| Message ID | 20220227134726.27584-2-lecopzer.chen@mediatek.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | arm: kasan: support CONFIG_KASAN_VMALLOC | expand |
On Sun, Feb 27, 2022 at 09:47:25PM +0800, Lecopzer Chen wrote: > Simply make shadow of vmalloc area mapped on demand. > > Since the virtual address of vmalloc for Arm is also between > MODULE_VADDR and 0x100000000 (ZONE_HIGHMEM), which means the shadow > address has already included between KASAN_SHADOW_START and > KASAN_SHADOW_END. > Thus we need to change nothing for memory map of Arm. > > This can fix ARM_MODULE_PLTS with KASan, support KASan for higmem > and provide the first step to support CONFIG_VMAP_STACK with Arm. > > Signed-off-by: Lecopzer Chen <lecopzer.chen@mediatek.com> > --- > arch/arm/Kconfig | 1 + > arch/arm/include/asm/kasan_def.h | 11 ++++++++++- > arch/arm/mm/kasan_init.c | 6 +++++- > 3 files changed, 16 insertions(+), 2 deletions(-) > > diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig > index 4c97cb40eebb..78250e246cc6 100644 > --- a/arch/arm/Kconfig > +++ b/arch/arm/Kconfig > @@ -72,6 +72,7 @@ config ARM > select HAVE_ARCH_KFENCE if MMU && !XIP_KERNEL > select HAVE_ARCH_KGDB if !CPU_ENDIAN_BE32 && MMU > select HAVE_ARCH_KASAN if MMU && !XIP_KERNEL > + select HAVE_ARCH_KASAN_VMALLOC if HAVE_ARCH_KASAN > select HAVE_ARCH_MMAP_RND_BITS if MMU > select HAVE_ARCH_PFN_VALID > select HAVE_ARCH_SECCOMP > diff --git a/arch/arm/include/asm/kasan_def.h b/arch/arm/include/asm/kasan_def.h > index 5739605aa7cf..96fd1d3b5a0c 100644 > --- a/arch/arm/include/asm/kasan_def.h > +++ b/arch/arm/include/asm/kasan_def.h > @@ -19,7 +19,16 @@ > * space to use as shadow memory for KASan as follows: > * > * +----+ 0xffffffff > - * | | \ > + * | |\ > + * | | |-> ZONE_HIGHMEM for vmalloc virtual address space. > + * | | | Such as vmalloc(), GFP_HIGHUSER (__GFP__HIGHMEM), > + * | | | module address using ARM_MODULE_PLTS, etc. > + * | | | > + * | | | If CONFIG_KASAN_VMALLOC=y, this area would populate > + * | | | shadow address on demand. > + * | |/ This diagram is incorrect. We already have the memory layout in Documentation/arm/memory.rst, so we don't need another set of documentation that is misleading.
> On Sun, Feb 27, 2022 at 09:47:25PM +0800, Lecopzer Chen wrote: > > Simply make shadow of vmalloc area mapped on demand. > > > > Since the virtual address of vmalloc for Arm is also between > > MODULE_VADDR and 0x100000000 (ZONE_HIGHMEM), which means the shadow > > address has already included between KASAN_SHADOW_START and > > KASAN_SHADOW_END. > > Thus we need to change nothing for memory map of Arm. > > > > This can fix ARM_MODULE_PLTS with KASan, support KASan for higmem > > and provide the first step to support CONFIG_VMAP_STACK with Arm. > > > > Signed-off-by: Lecopzer Chen <lecopzer.chen@mediatek.com> > > --- > > arch/arm/Kconfig | 1 + > > arch/arm/include/asm/kasan_def.h | 11 ++++++++++- > > arch/arm/mm/kasan_init.c | 6 +++++- > > 3 files changed, 16 insertions(+), 2 deletions(-) > > > > diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig > > index 4c97cb40eebb..78250e246cc6 100644 > > --- a/arch/arm/Kconfig > > +++ b/arch/arm/Kconfig > > @@ -72,6 +72,7 @@ config ARM > > select HAVE_ARCH_KFENCE if MMU && !XIP_KERNEL > > select HAVE_ARCH_KGDB if !CPU_ENDIAN_BE32 && MMU > > select HAVE_ARCH_KASAN if MMU && !XIP_KERNEL > > + select HAVE_ARCH_KASAN_VMALLOC if HAVE_ARCH_KASAN > > select HAVE_ARCH_MMAP_RND_BITS