From patchwork Fri Aug 14 17:26:43 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11714961 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 15C92618 for ; Fri, 14 Aug 2020 17:27:52 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id D901A2078D for ; Fri, 14 Aug 2020 17:27:51 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="F2aCksxj"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="OFCQVMh5" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D901A2078D Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=0GmMZzv9KWh6gRIyXDfOstYRKRZXAvuAtKSzRgKXufM=; b=F2aCksxj+eOE941uuu8+oek+/ RsQKLeQlFyRhNLbZGPjNnIwemlD2bWcNo1NSdZkCWVWpn42ahiE8ZhlUe1uvveh1VGkuVTGn7rXnv UI2g5Wt7vOUBLQAMSqT7XBs5y+IdKP1l+JT8YFBZSoiP4t4QwN6F1JfH3DwB690cQm3PFeCdYLxYB rJdVhGXyLRU9/ztc7+iXIOU8uS9xXg2p3zD6KNUOvikj7C5QowuHsfQpKVhQ8RMsU6TbYt0uMDhC9 h6iUlKHtG5oUZBycQkuzgT09MOGQOc8NdfbsPfOcuvXiITniI/gC+PUHRtxREPKWNj8MmmTyEZGor mRoynYmeA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUP-0003ED-PK; Fri, 14 Aug 2020 17:27:37 +0000 Received: from mail-wm1-x34a.google.com ([2a00:1450:4864:20::34a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUG-00037b-WD for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:27:30 +0000 Received: by mail-wm1-x34a.google.com with SMTP id z10so3531224wmi.8 for ; Fri, 14 Aug 2020 10:27:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=g4f+/WfnZkrMe/HqGvZOb2vGCvbeoVKA+YRTcEBLbjI=; b=OFCQVMh5lzbnBQRKf9DzZ6/nqGpqP5QdzE3+Go27TRAD1wu9FUmQBIqrtwtXp033kL ueoA2WLGaoGyWIQtb/uaZ1WXmF09DPSdo8U3sxzgxw2qcTqsz7jq7MG5mrYoxawUZbjF 9uodD7HWUHhEC3SjuGmyyo3Typ7gaCqV9/oPMpxYLYrSyjobie1Gray9lIlWuyRLOYG6 E24uIjoP3jNnPxN0RDvyabdUCLRZUwcW9o7YkLDNy+9+4Epf/d8gA2R2U1I0lPCdd0fS ZCXwv38NAlJrbYxWdy2lcvetzJF+9zGRhAnTYuRi0OG5ZxfPrVSHlqMaOZfnSMWuRJy6 UkBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=g4f+/WfnZkrMe/HqGvZOb2vGCvbeoVKA+YRTcEBLbjI=; b=GqtnjeiS5RXhPpA5Sv9N4FeN/qSGSv9yvrT6ast3jhVvgQjjOrpskSQM8/RuB7ErqW Ixo7ZFDB+qtUSwWVJyO4sIQb4voScHC+ziYIqqZ9XwCFsbzBepEtFMfb2NWLB/Q0iAcE lX2TGrHkSbH1pflydkXxydx1yh+VjoR+954zIvpx4z2EDquVlsDfoNbjScUAFFLSlSye 9LnFQ6UnSgntfsAOCjiBy2eiWrjEUupAwTJakApEn7PckGEATvPClHGcCsXYIiDbJJod OdLB9dcJzQbZoKt46sLXTU+GNKtnmYHSYydrMp27dhb52GrRr1K5v+Y4bdDtOCAH/PNc XM1w== X-Gm-Message-State: AOAM530h4isWo6LTkYpZhQnyQfaWqr18gXES51Kv72p7zLL7AIGIxu1V Gy46BDq+J+Hfv+NzDJg6RRYku3AW4UEcc1Gr X-Google-Smtp-Source: ABdhPJxOR7vAGPMjFiP7k8NtFovu5yIEAl2ydWx6+eJUUnvoGiIE7kwWWrEIbMIlI3WWHWNdSqg3gZl1Rx7j+UKA X-Received: by 2002:a7b:cd97:: with SMTP id y23mr3561956wmj.21.1597426046055; Fri, 14 Aug 2020 10:27:26 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:43 +0200 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 01/35] kasan: KASAN_VMALLOC depends on KASAN_GENERIC From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132729_191745_C345AA1D X-CRM114-Status: GOOD ( 12.31 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:34a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org Currently only generic KASAN mode supports vmalloc, reflect that in the config. Signed-off-by: Andrey Konovalov --- lib/Kconfig.kasan | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan index 047b53dbfd58..e1d55331b618 100644 --- a/lib/Kconfig.kasan +++ b/lib/Kconfig.kasan @@ -156,7 +156,7 @@ config KASAN_SW_TAGS_IDENTIFY config KASAN_VMALLOC bool "Back mappings in vmalloc space with real shadow memory" - depends on HAVE_ARCH_KASAN_VMALLOC + depends on KASAN_GENERIC && HAVE_ARCH_KASAN_VMALLOC help By default, the shadow region for vmalloc space is the read-only zero page. This means that KASAN cannot detect errors involving From patchwork Fri Aug 14 17:26:44 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715031 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 908A3618 for ; Fri, 14 Aug 2020 17:29:56 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 698E620708 for ; Fri, 14 Aug 2020 17:29:56 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="EG4nmtPp"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="k29AXaVl" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 698E620708 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=UVPKteTBXddaXaurgWjwYQFY6Gmv//8+GwsB2cRlVbw=; b=EG4nmtPpSPvqu8A9a7KvS3QJW T9wNb1qScTf5i9UsmYYEtdmyG/sPcQ2fVIx/Otjq/kxLQsFexKDGgXjsX0p7nGPwS33WxW97KIJZe IoHrCbQl4zu1d0VUlv9t8hwvuCbSViybijzNj21uttP9EVyCD1bnreGBgkdtqaCV8GS0gGU0h0XIF DW9D6EQqMsCPF9xJp+olinW5uYGAcNQeUdG12P64d+7jtP4EULEDfLniccQfSUfZ5CXDpgraE8Tme i5GAptZ7YrsDx+Eggsyjb0C6RiO4of7pR78GvxAkUf2Qp81JHwJpgsXdBFEvRDILhuuan0YbR2gXb vY2kolSXQ==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUf-0003MV-OA; Fri, 14 Aug 2020 17:27:53 +0000 Received: from mail-wm1-x349.google.com ([2a00:1450:4864:20::349]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUK-0003AG-Ji for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:27:38 +0000 Received: by mail-wm1-x349.google.com with SMTP id c186so3410566wmd.9 for ; Fri, 14 Aug 2020 10:27:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=5tE8GLGo7vmJDiQkkrzIva7DqUQiT7j3QisIKP5hp8U=; b=k29AXaVlF0T/FkCI0V18F7tGLqyph9ZWjrkRy+Yp4GBF5QHuKk+1UDxiS0QGZwDhgr 4mvkZJBn0Q2JKXiT1ET1DKNiGBup6NEAMQIlyuyloCrLoZ3VRrslYm3MHMm3K7/whnPr 9Lw2RNicSPeGjrZKvfNn2Pc2JCdZ66nd7M7yNhPUS2r4uD1ZruLyog3OBuzT/llx4NLr +sKc6J6trviPUvnfKQP6OljfnJO1IpIl1vG1wQpGnJYQ/lZLT+kHZw/RQj4C3mgJl6CB n68guOZokpGmwMJ6vVczj2eOSvrb0qA/HV6ChduNS1X/RDXHfvbID5oVsfLmPimXvb0h rFyw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=5tE8GLGo7vmJDiQkkrzIva7DqUQiT7j3QisIKP5hp8U=; b=bYRVvgoJ+dF6gtbNDYS+IplItaaCcEeOd+TAN2UFuPmITEZ3sTlT6xlzm2HcyHxiOy b6trv4u4mh651sP46qUqYXuWEduNBjhEbUkLrkmxT0FvcH7TO1wjkinS3Vh691t4Kdy9 d+5qNHtaPMFNEDc3k8VtlTWWgur7T5MdZu5G4edqfzgIg15VWBMHyorXvnLuGzEF2CLR Ri5OtdKkmtp66b35tSzPbiRH4eBDUrgU+K/SNc5zngckMGycxAcI+in8ZO/KG5UiODTU Qqc+royybKu/zo4VKKa/dmNQa+wZupoSdI35Pk+bLCwuWjRYFOpoq3jvkXxW53RKi0Zf yiaA== X-Gm-Message-State: AOAM533RsH4yDNFlP1xmDBEt0k7uFxGiRcRuQ6W14vKS3E4bg3vK7KqK 9Sd0SiyAAHrc/B1XQRcfSlOlg74gmR3v7kfW X-Google-Smtp-Source: ABdhPJySP4aGBaeyjTDPLPUCBIHwV36/swUURoIlekpxnyfJOrAdkKpfASLlmOWhIrMGIYGzLcDpspku5wwOXmYs X-Received: by 2002:a05:600c:c3:: with SMTP id u3mr423861wmm.1.1597426048519; Fri, 14 Aug 2020 10:27:28 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:44 +0200 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 02/35] kasan: group vmalloc code From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132732_731610_BAACEB4B X-CRM114-Status: GOOD ( 19.01 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:349 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is a preparatory commit for the upcoming addition of a new hardware tag-based (MTE-based) KASAN mode. Group all vmalloc-related function declarations in include/linux/kasan.h, and their implementations in mm/kasan/common.c. No functional changes. Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 41 +++++++++++++---------- mm/kasan/common.c | 78 ++++++++++++++++++++++--------------------- 2 files changed, 63 insertions(+), 56 deletions(-) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 087fba34b209..bd5b4965a269 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -69,19 +69,6 @@ struct kasan_cache { int free_meta_offset; }; -/* - * These functions provide a special case to support backing module - * allocations with real shadow memory. With KASAN vmalloc, the special - * case is unnecessary, as the work is handled in the generic case. - */ -#ifndef CONFIG_KASAN_VMALLOC -int kasan_module_alloc(void *addr, size_t size); -void kasan_free_shadow(const struct vm_struct *vm); -#else -static inline int kasan_module_alloc(void *addr, size_t size) { return 0; } -static inline void kasan_free_shadow(const struct vm_struct *vm) {} -#endif - int kasan_add_zero_shadow(void *start, unsigned long size); void kasan_remove_zero_shadow(void *start, unsigned long size); @@ -150,9 +137,6 @@ static inline bool kasan_slab_free(struct kmem_cache *s, void *object, return false; } -static inline int kasan_module_alloc(void *addr, size_t size) { return 0; } -static inline void kasan_free_shadow(const struct vm_struct *vm) {} - static inline int kasan_add_zero_shadow(void *start, unsigned long size) { return 0; @@ -205,13 +189,16 @@ static inline void *kasan_reset_tag(const void *addr) #endif /* CONFIG_KASAN_SW_TAGS */ #ifdef CONFIG_KASAN_VMALLOC + int kasan_populate_vmalloc(unsigned long addr, unsigned long size); void kasan_poison_vmalloc(const void *start, unsigned long size); void kasan_unpoison_vmalloc(const void *start, unsigned long size); void kasan_release_vmalloc(unsigned long start, unsigned long end, unsigned long free_region_start, unsigned long free_region_end); -#else + +#else /* CONFIG_KASAN_VMALLOC */ + static inline int kasan_populate_vmalloc(unsigned long start, unsigned long size) { @@ -226,7 +213,25 @@ static inline void kasan_release_vmalloc(unsigned long start, unsigned long end, unsigned long free_region_start, unsigned long free_region_end) {} -#endif + +#endif /* CONFIG_KASAN_VMALLOC */ + +#if defined(CONFIG_KASAN) && !defined(CONFIG_KASAN_VMALLOC) + +/* + * These functions provide a special case to support backing module + * allocations with real shadow memory. With KASAN vmalloc, the special + * case is unnecessary, as the work is handled in the generic case. + */ +int kasan_module_alloc(void *addr, size_t size); +void kasan_free_shadow(const struct vm_struct *vm); + +#else /* CONFIG_KASAN && !CONFIG_KASAN_VMALLOC */ + +static inline int kasan_module_alloc(void *addr, size_t size) { return 0; } +static inline void kasan_free_shadow(const struct vm_struct *vm) {} + +#endif /* CONFIG_KASAN && !CONFIG_KASAN_VMALLOC */ #ifdef CONFIG_KASAN_INLINE void kasan_non_canonical_hook(unsigned long addr); diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 950fd372a07e..d1c987f324cd 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -541,44 +541,6 @@ void kasan_kfree_large(void *ptr, unsigned long ip) /* The object will be poisoned by page_alloc. */ } -#ifndef CONFIG_KASAN_VMALLOC -int kasan_module_alloc(void *addr, size_t size) -{ - void *ret; - size_t scaled_size; - size_t shadow_size; - unsigned long shadow_start; - - shadow_start = (unsigned long)kasan_mem_to_shadow(addr); - scaled_size = (size + KASAN_SHADOW_MASK) >> KASAN_SHADOW_SCALE_SHIFT; - shadow_size = round_up(scaled_size, PAGE_SIZE); - - if (WARN_ON(!PAGE_ALIGNED(shadow_start))) - return -EINVAL; - - ret = __vmalloc_node_range(shadow_size, 1, shadow_start, - shadow_start + shadow_size, - GFP_KERNEL, - PAGE_KERNEL, VM_NO_GUARD, NUMA_NO_NODE, - __builtin_return_address(0)); - - if (ret) { - __memset(ret, KASAN_SHADOW_INIT, shadow_size); - find_vm_area(addr)->flags |= VM_KASAN; - kmemleak_ignore(ret); - return 0; - } - - return -ENOMEM; -} - -void kasan_free_shadow(const struct vm_struct *vm) -{ - if (vm->flags & VM_KASAN) - vfree(kasan_mem_to_shadow(vm->addr)); -} -#endif - #ifdef CONFIG_MEMORY_HOTPLUG static bool shadow_mapped(unsigned long addr) { @@ -690,6 +652,7 @@ core_initcall(kasan_memhotplug_init); #endif #ifdef CONFIG_KASAN_VMALLOC + static int kasan_populate_vmalloc_pte(pte_t *ptep, unsigned long addr, void *unused) { @@ -928,4 +891,43 @@ void kasan_release_vmalloc(unsigned long start, unsigned long end, (unsigned long)shadow_end); } } + +#else /* CONFIG_KASAN_VMALLOC */ + +int kasan_module_alloc(void *addr, size_t size) +{ + void *ret; + size_t scaled_size; + size_t shadow_size; + unsigned long shadow_start; + + shadow_start = (unsigned long)kasan_mem_to_shadow(addr); + scaled_size = (size + KASAN_SHADOW_MASK) >> KASAN_SHADOW_SCALE_SHIFT; + shadow_size = round_up(scaled_size, PAGE_SIZE); + + if (WARN_ON(!PAGE_ALIGNED(shadow_start))) + return -EINVAL; + + ret = __vmalloc_node_range(shadow_size, 1, shadow_start, + shadow_start + shadow_size, + GFP_KERNEL, + PAGE_KERNEL, VM_NO_GUARD, NUMA_NO_NODE, + __builtin_return_address(0)); + + if (ret) { + __memset(ret, KASAN_SHADOW_INIT, shadow_size); + find_vm_area(addr)->flags |= VM_KASAN; + kmemleak_ignore(ret); + return 0; + } + + return -ENOMEM; +} + +void kasan_free_shadow(const struct vm_struct *vm) +{ + if (vm->flags & VM_KASAN) + vfree(kasan_mem_to_shadow(vm->addr)); +} + #endif From patchwork Fri Aug 14 17:26:45 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715009 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C0FA51392 for ; Fri, 14 Aug 2020 17:28:41 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 9813A20774 for ; Fri, 14 Aug 2020 17:28:41 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="1rzNReAe"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="NnWG0R80" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9813A20774 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=C/9+9bCzF5o9isbDf88J6Q8CYMp6Ae+iZr0LSYu/unA=; b=1rzNReAeZfm7VON9QLMz9vVtt ABJ5czbeW8pVqmTzW+VFstwhETLzZj2w93ISfT3yoCGG9WTU20+nSVGRK4gw++Ajq5sbw5TRIogoA YnzXv44n1oWhkKyIuITJUbwSPXpxbTJIgHwjkjY1VKaK5iR0joVxH41n3MbECGViF4zGqVFb/vNmR Vg2ljnz+29RV6N6HW56Urz/apvp8C+ii7VKxDlPrqjzZDMjfKKZNdFjrrzj3qJ/HZe8I7MR/gF92S QrsGoqYDgHJsMwKfTXBC7Gl+x3nNxmjD05l2qhqBLFbOanP1OOM41itN9GQy1ZUBWudy3JPy4L9qd NFNlwK7Mg==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dV4-0003Wd-0r; Fri, 14 Aug 2020 17:28:18 +0000 Received: from mail-ed1-x54a.google.com ([2a00:1450:4864:20::54a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUM-0003BT-S5 for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:27:41 +0000 Received: by mail-ed1-x54a.google.com with SMTP id z19so3493505edr.10 for ; Fri, 14 Aug 2020 10:27:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=yqDvbJRB7ghhYUJnBffV6Wdevt15gkjdAFpaNJ5xwpI=; b=NnWG0R80eq9R1RVTHFiLH0+CbG24xMo/Pk8D6hlayJD6/jup0+WhQpn2FfApkw/OLH A63ofaKuhmI+m7v2+zIDRG9RtiQN+RQxrkKbeQwebMG1LRwJfphYfEQnq2+fGbTB4g4z 0ar2+Of0emarFbHb/5bMHP0CN+28ZVQ9W+t+U5OB3hPR/CDoy7ZVdEn9RtcK63/ZFdkY s1zGYNIlG0CiuVOTUOXbquRYk/zS85v9JTfIXFwSdH8/mWbGe3nRg0LhqUaJ6IYnJ4n/ CkC+dT3E3iHy6futQCIpKS3ojibi5A30STpXasKQQLHxZt/PMBf4G/RtJ2x3i91KcLxv 91nQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=yqDvbJRB7ghhYUJnBffV6Wdevt15gkjdAFpaNJ5xwpI=; b=eHK6hHujt694vy5cCFYdCJ9sJAPBo3PRl9+GnHlUpze+vzKc40aPLMyoQJc7LRX379 N2g84cXs0hxDIGt+RlAuoeBuG3WAcxkfRmuFA8heHWhpNkq6dYDiU0zzYU7ja2kbfRKc 1wZXirgfmU+MrR82k4xXmIqeDtXDsQlXg2xYUQq0go0F0MOXckZawk77jWanUt/UVdJ3 n3arCPhg4QYKk1kwkLcJk67ymzHBZWTiH1GwnGPN80gO0An0iS8sqcxcwNAB20BaWyoS NNs6X00iR95laRNkF+Njbcb2qGdjn885vse06l3KGVnTGWrj9NerlVStxC+RbpU2jRMs /Mww== X-Gm-Message-State: AOAM531ZLrEfFb14Nnzx5yYVBHRsyxT3MMq5rsjChtNru89MVRC+17jH zX8oJeMGH8QqoLyRvpgKfTU5NCysaomNKVyh X-Google-Smtp-Source: ABdhPJyJZIfoQU8kIAVBaHLf+CE/8nKps8LgSd0/B5y0ypQpapc4GyhKksQd0R944+AQ9wkt5psrYlbDykyLb/2S X-Received: by 2002:a17:906:c7c8:: with SMTP id dc8mr3324691ejb.285.1597426051207; Fri, 14 Aug 2020 10:27:31 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:45 +0200 In-Reply-To: Message-Id: <272b331db9919432cd6467a0bd5ce73ffc46fc97.