[32/35] kasan, arm64: print report from tag fault handler

Message ID	4691d6019ef00c11007787f5190841b47ba576c4.1597425745.git.andreyknvl@google.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=uP9R=BY=lists.infradead.org=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 5407320768 Date: Fri, 14 Aug 2020 19:27:14 +0200 In-Reply-To: <cover.1597425745.git.andreyknvl@google.com> Message-Id: <4691d6019ef00c11007787f5190841b47ba576c4.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: <cover.1597425745.git.andreyknvl@google.com> Subject: [PATCH 32/35] kasan, arm64: print report from tag fault handler From: Andrey Konovalov <andreyknvl@google.com> To: Dmitry Vyukov <dvyukov@google.com>, Vincenzo Frascino <vincenzo.frascino@arm.com>, Catalin Marinas <catalin.marinas@arm.com>, kasan-dev@googlegroups.com summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:849 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender Precedence: list Cc: Marco Elver <elver@google.com>, Elena Petrova <lenaptr@google.com>, Andrey Konovalov <andreyknvl@google.com>, Kevin Brodsky <kevin.brodsky@arm.com>, Will Deacon <will.deacon@arm.com>, Branislav Rankov <Branislav.Rankov@arm.com>, linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko <glider@google.com>, linux-arm-kernel@lists.infradead.org, Andrey Ryabinin <aryabinin@virtuozzo.com>, Andrew Morton <akpm@linux-foundation.org>, Evgenii Stepanov <eugenis@google.com> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org> Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
Series	kasan: add hardware tag-based mode for arm64 \| expand [00/35] kasan: add hardware tag-based mode for arm64 [01/35] kasan: KASAN_VMALLOC depends on KASAN_GENERIC [02/35] kasan: group vmalloc code [03/35] kasan: shadow declarations only for software modes [04/35] kasan: rename (un)poison_shadow to (un)poison_memory [05/35] kasan: rename KASAN_SHADOW_* to KASAN_GRANULE_* [06/35] kasan: only build init.c for software modes [07/35] kasan: split out shadow.c from common.c [08/35] kasan: rename generic/tags_report.c files [09/35] kasan: don't duplicate config dependencies [10/35] kasan: hide invalid free check implementation [11/35] kasan: decode stack frame only with KASAN_STACK_ENABLE [12/35] kasan, arm64: only init shadow for software modes [13/35] kasan, arm64: only use kasan_depth for software modes [14/35] kasan: rename addr_has_shadow to addr_has_metadata [15/35] kasan: rename print_shadow_for_address to print_memory_metadata [16/35] kasan: kasan_non_canonical_hook only for software modes [17/35] kasan: rename SHADOW layout macros to META [18/35] kasan: separate metadata_fetch_row for each mode [19/35] kasan: don't allow SW_TAGS with ARM64_MTE [20/35] arm64: mte: Add in-kernel MTE helpers [21/35] arm64: mte: Add in-kernel tag fault handler [22/35] arm64: mte: Enable in-kernel MTE [23/35] arm64: mte: Convert gcr_user into an exclude mask [24/35] arm64: mte: Switch GCR_EL1 in kernel entry and exit [25/35] kasan: introduce CONFIG_KASAN_HW_TAGS [26/35] kasan, arm64: Enable TBI EL1 [27/35] kasan, arm64: align allocations for HW_TAGS [28/35] kasan: define KASAN_GRANULE_SIZE for HW_TAGS [29/35] kasan, x86, s390: update undef CONFIG_KASAN [30/35] kasan, arm64: expand CONFIG_KASAN checks [31/35] kasan, arm64: implement HW_TAGS runtime [32/35] kasan, arm64: print report from tag fault handler [33/35] kasan, slub: reset tags when accessing metadata [34/35] kasan, arm64: enable CONFIG_KASAN_HW_TAGS [35/35] kasan: add documentation for hardware tag-based mode

Message ID

4691d6019ef00c11007787f5190841b47ba576c4.1597425745.git.andreyknvl@google.com (mailing list archive)

