| Message ID | 20191030142237.249532-11-glider@google.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Add KernelMemorySanitizer infrastructure | expand |
On Wed, Oct 30, 2019 at 03:22:22PM +0100, glider@google.com wrote: > READ_ONCE_NOCHECK() is already used by KASAN to ignore memory accesses > from e.g. stack unwinders. > Define READ_ONCE_NOCHECK() for KMSAN so that it returns initialized > values. This helps defeat false positives from leftover stack contents. > > Signed-off-by: Alexander Potapenko <glider@google.com> > To: Alexander Potapenko <glider@google.com> > Cc: Vegard Nossum <vegard.nossum@oracle.com> > Cc: Dmitry Vyukov <dvyukov@google.com> > Cc: linux-mm@kvack.org > --- > > Change-Id: Ib38369ba038ab3b581d8e45b81036c3304fb79cb > --- > include/linux/compiler.h | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > > diff --git a/include/linux/compiler.h b/include/linux/compiler.h > index 5e88e7e33abe..e8c86debdb2b 100644 > --- a/include/linux/compiler.h > +++ b/include/linux/compiler.h > @@ -270,9 +270,13 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s > > /* > * Use READ_ONCE_NOCHECK() instead of READ_ONCE() if you need > - * to hide memory access from KASAN. > + * to hide memory access from KASAN or KMSAN. > */ > +#ifndef CONFIG_KMSAN > #define READ_ONCE_NOCHECK(x) __READ_ONCE(x, 0) > +#else > +#define READ_ONCE_NOCHECK(x) KMSAN_INIT_VALUE(__READ_ONCE(x, 0)) > +#endif When !CONFIG_KMSAN, we have: | #define KMSAN_INIT_VALUE(value) (value) ... so we don't need ifdeffery here, and can simply have: /* * Use READ_ONCE_NOCHECK() instead of READ_ONCE() if you need * to hide memory access from KASAN or KMSAN. */ #define READ_ONCE_NOCHECK(x) KMSAN_INIT_VALUE(__READ_ONCE(x, 0)) Thanks, Mark. > > static __no_kasan_or_inline > unsigned long read_word_at_a_time(const void *addr) > -- > 2.24.0.rc0.303.g954a862665-goog >
On Tue, Nov 5, 2019 at 9:19 PM Mark Rutland <mark.rutland@arm.com> wrote: > > On Wed, Oct 30, 2019 at 03:22:22PM +0100, glider@google.com wrote: > > READ_ONCE_NOCHECK() is already used by KASAN to ignore memory accesses > > from e.g. stack unwinders. > > Define READ_ONCE_NOCHECK() for KMSAN so that it returns initialized > > values. This helps defeat false positives from leftover stack contents. > > > > Signed-off-by: Alexander Potapenko <glider@google.com> > > To: Alexander Potapenko <glider@google.com> > > Cc: Vegard Nossum <vegard.nossum@oracle.com> > > Cc: Dmitry Vyukov <dvyukov@google.com> > > Cc: linux-mm@kvack.org > > --- > > > > Change-Id: Ib38369ba038ab3b581d8e45b81036c3304fb79cb > > --- > > include/linux/compiler.h | 6 +++++- > > 1 file changed, 5 insertions(+), 1 deletion(-) > > > > diff --git a/include/linux/compiler.h b/include/linux/compiler.h > > index 5e88e7e33abe..e8c86debdb2b 100644 > > --- a/include/linux/compiler.h > > +++ b/include/linux/compiler.h > > @@ -270,9 +270,13 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s > > > > /* > > * Use READ_ONCE_NOCHECK() instead of READ_ONCE() if you need > > - * to hide memory access from KASAN. > > + * to hide memory access from KASAN or KMSAN. > > */ > > +#ifndef CONFIG_KMSAN > > #define READ_ONCE_NOCHECK(x) __READ_ONCE(x, 0) > > +#else > > +#define READ_ONCE_NOCHECK(x) KMSAN_INIT_VALUE(__READ_ONCE(x, 0)) > > +#endif > > When !CONFIG_KMSAN, we have: > > | #define KMSAN_INIT_VALUE(value) (value) > > ... so we don't need ifdeffery here, and can simply have: > > /* > * Use READ_ONCE_NOCHECK() instead of READ_ONCE() if you need > * to hide memory access from KASAN or KMSAN. > */ > #define READ_ONCE_NOCHECK(x) KMSAN_INIT_VALUE(__READ_ONCE(x, 0)) Agreed, thanks! > Thanks, > Mark. > > > > > static __no_kasan_or_inline > > unsigned long read_word_at_a_time(const void *addr) > > -- > > 2.24.0.rc0.303.g954a862665-goog > >
diff --git a/include/linux/compiler.h b/include/linux/compiler.h index 5e88e7e33abe..e8c86debdb2b 100644 --- a/include/linux/compiler.h +++ b/include/linux/compiler.h @@ -270,9 +270,13 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s /* * Use READ_ONCE_NOCHECK() instead of READ_ONCE() if you need - * to hide memory access from KASAN. + * to hide memory access from KASAN or KMSAN. */ +#ifndef CONFIG_KMSAN #define READ_ONCE_NOCHECK(x) __READ_ONCE(x, 0) +#else +#define READ_ONCE_NOCHECK(x) KMSAN_INIT_VALUE(__READ_ONCE(x, 0)) +#endif static __no_kasan_or_inline unsigned long read_word_at_a_time(const void *addr)
READ_ONCE_NOCHECK() is already used by KASAN to ignore memory accesses from e.g. stack unwinders. Define READ_ONCE_NOCHECK() for KMSAN so that it returns initialized values. This helps defeat false positives from leftover stack contents. Signed-off-by: Alexander Potapenko <glider@google.com> To: Alexander Potapenko <glider@google.com> Cc: Vegard Nossum <vegard.nossum@oracle.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: linux-mm@kvack.org --- Change-Id: Ib38369ba038ab3b581d8e45b81036c3304fb79cb --- include/linux/compiler.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)