From patchwork Tue Oct 15 21:37:15 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Linus Walleij <linus.walleij@linaro.org>
X-Patchwork-Id: 13837306
Return-Path: 
 <linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from bombadil.infradead.org (bombadil.infradead.org
 [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 1827DD1F9DA
	for <linux-arm-kernel@archiver.kernel.org>;
 Tue, 15 Oct 2024 21:47:35 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help
	:List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:In-Reply-To:References
	:Message-Id:Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:Date:
	From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:
	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
	bh=TASGgpeqvDoWRp9bCNSBz84rkKz0n7oKXi0ntrW73xw=; b=hjBY8iSLSTtIFekrOEJFTIEMAz
	rhRVjcc7sSvW1X9BbyGvXb5FyHCTTjz/Qf86qy3mtrMBCh6Qa2vh/HV1jHNqVuQg7C3yBREjldXlf
	eY1vzQBXVm0SBMoGX5vwRXvHOXBSht5r4SrEBCApm0vWFrhS1lTcvLDCm8T1TJM0Q/uOIwG9eNv5E
	Fvkc91HCBhxpkYTBQnzuqtfrba7TcEPn8Hx3pCFMD1xAOYEP1oDTFF0QT+4bvmM3HIIRmLuYelaQZ
	5ab9o5d49PyPUAabPrRq0M5tAUsn+IeiTavmEGHKLjFryPyGm6OlGtA5O9FajR519jbb53yqrPW6t
	QEC8x7FA==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux))
	id 1t0pO1-00000009ijt-0VkY;
	Tue, 15 Oct 2024 21:47:25 +0000
Received: from mail-lf1-x12e.google.com ([2a00:1450:4864:20::12e])
	by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux))
	id 1t0pEV-00000009gBN-489M
	for linux-arm-kernel@lists.infradead.org;
	Tue, 15 Oct 2024 21:37:40 +0000
Received: by mail-lf1-x12e.google.com with SMTP id
 2adb3069b0e04-539f6e1f756so3033933e87.0
        for <linux-arm-kernel@lists.infradead.org>;
 Tue, 15 Oct 2024 14:37:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google; t=1729028254; x=1729633054;
 darn=lists.infradead.org;
        h=cc:to:in-reply-to:references:message-id:content-transfer-encoding
         :mime-version:subject:date:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=TASGgpeqvDoWRp9bCNSBz84rkKz0n7oKXi0ntrW73xw=;
        b=q6qEn2qqRElqtJLd0RlXcxFKllNF9qEzsh84jkRpXyK6lPMfmzcPD0Ik9QS1DIpZi6
         lIYSnFqfvoMZFEHBNfKC4oROQWSRJ4xlAGPzZ3zX+GtRPn/rTVb2RJZ92Lo/VzN/No0H
         GXX2BjLlxtmwlX/dBVMlZ4a9OHeG6Zl/0+VapBypngOUDC+gHy9RXfdJNSjVn/GQ8kfF
         qdiimlaU7hF+TGSEClTdhWXA7usfNg7lTk0fii0vSMztloH94rgI+gYbujewAQiRBnai
         Hi28XOCRVfwSi4ZraKONZ22lsncfas7w6rREhe7KgPKBX4+MIWQRwDSXQPcWZ9AArN27
         C0Pg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1729028254; x=1729633054;
        h=cc:to:in-reply-to:references:message-id:content-transfer-encoding
         :mime-version:subject:date:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=TASGgpeqvDoWRp9bCNSBz84rkKz0n7oKXi0ntrW73xw=;
        b=h2b/BbfH9TH0gULmtlFVPkVTkR2+IC2uNEVvTxPVg1wyUS4yHX5nqyZISB0C7i9yGq
         j61K1wfJcnMUXeqeHCVLY57pxfccMcroMQ8mJlaNp120Dtex3K93UhQUFvyJ1hDzHRRU
         toigEUhP8pdctbzjJPgDoWiZoIu0JLOPWhtbol81puZU/DK+2irG0t0YrcAte3apf/eD
         1IIQ7004Ro5UGYSoYbzs0YDWSIEJ/dfyBYLt6/ZwW7saHm5TjvoDgM7cQ2/i2OE1rfeo
         kqutpS6Eu+gXKLotDhPddUu8HcZcIGJ1o3YRW7177/OpYH2sYtLrzefrPuPb4XbK/yZZ
         nb4w==
X-Forwarded-Encrypted: i=1;
 AJvYcCVmnIMSKCEPtyilOPleKPWAbM61OHOtkQPlPG4XkiRZMGEIuERK0TSZldihXt6SDxZMCxiDng2pERp4Ea4QL/Qy@lists.infradead.org
X-Gm-Message-State: AOJu0YzClidxIhoHcnyz22F7bO4xj6J8Rqqe3CcxIVUgBJ//UkOEJQ5N
	DRNi1D/LDuacew9MS7hsFCQc1Ap1c95o8Rjg4Fdj/hC/N1gEQbeVUdVjnOzEqFg=
X-Google-Smtp-Source: 
 AGHT+IF341ab+sZLcMDbnxZTwN4quvfyU4PR7oSIdCyM9Ps18PkqToqxvjilXFBFRaDjIYv2qHNpnw==
X-Received: by 2002:a05:6512:3e14:b0:539:f26f:d280 with SMTP id
 2adb3069b0e04-53a03f0bdc9mr1252333e87.5.1729028253987;
        Tue, 15 Oct 2024 14:37:33 -0700 (PDT)
Received: from lino.lan ([85.235.12.238])
        by smtp.gmail.com with ESMTPSA id
 2adb3069b0e04-539ffff39a7sm258959e87.164.2024.10.15.14.37.31
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Oct 2024 14:37:31 -0700 (PDT)
From: Linus Walleij <linus.walleij@linaro.org>
Date: Tue, 15 Oct 2024 23:37:15 +0200
Subject: [PATCH 2/2] ARM: entry: Do a dummy read from VMAP shadow
MIME-Version: 1.0
Message-Id: <20241015-arm-kasan-vmalloc-crash-v1-2-dbb23592ca83@linaro.org>
References: <20241015-arm-kasan-vmalloc-crash-v1-0-dbb23592ca83@linaro.org>
In-Reply-To: <20241015-arm-kasan-vmalloc-crash-v1-0-dbb23592ca83@linaro.org>
To: Clement LE GOFFIC <clement.legoffic@foss.st.com>,
 Russell King <linux@armlinux.org.uk>, Kees Cook <kees@kernel.org>,
 AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com>,
 Mark Brown <broonie@kernel.org>, Mark Rutland <mark.rutland@arm.com>,
 Ard Biesheuvel <ardb@kernel.org>
Cc: Antonio Borneo <antonio.borneo@foss.st.com>,
 linux-stm32@st-md-mailman.stormreply.com,
 linux-arm-kernel@lists.infradead.org,
 Linus Walleij <linus.walleij@linaro.org>, stable@vger.kernel.org
X-Mailer: b4 0.14.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20241015_143736_145829_7F044DCD 
X-CRM114-Status: GOOD (  13.26  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

