
a sizable chunk of virtual address space, which is much larger than 4TB.
Even worse, sanitizers will always use fork() for llvm-symbolizer when a bug
is detected. Disable all three by aborting on process initialization if
the running kernel version is not known to contain a fix.
Unfortunately, there's no reliable way to detect the fix without crashing
the kernel. So, we rely on whitelisting - I've included a list of upstream
kernel versions that will work. In case someone uses a distribution kernel
or applied the fix themselves, an override switch is also included.
Repository:
rL LLVM
http://reviews.llvm.org/D19576
Files:
lib/asan/asan_rtl.cc
lib/dfsan/dfsan.cc
lib/lsan/lsan.cc
lib/msan/msan.cc
lib/sanitizer_common/sanitizer_common.h
lib/sanitizer_common/sanitizer_linux_s390.cc
lib/tsan/rtl/tsan_rtl.cc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D19576.55155.patch
Type: text/x-patch
Size: 5371 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20160427/51f7ac61/attachment.bin>
More information about the llvm-commits
mailing list