From patchwork Wed Mar 2 16:36:39 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 12766313 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 62453C43217 for ; Wed, 2 Mar 2022 16:40:10 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id AF59A8D0007; Wed, 2 Mar 2022 11:40:07 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 9DE448D0006; Wed, 2 Mar 2022 11:40:07 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8CF298D0007; Wed, 2 Mar 2022 11:40:07 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0162.hostedemail.com [216.40.44.162]) by kanga.kvack.org (Postfix) with ESMTP id 7AD5D8D0006 for ; Wed, 2 Mar 2022 11:40:07 -0500 (EST) Received: from smtpin18.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id 39AA81808E684 for ; Wed, 2 Mar 2022 16:40:07 +0000 (UTC) X-FDA: 79200008454.18.61445B7 Received: from out0.migadu.com (out0.migadu.com [94.23.1.103]) by imf03.hostedemail.com (Postfix) with ESMTP id 4EBD820003 for ; Wed, 2 Mar 2022 16:40:05 +0000 (UTC) X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1646239202; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=87o7sANrY5Obyuk6ZGRgPFc8t4HBbQ7LJJT+IQadP5M=; b=d1ASAWaCPabwRxpdrH/NY/MM1LnLKYv4/mm2/x3zmCQ0TPJe6nYt74oEJOUX6GzlRxJ1tX TMMHjPq1X51ecK0RfQA/Qgnn3XG4U8oSuGMKorU5yQucdp5EYczhmMIfFyRl1BKwohpHYn vzDLH7gVTyuSLZIWDIsy97pABMKQdpg= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 19/22] kasan: respect KASAN_BIT_REPORTED in all reporting routines Date: Wed, 2 Mar 2022 17:36:39 +0100 Message-Id: <715e346b10b398e29ba1b425299dcd79e29d58ce.1646237226.git.andreyknvl@google.com> In-Reply-To: References: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-Migadu-Auth-User: linux.dev X-Rspam-User: X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: 4EBD820003 X-Stat-Signature: cwsoup31nnkb1cw3nayng5jcg968xge7 Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=linux.dev header.s=key1 header.b=d1ASAWaC; dmarc=pass (policy=none) header.from=linux.dev; spf=pass (imf03.hostedemail.com: domain of andrey.konovalov@linux.dev designates 94.23.1.103 as permitted sender) smtp.mailfrom=andrey.konovalov@linux.dev X-HE-Tag: 1646239205-208061 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Andrey Konovalov Currently, only kasan_report() checks the KASAN_BIT_REPORTED and KASAN_BIT_MULTI_SHOT flags. Make other reporting routines check these flags as well. Also add explanatory comments. Note that the current->kasan_depth check is split out into report_suppressed() and only called for kasan_report(). Signed-off-by: Andrey Konovalov --- mm/kasan/report.c | 35 ++++++++++++++++++++++++++++++++--- 1 file changed, 32 insertions(+), 3 deletions(-) diff --git a/mm/kasan/report.c b/mm/kasan/report.c index 08631d873204..ef649f5cee29 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -381,12 +381,26 @@ static void print_memory_metadata(const void *addr) } } -static bool report_enabled(void) +/* + * Used to suppress reports within kasan_disable/enable_current() critical + * sections, which are used for marking accesses to slab metadata. + */ +static bool report_suppressed(void) { #if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) if (current->kasan_depth) - return false; + return true; #endif + return false; +} + +/* + * Used to avoid reporting more than one KASAN bug unless kasan_multi_shot + * is enabled. Note that KASAN tests effectively enable kasan_multi_shot + * for their duration. + */ +static bool report_enabled(void) +{ if (test_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags)) return true; return !test_and_set_bit(KASAN_BIT_REPORTED, &kasan_flags); @@ -416,6 +430,14 @@ void kasan_report_invalid_free(void *ptr, unsigned long ip) unsigned long flags; struct kasan_report_info info; + /* + * Do not check report_suppressed(), as an invalid-free cannot be + * caused by accessing slab metadata and thus should not be + * suppressed by kasan_disable/enable_current() critical sections. + */ + if (unlikely(!report_enabled())) + return; + start_report(&flags, true); info.type = KASAN_REPORT_INVALID_FREE; @@ -444,7 +466,7 @@ bool kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long irq_flags; struct kasan_report_info info; - if (unlikely(!report_enabled())) { + if (unlikely(report_suppressed()) || unlikely(!report_enabled())) { ret = false; goto out; } @@ -473,6 +495,13 @@ void kasan_report_async(void) { unsigned long flags; + /* + * Do not check report_suppressed(), as kasan_disable/enable_current() + * critical sections do not affect Hardware Tag-Based KASAN. + */ + if (unlikely(!report_enabled())) + return; + start_report(&flags, false); pr_err("BUG: KASAN: invalid-access\n"); pr_err("Asynchronous fault: no details available\n");