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 03/35] kasan: shadow declarations only for software modes From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132734_973984_ED8E3632 X-CRM114-Status: GOOD ( 14.96 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:54a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is a preparatory commit for the upcoming addition of a new hardware tag-based (MTE-based) KASAN mode. Group shadow-related KASAN function declarations and only define them for the two existing software modes. No functional changes for software modes. Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 44 ++++++++++++++++++++++++++----------------- 1 file changed, 27 insertions(+), 17 deletions(-) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index bd5b4965a269..44a9aae44138 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -3,16 +3,24 @@ #define _LINUX_KASAN_H #include +#include struct kmem_cache; struct page; struct vm_struct; struct task_struct; -#ifdef CONFIG_KASAN +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) #include -#include + +/* Software KASAN implementations use shadow memory. */ + +#ifdef CONFIG_KASAN_SW_TAGS +#define KASAN_SHADOW_INIT 0xFF +#else +#define KASAN_SHADOW_INIT 0 +#endif extern unsigned char kasan_early_shadow_page[PAGE_SIZE]; extern pte_t kasan_early_shadow_pte[PTRS_PER_PTE]; @@ -29,6 +37,23 @@ static inline void *kasan_mem_to_shadow(const void *addr) + KASAN_SHADOW_OFFSET; } +int kasan_add_zero_shadow(void *start, unsigned long size); +void kasan_remove_zero_shadow(void *start, unsigned long size); + +#else /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS */ + +static inline int kasan_add_zero_shadow(void *start, unsigned long size) +{ + return 0; +} +static inline void kasan_remove_zero_shadow(void *start, + unsigned long size) +{} + +#endif /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS */ + +#ifdef CONFIG_KASAN + /* Enable reporting bugs after kasan_disable_current() */ extern void kasan_enable_current(void); @@ -69,9 +94,6 @@ struct kasan_cache { int free_meta_offset; }; -int kasan_add_zero_shadow(void *start, unsigned long size); -void kasan_remove_zero_shadow(void *start, unsigned long size); - size_t __ksize(const void *); static inline void kasan_unpoison_slab(const void *ptr) { @@ -137,14 +159,6 @@ static inline bool kasan_slab_free(struct kmem_cache *s, void *object, return false; } -static inline int kasan_add_zero_shadow(void *start, unsigned long size) -{ - return 0; -} -static inline void kasan_remove_zero_shadow(void *start, - unsigned long size) -{} - static inline void kasan_unpoison_slab(const void *ptr) { } static inline size_t kasan_metadata_size(struct kmem_cache *cache) { return 0; } @@ -152,8 +166,6 @@ static inline size_t kasan_metadata_size(struct kmem_cache *cache) { return 0; } #ifdef CONFIG_KASAN_GENERIC -#define KASAN_SHADOW_INIT 0 - void kasan_cache_shrink(struct kmem_cache *cache); void kasan_cache_shutdown(struct kmem_cache *cache); void kasan_record_aux_stack(void *ptr); @@ -168,8 +180,6 @@ static inline void kasan_record_aux_stack(void *ptr) {} #ifdef CONFIG_KASAN_SW_TAGS -#define KASAN_SHADOW_INIT 0xFF - void kasan_init_tags(void); void *kasan_reset_tag(const void *addr); From patchwork Fri Aug 14 17:26:46 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715039 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 050B2739 for ; Fri, 14 Aug 2020 17:30:59 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 5365320768 for ; Fri, 14 Aug 2020 17:30:58 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="ahCWA+xh"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="En5D1zMD" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 5365320768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=HPkrgHmCv3GISNFnm6+CWzfLAHiFW+vGaYFC8Pumo6g=; b=ahCWA+xhOYEX0xnxI2toMqw2x +WKsQn1rtsys81CN9Z6ItK+liX7Rt8Jjg381VQ58/6XxCZwqIuyDJjKeblwVZkjo5eT7LJ67g3A/c 1xk2C8KndCqYoTnrb9YjLdbqOyQdPVUjbbqPVVG4mBmFYHVb4eVXHztNvRf2otsxydmlT1l5tApDp gHJ3+Bphd2QnBx5vzp37oU2DjypXyHzt6yfgELt//TZv0++2QmjXVDZuAdh+8ZnS1yxKk9VqkLINr GqbXRQnsiss53Im1NIFrJlgT3ltNtEcH9KWDtcmPvTk5vxoggD4Adj+CARCq5ge3t8jR/Li8rN0C5 /OtVqBM+g==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dVT-0003li-Ir; Fri, 14 Aug 2020 17:28:43 +0000 Received: from mail-wr1-x449.google.com ([2a00:1450:4864:20::449]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUP-0003D3-C4 for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:27:46 +0000 Received: by mail-wr1-x449.google.com with SMTP id w7so3576673wre.11 for ; Fri, 14 Aug 2020 10:27:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=ZVI16BufIPnDakH6OwxgwWH/hspWExUAjZIdCIHvDJQ=; b=En5D1zMDRTnzDL0W0sGo6DefCwCOg7TepdSQO56SpmVdIKB65eUnTNuDag20hnXjZe bl4Fz1pHNSd2eD+O/8ykbKfjiARPvQzZdN/Zj1mTVqEIvwG+9lzQIWqLjOwqCE8ojWwl 8XkIc6A2yYmQzp4gZWB77nP83I9DvqUZPF+CwFQiKr55wEnqFhPAZeSOxrHEfjsbJCpP FMCYvSD+rxSB0B5Vk6rTFYBVAp/3stc7rCkucIfu62EqXfnY25UsczQCbpHk+3SqMGxp poUXW71IFdD7G/xfyrgQ989wnwO97A2E/DkGtnILrVJm34H8Y53WOQlu82/hfKr8XvZi 8O0g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=ZVI16BufIPnDakH6OwxgwWH/hspWExUAjZIdCIHvDJQ=; b=gM1A1GpIdsEg9hAYPUcz7lBoAgUZYY3zr7qX+YZwLwco0bjunNKYpMJBvvqEh3fef+ bmJixyJ6KINRuyllKBujcxZsOxEEMYy8eTtOfdbhWPJGChb8/tbSkb50AUL15ZJAYMJb fWofw3Od0qmy/bPON1kyjguD2rpSZN1UstikApDATwxxHyQ/tEb3ErHMPfDjPmmYlsK6 ZVEihIwusFyHDK4DOFtVqfZq0L42CIsEDw6LTgdFX2VWPccnQn+E1bn5GqoL7RRvgvus XB3kK113WG36InkaJIAts1e/Q5X4K5SgW88TuG9gjhxy5XIzvRcx+4Px/COX/EiraQjn pSXQ== X-Gm-Message-State: AOAM5324m0Y21E9Io00iXw7eJHv3iZHWWlhbk4rTJReLxRLVa5nSfa92 uIVi60bUFjvTneQO9BdnC0eUC9pfosUGQ8nW X-Google-Smtp-Source: ABdhPJwJwCxaKtGpGoOLjMQNfOVzXwsMhBeTao30ZHwfq734Kq5KVZBreWg/5NqIdhYm/2ROSTtlxSca8u7iC9ff X-Received: by 2002:a7b:cd93:: with SMTP id y19mr424116wmj.0.1597426053539; Fri, 14 Aug 2020 10:27:33 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:46 +0200 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 04/35] kasan: rename (un)poison_shadow to (un)poison_memory From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132737_532431_03105501 X-CRM114-Status: GOOD ( 20.98 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:449 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is a preparatory commit for the upcoming addition of a new hardware tag-based (MTE-based) KASAN mode. The new mode won't be using shadow memory, but will reuse the same functions. Rename kasan_unpoison_shadow to kasan_unpoison_memory, and kasan_poison_shadow to kasan_poison_memory. No functional changes. Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 6 +++--- kernel/fork.c | 4 ++-- mm/kasan/common.c | 38 +++++++++++++++++++------------------- mm/kasan/generic.c | 12 ++++++------ mm/kasan/kasan.h | 2 +- mm/kasan/tags.c | 2 +- mm/slab_common.c | 2 +- 7 files changed, 33 insertions(+), 33 deletions(-) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 44a9aae44138..18617d5c4cd7 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -60,7 +60,7 @@ extern void kasan_enable_current(void); /* Disable reporting bugs for current task */ extern void kasan_disable_current(void); -void kasan_unpoison_shadow(const void *address, size_t size); +void kasan_unpoison_memory(const void *address, size_t size); void kasan_unpoison_task_stack(struct task_struct *task); @@ -97,7 +97,7 @@ struct kasan_cache { size_t __ksize(const void *); static inline void kasan_unpoison_slab(const void *ptr) { - kasan_unpoison_shadow(ptr, __ksize(ptr)); + kasan_unpoison_memory(ptr, __ksize(ptr)); } size_t kasan_metadata_size(struct kmem_cache *cache); @@ -106,7 +106,7 @@ void kasan_restore_multi_shot(bool enabled); #else /* CONFIG_KASAN */ -static inline void kasan_unpoison_shadow(const void *address, size_t size) {} +static inline void kasan_unpoison_memory(const void *address, size_t size) {} static inline void kasan_unpoison_task_stack(struct task_struct *task) {} diff --git a/kernel/fork.c b/kernel/fork.c index c9c76a4d1180..c93e93cfbab8 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -224,8 +224,8 @@ static unsigned long *alloc_thread_stack_node(struct task_struct *tsk, int node) if (!s) continue; - /* Clear the KASAN shadow of the stack. */ - kasan_unpoison_shadow(s->addr, THREAD_SIZE); + /* Mark stack accessible for KASAN. */ + kasan_unpoison_memory(s->addr, THREAD_SIZE); /* Clear stale pointers from reused stack. */ memset(s->addr, 0, THREAD_SIZE); diff --git a/mm/kasan/common.c b/mm/kasan/common.c index d1c987f324cd..65933b27df81 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -113,7 +113,7 @@ void *memcpy(void *dest, const void *src, size_t len) * Poisons the shadow memory for 'size' bytes starting from 'addr'. * Memory addresses should be aligned to KASAN_SHADOW_SCALE_SIZE. */ -void kasan_poison_shadow(const void *address, size_t size, u8 value) +void kasan_poison_memory(const void *address, size_t size, u8 value) { void *shadow_start, *shadow_end; @@ -130,7 +130,7 @@ void kasan_poison_shadow(const void *address, size_t size, u8 value) __memset(shadow_start, value, shadow_end - shadow_start); } -void kasan_unpoison_shadow(const void *address, size_t size) +void kasan_unpoison_memory(const void *address, size_t size) { u8 tag = get_tag(address); @@ -141,7 +141,7 @@ void kasan_unpoison_shadow(const void *address, size_t size) */ address = reset_tag(address); - kasan_poison_shadow(address, size, tag); + kasan_poison_memory(address, size, tag); if (size & KASAN_SHADOW_MASK) { u8 *shadow = (u8 *)kasan_mem_to_shadow(address + size); @@ -158,7 +158,7 @@ static void __kasan_unpoison_stack(struct task_struct *task, const void *sp) void *base = task_stack_page(task); size_t size = sp - base; - kasan_unpoison_shadow(base, size); + kasan_unpoison_memory(base, size); } /* Unpoison the entire stack for a task. */ @@ -177,7 +177,7 @@ asmlinkage void kasan_unpoison_task_stack_below(const void *watermark) */ void *base = (void *)((unsigned long)watermark & ~(THREAD_SIZE - 1)); - kasan_unpoison_shadow(base, watermark - base); + kasan_unpoison_memory(base, watermark - base); } void kasan_alloc_pages(struct page *page, unsigned int order) @@ -191,13 +191,13 @@ void kasan_alloc_pages(struct page *page, unsigned int order) tag = random_tag(); for (i = 0; i < (1 << order); i++) page_kasan_tag_set(page + i, tag); - kasan_unpoison_shadow(page_address(page), PAGE_SIZE << order); + kasan_unpoison_memory(page_address(page), PAGE_SIZE << order); } void kasan_free_pages(struct page *page, unsigned int order) { if (likely(!PageHighMem(page))) - kasan_poison_shadow(page_address(page), + kasan_poison_memory(page_address(page), PAGE_SIZE << order, KASAN_FREE_PAGE); } @@ -289,18 +289,18 @@ void kasan_poison_slab(struct page *page) for (i = 0; i < compound_nr(page); i++) page_kasan_tag_reset(page + i); - kasan_poison_shadow(page_address(page), page_size(page), + kasan_poison_memory(page_address(page), page_size(page), KASAN_KMALLOC_REDZONE); } void kasan_unpoison_object_data(struct kmem_cache *cache, void *object) { - kasan_unpoison_shadow(object, cache->object_size); + kasan_unpoison_memory(object, cache->object_size); } void kasan_poison_object_data(struct kmem_cache *cache, void *object) { - kasan_poison_shadow(object, + kasan_poison_memory(object, round_up(cache->object_size, KASAN_SHADOW_SCALE_SIZE), KASAN_KMALLOC_REDZONE); } @@ -413,7 +413,7 @@ static bool __kasan_slab_free(struct kmem_cache *cache, void *object, } rounded_up_size = round_up(cache->object_size, KASAN_SHADOW_SCALE_SIZE); - kasan_poison_shadow(object, rounded_up_size, KASAN_KMALLOC_FREE); + kasan_poison_memory(object, rounded_up_size, KASAN_KMALLOC_FREE); if ((IS_ENABLED(CONFIG_KASAN_GENERIC) && !quarantine) || unlikely(!(cache->flags & SLAB_KASAN))) @@ -453,8 +453,8 @@ static void *__kasan_kmalloc(struct kmem_cache *cache, const void *object, tag = assign_tag(cache, object, false, keep_tag); /* Tag is ignored in set_tag without CONFIG_KASAN_SW_TAGS */ - kasan_unpoison_shadow(set_tag(object, tag), size); - kasan_poison_shadow((void *)redzone_start, redzone_end - redzone_start, + kasan_unpoison_memory(set_tag(object, tag), size); + kasan_poison_memory((void *)redzone_start, redzone_end - redzone_start, KASAN_KMALLOC_REDZONE); if (cache->flags & SLAB_KASAN) @@ -494,8 +494,8 @@ void * __must_check kasan_kmalloc_large(const void *ptr, size_t size, KASAN_SHADOW_SCALE_SIZE); redzone_end = (unsigned long)ptr + page_size(page); - kasan_unpoison_shadow(ptr, size); - kasan_poison_shadow((void *)redzone_start, redzone_end - redzone_start, + kasan_unpoison_memory(ptr, size); + kasan_poison_memory((void *)redzone_start, redzone_end - redzone_start, KASAN_PAGE_REDZONE); return (void *)ptr; @@ -528,7 +528,7 @@ void kasan_poison_kfree(void *ptr, unsigned long ip) kasan_report_invalid_free(ptr, ip); return; } - kasan_poison_shadow(ptr, page_size(page), KASAN_FREE_PAGE); + kasan_poison_memory(ptr, page_size(page), KASAN_FREE_PAGE); } else { __kasan_slab_free(page->slab_cache, ptr, ip, false); } @@ -714,7 +714,7 @@ int kasan_populate_vmalloc(unsigned long addr, unsigned long size) * // vmalloc() allocates memory * // let a = area->addr * // we reach kasan_populate_vmalloc - * // and call kasan_unpoison_shadow: + * // and call kasan_unpoison_memory: * STORE shadow(a), unpoison_val * ... * STORE shadow(a+99), unpoison_val x = LOAD p @@ -749,7 +749,7 @@ void kasan_poison_vmalloc(const void *start, unsigned long size) return; size = round_up(size, KASAN_SHADOW_SCALE_SIZE); - kasan_poison_shadow(start, size, KASAN_VMALLOC_INVALID); + kasan_poison_memory(start, size, KASAN_VMALLOC_INVALID); } void kasan_unpoison_vmalloc(const void *start, unsigned long size) @@ -757,7 +757,7 @@ void kasan_unpoison_vmalloc(const void *start, unsigned long size) if (!is_vmalloc_or_module_addr(start)) return; - kasan_unpoison_shadow(start, size); + kasan_unpoison_memory(start, size); } static int kasan_depopulate_vmalloc_pte(pte_t *ptep, unsigned long addr, diff --git a/mm/kasan/generic.c b/mm/kasan/generic.c index 248264b9cb76..4b5f905198d8 100644 --- a/mm/kasan/generic.c +++ b/mm/kasan/generic.c @@ -207,9 +207,9 @@ static void register_global(struct kasan_global *global) { size_t aligned_size = round_up(global->size, KASAN_SHADOW_SCALE_SIZE); - kasan_unpoison_shadow(global->beg, global->size); + kasan_unpoison_memory(global->beg, global->size); - kasan_poison_shadow(global->beg + aligned_size, + kasan_poison_memory(global->beg + aligned_size, global->size_with_redzone - aligned_size, KASAN_GLOBAL_REDZONE); } @@ -290,11 +290,11 @@ void __asan_alloca_poison(unsigned long addr, size_t