When switching task, in addition to a dummy read from the new
VMAP stack, also do a dummy read from the VMAP stack's
corresponding KASAN shadow memory to sync things up in
the new MM context.

Cc: stable@vger.kernel.org
Fixes: a1c510d0adc6 ("ARM: implement support for vmap'ed stacks")
Link: https://lore.kernel.org/linux-arm-kernel/a1a1d062-f3a2-4d05-9836-3b098de9db6d@foss.st.com/
Reported-by: Clement LE GOFFIC <clement.legoffic@foss.st.com>
Suggested-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
---
 arch/arm/kernel/entry-armv.S | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/arch/arm/kernel/entry-armv.S b/arch/arm/kernel/entry-armv.S
index 1dfae1af8e31..12a4040a04ff 100644
--- a/arch/arm/kernel/entry-armv.S
+++ b/arch/arm/kernel/entry-armv.S
@@ -25,6 +25,7 @@
 #include <asm/tls.h>
 #include <asm/system_info.h>
 #include <asm/uaccess-asm.h>
+#include <asm/kasan_def.h>
 
 #include "entry-header.S"
 #include <asm/probes.h>
@@ -561,6 +562,13 @@ ENTRY(__switch_to)
 	@ entries covering the vmalloc region.
 	@
 	ldr	r2, [ip]
+#ifdef CONFIG_KASAN_VMALLOC
+	@ Also dummy read from the KASAN shadow memory for the new stack if we
+	@ are using KASAN
+	mov_l	r2, KASAN_SHADOW_OFFSET
+	add	r2, ip, lsr #KASAN_SHADOW_SCALE_SHIFT
+	ldr	r2, [r2]
+#endif
 #endif
 
 	@ When CONFIG_THREAD_INFO_IN_TASK=n, the update of SP itself is what