From patchwork Mon Sep  5 12:24:40 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Alexander Potapenko <glider@google.com>
X-Patchwork-Id: 12966063
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id F0C24ECAAD5
	for <linux-mm@archiver.kernel.org>; Mon,  5 Sep 2022 12:26:27 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 8C82D8D0087; Mon,  5 Sep 2022 08:26:27 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 8503F8D0076; Mon,  5 Sep 2022 08:26:27 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 6F15D8D0087; Mon,  5 Sep 2022 08:26:27 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com
 [216.40.44.14])
	by kanga.kvack.org (Postfix) with ESMTP id 5EDF48D0076
	for <linux-mm@kvack.org>; Mon,  5 Sep 2022 08:26:27 -0400 (EDT)
Received: from smtpin17.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay09.hostedemail.com (Postfix) with ESMTP id 3C4B880FE2
	for <linux-mm@kvack.org>; Mon,  5 Sep 2022 12:26:27 +0000 (UTC)
X-FDA: 79877954814.17.82107EB
Received: from mail-ej1-f74.google.com (mail-ej1-f74.google.com
 [209.85.218.74])
	by imf07.hostedemail.com (Postfix) with ESMTP id DF95B40053
	for <linux-mm@kvack.org>; Mon,  5 Sep 2022 12:26:26 +0000 (UTC)
Received: by mail-ej1-f74.google.com with SMTP id
 gb33-20020a170907962100b00741496e2da1so2280458ejc.1
        for <linux-mm@kvack.org>; Mon, 05 Sep 2022 05:26:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date;
        bh=mxKrKakNES2O6WNVUjUiVAG/aqg8NEyyXmfzwvDy3M8=;
        b=Hll0XPDmwrA/wkE0+inHBLREQNrLcoBNQOLJv6vlBIuGAkWI+xpzOnwpEHVMNRdEFq
         LadRtvkYKT0rBaCGIQh+SpcYQSYJ6+D3urzxB4a+suX0OZKqBBYIRUGR9X7fE50HgxBz
         B2g0i4X6vQks1KpTx5jgpjFZyeuT89E6vIhppFNHjDfbX+1QPnLtmUz9mtN+7ySfB+bR
         PFoDRy3NBTPBWZ7NAt+/xQb5yB7Y9UmTQE95ZWJNyoXXzQAFuUS4huF8Aevejgh3HJgS
         M1OLT91cEQYlIRh7PZL9bQgnExoipMKZwEt+JNxRwLYODVp7nciM3moyVQjv2BbTAuZX
         Rk6w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date;
        bh=mxKrKakNES2O6WNVUjUiVAG/aqg8NEyyXmfzwvDy3M8=;
        b=nzzJi05en2KMut/surhvDjfIQl8CCHp/s0t2qeRsnRDuRU/FyKI5qKcuJbFQTCxeo0
         4QDjzj3ha9xiGc2JITr9kUCDEctoUtjFmbKAjPYlkPqxTtnurEYQn8StVN3nWiFZU7X0
         7kr3yp1wLrNh2XLxDO9C7sVJK8eXPfe/iK9JZ9PFmIroESgOMSXiWpsNbhYKTWOFuglX
         94xaprCyRcmrzn9iWphxGJ4ZVuYo2+AgjceGshYA8fD/mHQgJnEFcJoSwp5QqRHODocD
         Kwb4B0KVS8KXKmufs/NUYs9QxrWYd+BMw/OAuuzWgoul5FEGCW2rDTaZ+IV20t9VAbAU
         neSw==
X-Gm-Message-State: ACgBeo1Kktox7eXjchLpKjKfOtIs/Bwe7rtoDA7S8WchZknVY3Ct8Hsv
	6D34iLBrW2tAH87ux1AT608DkR/i7rY=
X-Google-Smtp-Source: 
 AA6agR4pZP+Qf1sER/Bcc0sCrTDiYtuFvoFMz4Z9eHlW4ZWYhhtKJNa6WbLDpJSuTZ9T3g+moO7a0PvtFbY=
X-Received: from glider.muc.corp.google.com
 ([2a00:79e0:9c:201:b808:8d07:ab4a:554c])
 (user=glider job=sendgmr) by 2002:a17:906:845c:b0:730:bbf1:196a with SMTP id
 e28-20020a170906845c00b00730bbf1196amr36512046ejy.13.1662380785638; Mon, 05
 Sep 2022 05:26:25 -0700 (PDT)
Date: Mon,  5 Sep 2022 14:24:40 +0200
In-Reply-To: <20220905122452.2258262-1-glider@google.com>
Mime-Version: 1.0
References: <20220905122452.2258262-1-glider@google.com>
X-Mailer: git-send-email 2.37.2.789.g6183377224-goog