size) WARN_ON(!IS_ALIGNED(addr, KASAN_ALLOCA_REDZONE_SIZE)); - kasan_unpoison_shadow((const void *)(addr + rounded_down_size), + kasan_unpoison_memory((const void *)(addr + rounded_down_size), size - rounded_down_size); - kasan_poison_shadow(left_redzone, KASAN_ALLOCA_REDZONE_SIZE, + kasan_poison_memory(left_redzone, KASAN_ALLOCA_REDZONE_SIZE, KASAN_ALLOCA_LEFT); - kasan_poison_shadow(right_redzone, + kasan_poison_memory(right_redzone, padding_size + KASAN_ALLOCA_REDZONE_SIZE, KASAN_ALLOCA_RIGHT); } @@ -306,7 +306,7 @@ void __asan_allocas_unpoison(const void *stack_top, const void *stack_bottom) if (unlikely(!stack_top || stack_top > stack_bottom)) return; - kasan_unpoison_shadow(stack_top, stack_bottom - stack_top); + kasan_unpoison_memory(stack_top, stack_bottom - stack_top); } EXPORT_SYMBOL(__asan_allocas_unpoison); diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index ac499456740f..03450d3b31f7 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -150,7 +150,7 @@ static inline bool addr_has_shadow(const void *addr) return (addr >= kasan_shadow_to_mem((void *)KASAN_SHADOW_START)); } -void kasan_poison_shadow(const void *address, size_t size, u8 value); +void kasan_poison_memory(const void *address, size_t size, u8 value); /** * check_memory_region - Check memory region, and report if invalid access. diff --git a/mm/kasan/tags.c b/mm/kasan/tags.c index e02a36a51f42..4d5a1fe8251f 100644 --- a/mm/kasan/tags.c +++ b/mm/kasan/tags.c @@ -158,7 +158,7 @@ EXPORT_SYMBOL(__hwasan_storeN_noabort); void __hwasan_tag_memory(unsigned long addr, u8 tag, unsigned long size) { - kasan_poison_shadow((void *)addr, size, tag); + kasan_poison_memory((void *)addr, size, tag); } EXPORT_SYMBOL(__hwasan_tag_memory); diff --git a/mm/slab_common.c b/mm/slab_common.c index 37d48a56431d..24bbf3704a51 100644 --- a/mm/slab_common.c +++ b/mm/slab_common.c @@ -1772,7 +1772,7 @@ size_t ksize(const void *objp) * We assume that ksize callers could use whole allocated area, * so we need to unpoison this area. */ - kasan_unpoison_shadow(objp, size); + kasan_unpoison_memory(objp, size); return size; } EXPORT_SYMBOL(ksize); From patchwork Fri Aug 14 17:26:47 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715029 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E1B4D1392 for ; Fri, 14 Aug 2020 17:29:49 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id AC44020708 for ; Fri, 14 Aug 2020 17:29:49 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="VwRlHkWs"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="PkaDjnEO" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org AC44020708 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=rF5KH4dRaNkeiJ/+3zsJVu1BMewQqLbsTSgkudJymnk=; b=VwRlHkWsK2+dJiiagRd4V32Gf BGbG8ZzQLfbaa2oEzNIH4O7auzi8PZ4On1VrWrHDPLN+wegKK8AA4pshvzClLf+9iZyIaHyEL7pgO HyzPiHdCHKDWQtCYZMQIVyZqRWGKoft5yxylB8lg/nabD5rTES1kZltZHtRvRaMYDnKl77YGilqfD nx/R5Mi8j1OloXz6BXIqS8lkYV6t0MP2K1sjzC1tDXU63UByHfSYJ2kAWLSNX/VhHY/U/JC/3RHZ8 41WpO3k/IyGG8F3FjO54srVZjtKaPQlgR4eyQ9vh8I7rnLPnC1cjV4Z+bYS9JTX84xSBZC00JubK3 qUlgjSoZw==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dWE-00049N-Ii; Fri, 14 Aug 2020 17:29:30 +0000 Received: from mail-wm1-x349.google.com ([2a00:1450:4864:20::349]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUR-0003Ea-GH for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:27:53 +0000 Received: by mail-wm1-x349.google.com with SMTP id g72so3422679wme.4 for ; Fri, 14 Aug 2020 10:27:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=bRu728EFW5d2BLJ1Gu8QpaNzOgGu693ugUiPSDZNjhM=; b=PkaDjnEOPpRWKufCUmnFO2q66c87Masi0+K22SDyxxwAfpialLsAre9V09oWnXki/b PWhDmWvCh85Ts7Vp52xGZpFPeHlUuGIzCUYRHWEXLl3wb9R/0C79e1TW5fHUhpRxo7w8 nidrzNP7/eVTq16de8gPpSJOxHmRDqiL7yvdQQVG0v0vnj1uH0Znkphx/tCftCFSsAxC Hz4RhOn8zyYbEShZmYvL0GvCgHomf9Ijh6Xu0ZsX6fvhLzE2rtshgrvXJ25J/rJEvo7i xwAvB3JiJNcdunu7ogFn7gICWyQsyAE2nT5bV4eNphLDrLGVOHa7i2xXywvC615Avou+ iFUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=bRu728EFW5d2BLJ1Gu8QpaNzOgGu693ugUiPSDZNjhM=; b=cDU1r4PGc520EpNuSrTzYh/u4ipWrzPVX6Hug8sNwgnWLtx1DWu90AebwldgC6/WeE IBdMlaxYHh8VTvbg0l4JQrSYdczmM52LQwXQqkJOUDQoK36jfVgexuyv0t10ZFUpec1W Aq6mYPqo5kBd6VDdMB7Fins7lZVMIw5dcymM17pc4LWdo36XQK5NF0RN8hTLXYpawIVN 27wq65oZ5hjbs4FPpdd4E7SbzhMlPCkTNXUb7rlWvztrI9yMUZ0yPZsAh6c2FeTESsKK jGRwUmITCyBTS5w1OHT2+5q7pnBZ8O8pB4lmqRWwjXWyta2kjpNoBV1JreH5Lg4Tedfx yqMg== X-Gm-Message-State: AOAM5306ZZqwehpwwz13Fi4g/nlxPTtDa0aA7qKSfn8JCnFR9H1AeoDh KGFDoFLVOnm+Nc2dK3krL4mnBRZGyNnjKnrU X-Google-Smtp-Source: ABdhPJy7L+gpVNWKm27ZJLTH+IMMVj6ypNpwAKn07tKndsgrUEkzYX2Lz4Sarxz5UF3eSvMhykPRTH/ayarmnvTu X-Received: by 2002:a05:600c:c3:: with SMTP id u3mr423894wmm.1.1597426055942; Fri, 14 Aug 2020 10:27:35 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:47 +0200 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 05/35] kasan: rename KASAN_SHADOW_* to KASAN_GRANULE_* From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132739_668814_2CF61C37 X-CRM114-Status: GOOD ( 25.41 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:349 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is a preparatory commit for the upcoming addition of a new hardware tag-based (MTE-based) KASAN mode. The new mode won't be using shadow memory, but will still use the concept of memory granules. Rename KASAN_SHADOW_SCALE_SIZE to KASAN_GRANULE_SIZE, and KASAN_SHADOW_MASK to KASAN_GRANULE_MASK. Also use MASK when used as a mask, otherwise use SIZE. No functional changes. Signed-off-by: Andrey Konovalov --- Documentation/dev-tools/kasan.rst | 2 +- lib/test_kasan.c | 2 +- mm/kasan/common.c | 39 ++++++++++++++++--------------- mm/kasan/generic.c | 14 +++++------ mm/kasan/generic_report.c | 8 +++---- mm/kasan/init.c | 8 +++---- mm/kasan/kasan.h | 4 ++-- mm/kasan/report.c | 10 ++++---- mm/kasan/tags_report.c | 2 +- 9 files changed, 45 insertions(+), 44 deletions(-) diff --git a/Documentation/dev-tools/kasan.rst b/Documentation/dev-tools/kasan.rst index 38fd5681fade..a3030fc6afe5 100644 --- a/Documentation/dev-tools/kasan.rst +++ b/Documentation/dev-tools/kasan.rst @@ -264,7 +264,7 @@ Most mappings in vmalloc space are small, requiring less than a full page of shadow space. Allocating a full shadow page per mapping would therefore be wasteful. Furthermore, to ensure that different mappings use different shadow pages, mappings would have to be aligned to -``KASAN_SHADOW_SCALE_SIZE * PAGE_SIZE``. +``KASAN_GRANULE_SIZE * PAGE_SIZE``. Instead, we share backing space across multiple mappings. We allocate a backing page when a mapping in vmalloc space uses a particular page diff --git a/lib/test_kasan.c b/lib/test_kasan.c index 5d3f496893ef..247a14f40016 100644 --- a/lib/test_kasan.c +++ b/lib/test_kasan.c @@ -25,7 +25,7 @@ #include "../mm/kasan/kasan.h" -#define OOB_TAG_OFF (IS_ENABLED(CONFIG_KASAN_GENERIC) ? 0 : KASAN_SHADOW_SCALE_SIZE) +#define OOB_TAG_OFF (IS_ENABLED(CONFIG_KASAN_GENERIC) ? 0 : KASAN_GRANULE_SIZE) /* * We assign some test results to these globals to make sure the tests diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 65933b27df81..c9daf2c33651 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -111,7 +111,7 @@ void *memcpy(void *dest, const void *src, size_t len) /* * Poisons the shadow memory for 'size' bytes starting from 'addr'. - * Memory addresses should be aligned to KASAN_SHADOW_SCALE_SIZE. + * Memory addresses should be aligned to KASAN_GRANULE_SIZE. */ void kasan_poison_memory(const void *address, size_t size, u8 value) { @@ -143,13 +143,13 @@ void kasan_unpoison_memory(const void *address, size_t size) kasan_poison_memory(address, size, tag); - if (size & KASAN_SHADOW_MASK) { + if (size & KASAN_GRANULE_MASK) { u8 *shadow = (u8 *)kasan_mem_to_shadow(address + size); if (IS_ENABLED(CONFIG_KASAN_SW_TAGS)) *shadow = tag; else - *shadow = size & KASAN_SHADOW_MASK; + *shadow = size & KASAN_GRANULE_MASK; } } @@ -301,7 +301,7 @@ void kasan_unpoison_object_data(struct kmem_cache *cache, void *object) void kasan_poison_object_data(struct kmem_cache *cache, void *object) { kasan_poison_memory(object, - round_up(cache->object_size, KASAN_SHADOW_SCALE_SIZE), + round_up(cache->object_size, KASAN_GRANULE_SIZE), KASAN_KMALLOC_REDZONE); } @@ -373,7 +373,7 @@ static inline bool shadow_invalid(u8 tag, s8 shadow_byte) { if (IS_ENABLED(CONFIG_KASAN_GENERIC)) return shadow_byte < 0 || - shadow_byte >= KASAN_SHADOW_SCALE_SIZE; + shadow_byte >= KASAN_GRANULE_SIZE; /* else CONFIG_KASAN_SW_TAGS: */ if ((u8)shadow_byte == KASAN_TAG_INVALID) @@ -412,7 +412,7 @@ static bool __kasan_slab_free(struct kmem_cache *cache, void *object, return true; } - rounded_up_size = round_up(cache->object_size, KASAN_SHADOW_SCALE_SIZE); + rounded_up_size = round_up(cache->object_size, KASAN_GRANULE_SIZE); kasan_poison_memory(object, rounded_up_size, KASAN_KMALLOC_FREE); if ((IS_ENABLED(CONFIG_KASAN_GENERIC) && !quarantine) || @@ -445,9 +445,9 @@ static void *__kasan_kmalloc(struct kmem_cache *cache, const void *object, return NULL; redzone_start = round_up((unsigned long)(object + size), - KASAN_SHADOW_SCALE_SIZE); + KASAN_GRANULE_SIZE); redzone_end = round_up((unsigned long)object + cache->object_size, - KASAN_SHADOW_SCALE_SIZE); + KASAN_GRANULE_SIZE); if (IS_ENABLED(CONFIG_KASAN_SW_TAGS)) tag = assign_tag(cache, object, false, keep_tag); @@ -491,7 +491,7 @@ void * __must_check kasan_kmalloc_large(const void *ptr, size_t size, page = virt_to_page(ptr); redzone_start = round_up((unsigned long)(ptr + size), - KASAN_SHADOW_SCALE_SIZE); + KASAN_GRANULE_SIZE); redzone_end = (unsigned long)ptr + page_size(page); kasan_unpoison_memory(ptr, size); @@ -589,8 +589,8 @@ static int __meminit kasan_mem_notifier(struct notifier_block *nb, shadow_size = nr_shadow_pages << PAGE_SHIFT; shadow_end = shadow_start + shadow_size; - if (WARN_ON(mem_data->nr_pages % KASAN_SHADOW_SCALE_SIZE) || - WARN_ON(start_kaddr % (KASAN_SHADOW_SCALE_SIZE << PAGE_SHIFT))) + if (WARN_ON(mem_data->nr_pages % KASAN_GRANULE_SIZE) || + WARN_ON(start_kaddr % (KASAN_GRANULE_SIZE << PAGE_SHIFT))) return NOTIFY_BAD; switch (action) { @@ -748,7 +748,7 @@ void kasan_poison_vmalloc(const void *start, unsigned long size) if (!is_vmalloc_or_module_addr(start)) return; - size = round_up(size, KASAN_SHADOW_SCALE_SIZE); + size = round_up(size, KASAN_GRANULE_SIZE); kasan_poison_memory(start, size, KASAN_VMALLOC_INVALID); } @@ -861,22 +861,22 @@ void kasan_release_vmalloc(unsigned long start, unsigned long end, unsigned long region_start, region_end; unsigned long size; - region_start = ALIGN(start, PAGE_SIZE * KASAN_SHADOW_SCALE_SIZE); - region_end = ALIGN_DOWN(end, PAGE_SIZE * KASAN_SHADOW_SCALE_SIZE); + region_start = ALIGN(start, PAGE_SIZE * KASAN_GRANULE_SIZE); + region_end = ALIGN_DOWN(end, PAGE_SIZE * KASAN_GRANULE_SIZE); free_region_start = ALIGN(free_region_start, - PAGE_SIZE * KASAN_SHADOW_SCALE_SIZE); + PAGE_SIZE * KASAN_GRANULE_SIZE); if (start != region_start && free_region_start < region_start) - region_start -= PAGE_SIZE * KASAN_SHADOW_SCALE_SIZE; + region_start -= PAGE_SIZE * KASAN_GRANULE_SIZE; free_region_end = ALIGN_DOWN(free_region_end, - PAGE_SIZE * KASAN_SHADOW_SCALE_SIZE); + PAGE_SIZE * KASAN_GRANULE_SIZE); if (end != region_end && free_region_end > region_end) - region_end += PAGE_SIZE * KASAN_SHADOW_SCALE_SIZE; + region_end += PAGE_SIZE * KASAN_GRANULE_SIZE; shadow_start = kasan_mem_to_shadow((void *)region_start); shadow_end = kasan_mem_to_shadow((void *)region_end); @@ -902,7 +902,8 @@ int kasan_module_alloc(void *addr, size_t size) unsigned long shadow_start; shadow_start = (unsigned long)kasan_mem_to_shadow(addr); - scaled_size = (size + KASAN_SHADOW_MASK) >> KASAN_SHADOW_SCALE_SHIFT; + scaled_size = (size + KASAN_GRANULE_SIZE - 1) >> + KASAN_SHADOW_SCALE_SHIFT; shadow_size = round_up(scaled_size, PAGE_SIZE); if (WARN_ON(!PAGE_ALIGNED(shadow_start))) diff --git a/mm/kasan/generic.c b/mm/kasan/generic.c index 4b5f905198d8..f6d68aa9872f 100644 --- a/mm/kasan/generic.c +++ b/mm/kasan/generic.c @@ -51,7 +51,7 @@ static __always_inline bool memory_is_poisoned_1(unsigned long addr) s8 shadow_value = *(s8 *)kasan_mem_to_shadow((void *)addr); if (unlikely(shadow_value)) { - s8 last_accessible_byte = addr & KASAN_SHADOW_MASK; + s8 last_accessible_byte = addr & KASAN_GRANULE_MASK; return unlikely(last_accessible_byte >= shadow_value); } @@ -67,7 +67,7 @@ static __always_inline bool memory_is_poisoned_2_4_8(unsigned long addr, * Access crosses 8(shadow size)-byte boundary. Such access maps * into 2 shadow bytes, so we need to check them both. */ - if (unlikely(((addr + size - 1) & KASAN_SHADOW_MASK) < size - 1)) + if (unlikely(((addr + size - 1) & KASAN_GRANULE_MASK) < size - 1)) return *shadow_addr || memory_is_poisoned_1(addr + size - 1); return memory_is_poisoned_1(addr + size - 1); @@ -78,7 +78,7 @@ static __always_inline bool memory_is_poisoned_16(unsigned long addr) u16 *shadow_addr = (u16 *)kasan_mem_to_shadow((void *)addr); /* Unaligned 16-bytes access maps into 3 shadow bytes. */ - if (unlikely(!IS_ALIGNED(addr, KASAN_SHADOW_SCALE_SIZE))) + if (unlikely(!IS_ALIGNED(addr, KASAN_GRANULE_SIZE))) return *shadow_addr || memory_is_poisoned_1(addr + 15); return *shadow_addr; @@ -139,7 +139,7 @@ static __always_inline bool memory_is_poisoned_n(unsigned long addr, s8 *last_shadow = (s8 *)kasan_mem_to_shadow((void *)last_byte); if (unlikely(ret != (unsigned long)last_shadow || - ((long)(last_byte & KASAN_SHADOW_MASK) >= *last_shadow))) + ((long)(last_byte & KASAN_GRANULE_MASK) >= *last_shadow))) return true; } return false; @@ -205,7 +205,7 @@ void kasan_cache_shutdown(struct kmem_cache *cache) static void register_global(struct kasan_global *global) { - size_t aligned_size = round_up(global->size, KASAN_SHADOW_SCALE_SIZE); + size_t aligned_size = round_up(global->size, KASAN_GRANULE_SIZE); kasan_unpoison_memory(global->beg, global->size); @@ -279,10 +279,10 @@ EXPORT_SYMBOL(__asan_handle_no_return); /* Emitted by compiler to poison alloca()ed objects. */ void __asan_alloca_poison(unsigned long addr, size_t size) { - size_t rounded_up_size = round_up(size, KASAN_SHADOW_SCALE_SIZE); + size_t rounded_up_size = round_up(size, KASAN_GRANULE_SIZE); size_t padding_size = round_up(size, KASAN_ALLOCA_REDZONE_SIZE) - rounded_up_size; - size_t rounded_down_size = round_down(size, KASAN_SHADOW_SCALE_SIZE); + size_t rounded_down_size = round_down(size, KASAN_GRANULE_SIZE); const void *left_redzone = (const void *)(addr - KASAN_ALLOCA_REDZONE_SIZE); diff --git a/mm/kasan/generic_report.c b/mm/kasan/generic_report.c index a38c7a9e192a..4dce1633b082 100644 --- a/mm/kasan/generic_report.c +++ b/mm/kasan/generic_report.c @@ -39,7 +39,7 @@ void *find_first_bad_addr(void *addr, size_t size) void *p = addr; while (p < addr + size && !