State

New, archived

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 5407320768
Date: Fri, 14 Aug 2020 19:27:14 +0200
In-Reply-To: <cover.1597425745.git.andreyknvl@google.com>
Message-Id: 
 <4691d6019ef00c11007787f5190841b47ba576c4.1597425745.git.andreyknvl@google.com>
Mime-Version: 1.0
References: <cover.1597425745.git.andreyknvl@google.com>
Subject: [PATCH 32/35] kasan, arm64: print report from tag fault handler
From: Andrey Konovalov <andreyknvl@google.com>
To: Dmitry Vyukov <dvyukov@google.com>,
 Vincenzo Frascino <vincenzo.frascino@arm.com>,
 Catalin Marinas <catalin.marinas@arm.com>, kasan-dev@googlegroups.com
Precedence: list
Cc: Marco Elver <elver@google.com>, Elena Petrova <lenaptr@google.com>,
 Andrey Konovalov <andreyknvl@google.com>,
 Kevin Brodsky <kevin.brodsky@arm.com>, Will Deacon <will.deacon@arm.com>,
 Branislav Rankov <Branislav.Rankov@arm.com>, linux-kernel@vger.kernel.org,
 linux-mm@kvack.org, Alexander Potapenko <glider@google.com>,
 linux-arm-kernel@lists.infradead.org,
 Andrey Ryabinin <aryabinin@virtuozzo.com>,
 Andrew Morton <akpm@linux-foundation.org>,
 Evgenii Stepanov <eugenis@google.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org

Series

kasan: add hardware tag-based mode for arm64 | expand

Commit Message

Andrey Konovalov Aug. 14, 2020, 5:27 p.m. UTC

Add error reporting for hardware tag-based KASAN. When CONFIG_KASAN_HW_TAGS
is enabled, print KASAN report from the arm64 tag fault handler.

SAS bits aren't set in ESR for all faults reported in EL1, so it's
impossible to find out the size of the access the caused the fault.
Adapt KASAN reporting code to handle this case.

Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
---
 arch/arm64/mm/fault.c |  9 +++++++++
 mm/kasan/report.c     | 11 ++++++++---
 2 files changed, 17 insertions(+), 3 deletions(-)

Comments

Catalin Marinas Aug. 27, 2020, 10:48 a.m. UTC | #1

On Fri, Aug 14, 2020 at 07:27:14PM +0200, Andrey Konovalov wrote:
> diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
> index c62c8ba85c0e..cf00b3942564 100644
> --- a/arch/arm64/mm/fault.c
> +++ b/arch/arm64/mm/fault.c
> @@ -14,6 +14,7 @@
>  #include <linux/mm.h>
>  #include <linux/hardirq.h>
>  #include <linux/init.h>
> +#include <linux/kasan.h>
>  #include <linux/kprobes.h>
>  #include <linux/uaccess.h>
>  #include <linux/page-flags.h>
> @@ -314,11 +315,19 @@ static void report_tag_fault(unsigned long addr, unsigned int esr,
>  {
>  	bool is_write = ((esr & ESR_ELx_WNR) >> ESR_ELx_WNR_SHIFT) != 0;
>  
> +#ifdef CONFIG_KASAN_HW_TAGS
> +	/*
> +	 * SAS bits aren't set for all faults reported in EL1, so we can't
> +	 * find out access size.
> +	 */
> +	kasan_report(addr, 0, is_write, regs->pc);
> +#else
>  	pr_alert("Memory Tagging Extension Fault in %pS\n", (void *)regs->pc);
>  	pr_alert("  %s at address %lx\n", is_write ? "Write" : "Read", addr);
>  	pr_alert("  Pointer tag: [%02x], memory tag: [%02x]\n",
>  			mte_get_ptr_tag(addr),
>  			mte_get_mem_tag((void *)addr));
> +#endif
>  }

More dead code. So what's the point of keeping the pr_alert() introduced
earlier? CONFIG_KASAN_HW_TAGS is always on for in-kernel MTE. If MTE is
disabled, this function isn't called anyway.

Vincenzo Frascino Aug. 27, 2020, 12:11 p.m. UTC | #2

On 8/27/20 11:48 AM, Catalin Marinas wrote:
> On Fri, Aug 14, 2020 at 07:27:14PM +0200, Andrey Konovalov wrote:
>> diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
>> index c62c8ba85c0e..cf00b3942564 100644
>> --- a/arch/arm64/mm/fault.c
>> +++ b/arch/arm64/mm/fault.c
>> @@ -14,6 +14,7 @@
>>  #include <linux/mm.h>
>>  #include <linux/hardirq.h>
>>  #include <linux/init.h>
>> +#include <linux/kasan.h>
>>  #include <linux/kprobes.h>
>>  #include <linux/uaccess.h>
>>  #include <linux/page-flags.h>
>> @@ -314,11 +315,19 @@ static void report_tag_fault(unsigned long addr, unsigned int esr,
>>  {
>>  	bool is_write = ((esr & ESR_ELx_WNR) >> ESR_ELx_WNR_SHIFT) != 0;
>>  
>> +#ifdef CONFIG_KASAN_HW_TAGS
>> +	/*
>> +	 * SAS bits aren't set for all faults reported in EL1, so we can't
>> +	 * find out access size.
>> +	 */
>> +	kasan_report(addr, 0, is_write, regs->pc);
>> +#else
>>  	pr_alert("Memory Tagging Extension Fault in %pS\n", (void *)regs->pc);
>>  	pr_alert("  %s at address %lx\n", is_write ? "Write" : "Read", addr);
>>  	pr_alert("  Pointer tag: [%02x], memory tag: [%02x]\n",
>>  			mte_get_ptr_tag(addr),
>>  			mte_get_mem_tag((void *)addr));
>> +#endif
>>  }
> 
> More dead code. So what's the point of keeping the pr_alert() introduced
> earlier? CONFIG_KASAN_HW_TAGS is always on for in-kernel MTE. If MTE is
> disabled, this function isn't called anyway.
> 