if MMU > > select HAVE_ARCH_PFN_VALID > > select HAVE_ARCH_SECCOMP > > diff --git a/arch/arm/include/asm/kasan_def.h b/arch/arm/include/asm/kasan_def.h > > index 5739605aa7cf..96fd1d3b5a0c 100644 > > --- a/arch/arm/include/asm/kasan_def.h > > +++ b/arch/arm/include/asm/kasan_def.h > > @@ -19,7 +19,16 @@ > > * space to use as shadow memory for KASan as follows: > > * > > * +----+ 0xffffffff > > - * | | \ > > + * | |\ > > + * | | |-> ZONE_HIGHMEM for vmalloc virtual address space. > > + * | | | Such as vmalloc(), GFP_HIGHUSER (__GFP__HIGHMEM), > > + * | | | module address using ARM_MODULE_PLTS, etc. > > + * | | | > > + * | | | If CONFIG_KASAN_VMALLOC=y, this area would populate > > + * | | | shadow address on demand. > > + * | |/ > > This diagram is incorrect. We already have the memory layout in > Documentation/arm/memory.rst, so we don't need another set of > documentation that is misleading. Ok, should I send a v4 to remove this? BRs, Lecopzer
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 4c97cb40eebb..78250e246cc6 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -72,6 +72,7 @@ config ARM select HAVE_ARCH_KFENCE if MMU && !XIP_KERNEL select HAVE_ARCH_KGDB if !CPU_ENDIAN_BE32 && MMU select HAVE_ARCH_KASAN if MMU && !XIP_KERNEL + select HAVE_ARCH_KASAN_VMALLOC if HAVE_ARCH_KASAN select HAVE_ARCH_MMAP_RND_BITS if MMU select HAVE_ARCH_PFN_VALID select HAVE_ARCH_SECCOMP diff --git a/arch/arm/include/asm/kasan_def.h b/arch/arm/include/asm/kasan_def.h index 5739605aa7cf..96fd1d3b5a0c 100644 --- a/arch/arm/include/asm/kasan_def.h +++ b/arch/arm/include/asm/kasan_def.h @@ -19,7 +19,16 @@ * space to use as shadow memory for KASan as follows: * * +----+ 0xffffffff - * | | \ + * | |\ + * | | |-> ZONE_HIGHMEM for vmalloc virtual address space. + * | | | Such as vmalloc(), GFP_HIGHUSER (__GFP__HIGHMEM), + * | | | module address using ARM_MODULE_PLTS, etc. + * | | | + * | | | If CONFIG_KASAN_VMALLOC=y, this area would populate + * | | | shadow address on demand. + * | |/ + * +----+ VMALLOC_START + * | |\ * | | |-> Static kernel image (vmlinux) BSS and page table * | |/ * +----+ PAGE_OFFSET diff --git a/arch/arm/mm/kasan_init.c b/arch/arm/mm/kasan_init.c index 5ad0d6c56d56..29caee9c79ce 100644 --- a/arch/arm/mm/kasan_init.c +++ b/arch/arm/mm/kasan_init.c @@ -236,7 +236,11 @@ void __init kasan_init(void) clear_pgds(KASAN_SHADOW_START, KASAN_SHADOW_END); - kasan_populate_early_shadow(kasan_mem_to_shadow((void *)VMALLOC_START), + if (!IS_ENABLED(CONFIG_KASAN_VMALLOC)) + kasan_populate_early_shadow(kasan_mem_to_shadow((void *)VMALLOC_START), + kasan_mem_to_shadow((void *)VMALLOC_END)); + + kasan_populate_early_shadow(kasan_mem_to_shadow((void *)VMALLOC_END), kasan_mem_to_shadow((void *)-1UL) + 1); for_each_mem_range(i, &pa_start, &pa_end) {
Simply make shadow of vmalloc area mapped on demand. Since the virtual address of vmalloc for Arm is also between MODULE_VADDR and 0x100000000 (ZONE_HIGHMEM), which means the shadow address has already included between KASAN_SHADOW_START and KASAN_SHADOW_END. Thus we need to change nothing for memory map of Arm. This can fix ARM_MODULE_PLTS with KASan, support KASan for higmem and provide the first step to support CONFIG_VMAP_STACK with Arm. Signed-off-by: Lecopzer Chen <lecopzer.chen@mediatek.com> --- arch/arm/Kconfig | 1 + arch/arm/include/asm/kasan_def.h | 11 ++++++++++- arch/arm/mm/kasan_init.c | 6 +++++- 3 files changed, 16 insertions(+), 2 deletions(-)