(*(u8 *)kasan_mem_to_shadow(p))) - p += KASAN_SHADOW_SCALE_SIZE; + p += KASAN_GRANULE_SIZE; return p; } @@ -51,14 +51,14 @@ static const char *get_shadow_bug_type(struct kasan_access_info *info) shadow_addr = (u8 *)kasan_mem_to_shadow(info->first_bad_addr); /* - * If shadow byte value is in [0, KASAN_SHADOW_SCALE_SIZE) we can look + * If shadow byte value is in [0, KASAN_GRANULE_SIZE) we can look * at the next shadow byte to determine the type of the bad access. */ - if (*shadow_addr > 0 && *shadow_addr <= KASAN_SHADOW_SCALE_SIZE - 1) + if (*shadow_addr > 0 && *shadow_addr <= KASAN_GRANULE_SIZE - 1) shadow_addr++; switch (*shadow_addr) { - case 0 ... KASAN_SHADOW_SCALE_SIZE - 1: + case 0 ... KASAN_GRANULE_SIZE - 1: /* * In theory it's still possible to see these shadow values * due to a data race in the kernel code. diff --git a/mm/kasan/init.c b/mm/kasan/init.c index fe6be0be1f76..754b641c83c7 100644 --- a/mm/kasan/init.c +++ b/mm/kasan/init.c @@ -447,8 +447,8 @@ void kasan_remove_zero_shadow(void *start, unsigned long size) end = addr + (size >> KASAN_SHADOW_SCALE_SHIFT); if (WARN_ON((unsigned long)start % - (KASAN_SHADOW_SCALE_SIZE * PAGE_SIZE)) || - WARN_ON(size % (KASAN_SHADOW_SCALE_SIZE * PAGE_SIZE))) + (KASAN_GRANULE_SIZE * PAGE_SIZE)) || + WARN_ON(size % (KASAN_GRANULE_SIZE * PAGE_SIZE))) return; for (; addr < end; addr = next) { @@ -482,8 +482,8 @@ int kasan_add_zero_shadow(void *start, unsigned long size) shadow_end = shadow_start + (size >> KASAN_SHADOW_SCALE_SHIFT); if (WARN_ON((unsigned long)start % - (KASAN_SHADOW_SCALE_SIZE * PAGE_SIZE)) || - WARN_ON(size % (KASAN_SHADOW_SCALE_SIZE * PAGE_SIZE))) + (KASAN_GRANULE_SIZE * PAGE_SIZE)) || + WARN_ON(size % (KASAN_GRANULE_SIZE * PAGE_SIZE))) return -EINVAL; ret = kasan_populate_early_shadow(shadow_start, shadow_end); diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index 03450d3b31f7..c31e2c739301 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -5,8 +5,8 @@ #include #include -#define KASAN_SHADOW_SCALE_SIZE (1UL << KASAN_SHADOW_SCALE_SHIFT) -#define KASAN_SHADOW_MASK (KASAN_SHADOW_SCALE_SIZE - 1) +#define KASAN_GRANULE_SIZE (1UL << KASAN_SHADOW_SCALE_SHIFT) +#define KASAN_GRANULE_MASK (KASAN_GRANULE_SIZE - 1) #define KASAN_TAG_KERNEL 0xFF /* native kernel pointers tag */ #define KASAN_TAG_INVALID 0xFE /* inaccessible memory tag */ diff --git a/mm/kasan/report.c b/mm/kasan/report.c index 4f49fa6cd1aa..7c025d792e2f 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -317,24 +317,24 @@ static bool __must_check get_address_stack_frame_info(const void *addr, return false; aligned_addr = round_down((unsigned long)addr, sizeof(long)); - mem_ptr = round_down(aligned_addr, KASAN_SHADOW_SCALE_SIZE); + mem_ptr = round_down(aligned_addr, KASAN_GRANULE_SIZE); shadow_ptr = kasan_mem_to_shadow((void *)aligned_addr); shadow_bottom = kasan_mem_to_shadow(end_of_stack(current)); while (shadow_ptr >= shadow_bottom && *shadow_ptr != KASAN_STACK_LEFT) { shadow_ptr--; - mem_ptr -= KASAN_SHADOW_SCALE_SIZE; + mem_ptr -= KASAN_GRANULE_SIZE; } while (shadow_ptr >= shadow_bottom && *shadow_ptr == KASAN_STACK_LEFT) { shadow_ptr--; - mem_ptr -= KASAN_SHADOW_SCALE_SIZE; + mem_ptr -= KASAN_GRANULE_SIZE; } if (shadow_ptr < shadow_bottom) return false; - frame = (const unsigned long *)(mem_ptr + KASAN_SHADOW_SCALE_SIZE); + frame = (const unsigned long *)(mem_ptr + KASAN_GRANULE_SIZE); if (frame[0] != KASAN_CURRENT_STACK_FRAME_MAGIC) { pr_err("KASAN internal error: frame info validation failed; invalid marker: %lu\n", frame[0]); @@ -572,6 +572,6 @@ void kasan_non_canonical_hook(unsigned long addr) else bug_type = "maybe wild-memory-access"; pr_alert("KASAN: %s in range [0x%016lx-0x%016lx]\n", bug_type, - orig_addr, orig_addr + KASAN_SHADOW_MASK); + orig_addr, orig_addr + KASAN_GRANULE_SIZE - 1); } #endif diff --git a/mm/kasan/tags_report.c b/mm/kasan/tags_report.c index bee43717d6f0..6ddb55676a7c 100644 --- a/mm/kasan/tags_report.c +++ b/mm/kasan/tags_report.c @@ -81,7 +81,7 @@ void *find_first_bad_addr(void *addr, size_t size) void *end = p + size; while (p < end && tag == *(u8 *)kasan_mem_to_shadow(p)) - p += KASAN_SHADOW_SCALE_SIZE; + p += KASAN_GRANULE_SIZE; return p; } From patchwork Fri Aug 14 17:26:48 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715043 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C211B739 for ; Fri, 14 Aug 2020 17:31:20 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 9903420829 for ; Fri, 14 Aug 2020 17:31:20 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="qMQ5Pozt"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="NlQYWVk4" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9903420829 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=0H9el34EXYmhAsqilncL9XU3E9w1YXm36JHE9pyWqUI=; b=qMQ5PoztjL4COey4bPoiC6vax FK5ilGba+N0TiDWWvTQGD6jWloj2P5Hn+q6TVb5pOpaoU4VdUxNqkIANPUUljs6jNU3WnBgsF9wP3 E8EPUxRUdGauvNI/JKSgfZMuB6IHmXL8GAewm5LLc3zSeohRHraHzZ9XzaD22lQQFO0dmVA69WUv5 3gi0QKgtkCcqRBPuW3m/zAXa2JdGG1+gWAP0IywAVg7H2Hz8dqu0W/sfDkIVyyq3reOXSqCGKAOVZ +kUCR28/TpqBI3bxgdDDecuoXt7BpsWeG4WMNbjyUUdEavDh9A7XhHo9aL88QY+1KIf5ck1M66jpp lidW8Qeuw==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dVz-0003z4-EU; Fri, 14 Aug 2020 17:29:15 +0000 Received: from mail-wr1-x449.google.com ([2a00:1450:4864:20::449]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUU-0003GG-5E for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:27:51 +0000 Received: by mail-wr1-x449.google.com with SMTP id f7so3592606wrs.8 for ; Fri, 14 Aug 2020 10:27:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=D1t27xMSdSDZAXG6XnkOmwCyZLvn/GNAn2saMjUMSxo=; b=NlQYWVk4QraX9lMNNFU2PHWTbxVPbYDzAKzEJL2GKeIWAYtsuwZ+NGPCHwpmoTva1K n2x0xG4UAjBWm/OlfHhi29X10+mhhEwk/7sNuRZL8P0lAPl9fEdsiCWjdL2iwXdLsEwR V+yKO9un2mCVzG1r9njHV7HBxFTXpqU+dEydfa6rl3iW3Je0KhV5gBnWYbMnA027byWF LGLsd09h7esHEAdz8fA9PJ3S2QY1gB7VHdcwQC70QA6UpSchVJL5Hy+QQeBhOjsF1TLK Lr08Lv1S4SLXhWH8tozhudhMdSNFbCnFeaTXh+EO4RIOA9r2zLcALLaU5qa2fhw/Ecl5 UyKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=D1t27xMSdSDZAXG6XnkOmwCyZLvn/GNAn2saMjUMSxo=; b=YoQKv2Szf/Fiiwus2CMESzQI29w1iEutKT8Ja5Px5Qy2CLmPhaIYfrfnDY1s86CGNn q5KU+GKjggpYBwLrNYbgJpWxViAPXEb+SdS2EhrLTmhE7v/yeZfpn2OIngjB2dRN/VqL ut4CdP86zxRqSBjANP8ikdz40Hvyh/P3xk+BsIot8flDfCN2PnYuScArhtP0Eggx2dx5 /kkNA20A9D7mUNvn0wXwv0JwGrqdNMm2cJ1phftj3SM7v94COhOCXg6byKCntbD2YVoC PbPvEUuKa7k3OOzZqadCAR5M97RFHfc0ex8Gt75i3saWzRFoMa7q7/vJh7KA8zqJsJNO iK7Q== X-Gm-Message-State: AOAM531omoDbhejNtJ5Vz56Kcy4J1H6QuuNNwq2tCSvQmdxu3uCyG113 o2uO8Mwo+PoeUQy+GEDOdInbyVyrIo+MinTt X-Google-Smtp-Source: ABdhPJzpZngGb1ZEeA+I2LMOF4t2XQmOQc29JrlRX//qtIxbuOUjwOocnNGAgVWjvUPc3MYLXUXVihCZ0qw94AsK X-Received: by 2002:a05:600c:c3:: with SMTP id u3mr423906wmm.1.1597426058434; Fri, 14 Aug 2020 10:27:38 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:48 +0200 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 06/35] kasan: only build init.c for software modes From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132742_372152_6103DB38 X-CRM114-Status: GOOD ( 13.33 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:449 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is a preparatory commit for the upcoming addition of a new hardware tag-based (MTE-based) KASAN mode. The new mode won't be using shadow memory, so only build init.c that contains shadow initialization code for software modes. No functional changes for software modes. Signed-off-by: Andrey Konovalov --- mm/kasan/Makefile | 6 +++--- mm/kasan/init.c | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mm/kasan/Makefile b/mm/kasan/Makefile index d532c2587731..b5517de7fc87 100644 --- a/mm/kasan/Makefile +++ b/mm/kasan/Makefile @@ -29,6 +29,6 @@ CFLAGS_report.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_tags.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_tags_report.o := $(CC_FLAGS_KASAN_RUNTIME) -obj-$(CONFIG_KASAN) := common.o init.o report.o -obj-$(CONFIG_KASAN_GENERIC) += generic.o generic_report.o quarantine.o -obj-$(CONFIG_KASAN_SW_TAGS) += tags.o tags_report.o +obj-$(CONFIG_KASAN) := common.o report.o +obj-$(CONFIG_KASAN_GENERIC) += init.o generic.o generic_report.o quarantine.o +obj-$(CONFIG_KASAN_SW_TAGS) += init.o tags.o tags_report.o diff --git a/mm/kasan/init.c b/mm/kasan/init.c index 754b641c83c7..20f5e1ab8d95 100644 --- a/mm/kasan/init.c +++ b/mm/kasan/init.c @@ -1,6 +1,6 @@ // SPDX-License-Identifier: GPL-2.0 /* - * This file contains some kasan initialization code. + * This file contains KASAN shadow initialization code. * * Copyright (c) 2015 Samsung Electronics Co., Ltd. * Author: Andrey Ryabinin From patchwork Fri Aug 14 17:26:49 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715079 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 15DED739 for ; Fri, 14 Aug 2020 17:32:33 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id D2EA520768 for ; Fri, 14 Aug 2020 17:32:32 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="UrhhwM0+"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="ughLKdlu" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D2EA520768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=ggLDoqR5zHckQEpN8L+suQNThBTtlmOkcpFvziZBlg8=; b=UrhhwM0+xPKSYaiSKV7t2v7YO PFK00Dlbh33/BC/xXTwoZn7wzkaWB824U6wtFwwPwegBYJ42yMpcUCBovI6Ts0gd3emz7SRyhYjkb VWs3PD7Hbv4DXVhIUrjjlmQS59sL8MWtVd+gTP401hsuAUca9MYVLhzIvJHXP1GQLQjUs5hSLalZh WDMsZZWL+khDCD8pTPJckEbX7ULdzy9Lvd/OAtBKclNzrVNDu4oqwL6c0SkBiwlyOIBAlfR9coWe0 UOCvLDhDPSCJQ9vGYjb6PHEAFDo2Mp1uzKRDKF2ebv1fd6hk1qiNBxkyhPmRD0Ay6/uElfJb/gHTk xByI2qUog==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dWh-0004Od-Rr; Fri, 14 Aug 2020 17:29:59 +0000 Received: from mail-wr1-x449.google.com ([2a00:1450:4864:20::449]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUW-0003IH-Ly for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:08 +0000 Received: by mail-wr1-x449.google.com with SMTP id r29so3603411wrr.10 for ; Fri, 14 Aug 2020 10:27:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=EayMx4N+49F/tUBImVqsp+nwIZa8nVOZvklPLes1km8=; b=ughLKdluc0H5P6uLAgrN2JBbWjkfnlw5JL1nSFFUODpUGPJZJUlNy4ZQdaxryUnO6H 166f+jtAj+kFadx3xEopQvcJL8esr6ppFKcVigrIi7Dl4jJ3I5gnZYTkrZ1CReq8j2Ar ls64G4NVM3yw5F5QId1dWYjJTbM/lBVUct3hNHJ/FcgHLQ9w/Pkxxt4FcOw+gE8d8wWK iXqqsoB6nGaGzHVKrieJe95M31oe2TBzfFk6FLIwGG8K0hRCODDpFt2m9cYqHofJRqKF hOv+mvMg5EzgrpVBJVh4j3vVF+MMHu1BoKd5ZuyLn0kJVwei0X9hfxSR57H2QgFsBz0t 0Isw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=EayMx4N+49F/tUBImVqsp+nwIZa8nVOZvklPLes1km8=; b=KE+GxgF/Urf2hOVMdKBhHmHjqxXgkCMhOlit6rJCC4lSstmnYase6+hyLGetcs7w83 NvNGL8rOawjVxjGeU/Vk51YOuZcHDe3JMZP+DCXIN2w+jocD40oGc0pIyCsz1FJimVnc Yn0xN21duYQyCAqCSfzzNOLYd1XytxRSCCfleJ7kitUCAQBBmqTz/oKm3K9QqPBpDy+Z 5VQfPO5zL5nyFhLFz/RF8tlumDeLXo7YdHSPLpmqgigCfZlLi+KrVyX1K3HOOH8V/SRD 0YBBQoGG2aeo79WmKjrnC+QmDEZSbtnNWebn8SoFzotNpkUUtql+gh7T9Cj+7K5n+q12 uVGg== X-Gm-Message-State: AOAM5301yChby5LeT9/RXnynTdqv7mMcx8jzAn77XvsCIzrBweeqTpqr ZJWEMRcdkRVIV6Db/St1BYDRdYpboZBtRPfW X-Google-Smtp-Source: ABdhPJzj++aWqUfJJPWgQOo4ggv5A7H75p2KUun+iK4pzZDYs5JlqgN09iciOCCOyOcWjkGRe/wR7nGa4HNnW7Dq X-Received: by 2002:adf:f8d2:: with SMTP id f18mr3492779wrq.261.1597426061574; Fri, 14 Aug 2020 10:27:41 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:49 +0200 In-Reply-To: Message-Id: <1286b689a658ed6ba08cd4c15b79ffb572368117.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 07/35] kasan: split out shadow.c from common.c From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132744_922056_4B71BCE8 X-CRM114-Status: GOOD ( 26.53 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:449 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is a preparatory commit for the upcoming addition of a new hardware tag-based (MTE-based) KASAN mode. The new mode won't be using shadow memory. Move all shadow-related code to shadow.c, which is only enabled for software KASAN modes that use shadow memory. No functional changes for software modes. Signed-off-by: Andrey Konovalov --- mm/kasan/Makefile | 6 +- mm/kasan/common.c | 486 +------------------------------------------ mm/kasan/shadow.c | 509 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 514 insertions(+), 487 deletions(-) create mode 100644 mm/kasan/shadow.c diff --git a/mm/kasan/Makefile b/mm/kasan/Makefile index b5517de7fc87..40366d706b7c 100644 --- a/mm/kasan/Makefile +++ b/mm/kasan/Makefile @@ -10,6 +10,7 @@ CFLAGS_REMOVE_generic_report.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_init.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_quarantine.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_report.o = $(CC_FLAGS_FTRACE) +CFLAGS_REMOVE_shadow.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_tags.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_tags_report.o = $(CC_FLAGS_FTRACE) @@ -26,9 +27,10 @@ CFLAGS_generic_report.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_init.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_quarantine.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_report.o := $(CC_FLAGS_KASAN_RUNTIME) +CFLAGS_shadow.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_tags.