I agree we should remove them (togheter with '#ifdef CONFIG_KASAN_HW_TAGS') or
integrate them with the kasan code if still meaningful.

Andrey Konovalov Aug. 27, 2020, 12:34 p.m. UTC | #3

On Thu, Aug 27, 2020 at 12:48 PM Catalin Marinas
<catalin.marinas@arm.com> wrote:
>
> On Fri, Aug 14, 2020 at 07:27:14PM +0200, Andrey Konovalov wrote:
> > diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
> > index c62c8ba85c0e..cf00b3942564 100644
> > --- a/arch/arm64/mm/fault.c
> > +++ b/arch/arm64/mm/fault.c
> > @@ -14,6 +14,7 @@
> >  #include <linux/mm.h>
> >  #include <linux/hardirq.h>
> >  #include <linux/init.h>
> > +#include <linux/kasan.h>
> >  #include <linux/kprobes.h>
> >  #include <linux/uaccess.h>
> >  #include <linux/page-flags.h>
> > @@ -314,11 +315,19 @@ static void report_tag_fault(unsigned long addr, unsigned int esr,
> >  {
> >       bool is_write = ((esr & ESR_ELx_WNR) >> ESR_ELx_WNR_SHIFT) != 0;
> >
> > +#ifdef CONFIG_KASAN_HW_TAGS
> > +     /*
> > +      * SAS bits aren't set for all faults reported in EL1, so we can't
> > +      * find out access size.
> > +      */
> > +     kasan_report(addr, 0, is_write, regs->pc);
> > +#else
> >       pr_alert("Memory Tagging Extension Fault in %pS\n", (void *)regs->pc);
> >       pr_alert("  %s at address %lx\n", is_write ? "Write" : "Read", addr);
> >       pr_alert("  Pointer tag: [%02x], memory tag: [%02x]\n",
> >                       mte_get_ptr_tag(addr),
> >                       mte_get_mem_tag((void *)addr));
> > +#endif
> >  }
>
> More dead code. So what's the point of keeping the pr_alert() introduced
> earlier? CONFIG_KASAN_HW_TAGS is always on for in-kernel MTE. If MTE is
> disabled, this function isn't called anyway.

I was considering that we can enable in-kernel MTE without enabling
CONFIG_KASAN_HW_TAGS, but perhaps this isn't what we want. I'll drop
this part in v2, but then we also need to make sure that in-kernel MTE
is only enabled when CONFIG_KASAN_HW_TAGS is enabled. Do we need more
ifdefs in arm64 patches when we write to MTE-related registers, or
does this work as is?

