[Bug 2054343] Re: CVE-2023-4039: ARM64 GCC

Sun, 13 Apr 2025 23:56:27 -0700 

Thanks Mauricio!

Turn out we can patch gcc based on this llvm commit:
https://github.com/llvm/llvm-project/commit/fb77ca05ffb4f8e666878f2f6718a9fb4d686839

I did a mistake to apply the above commit to llvm because I thought gcc build 
depends on it,
but this should be done on gcc itself instead of llvm.

Our gcc-13 doesn't have this build issue because it has applied this
patch:

cat gcc-13/debian/patches/asan-allocator-base.diff 
# DP: ASan: move allocator base to avoid conflict with high-entropy ASLR for 
x86-64 Linux
# DP: 
https://github.com/llvm/llvm-project/commit/fb77ca05ffb4f8e666878f2f6718a9fb4d686839

--- a/src/libsanitizer/asan/asan_allocator.h
+++ b/src/libsanitizer/asan/asan_allocator.h
@@ -143,11 +143,15 @@ typedef DefaultSizeClassMap SizeClassMap;
 const uptr kAllocatorSpace = ~(uptr)0;
 const uptr kAllocatorSize  =  0x8000000000ULL;  // 500G
 typedef DefaultSizeClassMap SizeClassMap;
-# else
+#  elif SANITIZER_APPLE
 const uptr kAllocatorSpace = 0x600000000000ULL;
 const uptr kAllocatorSize  =  0x40000000000ULL;  // 4T.
 typedef DefaultSizeClassMap SizeClassMap;
-# endif
+#  else
+const uptr kAllocatorSpace = 0x500000000000ULL;
+const uptr kAllocatorSize = 0x40000000000ULL;  // 4T.
+typedef DefaultSizeClassMap SizeClassMap;
+#  endif
 template <typename AddressSpaceViewTy>
 struct AP64 {  // Allocator64 parameters. Deliberately using a short name.
   static const uptr kSpaceBeg = kAllocatorSpace;

SRU: https://bugs.launchpad.net/ubuntu/+source/llvm-
toolchain-14/+bug/2048768

So I will send out an SRU for gcc-10 on focal and gcc-10/11/12 on jammy to fix 
the build issue,
and then this SRU should be unblocked.

Thanks for all the help as always!

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2054343

Title:
  CVE-2023-4039: ARM64 GCC

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gcc-10/+bug/2054343/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to