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_tags_report.o := $(CC_FLAGS_KASAN_RUNTIME) obj-$(CONFIG_KASAN) := common.o report.o -obj-$(CONFIG_KASAN_GENERIC) += init.o generic.o generic_report.o quarantine.o -obj-$(CONFIG_KASAN_SW_TAGS) += init.o tags.o tags_report.o +obj-$(CONFIG_KASAN_GENERIC) += init.o generic.o generic_report.o shadow.o quarantine.o +obj-$(CONFIG_KASAN_SW_TAGS) += init.o shadow.o tags.o tags_report.o diff --git a/mm/kasan/common.c b/mm/kasan/common.c index c9daf2c33651..43a927e70067 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -1,6 +1,6 @@ // SPDX-License-Identifier: GPL-2.0 /* - * This file contains common generic and tag-based KASAN code. + * This file contains common KASAN code. * * Copyright (c) 2014 Samsung Electronics Co., Ltd. * Author: Andrey Ryabinin @@ -18,7 +18,6 @@ #include #include #include -#include #include #include #include @@ -31,12 +30,8 @@ #include #include #include -#include #include -#include -#include - #include "kasan.h" #include "../slab.h" @@ -66,93 +61,6 @@ void kasan_disable_current(void) current->kasan_depth--; } -bool __kasan_check_read(const volatile void *p, unsigned int size) -{ - return check_memory_region((unsigned long)p, size, false, _RET_IP_); -} -EXPORT_SYMBOL(__kasan_check_read); - -bool __kasan_check_write(const volatile void *p, unsigned int size) -{ - return check_memory_region((unsigned long)p, size, true, _RET_IP_); -} -EXPORT_SYMBOL(__kasan_check_write); - -#undef memset -void *memset(void *addr, int c, size_t len) -{ - if (!check_memory_region((unsigned long)addr, len, true, _RET_IP_)) - return NULL; - - return __memset(addr, c, len); -} - -#ifdef __HAVE_ARCH_MEMMOVE -#undef memmove -void *memmove(void *dest, const void *src, size_t len) -{ - if (!check_memory_region((unsigned long)src, len, false, _RET_IP_) || - !check_memory_region((unsigned long)dest, len, true, _RET_IP_)) - return NULL; - - return __memmove(dest, src, len); -} -#endif - -#undef memcpy -void *memcpy(void *dest, const void *src, size_t len) -{ - if (!check_memory_region((unsigned long)src, len, false, _RET_IP_) || - !check_memory_region((unsigned long)dest, len, true, _RET_IP_)) - return NULL; - - return __memcpy(dest, src, len); -} - -/* - * Poisons the shadow memory for 'size' bytes starting from 'addr'. - * Memory addresses should be aligned to KASAN_GRANULE_SIZE. - */ -void kasan_poison_memory(const void *address, size_t size, u8 value) -{ - void *shadow_start, *shadow_end; - - /* - * Perform shadow offset calculation based on untagged address, as - * some of the callers (e.g. kasan_poison_object_data) pass tagged - * addresses to this function. - */ - address = reset_tag(address); - - shadow_start = kasan_mem_to_shadow(address); - shadow_end = kasan_mem_to_shadow(address + size); - - __memset(shadow_start, value, shadow_end - shadow_start); -} - -void kasan_unpoison_memory(const void *address, size_t size) -{ - u8 tag = get_tag(address); - - /* - * Perform shadow offset calculation based on untagged address, as - * some of the callers (e.g. kasan_unpoison_object_data) pass tagged - * addresses to this function. - */ - address = reset_tag(address); - - kasan_poison_memory(address, size, tag); - - if (size & KASAN_GRANULE_MASK) { - u8 *shadow = (u8 *)kasan_mem_to_shadow(address + size); - - if (IS_ENABLED(CONFIG_KASAN_SW_TAGS)) - *shadow = tag; - else - *shadow = size & KASAN_GRANULE_MASK; - } -} - static void __kasan_unpoison_stack(struct task_struct *task, const void *sp) { void *base = task_stack_page(task); @@ -540,395 +448,3 @@ void kasan_kfree_large(void *ptr, unsigned long ip) kasan_report_invalid_free(ptr, ip); /* The object will be poisoned by page_alloc. */ } - -#ifdef CONFIG_MEMORY_HOTPLUG -static bool shadow_mapped(unsigned long addr) -{ - pgd_t *pgd = pgd_offset_k(addr); - p4d_t *p4d; - pud_t *pud; - pmd_t *pmd; - pte_t *pte; - - if (pgd_none(*pgd)) - return false; - p4d = p4d_offset(pgd, addr); - if (p4d_none(*p4d)) - return false; - pud = pud_offset(p4d, addr); - if (pud_none(*pud)) - return false; - - /* - * We can't use pud_large() or pud_huge(), the first one is - * arch-specific, the last one depends on HUGETLB_PAGE. So let's abuse - * pud_bad(), if pud is bad then it's bad because it's huge. - */ - if (pud_bad(*pud)) - return true; - pmd = pmd_offset(pud, addr); - if (pmd_none(*pmd)) - return false; - - if (pmd_bad(*pmd)) - return true; - pte = pte_offset_kernel(pmd, addr); - return !pte_none(*pte); -} - -static int __meminit kasan_mem_notifier(struct notifier_block *nb, - unsigned long action, void *data) -{ - struct memory_notify *mem_data = data; - unsigned long nr_shadow_pages, start_kaddr, shadow_start; - unsigned long shadow_end, shadow_size; - - nr_shadow_pages = mem_data->nr_pages >> KASAN_SHADOW_SCALE_SHIFT; - start_kaddr = (unsigned long)pfn_to_kaddr(mem_data->start_pfn); - shadow_start = (unsigned long)kasan_mem_to_shadow((void *)start_kaddr); - shadow_size = nr_shadow_pages << PAGE_SHIFT; - shadow_end = shadow_start + shadow_size; - - if (WARN_ON(mem_data->nr_pages % KASAN_GRANULE_SIZE) || - WARN_ON(start_kaddr % (KASAN_GRANULE_SIZE << PAGE_SHIFT))) - return NOTIFY_BAD; - - switch (action) { - case MEM_GOING_ONLINE: { - void *ret; - - /* - * If shadow is mapped already than it must have been mapped - * during the boot. This could happen if we onlining previously - * offlined memory. - */ - if (shadow_mapped(shadow_start)) - return NOTIFY_OK; - - ret = __vmalloc_node_range(shadow_size, PAGE_SIZE, shadow_start, - shadow_end, GFP_KERNEL, - PAGE_KERNEL, VM_NO_GUARD, - pfn_to_nid(mem_data->start_pfn), - __builtin_return_address(0)); - if (!ret) - return NOTIFY_BAD; - - kmemleak_ignore(ret); - return NOTIFY_OK; - } - case MEM_CANCEL_ONLINE: - case MEM_OFFLINE: { - struct vm_struct *vm; - - /* - * shadow_start was either mapped during boot by kasan_init() - * or during memory online by __vmalloc_node_range(). - * In the latter case we can use vfree() to free shadow. - * Non-NULL result of the find_vm_area() will tell us if - * that was the second case. - * - * Currently it's not possible to free shadow mapped - * during boot by kasan_init(). It's because the code - * to do that hasn't been written yet. So we'll just - * leak the memory. - */ - vm = find_vm_area((void *)shadow_start); - if (vm) - vfree((void *)shadow_start); - } - } - - return NOTIFY_OK; -} - -static int __init kasan_memhotplug_init(void) -{ - hotplug_memory_notifier(kasan_mem_notifier, 0); - - return 0; -} - -core_initcall(kasan_memhotplug_init); -#endif - -#ifdef CONFIG_KASAN_VMALLOC - -static int kasan_populate_vmalloc_pte(pte_t *ptep, unsigned long addr, - void *unused) -{ - unsigned long page; - pte_t pte; - - if (likely(!pte_none(*ptep))) - return 0; - - page = __get_free_page(GFP_KERNEL); - if (!page) - return -ENOMEM; - - memset((void *)page, KASAN_VMALLOC_INVALID, PAGE_SIZE); - pte = pfn_pte(PFN_DOWN(__pa(page)), PAGE_KERNEL); - - spin_lock(&init_mm.page_table_lock); - if (likely(pte_none(*ptep))) { - set_pte_at(&init_mm, addr, ptep, pte); - page = 0; - } - spin_unlock(&init_mm.page_table_lock); - if (page) - free_page(page); - return 0; -} - -int kasan_populate_vmalloc(unsigned long addr, unsigned long size) -{ - unsigned long shadow_start, shadow_end; - int ret; - - if (!is_vmalloc_or_module_addr((void *)addr)) - return 0; - - shadow_start = (unsigned long)kasan_mem_to_shadow((void *)addr); - shadow_start = ALIGN_DOWN(shadow_start, PAGE_SIZE); - shadow_end = (unsigned long)kasan_mem_to_shadow((void *)addr + size); - shadow_end = ALIGN(shadow_end, PAGE_SIZE); - - ret = apply_to_page_range(&init_mm, shadow_start, - shadow_end - shadow_start, - kasan_populate_vmalloc_pte, NULL); - if (ret) - return ret; - - flush_cache_vmap(shadow_start, shadow_end); - - /* - * We need to be careful about inter-cpu effects here. Consider: - * - * CPU#0 CPU#1 - * WRITE_ONCE(p, vmalloc(100)); while (x = READ_ONCE(p)) ; - * p[99] = 1; - * - * With compiler instrumentation, that ends up looking like this: - * - * CPU#0 CPU#1 - * // vmalloc() allocates memory - * // let a = area->addr - * // we reach kasan_populate_vmalloc - * // and call kasan_unpoison_memory: - * STORE shadow(a), unpoison_val - * ... - * STORE shadow(a+99), unpoison_val x = LOAD p - * // rest of vmalloc process - * STORE p, a LOAD shadow(x+99) - * - * If there is no barrier between the end of unpoisioning the shadow - * and the store of the result to p, the stores could be committed - * in a different order by CPU#0, and CPU#1 could erroneously observe - * poison in the shadow. - * - * We need some sort of barrier between the stores. - * - * In the vmalloc() case, this is provided by a smp_wmb() in - * clear_vm_uninitialized_flag(). In the per-cpu allocator and in - * get_vm_area() and friends, the caller gets shadow allocated but - * doesn't have any pages mapped into the virtual address space that - * has been reserved. Mapping those pages in will involve taking and - * releasing a page-table lock, which will provide the barrier. - */ - - return 0; -} - -/* - * Poison the shadow for a vmalloc region. Called as part of the - * freeing process at the time the region is freed. - */ -void kasan_poison_vmalloc(const void *start, unsigned long size) -{ - if (!is_vmalloc_or_module_addr(start)) - return; - - size = round_up(size, KASAN_GRANULE_SIZE); - kasan_poison_memory(start, size, KASAN_VMALLOC_INVALID); -} - -void kasan_unpoison_vmalloc(const void *start, unsigned long size) -{ - if (!is_vmalloc_or_module_addr(start)) - return; - - kasan_unpoison_memory(start, size); -} - -static int kasan_depopulate_vmalloc_pte(pte_t *ptep, unsigned long addr, - void *unused) -{ - unsigned long page; - - page = (unsigned long)__va(pte_pfn(*ptep) << PAGE_SHIFT); - - spin_lock(&init_mm.page_table_lock); - - if (likely(!pte_none(*ptep))) { - pte_clear(&init_mm, addr, ptep); - free_page(page); - } - spin_unlock(&init_mm.page_table_lock); - - return 0; -} - -/* - * Release the backing for the vmalloc region [start, end), which - * lies within the free region [free_region_start, free_region_end). - * - * This can be run lazily, long after the region was freed. It runs - * under vmap_area_lock, so it's not safe to interact with the vmalloc/vmap - * infrastructure. - * - * How does this work? - * ------------------- - * - * We have a region that is page aligned, labelled as A. - * That might not map onto the shadow in a way that is page-aligned: - * - * start end - * v v - * |????????|????????|AAAAAAAA|AA....AA|AAAAAAAA|????????| < vmalloc - * -------- -------- -------- -------- -------- - * | | | | | - * | | | /-------/ | - * \-------\|/------/ |/---------------/ - * ||| || - * |??AAAAAA|AAAAAAAA|AA??????| < shadow - * (1) (2) (3) - * - * First we align the start upwards and the end downwards, so that the - * shadow of the region aligns with shadow page boundaries. In the - * example, this gives us the shadow page (2). This is the shadow entirely - * covered by this allocation. - * - * Then we have the tricky bits. We want to know if we can free the - * partially covered shadow pages - (1) and (3) in the example. For this, - * we are given the start and end of the free region that contains this - * allocation. Extending our previous example, we could have: - * - * free_region_start free_region_end - * | start end | - * v v v v - * |FFFFFFFF|FFFFFFFF|AAAAAAAA|AA....AA|AAAAAAAA|FFFFFFFF| < vmalloc - * -------- -------- -------- -------- -------- - * | | | | | - * | | | /-------/ | - * \-------\|/------/ |/---------------/ - * ||| || - * |FFAAAAAA|AAAAAAAA|AAF?????| < shadow - * (1) (2) (3) - * - * Once again, we align the start of the free region up, and the end of - * the free region down so that the shadow is page aligned. So we can free - * page (1) - we know no allocation currently uses anything in that page, - * because all of it is in the vmalloc free region. But we cannot free - * page (3), because we can't be sure that the rest of it is unused. - * - * We only consider pages that contain part of the original region for - * freeing: we don't try to free other pages from the free region or we'd - * end up trying to free huge chunks of virtual address space. - * - * Concurrency - * ----------- - * - * How do we know that we're not freeing a page that is simultaneously - * being used for a fresh allocation in kasan_populate_vmalloc(_pte)? - * - * We _can_ have kasan_release_vmalloc and kasan_populate_vmalloc running - * at the same time. While we run under free_vmap_area_lock, the population - * code does not. - * - * free_vmap_area_lock instead operates to ensure that the larger range - * [free_region_start, free_region_end) is safe: because __alloc_vmap_area and - * the per-cpu region-finding algorithm both run under free_vmap_area_lock, - * no space identified as free will become used while we are running. This - * means that so long as we are careful with alignment and only free shadow - * pages entirely covered by the free region, we will not run in to any - * trouble - any simultaneous allocations will be for disjoint regions. - */ -void kasan_release_vmalloc(unsigned long start, unsigned long end, - unsigned long free_region_start, - unsigned long free_region_end) -{ - void *shadow_start, *shadow_end; - unsigned long region_start, region_end; - unsigned long size; - - region_start = ALIGN(start, PAGE_SIZE * KASAN_GRANULE_SIZE); - region_end = ALIGN_DOWN(end, PAGE_SIZE * KASAN_GRANULE_SIZE); - - free_region_start = ALIGN(free_region_start, - PAGE_SIZE * KASAN_GRANULE_SIZE); - - if (start != region_start && - free_region_start < region_start) - region_start -= PAGE_SIZE * KASAN_GRANULE_SIZE; - - free_region_end = ALIGN_DOWN(free_region_end, - PAGE_SIZE * KASAN_GRANULE_SIZE); - - if (end != region_end && - free_region_end > region_end) - region_end += PAGE_SIZE * KASAN_GRANULE_SIZE; - - shadow_start = kasan_mem_to_shadow((void *)region_start); - shadow_end = kasan_mem_to_shadow((void *)region_end); - - if (shadow_end > shadow_start) { - size = shadow_end - shadow_start; - apply_to_existing_page_range(&init_mm, - (unsigned long)shadow_start, - size, kasan_depopulate_vmalloc_pte, - NULL); - flush_tlb_kernel_range((unsigned long)shadow_start, - (unsigned long)shadow_end); - } -} - -#else /* CONFIG_KASAN_VMALLOC */ - -int kasan_module_alloc(void *addr, size_t size) -{ - void *ret; - size_t scaled_size; - size_t shadow_size; - unsigned long shadow_start; - - shadow_start = (unsigned long)kasan_mem_to_shadow(addr); - scaled_size = (size + KASAN_GRANULE_SIZE - 1) >> - KASAN_SHADOW_SCALE_SHIFT; - shadow_size = round_up(scaled_size, PAGE_SIZE); - - if (WARN_ON(!PAGE_ALIGNED(shadow_start))) - return -EINVAL; - - ret = __vmalloc_node_range(shadow_size, 1, shadow_start, - shadow_start + shadow_size, - GFP_KERNEL, - PAGE_KERNEL, VM_NO_GUARD, NUMA_NO_NODE, - __builtin_return_address(0)); - - if (ret) { - __memset(ret, KASAN_SHADOW_INIT, shadow_size); - find_vm_area(addr)->flags |= VM_KASAN; - kmemleak_ignore(ret); - return 0; - } - - return -ENOMEM; -} - -void kasan_free_shadow(const struct vm_struct *vm) -{ - if (vm->flags & VM_KASAN) - vfree(kasan_mem_to_shadow(vm->addr)); -} - -#endif diff --git a/mm/kasan/shadow.c b/mm/kasan/shadow.c new file mode 100644 index 000000000000..4888084ecdfc --- /dev/null +++ b/mm/kasan/shadow.c @@ -0,0 +1,509 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * This file contains KASAN shadow runtime code. + * + * Copyright (c) 2014 Samsung Electronics Co., Ltd. + * Author: Andrey Ryabinin + * + * Some code borrowed from https://github.com/xairy/kasan-prototype by + * Andrey Konovalov + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "kasan.h" + +bool __kasan_check_read(const volatile void *p, unsigned int size) +{ + return check_memory_region((unsigned long)p, size, false, _RET_IP_); +} +EXPORT_SYMBOL(__kasan_check_read); + +bool __kasan_check_write(const volatile void *p, unsigned int size) +{ + return check_memory_region((unsigned long)p, size, true, _RET_IP_); +} +EXPORT_SYMBOL(__kasan_check_write); + +#undef memset +void *memset(void *addr, int c, size_t len) +{ + if (!check_memory_region((unsigned long)addr, len, true, _RET_IP_)) + return NULL; + + return __memset(addr, c, len); +} + +#ifdef __HAVE_ARCH_MEMMOVE +#undef memmove +void *memmove(void *dest, const void *src, size_t len) +{ + if (!check_memory_region((unsigned long)src, len, false, _RET_IP_) || + !check_memory_region((unsigned long)dest, len, true, _RET_IP_)) + return NULL; + + return __memmove(dest, src, len); +} +#endif + +#undef memcpy +void *memcpy(void *dest, const void *src, size_t len) +{ + if (!check_memory_region((unsigned long)src, len, false, _RET_IP_) || + !check_memory_region((unsigned long)dest, len, true, _RET_IP_)) + return NULL; + + return __memcpy(dest, src, len); +} + +/* + * Poisons the shadow memory for 'size' bytes starting from 'addr'. + * Memory addresses should be aligned to KASAN_GRANULE_SIZE. + */ +void kasan_poison_memory(const void *address, size_t size, u8 value) +{ + void *shadow_start, *shadow_end; + + /* + * Perform shadow offset calculation based on untagged address, as + * some of the callers (e.g. kasan_poison_object_data) pass tagged + * addresses to this function. + */ + address = reset_tag(address); + + shadow_start = kasan_mem_to_shadow(address); + shadow_end = kasan_mem_to_shadow(address + size); + + __memset(shadow_start, value, shadow_end - shadow_start); +} + +void kasan_unpoison_memory(const void *address, size_t size) +{ + u8 tag = get_tag(address); + + /* + * Perform shadow offset calculation based on untagged address, as + * some of the callers (e.g. kasan_unpoison_object_data) pass tagged + * addresses to this function. + */ + address = reset_tag(address); + + kasan_poison_memory(address, size, tag); + + if (size & KASAN_GRANULE_MASK) { + u8 *shadow = (u8 *)kasan_mem_to_shadow(address + size); + + if (IS_ENABLED(CONFIG_KASAN_SW_TAGS)) + *shadow = tag; + else + *shadow = size & KASAN_GRANULE_MASK; + } +} + +#ifdef CONFIG_MEMORY_HOTPLUG +static bool shadow_mapped(unsigned long addr) +{ + pgd_t *pgd = pgd_offset_k(addr); + p4d_t *p4d; + pud_t *pud; + pmd_t *pmd; + pte_t *pte; + + if (pgd_none(*pgd)) + return false; + p4d = p4d_offset(pgd, addr); + if (p4d_none(*p4d)) + return false; + pud = pud_offset(p4d, addr); + if (pud_none(*pud)) + return false; + + /* + * We can't use pud_large() or pud_huge(), the first one is + * arch-specific, the last one depends on HUGETLB_PAGE. So let's abuse + * pud_bad(), if pud is bad then it's bad because it's huge. + */ + if (pud_bad(*pud)) + return true; + pmd = pmd_offset(pud, addr); + if (pmd_none(*pmd)) + return false; + + if (pmd_bad(*pmd)) + return true; + pte = pte_offset_kernel(pmd, addr); + return !pte_none(*pte); +} + +static int __meminit kasan_mem_notifier(struct notifier_block *nb, + unsigned long action, void *data) +{ + struct memory_notify *mem_data = data; + unsigned long nr_shadow_pages, start_kaddr, shadow_start; + unsigned long shadow_end, shadow_size; + + nr_shadow_pages = mem_data->nr_pages >> KASAN_SHADOW_SCALE_SHIFT; + start_kaddr = (unsigned long)pfn_to_kaddr(mem_data->start_pfn); + shadow_start = (unsigned long)kasan_mem_to_shadow((void *)start_kaddr); + shadow_size = nr_shadow_pages << PAGE_SHIFT; + shadow_end = shadow_start + shadow_size; + + if (WARN_ON(mem_data->nr_pages % KASAN_GRANULE_SIZE) || + WARN_ON(start_kaddr % (KASAN_GRANULE_SIZE << PAGE_SHIFT))) + return NOTIFY_BAD; + + switch (action) { + case MEM_GOING_ONLINE: { + void *ret; + + /* + * If shadow is mapped already than it must have been mapped + * during the boot. This could happen if we onlining previously + * offlined memory. + */ + if (shadow_mapped(shadow_start)) + return NOTIFY_OK; + + ret = __vmalloc_node_range(shadow_size, PAGE_SIZE, shadow_start, + shadow_end, GFP_KERNEL, + PAGE_KERNEL, VM_NO_GUARD, + pfn_to_nid(mem_data->start_pfn), + __builtin_return_address(0)); + if (!ret) + return NOTIFY_BAD; + + kmemleak_ignore(ret); + return NOTIFY_OK; + } + case MEM_CANCEL_ONLINE: + case MEM_OFFLINE: { + struct vm_struct *vm; + + /* + * shadow_start was either mapped during boot by kasan_init() + * or during memory online by __vmalloc_node_range(). + * In the latter case we can use vfree() to free shadow. + * Non-NULL result of the find_vm_area() will tell us if + * that was the second case. + * + * Currently it's not possible to free shadow mapped + * during boot by kasan_init(). It's because the code + * to do that hasn't been written yet. So we'll just + * leak the memory. + */ + vm = find_vm_area((void *)shadow_start); + if (vm) + vfree((void *)shadow_start); + } + } + + return NOTIFY_OK; +} + +static int __init kasan_memhotplug_init(void) +{ + hotplug_memory_notifier(kasan_mem_notifier, 0); + + return 0; +} + +core_initcall(kasan_memhotplug_init); +#endif + +#ifdef CONFIG_KASAN_VMALLOC + +static int kasan_populate_vmalloc_pte(pte_t *ptep, unsigned long addr, + void *unused) +{ + unsigned long page; + pte_t pte; + + if (likely(!pte_none(*ptep))) + return 0; + + page = __get_free_page(GFP_KERNEL); + if (!page) + return -ENOMEM; + + memset((void *)page, KASAN_VMALLOC_INVALID, PAGE_SIZE); + pte = pfn_pte(PFN_DOWN(__pa(page)), PAGE_KERNEL); + + spin_lock(&init_mm.page_table_lock); + if (likely(pte_none(*ptep))) { + set_pte_at(&init_mm, addr, ptep, pte); + page = 0; + } + spin_unlock(&init_mm.page_table_lock); + if (page) + free_page(page); + return 0; +} + +int kasan_populate_vmalloc(unsigned long addr, unsigned long size) +{ + unsigned long shadow_start, shadow_end; + int ret; + + if (!is_vmalloc_or_module_addr((void *)addr)) + return 0; + + shadow_start = (unsigned long)kasan_mem_to_shadow((void *)addr); + shadow_start = ALIGN_DOWN(shadow_start, PAGE_SIZE); + shadow_end = (unsigned long)kasan_mem_to_shadow((void *)addr + size); + shadow_end = ALIGN(shadow_end, PAGE_SIZE); + + ret = apply_to_page_range(&init_mm, shadow_start, + shadow_end - shadow_start, + kasan_populate_vmalloc_pte, NULL); + if (ret) + return ret; + + flush_cache_vmap(shadow_start, shadow_end); + + /* + * We need to be careful about inter-cpu effects here. Consider: + * + * CPU#0 CPU#1 + * WRITE_ONCE(p, vmalloc(100)); while (x = READ_ONCE(p)) ; + * p[99] = 1; + * + * With compiler instrumentation, that ends up looking like this: + * + * CPU#0 CPU#1 + * // vmalloc() allocates memory + * // let a = area->addr + * // we reach kasan_populate_vmalloc + * // and call kasan_unpoison_memory: + * STORE shadow(a), unpoison_val + * ... + * STORE shadow(a+99), unpoison_val x = LOAD p + * // rest of vmalloc process + * STORE p, a LOAD shadow(x+99) + * + * If there is no barrier between the end of unpoisioning the shadow + * and the store of the result to p, the stores could be committed + * in a different order by CPU#0, and CPU#1 could erroneously observe + * poison in the shadow. + * + * We need some sort of barrier between the stores. + * + * In the vmalloc() case, this is provided by a smp_wmb() in + * clear_vm_uninitialized_flag(). In the per-cpu allocator and in + * get_vm_area() and friends, the caller gets shadow allocated but + * doesn't have any pages mapped into the virtual address space that + * has been reserved. Mapping those pages in will involve taking and + * releasing a page-table lock, which will provide the barrier. + */ + + return 0; +} + +/* + * Poison the shadow for a vmalloc region. Called as part of the + * freeing process at the time the region is freed. + */ +void kasan_poison_vmalloc(const void *start, unsigned long size) +{ + if (!is_vmalloc_or_module_addr(start)) + return; + + size = round_up(size, KASAN_GRANULE_SIZE); + kasan_poison_memory(start, size, KASAN_VMALLOC_INVALID); +} + +void kasan_unpoison_vmalloc(const void *start, unsigned long size) +{ + if (!is_vmalloc_or_module_addr(start)) + return; + + kasan_unpoison_memory(start, size); +} + +static int kasan_depopulate_vmalloc_pte(pte_t *ptep, unsigned long addr, + void *unused) +{ + unsigned long page; + + page = (unsigned long)__va(pte_pfn(*ptep) << PAGE_SHIFT); + + spin_lock(&init_mm.page_table_lock); + + if (likely(!pte_none(*ptep))) { + pte_clear(&init_mm, addr, ptep); + free_page(page); + } + spin_unlock(&init_mm.page_table_lock); + + return 0; +} + +/* + * Release the backing for the vmalloc region [start, end), which + * lies within the free region [free_region_start, free_region_end). + * + * This can be run lazily, long after the region was freed. It runs + * under vmap_area_lock, so it's not safe to interact with the vmalloc/vmap + * infrastructure. + * + * How does this work? + * ------------------- + * + * We have a region that is page aligned, labelled as A. + * That might not map onto the shadow in a way that is page-aligned: + * + * start end + * v v + * |????????|????????|AAAAAAAA|AA....AA|AAAAAAAA|????????| < vmalloc + * -------- -------- -------- -------- -------- + * | | | | | + * | | | /-------/ | + * \-------\|/------/ |/---------------/ + * ||| || + * |??AAAAAA|AAAAAAAA|AA??????| < shadow + * (1) (2) (3) + * + * First we align the start upwards and the end downwards, so that the + * shadow of the region aligns with shadow page boundaries. In the + * example, this gives us the shadow page (2). This is the shadow entirely + * covered by this allocation. + * + * Then we have the tricky bits. We want to know if we can free the + * partially covered shadow pages - (1) and (3) in the example. For this, + * we are given the start and end of the free region that contains this + * allocation. Extending our previous example, we could have: + * + * free_region_start free_region_end + * | start end | + * v v v v + * |FFFFFFFF|FFFFFFFF|AAAAAAAA|AA....AA|AAAAAAAA|FFFFFFFF| < vmalloc + * -------- -------- -------- -------- -------- + * | | | | | + * | | | /-------/ | + * \-------\|/------/ |/---------------/ + * ||| || + * |FFAAAAAA|AAAAAAAA|AAF?????| < shadow + * (1) (2) (3) + * + * Once again, we align the start of the free region up, and the end of + * the free region down so that the shadow is page aligned. So we can free + * page (1) - we know no allocation currently uses anything in that page, + * because all of it is in the vmalloc free region. But we cannot free + * page (3), because we can't be sure that the rest of it is unused. + * + * We only consider pages that contain part of the original region for + * freeing: we don't try to free other pages from the free region or we'd + * end up trying to free huge chunks of virtual address space. + * + * Concurrency + * ----------- + * + * How do we know that we're not freeing a page that is simultaneously + * being used for a fresh allocation in kasan_populate_vmalloc(_pte)? + * + * We _can_ have kasan_release_vmalloc and kasan_populate_vmalloc running + * at the same time. While we run under free_vmap_area_lock, the population + * code does not. + * + * free_vmap_area_lock instead operates to ensure that the larger range + * [free_region_start, free_region_end) is safe: because __alloc_vmap_area and + * the per-cpu region-finding algorithm both run under free_vmap_area_lock, + * no space identified as free will become used while we are running. This + * means that so long as we are careful with alignment and only free shadow + * pages entirely covered by the free region, we will not run in to any + * trouble - any simultaneous allocations will be for disjoint regions. + */ +void kasan_release_vmalloc(unsigned long start, unsigned long end, + unsigned long free_region_start, + unsigned long free_region_end) +{ + void *shadow_start, *shadow_end; + unsigned long region_start, region_end; + unsigned long size; + + region_start = ALIGN(start, PAGE_SIZE * KASAN_GRANULE_SIZE); + region_end = ALIGN_DOWN(end, PAGE_SIZE * KASAN_GRANULE_SIZE); + + free_region_start = ALIGN(free_region_start, + PAGE_SIZE * KASAN_GRANULE_SIZE); + + if (start != region_start && + free_region_start < region_start) + region_start -= PAGE_SIZE * KASAN_GRANULE_SIZE; + + free_region_end = ALIGN_DOWN(free_region_end, + PAGE_SIZE * KASAN_GRANULE_SIZE); + + if (end != region_end && + free_region_end > region_end) + region_end += PAGE_SIZE * KASAN_GRANULE_SIZE; + + shadow_start = kasan_mem_to_shadow((void *)region_start); + shadow_end = kasan_mem_to_shadow((void *)region_end); + + if (shadow_end > shadow_start) { + size = shadow_end - shadow_start; + apply_to_existing_page_range(&init_mm, + (unsigned long)shadow_start, + size, kasan_depopulate_vmalloc_pte, + NULL); + flush_tlb_kernel_range((unsigned long)shadow_start, + (unsigned long)shadow_end); + } +} + +#else /* CONFIG_KASAN_VMALLOC */ + +int kasan_module_alloc(void *addr, size_t size) +{ + void *ret; + size_t scaled_size; + size_t shadow_size; + unsigned long shadow_start; + + shadow_start = (unsigned long)kasan_mem_to_shadow(addr); + scaled_size = (size + KASAN_GRANULE_SIZE - 1) >> + KASAN_SHADOW_SCALE_SHIFT; + shadow_size = round_up(scaled_size, PAGE_SIZE); + + if (WARN_ON(!PAGE_ALIGNED(shadow_start))) + return -EINVAL; + + ret = __vmalloc_node_range(shadow_size, 1, shadow_start, + shadow_start + shadow_size, + GFP_KERNEL, + PAGE_KERNEL, VM_NO_GUARD, NUMA_NO_NODE, + __builtin_return_address(0)); + + if (ret) { + __memset(ret, KASAN_SHADOW_INIT, shadow_size); + find_vm_area(addr)->flags |= VM_KASAN; + kmemleak_ignore(ret); + return 0; + } + + return -ENOMEM; +} + +void kasan_free_shadow(const struct vm_struct *vm) +{ + if (vm->flags & VM_KASAN) + vfree(kasan_mem_to_shadow(vm->addr)); +} + +#endif From patchwork Fri Aug 14 17:26:50 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715061 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7C7D0739 for ; Fri, 14 Aug 2020 17:31:52 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 53E0A20768 for ; Fri, 14 Aug 2020 17:31:52 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="q+PeJ5Fp"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="pPcBQTWc" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 53E0A20768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=BqEPNsKuW5LRvxhJatf+zFtD+4h+w06dHr+vvmRg8Q8=; b=q+PeJ5FpW0wuUt709NPSEqQXY jEDSoWWEL46GT81DDSBrcF9C35w43VwGn8EEDT5Hg3dqKHFypMUVGiBu80PTeG6kQr6OFtertZt8Z 85OoGTuhyl8eicnS2N/w/4voKru4cP0Qd/ZSOs4GdDpJUEXoNijQUQxfG4q7idCjUaj3qtwP0IvCY MJGZWeHq5VQ/RkVQiA9yxsFqOVOlcwx+rhvCZIyfn59s/47dHiocD0G0TQbYo5Uc/Z6k8nDdHYUtu FSArQBuDBLIEtgcyguxqeCDmi4lyxZAiosD8qdNiXj0CMYjtrH+qSzrQF1u7LWIIv6dHix7ofM8pe EskHGKlGA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dWO-0004Cm-SB; Fri, 14 Aug 2020 17:29:40 +0000 Received: from mail-wm1-x34a.google.com ([2a00:1450:4864:20::34a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUa-0003Jl-Au for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:27:59 +0000 Received: by mail-wm1-x34a.google.com with SMTP id d22so3543688wmd.2 for ; Fri, 14 Aug 2020 10:27:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=np+YjQo4chu4bS0e//GH8nyclC7wFRenYBsdsyZN+zk=; b=pPcBQTWcc0pB+A1Qkgyg36kQKBhw6A/0CZ5PXyKV9kUI5he4/+mJy2m/2Z2DVjNjII 