Message-ID: <20220905122452.2258262-33-glider@google.com>
Subject: [PATCH v6 32/44] objtool: kmsan: list KMSAN API functions as
 uaccess-safe
From: Alexander Potapenko <glider@google.com>
To: glider@google.com
Cc: Alexander Viro <viro@zeniv.linux.org.uk>,
 Alexei Starovoitov <ast@kernel.org>,
	Andrew Morton <akpm@linux-foundation.org>,
 Andrey Konovalov <andreyknvl@google.com>,
	Andy Lutomirski <luto@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
 Borislav Petkov <bp@alien8.de>,
	Christoph Hellwig <hch@lst.de>, Christoph Lameter <cl@linux.com>,
 David Rientjes <rientjes@google.com>,
	Dmitry Vyukov <dvyukov@google.com>, Eric Dumazet <edumazet@google.com>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
 Herbert Xu <herbert@gondor.apana.org.au>,
	Ilya Leoshkevich <iii@linux.ibm.com>, Ingo Molnar <mingo@redhat.com>,
 Jens Axboe <axboe@kernel.dk>,
	Joonsoo Kim <iamjoonsoo.kim@lge.com>, Kees Cook <keescook@chromium.org>,
	Marco Elver <elver@google.com>, Mark Rutland <mark.rutland@arm.com>,
	Matthew Wilcox <willy@infradead.org>, "Michael S. Tsirkin" <mst@redhat.com>,
 Pekka Enberg <penberg@kernel.org>,
	Peter Zijlstra <peterz@infradead.org>, Petr Mladek <pmladek@suse.com>,
	Steven Rostedt <rostedt@goodmis.org>, Thomas Gleixner <tglx@linutronix.de>,
	Vasily Gorbik <gor@linux.ibm.com>, Vegard Nossum <vegard.nossum@oracle.com>,
	Vlastimil Babka <vbabka@suse.cz>, kasan-dev@googlegroups.com,
 linux-mm@kvack.org,
	linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org
ARC-Authentication-Results: i=1;
	imf07.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=Hll0XPDm;
	spf=pass (imf07.hostedemail.com: domain of
 38eoVYwYKCD4lqnijwlttlqj.htrqnsz2-rrp0fhp.twl@flex--glider.bounces.google.com
 designates 209.85.218.74 as permitted sender)
 smtp.mailfrom=38eoVYwYKCD4lqnijwlttlqj.htrqnsz2-rrp0fhp.twl@flex--glider.bounces.google.com;
	dmarc=pass (policy=reject) header.from=google.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1662380786; a=rsa-sha256;
	cv=none;
	b=7mQqeZgwC+G3nMJnrCEXd24aZtTZxZA3lZTCdSMpy24NZmbDqhFrWQwoYno/4G6vX7gkds
	glkYSIHY0Nm2m7D9QpmRb8OafWxY29eRK8zD9dCWAifafrY9qmXQ2uDX0S4HbJ71aYC1wo
	hNxk7vZY1v+Ntpxw+gjXKcbS+00lDmg=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1662380786;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=mxKrKakNES2O6WNVUjUiVAG/aqg8NEyyXmfzwvDy3M8=;
	b=iXaDkKmedGysqsx8dZClTEmJBsLMu2kvk/NvqQV9GZm6xh4cBWA5ROl5kSS6QSF3LZtNQd
	MQ0oPZDP7qJZX7OjO3o1zbP3oqG6YuaZeGT+KQxev86iddRiIQ3xKHH1JpGSgyOfjWe6+f
	1ARHUWf5zokOq6GxGpvzRjeB6Fpdfdg=
Authentication-Results: imf07.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=Hll0XPDm;
	spf=pass (imf07.hostedemail.com: domain of
 38eoVYwYKCD4lqnijwlttlqj.htrqnsz2-rrp0fhp.twl@flex--glider.bounces.google.com
 designates 209.85.218.74 as permitted sender)
 smtp.mailfrom=38eoVYwYKCD4lqnijwlttlqj.htrqnsz2-rrp0fhp.twl@flex--glider.bounces.google.com;
	dmarc=pass (policy=reject) header.from=google.com
X-Rspam-User: 
X-Stat-Signature: 74s8dsh3tttwospgqg4pjcx35xjnfetn
X-Rspamd-Queue-Id: DF95B40053
X-Rspamd-Server: rspam05
X-HE-Tag: 1662380786-866873
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

