[v2,10/11] kasan: docs: update ignoring accesses section

Message ID	4531ba5f3eca61f6aade863c136778cc8c807a64.1615559068.git.andreyknvl@google.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=0hSx=IK=kvack.org=owner-linux-mm@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 080AD64FDD Date: Fri, 12 Mar 2021 15:24:33 +0100 In-Reply-To: <c2bbb56eaea80ad484f0ee85bb71959a3a63f1d7.1615559068.git.andreyknvl@google.com> Message-Id: <4531ba5f3eca61f6aade863c136778cc8c807a64.1615559068.git.andreyknvl@google.com> Mime-Version: 1.0 References: <c2bbb56eaea80ad484f0ee85bb71959a3a63f1d7.1615559068.git.andreyknvl@google.com> Subject: [PATCH v2 10/11] kasan: docs: update ignoring accesses section From: Andrey Konovalov <andreyknvl@google.com> To: Andrew Morton <akpm@linux-foundation.org>, Alexander Potapenko <glider@google.com>, Marco Elver <elver@google.com> Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>, Dmitry Vyukov <dvyukov@google.com>, kasan-dev@googlegroups.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov <andreyknvl@google.com> Content-Type: text/plain; charset="UTF-8" Received-SPF: none (flex--andreyknvl.bounces.google.com>: No applicable sender policy available) receiver=imf25; identity=mailfrom; envelope-from="<3u3lLYAoKCOQGTJXKeQTbRMUUMRK.IUSROTad-SSQbGIQ.UXM@flex--andreyknvl.bounces.google.com>"; helo=mail-wm1-f74.google.com; client-ip=209.85.128.74 Sender: owner-linux-mm@kvack.org Precedence: bulk
Series	[v2,01/11] kasan: docs: clean up sections \| expand [v2,01/11] kasan: docs: clean up sections [v2,02/11] kasan: docs: update overview section [v2,03/11] kasan: docs: update usage section [v2,04/11] kasan: docs: update error reports section [v2,05/11] kasan: docs: update boot parameters section [v2,06/11] kasan: docs: update GENERIC implementation details section [v2,07/11] kasan: docs: update SW_TAGS implementation details section [v2,08/11] kasan: docs: update HW_TAGS implementation details section [v2,09/11] kasan: docs: update shadow memory section [v2,10/11] kasan: docs: update ignoring accesses section [v2,11/11] kasan: docs: update tests section

Message ID

4531ba5f3eca61f6aade863c136778cc8c807a64.1615559068.git.andreyknvl@google.com (mailing list archive)

State

New, archived

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 080AD64FDD
Date: Fri, 12 Mar 2021 15:24:33 +0100
In-Reply-To: 
 <c2bbb56eaea80ad484f0ee85bb71959a3a63f1d7.1615559068.git.andreyknvl@google.com>
Message-Id: 
 <4531ba5f3eca61f6aade863c136778cc8c807a64.1615559068.git.andreyknvl@google.com>
Mime-Version: 1.0
References: 
 <c2bbb56eaea80ad484f0ee85bb71959a3a63f1d7.1615559068.git.andreyknvl@google.com>
Subject: [PATCH v2 10/11] kasan: docs: update ignoring accesses section
From: Andrey Konovalov <andreyknvl@google.com>
To: Andrew Morton <akpm@linux-foundation.org>,
 Alexander Potapenko <glider@google.com>,
	Marco Elver <elver@google.com>
Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>,
 Dmitry Vyukov <dvyukov@google.com>,
	kasan-dev@googlegroups.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org,
	Andrey Konovalov <andreyknvl@google.com>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: none (flex--andreyknvl.bounces.google.com>: No applicable sender
 policy available) receiver=imf25; identity=mailfrom;
 envelope-from="<3u3lLYAoKCOQGTJXKeQTbRMUUMRK.IUSROTad-SSQbGIQ.UXM@flex--andreyknvl.bounces.google.com>";
 helo=mail-wm1-f74.google.com; client-ip=209.85.128.74
Sender: owner-linux-mm@kvack.org
Precedence: bulk

Series

[v2,01/11] kasan: docs: clean up sections | expand

Commit Message

Andrey Konovalov March 12, 2021, 2:24 p.m. UTC

Update the "Ignoring accesses" section in KASAN documentation:

- Mention __no_sanitize_address/noinstr.
- Mention kasan_disable/enable_current().
- Mention kasan_reset_tag()/page_kasan_tag_reset().
- Readability and punctuation clean-ups.

Signed-off-by: Andrey Konovalov <andreyknvl@google.com>

---

Changes in v1->v2:
- Mention __no_sanitize_address/noinstr.
- Reword the whole section to make it clear which method works for which
  mode.
---
 Documentation/dev-tools/kasan.rst | 34 +++++++++++++++++++++++++++----
 1 file changed, 30 insertions(+), 4 deletions(-)

Comments

Marco Elver March 12, 2021, 3:10 p.m. UTC | #1

On Fri, Mar 12, 2021 at 03:24PM +0100, Andrey Konovalov wrote:
> Update the "Ignoring accesses" section in KASAN documentation:
> 
> - Mention __no_sanitize_address/noinstr.
> - Mention kasan_disable/enable_current().
> - Mention kasan_reset_tag()/page_kasan_tag_reset().
> - Readability and punctuation clean-ups.
> 
> Signed-off-by: Andrey Konovalov <andreyknvl@google.com>