Catalin Marinas Aug. 27, 2020, 2:21 p.m. UTC | #4

On Thu, Aug 27, 2020 at 02:34:31PM +0200, Andrey Konovalov wrote:
> On Thu, Aug 27, 2020 at 12:48 PM Catalin Marinas
> <catalin.marinas@arm.com> wrote:
> > On Fri, Aug 14, 2020 at 07:27:14PM +0200, Andrey Konovalov wrote:
> > > diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
> > > index c62c8ba85c0e..cf00b3942564 100644
> > > --- a/arch/arm64/mm/fault.c
> > > +++ b/arch/arm64/mm/fault.c
> > > @@ -14,6 +14,7 @@
> > >  #include <linux/mm.h>
> > >  #include <linux/hardirq.h>
> > >  #include <linux/init.h>
> > > +#include <linux/kasan.h>
> > >  #include <linux/kprobes.h>
> > >  #include <linux/uaccess.h>
> > >  #include <linux/page-flags.h>
> > > @@ -314,11 +315,19 @@ static void report_tag_fault(unsigned long addr, unsigned int esr,
> > >  {
> > >       bool is_write = ((esr & ESR_ELx_WNR) >> ESR_ELx_WNR_SHIFT) != 0;
> > >
> > > +#ifdef CONFIG_KASAN_HW_TAGS
> > > +     /*
> > > +      * SAS bits aren't set for all faults reported in EL1, so we can't
> > > +      * find out access size.
> > > +      */
> > > +     kasan_report(addr, 0, is_write, regs->pc);
> > > +#else
> > >       pr_alert("Memory Tagging Extension Fault in %pS\n", (void *)regs->pc);
> > >       pr_alert("  %s at address %lx\n", is_write ? "Write" : "Read", addr);
> > >       pr_alert("  Pointer tag: [%02x], memory tag: [%02x]\n",
> > >                       mte_get_ptr_tag(addr),
> > >                       mte_get_mem_tag((void *)addr));
> > > +#endif
> > >  }
> >
> > More dead code. So what's the point of keeping the pr_alert() introduced
> > earlier? CONFIG_KASAN_HW_TAGS is always on for in-kernel MTE. If MTE is
> > disabled, this function isn't called anyway.
> 
> I was considering that we can enable in-kernel MTE without enabling
> CONFIG_KASAN_HW_TAGS, but perhaps this isn't what we want. I'll drop
> this part in v2, but then we also need to make sure that in-kernel MTE
> is only enabled when CONFIG_KASAN_HW_TAGS is enabled. Do we need more
> ifdefs in arm64 patches when we write to MTE-related registers, or
> does this work as is?

I think the in-kernel MTE for the time being should only mean
CONFIG_KASAN_HW_TAGS, with a dependency on CONFIG_MTE. KASAN carries
some additional debugging features but if we can trim it down, we may
not need a separate in-kernel MTE option for production systems (maybe a
CONFIG_KASAN_HW_TAGS_LITE).

diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
index c62c8ba85c0e..cf00b3942564 100644
--- a/arch/arm64/mm/fault.c
+++ b/arch/arm64/mm/fault.c
@@ -14,6 +14,7 @@ 
 #include <linux/mm.h>
 #include <linux/hardirq.h>
 #include <linux/init.h>
+#include <linux/kasan.h>
 #include <linux/kprobes.h>
 #include <linux/uaccess.h>
 #include <linux/page-flags.h>
@@ -314,11 +315,19 @@  static void report_tag_fault(unsigned long addr, unsigned int esr,
 {
 	bool is_write = ((esr & ESR_ELx_WNR) >> ESR_ELx_WNR_SHIFT) != 0;
 
+#ifdef CONFIG_KASAN_HW_TAGS
+	/*
+	 * SAS bits aren't set for all faults reported in EL1, so we can't
+	 * find out access size.
+	 */
+	kasan_report(addr, 0, is_write, regs->pc);
+#else
 	pr_alert("Memory Tagging Extension Fault in %pS\n", (void *)regs->pc);
 	pr_alert("  %s at address %lx\n", is_write ? "Write" : "Read", addr);
 	pr_alert("  Pointer tag: [%02x], memory tag: [%02x]\n",
 			mte_get_ptr_tag(addr),
 			mte_get_mem_tag((void *)addr));
+#endif
 }
 
 static void __do_kernel_fault(unsigned long addr, unsigned int esr,
diff --git a/mm/kasan/report.c b/mm/kasan/report.c
index c904edab33b8..34ef81736d73 100644
--- a/mm/kasan/report.c
+++ b/mm/kasan/report.c
@@ -65,9 +65,14 @@  static void print_error_description(struct kasan_access_info *info)
 {
 	pr_err("BUG: KASAN: %s in %pS\n",
 		get_bug_type(info), (void *)info->ip);
-	pr_err("%s of size %zu at addr %px by task %s/%d\n",
-		info->is_write ? "Write" : "Read", info->access_size,
-		info->access_addr, current->comm, task_pid_nr(current));
+	if (info->access_size)
+		pr_err("%s of size %zu at addr %px by task %s/%d\n",
+			info->is_write ? "Write" : "Read", info->access_size,
+			info->access_addr, current->comm, task_pid_nr(current));
+	else
+		pr_err("%s at addr %px by task %s/%d\n",
+			info->is_write ? "Write" : "Read",
+			info->access_addr, current->comm, task_pid_nr(current));
 }
 
 static DEFINE_SPINLOCK(report_lock);

[32/35] kasan, arm64: print report from tag fault handler

Commit Message

Comments

Patch