KMSAN inserts API function calls in a lot of places (function entries
and exits, local variables, memory accesses), so they may get called
from the uaccess regions as well.

KMSAN API functions are used to update the metadata (shadow/origin pages)
for kernel memory accesses. The metadata pages for kernel pointers are
also located in the kernel memory, so touching them is not a problem.
For userspace pointers, no metadata is allocated.

If an API function is supposed to read or modify the metadata, it does so
for kernel pointers and ignores userspace pointers.
If an API function is supposed to return a pair of metadata pointers for
the instrumentation to use (like all __msan_metadata_ptr_for_TYPE_SIZE()
functions do), it returns the allocated metadata for kernel pointers and
special dummy buffers residing in the kernel memory for userspace
pointers.

As a result, none of KMSAN API functions perform userspace accesses, but
since they might be called from UACCESS regions they use
user_access_save/restore().

Signed-off-by: Alexander Potapenko <glider@google.com>
---
v3:
 -- updated the patch description

v4:
 -- add kmsan_unpoison_entry_regs()

Link: https://linux-review.googlesource.com/id/I242bc9816273fecad4ea3d977393784396bb3c35
---
 tools/objtool/check.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/tools/objtool/check.c b/tools/objtool/check.c
index e55fdf952a3a1..7c048c11ce7da 100644
--- a/tools/objtool/check.c
+++ b/tools/objtool/check.c
@@ -1062,6 +1062,26 @@ static const char *uaccess_safe_builtin[] = {
 	"__sanitizer_cov_trace_cmp4",
 	"__sanitizer_cov_trace_cmp8",
 	"__sanitizer_cov_trace_switch",
+	/* KMSAN */
+	"kmsan_copy_to_user",
+	"kmsan_report",
+	"kmsan_unpoison_entry_regs",
+	"kmsan_unpoison_memory",
+	"__msan_chain_origin",
+	"__msan_get_context_state",
+	"__msan_instrument_asm_store",
+	"__msan_metadata_ptr_for_load_1",
+	"__msan_metadata_ptr_for_load_2",
+	"__msan_metadata_ptr_for_load_4",
+	"__msan_metadata_ptr_for_load_8",
+	"__msan_metadata_ptr_for_load_n",
+	"__msan_metadata_ptr_for_store_1",
+	"__msan_metadata_ptr_for_store_2",
+	"__msan_metadata_ptr_for_store_4",
+	"__msan_metadata_ptr_for_store_8",
+	"__msan_metadata_ptr_for_store_n",
+	"__msan_poison_alloca",
+	"__msan_warning",
 	/* UBSAN */
 	"ubsan_type_mismatch_common",
 	"__ubsan_handle_type_mismatch",