From 3c0e9169a357f6d99b80c02dd27210d742797cf2 Mon Sep 17 00:00:00 2001 From: Mark Johnston Date: Mon, 7 Nov 2022 16:07:26 -0500 Subject: [PATCH] ksan: Build sanitizer runtimes without stack-smashing protection On arm64 with per-thread stack canaries enabled (the PERTHREAD_SSP option), the compiler may load curthread->td_md.md_canary in function prologues. This is not safe in data_abort(); see commit 2c10be9e06d4. Thus, sanitizer runtimes must also avoid accessing the current thread's canary. Since SSP has limited utility in sanitizer runtimes, simply disable it unconditionally to avoid unpleasant surprises in the future. MFC after: 2 weeks Sponsored by: Juniper Networks, Inc. Sponsored by: Klara, Inc. --- sys/conf/files | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sys/conf/files b/sys/conf/files index e8b2e02e79d9..30ed2416987e 100644 --- a/sys/conf/files +++ b/sys/conf/files @@ -3874,7 +3874,7 @@ kern/stack_protector.c standard \ kern/subr_acl_nfs4.c optional ufs_acl | zfs kern/subr_acl_posix1e.c optional ufs_acl kern/subr_asan.c optional kasan \ - compile-with "${NORMAL_C:N-fsanitize*}" + compile-with "${NORMAL_C:N-fsanitize*:N-fstack-protector*}" kern/subr_autoconf.c standard kern/subr_blist.c standard kern/subr_boot.c standard @@ -3889,7 +3889,7 @@ kern/subr_coverage.c optional coverage \ compile-with "${NORMAL_C:N-fsanitize*}" kern/subr_counter.c standard kern/subr_csan.c optional kcsan \ - compile-with "${NORMAL_C:N-fsanitize*}" + compile-with "${NORMAL_C:N-fsanitize*:N-fstack-protector*}" kern/subr_devstat.c standard kern/subr_disk.c standard kern/subr_early.c standard @@ -3908,7 +3908,7 @@ kern/subr_log.c standard kern/subr_mchain.c optional libmchain kern/subr_module.c standard kern/subr_msan.c optional kmsan \ - compile-with "${NORMAL_C:N-fsanitize*}" + compile-with "${NORMAL_C:N-fsanitize*:N-fstack-protector*}" kern/subr_msgbuf.c standard kern/subr_param.c standard kern/subr_pcpu.c standard