Reviewed-by: Marco Elver <elver@google.com>

> ---
> 
> Changes in v1->v2:
> - Mention __no_sanitize_address/noinstr.
> - Reword the whole section to make it clear which method works for which
>   mode.
> ---
>  Documentation/dev-tools/kasan.rst | 34 +++++++++++++++++++++++++++----
>  1 file changed, 30 insertions(+), 4 deletions(-)
> 
> diff --git a/Documentation/dev-tools/kasan.rst b/Documentation/dev-tools/kasan.rst
> index d0c1796122df..5749c14b38d0 100644
> --- a/Documentation/dev-tools/kasan.rst
> +++ b/Documentation/dev-tools/kasan.rst
> @@ -368,12 +368,18 @@ Ignoring accesses
>  ~~~~~~~~~~~~~~~~~
>  
>  Software KASAN modes use compiler instrumentation to insert validity checks.
> -Such instrumentation might be incompatible with some part of the kernel, and
> -therefore needs to be disabled. To disable instrumentation for specific files
> -or directories, add a line similar to the following to the respective kernel
> +Such instrumentation might be incompatible with some parts of the kernel, and
> +therefore needs to be disabled.
> +
> +Other parts of the kernel might access metadata for allocated objects.
> +Normally, KASAN detects and reports such accesses, but in some cases (e.g.,
> +in memory allocators), these accesses are valid.
> +
> +For software KASAN modes, to disable instrumentation for a specific file or
> +directory, add a ``KASAN_SANITIZE`` annotation to the respective kernel
>  Makefile:
>  
> -- For a single file (e.g. main.o)::
> +- For a single file (e.g., main.o)::
>  
>      KASAN_SANITIZE_main.o := n
>  
> @@ -381,6 +387,26 @@ Makefile:
>  
>      KASAN_SANITIZE := n
>  
> +For software KASAN modes, to disable instrumentation on a per-function basis,
> +use the KASAN-specific ``__no_sanitize_address`` function attribute or the
> +generic ``noinstr`` one.
> +
> +Note that disabling compiler instrumentation (either on a per-file or a
> +per-function basis) makes KASAN ignore the accesses that happen directly in
> +that code for software KASAN modes. It does not help when the accesses happen
> +indirectly (through calls to instrumented functions) or with the hardware
> +tag-based mode that does not use compiler instrumentation.
> +
> +For software KASAN modes, to disable KASAN reports in a part of the kernel code
> +for the current task, annotate this part of the code with a
> +``kasan_disable_current()``/``kasan_enable_current()`` section. This also
> +disables the reports for indirect accesses that happen through function calls.
> +
> +For tag-based KASAN modes (include the hardware one), to disable access
> +checking, use ``kasan_reset_tag()`` or ``page_kasan_tag_reset()``. Note that
> +temporarily disabling access checking via ``page_kasan_tag_reset()`` requires
> +saving and restoring the per-page KASAN tag via
> +``page_kasan_tag``/``page_kasan_tag_set``.
>  
>  Tests
>  ~~~~~
> -- 
> 2.31.0.rc2.261.g7f71774620-goog
>

diff --git a/Documentation/dev-tools/kasan.rst b/Documentation/dev-tools/kasan.rst
index d0c1796122df..5749c14b38d0 100644
--- a/Documentation/dev-tools/kasan.rst
+++ b/Documentation/dev-tools/kasan.rst
@@ -368,12 +368,18 @@  Ignoring accesses
 ~~~~~~~~~~~~~~~~~
 
 Software KASAN modes use compiler instrumentation to insert validity checks.
-Such instrumentation might be incompatible with some part of the kernel, and
-therefore needs to be disabled. To disable instrumentation for specific files
-or directories, add a line similar to the following to the respective kernel
+Such instrumentation might be incompatible with some parts of the kernel, and
+therefore needs to be disabled.
+
+Other parts of the kernel might access metadata for allocated objects.
+Normally, KASAN detects and reports such accesses, but in some cases (e.g.,
+in memory allocators), these accesses are valid.
+
+For software KASAN modes, to disable instrumentation for a specific file or
+directory, add a ``KASAN_SANITIZE`` annotation to the respective kernel
 Makefile:
 
-- For a single file (e.g. main.o)::
+- For a single file (e.g., main.o)::
 
     KASAN_SANITIZE_main.o := n
 
@@ -381,6 +387,26 @@  Makefile:
 
     KASAN_SANITIZE := n
 
+For software KASAN modes, to disable instrumentation on a per-function basis,
+use the KASAN-specific ``__no_sanitize_address`` function attribute or the
+generic ``noinstr`` one.
+
+Note that disabling compiler instrumentation (either on a per-file or a
+per-function basis) makes KASAN ignore the accesses that happen directly in
+that code for software KASAN modes. It does not help when the accesses happen
+indirectly (through calls to instrumented functions) or with the hardware
+tag-based mode that does not use compiler instrumentation.
+
+For software KASAN modes, to disable KASAN reports in a part of the kernel code
+for the current task, annotate this part of the code with a
+``kasan_disable_current()``/``kasan_enable_current()`` section. This also
+disables the reports for indirect accesses that happen through function calls.
+
+For tag-based KASAN modes (include the hardware one), to disable access
+checking, use ``kasan_reset_tag()`` or ``page_kasan_tag_reset()``. Note that
+temporarily disabling access checking via ``page_kasan_tag_reset()`` requires
+saving and restoring the per-page KASAN tag via
+``page_kasan_tag``/``page_kasan_tag_set``.
 
 Tests
 ~~~~~

[v2,10/11] kasan: docs: update ignoring accesses section

Commit Message

Comments

Patch