8UZtagmk1MICeu1fM9xQeBBKEXfd3Q/Af6l1AhqGnW02K5SLJndTbN6hxWqsI5U75N/D bQVQGpbGqdhv5DDR8Q8C7NbIZhVU0qqjL054jTmF2xIVXVxSE/2IRAn+gYyvT6WL8YIJ HVPEqgkP1vHe3O8MQLU1DuWBLaG3kzbf0CtyRYJ4WbL1tBvFoKr0I2IWdVa5PiLx/gA4 3vm0svprRoNvMg/ImX3wCNl4HgPmXhS6H9WFhvChpekjkLznqiC2BXgy2tmf0g63pXLy iKKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=np+YjQo4chu4bS0e//GH8nyclC7wFRenYBsdsyZN+zk=; b=Oj9SEp8qZTEqfxYlD1USv/ioJGz6AJlsQH+KyFIE/SuFMheIT92+A+8H/GeVG/WeTB XhD+resDMhWZfp+rsEH8yo1ylxngNifnkFbR+MyLSnJHFNpOkjyIJVTA3kkY1bgUSMnw qdL4BL3pIHibt/Jyf9ILmwFxuNXYbqL1B89Fjl1HbfrJztVTE8jJuB+ntU3JrBn4dZjI 9pq+KLOUpEr/pPUgOPlW9Eq4hpnxqSdRuo3TFsYDjzKpX5yWwIVV3ofnOlIhyGn8EVcm f8UejD+AgLAGQh503QaIb6dSU92C+2FyWnwoVhsxGDhKk9rNCL3VSiWCebNXMVa6sjAg AYSA== X-Gm-Message-State: AOAM532lgULHNB+Uj1H0UolOZBb3N8wpm6KjUTG6QfsaunxwKJAX6wVb U3zJFp/u2uK1TgEYkLU4tpiSHxMbk3+09jem X-Google-Smtp-Source: ABdhPJxMdFS/yNyg4MwjTnWmhaQzL0z42GnjWIS4vVb2p1bJE9xvcCYCxX7TZZq23RaIt0i+3EFX9Qy944e9OQDZ X-Received: by 2002:a7b:c8da:: with SMTP id f26mr3553163wml.126.1597426064102; Fri, 14 Aug 2020 10:27:44 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:50 +0200 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 08/35] kasan: rename generic/tags_report.c files From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132748_602001_FB030D5A X-CRM114-Status: GOOD ( 11.74 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:34a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org Rename generic_report.c to report_generic.c and tags_report.c to report_tags.c, as their content is more relevant to report.c file, then to generic.c or tags.c. No functional changes. Signed-off-by: Andrey Konovalov --- mm/kasan/Makefile | 12 ++++++------ mm/kasan/report.c | 2 +- mm/kasan/{generic_report.c => report_generic.c} | 0 mm/kasan/{tags_report.c => report_tags.c} | 0 4 files changed, 7 insertions(+), 7 deletions(-) rename mm/kasan/{generic_report.c => report_generic.c} (100%) rename mm/kasan/{tags_report.c => report_tags.c} (100%) diff --git a/mm/kasan/Makefile b/mm/kasan/Makefile index 40366d706b7c..007c824f6f43 100644 --- a/mm/kasan/Makefile +++ b/mm/kasan/Makefile @@ -6,13 +6,13 @@ KCOV_INSTRUMENT := n # Disable ftrace to avoid recursion. CFLAGS_REMOVE_common.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_generic.o = $(CC_FLAGS_FTRACE) -CFLAGS_REMOVE_generic_report.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_init.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_quarantine.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_report.o = $(CC_FLAGS_FTRACE) +CFLAGS_REMOVE_report_generic.o = $(CC_FLAGS_FTRACE) +CFLAGS_REMOVE_report_tags.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_shadow.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_tags.o = $(CC_FLAGS_FTRACE) -CFLAGS_REMOVE_tags_report.o = $(CC_FLAGS_FTRACE) # Function splitter causes unnecessary splits in __asan_load1/__asan_store1 # see: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63533 @@ -23,14 +23,14 @@ CC_FLAGS_KASAN_RUNTIME += -DDISABLE_BRANCH_PROFILING CFLAGS_common.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_generic.o := $(CC_FLAGS_KASAN_RUNTIME) -CFLAGS_generic_report.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_init.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_quarantine.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_report.o := $(CC_FLAGS_KASAN_RUNTIME) +CFLAGS_report_generic.o := $(CC_FLAGS_KASAN_RUNTIME) +CFLAGS_report_tags.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_shadow.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_tags.o := $(CC_FLAGS_KASAN_RUNTIME) -CFLAGS_tags_report.o := $(CC_FLAGS_KASAN_RUNTIME) obj-$(CONFIG_KASAN) := common.o report.o -obj-$(CONFIG_KASAN_GENERIC) += init.o generic.o generic_report.o shadow.o quarantine.o -obj-$(CONFIG_KASAN_SW_TAGS) += init.o shadow.o tags.o tags_report.o +obj-$(CONFIG_KASAN_GENERIC) += init.o generic.o report_generic.o shadow.o quarantine.o +obj-$(CONFIG_KASAN_SW_TAGS) += init.o report_tags.o shadow.o tags.o diff --git a/mm/kasan/report.c b/mm/kasan/report.c index 7c025d792e2f..f16591ba9e2e 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -1,6 +1,6 @@ // SPDX-License-Identifier: GPL-2.0 /* - * This file contains common generic and tag-based KASAN error reporting code. + * This file contains common KASAN error reporting code. * * Copyright (c) 2014 Samsung Electronics Co., Ltd. * Author: Andrey Ryabinin diff --git a/mm/kasan/generic_report.c b/mm/kasan/report_generic.c similarity index 100% rename from mm/kasan/generic_report.c rename to mm/kasan/report_generic.c diff --git a/mm/kasan/tags_report.c b/mm/kasan/report_tags.c similarity index 100% rename from mm/kasan/tags_report.c rename to mm/kasan/report_tags.c From patchwork Fri Aug 14 17:26:51 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715033 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id CDD2E618 for ; Fri, 14 Aug 2020 17:29:57 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A65C920708 for ; Fri, 14 Aug 2020 17:29:57 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Ot05y5dw"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="ZgHPshRZ" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A65C920708 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=ROKW7A5zuhbAKgQQ1Fgx2y7qd4XXNIYMkNN8Kiu0bk8=; b=Ot05y5dwFY5nfhVExwckzFXOR nNehK6NKE/BkL+9f86bSaa35LqoDTqPkgpUrsarmgTX8ALps5KESCsx5HXz7hZ/z6ez+D33obw/+r /oV/ehyLjXCdruRgHu5WtoTW10/LnBQe/+VKGmuxG7EW00X8HmsEBeHyoaagHNlA0Y/vD4eYjeUOs d0GfFRC0ZBX3vz1bVKRvTRR5ZtHQSyd7dAkr6Kabzvn59oZ87i1iEWFa5+mBJNIPFs157Qe0CPDEJ sp/eG6k5cSGLTRrewWNSbTkX0pCSpZGGZp1YOaKoznumSdWlHwGuQtdFXjwkk4OWDLkphi3eFfKWt wDmgPcGNQ==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dWS-0004GB-S0; Fri, 14 Aug 2020 17:29:44 +0000 Received: from mail-qv1-xf4a.google.com ([2607:f8b0:4864:20::f4a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUc-0003Kt-Fb for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:27:59 +0000 Received: by mail-qv1-xf4a.google.com with SMTP id i4so6527103qvv.4 for ; Fri, 14 Aug 2020 10:27:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=e2KGLRW+d0jj4Tv+MmRAX362NCHhZR9ltOsxskRbVvg=; b=ZgHPshRZ26bIOrhPnGktEcpoM4tZV4RKhQX3lqJKd1EpP9qvxqZkoQ//TjgMjABFsP X4gQzs7rYpoHS2j8HMRZztH46nKFN0f8FoOm4ob/a3l2ZAjbQkoVpjfH0/yaE8dhumd5 0d8vZL/unnnvG/TDju1HNtgWXEaMJOg6eIp7UdcXay50olpfSsmyekAAVaugXR0dJeTn e6Hn3yxKQdUb8ljAVhNKjg3fW9gUk6qdz8mWkrgF8LJzugzhP7SbGwS52yR0QKSQjGte vQNf9bfUTgTroD3lX0ezS8EKcqrPggGHqoco7Cc/jgGCX2K7ESwOHrmo0C8LEp+z1fH/ hmxg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=e2KGLRW+d0jj4Tv+MmRAX362NCHhZR9ltOsxskRbVvg=; b=eyvVSGE8FYdeEZrNXQLYKZJ5WCR7Txzp2TObeoxyUtwioFYSBIuPbAdREnkLxeHuWR NCBIRpcDP/Sjzab9imiIRrU1PKduluBOlaBWUj3kukW5lEJPxI5wxL3MCVMOv6MKnzKL uiVhP0pthXoOiIFOSTzLhKftAxh+SZW/mC+hRt5f8tJFck5t/KIoHgZ/Tn/lUYUwAgxp bbSzo8eJWIBOMLuool9uFdnDtlpmNngRvTyiHeMN/N0++OGzbekTzsmHWfy1BLo1Cj0I xpdpdo+R8/1uRjt6vQhlxTD/yWkGYkURtwdmvTsuwOEyyEhuSwkR8mFQLNsay3uDFgiU B81g== X-Gm-Message-State: AOAM530VqUBwXC2hjPY0RUjYilrmjvEXdiLlGE0fEoZE0qqo+R9J9Z7P sQQOBSaxmcuhkVuHeNH8kYMIfWOqFF+scF+R X-Google-Smtp-Source: ABdhPJwvFCW71RrNBIBisU3qDI9g+D96gmQLmIYvDx+uRAkaisRTQSBeyenTGfi9SpAFmB/JOXIpogKSN0EeD35Y X-Received: by 2002:a05:6214:1086:: with SMTP id o6mr3450750qvr.41.1597426066233; Fri, 14 Aug 2020 10:27:46 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:51 +0200 In-Reply-To: Message-Id: <0197bbc0050e20ffdbf43eb8300af245c5c169db.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 09/35] kasan: don't duplicate config dependencies From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132750_632693_52803E9B X-CRM114-Status: GOOD ( 10.74 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:f4a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org Both KASAN_GENERIC and KASAN_SW_TAGS have common dependencies, move those to KASAN. Signed-off-by: Andrey Konovalov --- lib/Kconfig.kasan | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan index e1d55331b618..b4cf6c519d71 100644 --- a/lib/Kconfig.kasan +++ b/lib/Kconfig.kasan @@ -24,6 +24,9 @@ menuconfig KASAN (HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS) depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB) depends on CC_HAS_WORKING_NOSANITIZE_ADDRESS + select SLUB_DEBUG if SLUB + select CONSTRUCTORS + select STACKDEPOT help Enables KASAN (KernelAddressSANitizer) - runtime memory debugger, designed to find out-of-bounds accesses and use-after-free bugs. @@ -46,10 +49,6 @@ choice config KASAN_GENERIC bool "Generic mode" depends on HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC - depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB) - select SLUB_DEBUG if SLUB - select CONSTRUCTORS - select STACKDEPOT help Enables generic KASAN mode. @@ -70,10 +69,6 @@ config KASAN_GENERIC config KASAN_SW_TAGS bool "Software tag-based mode" depends on HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS - depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB) - select SLUB_DEBUG if SLUB - select CONSTRUCTORS - select STACKDEPOT help Enables software tag-based KASAN mode. From patchwork Fri Aug 14 17:26:52 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715069 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5E51A739 for ; Fri, 14 Aug 2020 17:32:05 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id B928E20768 for ; Fri, 14 Aug 2020 17:32:04 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="o/ExanUs"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="aNwZunoi" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B928E20768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=NLNlyCbwSQPK/42NSv52KuXF1TMitPnI6F6sAiIKpZk=; b=o/ExanUs5t54L0iWOYiJI3cUw jUBDbKFMKqF/o8v4W83j5TvhJT9nNkAwrI0wMI67A2fZwVMxXxn5mbKJQ96Nv6sYj30cQIJHnuIZ2 W4bdUsNFcOWDhhUN9kysw7kUYt0tl5x/fet1XXtwXa6uo2zu3dYXyVkk1zTzHnWqMWqxch8KzBub5 jlwj/LvE72cnX05UKGCxcZQEbuXd892DkDCkJqFKkjXXHIXaT3Bpoq9JwMKPCNRJk9Se3v1wO/Sfg 8twKirnJ5heX3Ckdc4fRETZfA5Ztitm1V10Auivp1CzAcxyel0trnxqqg98XaQsUfioCEiayvqgP5 JIbC0X5OQ==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dWW-0004Hf-6w; Fri, 14 Aug 2020 17:29:48 +0000 Received: from mail-qv1-xf49.google.com ([2607:f8b0:4864:20::f49]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUe-0003M6-T3 for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:04 +0000 Received: by mail-qv1-xf49.google.com with SMTP id q12so6493000qvm.19 for ; Fri, 14 Aug 2020 10:27:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=1rxlsTFeHZWa6ONOeuQ+mv6OBF5H+hBIiaZ8LmsUVlw=; b=aNwZunoi3mHHGlkooltBIe1Qkubi/Wo4oN/aIQ8lJRAMl5UdW3bTgJ7rzr67Ve3nb9 NmIv70kXBmf9zj7wn/wHi1N+LQlkhMMIAhFqieQWyYW0N8bY+pORzmxtURdzki0k4eXa 7jMkkdZvld9iNJ6dSN1lwxzvAL+ufKxNXVbH6ohxLnW5O6OdvxyRZ/5SQvizoh0g0U6b PWK5aOsiCFlMDuHtC5AhpdDaMonU4i2ODCGn6wtzxS0yoh4RG/AmFrygZ2yS/xZRPhth RpX6GO6SuWsFFoAVqp3S1UBnm51SNGIhYykTHVzhrTqcmklo+ppF2q0ZpFwCl2fGiFR6 puPg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=1rxlsTFeHZWa6ONOeuQ+mv6OBF5H+hBIiaZ8LmsUVlw=; b=WMarvQ0fCGSRE8F0vVKZrA242S8N2+owYBlrjzBxCop2BFrlxdrnIw7/NliZ5DnuJ5 cs20/1hOgEljDnccMbqZtgFKhxJSxlZEAUYhnhnioey72PZDRVOqcWN2XX/KYPlazU0Q zeT/8yCfMQjjWqz2xihzROpR8Dg59B7uhAyBueThAYKE/+jsn/cVm/8fv92+LsbElz2R 7gKwah6r4u1t7XjyBryFWwUrHaUYjHZaR+Sa9vvw2WcI6QwshMCrDnZXnf/+Dn9xlUyB 3qAm4mlmcv7VFriLt/MSLoilE4c4hjmLHQPeuojGMHxRlyoJuz/+UuvEXgMMjDhO/GN+ D01Q== X-Gm-Message-State: AOAM530f1tMRYKtb1Km81h+IZW5HTFkRtvESFoTVVmoxCh8pImJVAFvi 7rS8vNSjbqtdKJtuK5j76XrbrygjNUp+O1iD X-Google-Smtp-Source: ABdhPJy/gdFog9RJ52TaUpDFLL7rB+IrSCdsGbxbhfQp7k8XhqJjvVdS5NHx1ANpYjQ7pe2eSAgalurK612nOYGV X-Received: by 2002:ad4:40cb:: with SMTP id x11mr3720078qvp.176.1597426068373; Fri, 14 Aug 2020 10:27:48 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:52 +0200 In-Reply-To: Message-Id: <5a3f6b39567f2b7270e8d45bf1b909796259d3d1.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 10/35] kasan: hide invalid free check implementation From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132753_078585_931CABEA X-CRM114-Status: GOOD ( 16.28 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:f49 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is a preparatory commit for the upcoming addition of a new hardware tag-based (MTE-based) KASAN mode. For software KASAN modes the check is based on the value in the shadow memory. Hardware tag-based KASAN won't be using shadow, so hide the implementation of the check in check_invalid_free(). No functional changes for software modes. Signed-off-by: Andrey Konovalov --- mm/kasan/common.c | 19 +------------------ mm/kasan/generic.c | 7 +++++++ mm/kasan/kasan.h | 2 ++ mm/kasan/tags.c | 12 ++++++++++++ 4 files changed, 22 insertions(+), 18 deletions(-) diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 43a927e70067..a2321d35390e 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -277,25 +277,9 @@ void * __must_check kasan_init_slab_obj(struct kmem_cache *cache, return (void *)object; } -static inline bool shadow_invalid(u8 tag, s8 shadow_byte) -{ - if (IS_ENABLED(CONFIG_KASAN_GENERIC)) - return shadow_byte < 0 || - shadow_byte >= KASAN_GRANULE_SIZE; - - /* else CONFIG_KASAN_SW_TAGS: */ - if ((u8)shadow_byte == KASAN_TAG_INVALID) - return true; - if ((tag != KASAN_TAG_KERNEL) && (tag != (u8)shadow_byte)) - return true; - - return false; -} - static bool __kasan_slab_free(struct kmem_cache *cache, void *object, unsigned long ip, bool quarantine) { - s8 shadow_byte; u8 tag; void *tagged_object; unsigned long rounded_up_size; @@ -314,8 +298,7 @@ static bool __kasan_slab_free(struct kmem_cache *cache, void *object, if (unlikely(cache->flags & SLAB_TYPESAFE_BY_RCU)) return false; - shadow_byte = READ_ONCE(*(s8 *)kasan_mem_to_shadow(object)); - if (shadow_invalid(tag, shadow_byte)) { + if (check_invalid_free(tagged_object)) { kasan_report_invalid_free(tagged_object, ip); return true; } diff --git a/mm/kasan/generic.c b/mm/kasan/generic.c index f6d68aa9872f..73f4d786ad5d 100644 --- a/mm/kasan/generic.c +++ b/mm/kasan/generic.c @@ -192,6 +192,13 @@ bool check_memory_region(unsigned long addr, size_t size, bool write, return check_memory_region_inline(addr, size, write, ret_ip); } +bool check_invalid_free(void *addr) +{ + s8 shadow_byte = READ_ONCE(*(s8 *)kasan_mem_to_shadow(addr)); + + return shadow_byte < 0 || shadow_byte >= KASAN_GRANULE_SIZE; +} + void kasan_cache_shrink(struct kmem_cache *cache) { quarantine_remove_cache(cache); diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index c31e2c739301..cf6a135860f2 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -163,6 +163,8 @@ void kasan_poison_memory(const void *address, size_t size, u8 value); bool check_memory_region(unsigned long addr, size_t size, bool write, unsigned long ret_ip); +bool check_invalid_free(void *addr); + void *find_first_bad_addr(void *addr, size_t size); const char *get_bug_type(struct kasan_access_info *info); diff --git a/mm/kasan/tags.c b/mm/kasan/tags.c index 4d5a1fe8251f..feb42c1763b8 100644 --- a/mm/kasan/tags.c +++ b/mm/kasan/tags.c @@ -126,6 +126,18 @@ bool check_memory_region(unsigned long addr, size_t size, bool write, return true; } +bool check_invalid_free(void *addr) +{ + u8 tag = get_tag(addr); + u8 shadow_byte = READ_ONCE(*(u8 *)kasan_mem_to_shadow(reset_tag(addr))); + + if (shadow_byte == KASAN_TAG_INVALID) + return true; + if (tag != KASAN_TAG_KERNEL && tag != shadow_byte) + return true; + return false; +} + #define DEFINE_HWASAN_LOAD_STORE(size) \ void __hwasan_load##size##_noabort(unsigned long addr) \ { \ From patchwork Fri Aug 14 17:26:53 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715127 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 717CE138C for ; Fri, 14 Aug 2020 17:49:41 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 37F8E20829 for ; Fri, 14 Aug 2020 17:49:41 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="EnpDS4zD"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b="jeiRmjHD"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="IyLP4M8+" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 37F8E20829 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Sjra6bBKu3YK2a2k6puAlv6YywUPSxswQyFFVRmemHk=; b=EnpDS4zDa1jcmZ8ei7SZ5VqYY 4ZM2gfZBBL1TIZ0MGKycD0syalkXupGQ0tla21h51seGvxJkWCJSP0gxqp260cYeGRfMvD6YJEolP 9Joa9edmRKRCy8vHv/pPrhHMayqyhBAwvWPzbNcuWR94GTeuFLaL7PvITTQEZJlzDWqRaOOJuW8AU hIYBuWWzzU00DRq2IH2PYbr7wd3tAZ6uT1722lZddjmr3NpkA537hhYgFavK9HtFyDI7wq+sT0ibo dFv53xPZ8sKTVFOQKvJ4q1BX8XV+arFxLO2tQg+C/fZ1cCykW46BoSYcxYMXq4uLbM3Ab9mBhG3jq TI91+G9Rw==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6do9-0002KK-0c; Fri, 14 Aug 2020 17:48:01 +0000 Received: from casper.infradead.org ([2001:8b0:10b:1236::1]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6do7-0002K7-82 for linux-arm-kernel@merlin.infradead.org; Fri, 14 Aug 2020 17:47:59 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=Content-Type:Cc:To:From:Subject: References:Mime-Version:Message-Id:In-Reply-To:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=qURDzYxfKKWxPHfIySAMFEILXPsGiaC6Jh5hYJk5H9w=; b=jeiRmjHDde9ZfrR5XW6fmAMdBj KJ0XHB/1lwmIFefPmvQ+aON9Ug4iPngm+ksVowjIjloHKLSo5pOpEV93kiObjoRMi4bWk3x11V37X agbzpQMjfAF9Q+WxvJDMKtuUN2OVdJCro+Nvsb69PF9Gf376N7iWSlfSRY/4eQ6Uxzn7SLIjj07H6 v+Www/zrqBzHzSP2Tf3IKGAj8GdBktnwxhahia1b5X2ArHRcntjR9nHtqev3bdFoqYDBaCmIgIjJE v2WA/iduJ1QC+Cln394IGXVko2gveBKH+xiAQups/KbeO9E0tEIuqAUTr17WerOC8uWc9/KgYG21k jTgh5IMg==; Received: from mail-qv1-xf49.google.com ([2607:f8b0:4864:20::f49]) by casper.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUl-0001PO-W2 for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:04 +0000 Received: by mail-qv1-xf49.google.com with SMTP id y7so6503637qvj.11 for ; Fri, 14 Aug 2020 10:27:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=qURDzYxfKKWxPHfIySAMFEILXPsGiaC6Jh5hYJk5H9w=; b=IyLP4M8+ueyl9/nr8dk7Snmn0ku8Y1Zp1C4n/nejEqWAGf4+T6yYPXGItJ0J7y++Xn CkQ+s+unrDXvaOIlmylphxPUu7lT1Y5vT+G9/DUWWdUCxE1Vrli/Al6gR5ToCbDJT+QA EbeKXXXaNhU0GrwTZ392BxittinbiboUyh92Je5AuwHNZc64OBmQf/GOBO2mblH6rA8J xxaA9KTOC0IW1qjVGGTl2aBC3/iOqJlz0663/Q5pciLxJSOEwVpjcYWNcGv/U5tkcZBY q/NQw7HAgwsLcgIhyc7u+IbvJOJqCtuXyU48+ZNwktb0wXDHY58qT01tZADdvLKz4EGn 2ztA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=qURDzYxfKKWxPHfIySAMFEILXPsGiaC6Jh5hYJk5H9w=; b=LwJJl2TTVVMxDcaXd2++DHW2uwrrZotHr/SIKhM3bOgrdE1jALVwX/ZQfoa6AyuxJX KmCSXjCK2eoP3K697hLUod/bdqdTl0QCsrydntKwXcSTcVBnOEl6yUFmL4nRFU+i1CEE qxenLcPsHGgIyemQ5UnQOUoFtHEzBENL814OP5jfUurNZXrXA3hFG/1cX9rvlt+LkQ1b VZoZSOic7cSRv+ejWJswGFBYMglwKeCrQukXLdOcLmPCZ8jUmvshP5+AEaxh6XH7kSIu 3hPNZ4uyzRMmo2EBWYnqvyubVskTdyOx759uYCTLWnEaFrCqY+5h2nG/HApUcC3B5psU U3Mg== X-Gm-Message-State: AOAM532s3/9RZVWlcqUNAWt/eLcwhh+JtgQZrjTjXgIrEA2sjBQFv09O DMS0pnO3bkFD4T8fPd+ZXwbXNZASgRucdba0 X-Google-Smtp-Source: ABdhPJzFvbzZRYOO+sHdHoTs+wlVNQrAx/p986Ve7vDGgU6KbU2WfPpXBU2YPgB9DYubIPlKR8pR2pz2fGHfTKib X-Received: by 2002:a0c:aece:: with SMTP id n14mr3721148qvd.68.1597426070684; Fri, 14 Aug 2020 10:27:50 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:53 +0200 In-Reply-To: Message-Id: <7dc3095b3a29c262526eb7b53b06ee0950b73c16.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 11/35] kasan: decode stack frame only with KASAN_STACK_ENABLE From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_182800_862215_4AC43DA5 X-CRM114-Status: GOOD ( 20.09 ) X-Spam-Score: -9.6 (---------) X-Spam-Report: SpamAssassin version 3.4.4 on casper.infradead.org summary: Content analysis details: (-9.6 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:f49 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org Decoding routines aren't needed when CONFIG_KASAN_STACK_ENABLE is not enabled. Currently only generic KASAN mode implements stack error reporting. No functional changes for software modes. Signed-off-by: Andrey Konovalov --- mm/kasan/kasan.h | 6 ++ mm/kasan/report.c | 162 -------------------------------------- mm/kasan/report_generic.c | 161 +++++++++++++++++++++++++++++++++++++ 3 files changed, 167 insertions(+), 162 deletions(-) diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index cf6a135860f2..15cf3e0018ae 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -168,6 +168,12 @@ bool check_invalid_free(void *addr); void *find_first_bad_addr(void *addr, size_t size); const char *get_bug_type(struct kasan_access_info *info); +#ifdef CONFIG_KASAN_STACK_ENABLE +void print_address_stack_frame(const void *addr); +#else +static inline void print_address_stack_frame(const void *addr) { } +#endif + bool kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip); void kasan_report_invalid_free(void *object, unsigned long ip); diff --git a/mm/kasan/report.c b/mm/kasan/report.c index f16591ba9e2e..ddaf9d14ca81 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -214,168 +214,6 @@ static inline bool init_task_stack_addr(const void *addr) sizeof(init_thread_union.stack)); } -static bool __must_check tokenize_frame_descr(const char **frame_descr, - char *token, size_t max_tok_len, - unsigned long *value) -{ - const char *sep = strchr(*frame_descr, ' '); - - if (sep == NULL) - sep = *frame_descr + strlen(*frame_descr); - - if (token != NULL) { - const size_t tok_len = sep - *frame_descr; - - if (tok_len + 1 > max_tok_len) { - pr_err("KASAN internal error: frame description too long: %s\n", - *frame_descr); - return false; - } - - /* Copy token (+ 1 byte for '\0'). */ - strlcpy(token, *frame_descr, tok_len + 1); - } - - /* Advance frame_descr past separator. */ - *frame_descr = sep + 1; - - if (value != NULL && kstrtoul(token, 10, value)) { - pr_err("KASAN internal error: not a valid number: %s\n", token); - return false; - } - - return true; -} - -static void print_decoded_frame_descr(const char *frame_descr) -{ - /* - * We need to parse the following string: - * "n alloc_1 alloc_2 ... alloc_n" - * where alloc_i looks like - * "offset size len name" - * or "offset size len name:line". - */ - - char token[64]; - unsigned long num_objects; - - if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), - &num_objects)) - return; - - pr_err("\n"); - pr_err("this frame has %lu %s:\n", num_objects, - num_objects == 1 ? "object" : "objects"); - - while (num_objects--) { - unsigned long offset; - unsigned long size; - - /* access offset */ - if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), - &offset)) - return; - /* access size */ - if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), - &size)) - return; - /* name length (unused) */ - if (!tokenize_frame_descr(&frame_descr, NULL, 0, NULL)) - return; - /* object name */ - if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), - NULL)) - return; - - /* Strip line number; without filename it's not very helpful. */ - strreplace(token, ':', '\0'); - - /* Finally, print object information. */ - pr_err(" [%lu, %lu) '%s'", offset, offset + size, token); - } -} - -static bool __must_check get_address_stack_frame_info(const void *addr, - unsigned long *offset, - const char **frame_descr, - const void **frame_pc) -{ - unsigned long aligned_addr; - unsigned long mem_ptr; - const u8 *shadow_bottom; - const u8 *shadow_ptr; - const unsigned long *frame; - - BUILD_BUG_ON(IS_ENABLED(CONFIG_STACK_GROWSUP)); - - /* - * NOTE: We currently only support printing frame information for - * accesses to the task's own stack. - */ - if (!object_is_on_stack(addr)) - return false; - - aligned_addr = round_down((unsigned long)addr, sizeof(long)); - mem_ptr = round_down(aligned_addr, KASAN_GRANULE_SIZE); - shadow_ptr = kasan_mem_to_shadow((void *)aligned_addr); - shadow_bottom = kasan_mem_to_shadow(end_of_stack(current)); - - while (shadow_ptr >= shadow_bottom && *shadow_ptr != KASAN_STACK_LEFT) { - shadow_ptr--; - mem_ptr -= KASAN_GRANULE_SIZE; - } - - while (shadow_ptr >= shadow_bottom && *shadow_ptr == KASAN_STACK_LEFT) { - shadow_ptr--; - mem_ptr -= KASAN_GRANULE_SIZE; - } - - if (shadow_ptr < shadow_bottom) - return false; - - frame = (const unsigned long *)(mem_ptr + KASAN_GRANULE_SIZE); - if (frame[0] != KASAN_CURRENT_STACK_FRAME_MAGIC) { - pr_err("KASAN internal error: frame info validation failed; invalid marker: %lu\n", - frame[0]); - return false; - } - - *offset = (unsigned long)addr - (unsigned long)frame; - *frame_descr = (const char *)frame[1]; - *frame_pc = (void *)frame[2]; - - return true; -} - -static void print_address_stack_frame(const void *addr) -{ - unsigned long offset; - const char *frame_descr; - const void *frame_pc; - - if (IS_ENABLED(CONFIG_KASAN_SW_TAGS)) - return; - - if (!get_address_stack_frame_info(addr, &offset, &frame_descr, - &frame_pc)) - return; - - /* - * get_address_stack_frame_info only returns true if the given addr is - * on the current task's stack. - */ - pr_err("\n"); - pr_err("addr %px is located in stack of task %s/%d at offset %lu in frame:\n", - addr, current->comm, task_pid_nr(current), offset); - pr_err(" %pS\n", frame_pc); - - if (!frame_descr) - return; - - print_decoded_frame_descr(frame_descr); -} - static void print_address_description(void *addr, u8 tag) { struct page *page = kasan_addr_to_page(addr); diff --git a/mm/kasan/report_generic.c b/mm/kasan/report_generic.c index 4dce1633b082..427f4ac80cca 100644 --- a/mm/kasan/report_generic.c +++ b/mm/kasan/report_generic.c @@ -127,6 +127,167 @@ const char *get_bug_type(struct kasan_access_info *info) return get_wild_bug_type(info); } +#ifdef CONFIG_KASAN_STACK_ENABLE +static bool __must_check tokenize_frame_descr(const char **frame_descr, + char *token, size_t max_tok_len, + unsigned long *value) +{ + const char *sep = strchr(*frame_descr, ' '); + + if (sep == NULL) + sep = *frame_descr + strlen(*frame_descr); + + if (token != NULL) { + const size_t tok_len = sep - *frame_descr; + + if (tok_len + 1 > max_tok_len) { + pr_err("KASAN internal error: frame description too long: %s\n", + *frame_descr); + return false; + } + + /* Copy token (+ 1 byte for '\0'). */ + strlcpy(token, *frame_descr, tok_len + 1); + } + + /* Advance frame_descr past separator. */ + *frame_descr = sep + 1; + + if (value != NULL && kstrtoul(token, 10, value)) { + pr_err("KASAN internal error: not a valid number: %s\n", token); + return false; + } + + return true; +} + +static void print_decoded_frame_descr(const char *frame_descr) +{ + /* + * We need to parse the following string: + * "n alloc_1 alloc_2 ... alloc_n" + * where alloc_i looks like + * "offset size len name" + * or "offset size len name:line". + */ + + char token[64]; + unsigned long num_objects; + + if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), + &num_objects)) + return; + + pr_err("\n"); + pr_err("this frame has %lu %s:\n", num_objects, + num_objects == 1 ? "object" : "objects"); + + while (num_objects--) { + unsigned long offset; + unsigned long size; + + /* access offset */ + if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), + &offset)) + return; + /* access size */ + if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), + &size)) + return; + /* name length (unused) */ + if (!tokenize_frame_descr(&frame_descr, NULL, 0, NULL)) + return; + /* object name */ + if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), + NULL)) + return; + + /* Strip line number; without filename it's not very helpful. */ + strreplace(token, ':', '\0'); + + /* Finally, print object information. */ + pr_err(" [%lu, %lu) '%s'", offset, offset + size, token); + } +} + +static bool __must_check get_address_stack_frame_info(const void *addr, + unsigned long *offset, + const char **frame_descr, + const void **frame_pc) +{ + unsigned long aligned_addr; + unsigned long mem_ptr; + const u8 *shadow_bottom; + const u8 *shadow_ptr; + const unsigned long *frame; + + BUILD_BUG_ON(IS_ENABLED(CONFIG_STACK_GROWSUP)); + + /* + * NOTE: We currently only support printing frame information for + * accesses to the task's own stack. + */ + if (!object_is_on_stack(addr)) + return false; + + aligned_addr = round_down((unsigned long)addr, sizeof(long)); + mem_ptr = round_down(aligned_addr, KASAN_GRANULE_SIZE); + shadow_ptr = kasan_mem_to_shadow((void *)aligned_addr); + shadow_bottom = kasan_mem_to_shadow(end_of_stack(current)); + + while (shadow_ptr >= shadow_bottom && *shadow_ptr != KASAN_STACK_LEFT) { + shadow_ptr--; + mem_ptr -= KASAN_GRANULE_SIZE; + } + + while (shadow_ptr >= shadow_bottom && *shadow_ptr == KASAN_STACK_LEFT) { + shadow_ptr--; + mem_ptr -= KASAN_GRANULE_SIZE; + } + + if (shadow_ptr < shadow_bottom) + return false; + + frame = (const unsigned long *)(mem_ptr + KASAN_GRANULE_SIZE); + if (frame[0] != KASAN_CURRENT_STACK_FRAME_MAGIC) { + pr_err("KASAN internal error: frame info validation failed; invalid marker: %lu\n", + frame[0]); + return false; + } + + *offset = (unsigned long)addr - (unsigned long)frame; + *frame_descr = (const char *)frame[1]; + *frame_pc = (void *)frame[2]; + + return true; +} + +void print_address_stack_frame(const void *addr) +{ + unsigned long offset; + const char *frame_descr; + const void *frame_pc; + + if (!get_address_stack_frame_info(addr, &offset, &frame_descr, + &frame_pc)) + return; + + /* + * get_address_stack_frame_info only returns true if the given addr is + * on the current task's stack. + */ + pr_err("\n"); + pr_err("addr %px is located in stack of task %s/%d at offset %lu in frame:\n", + addr, current->comm, task_pid_nr(current), offset); + pr_err(" %pS\n", frame_pc); + + if (!frame_descr) + return; + + print_decoded_frame_descr(frame_descr); +} +#endif /* CONFIG_KASAN_STACK_ENABLE */ + #define DEFINE_ASAN_REPORT_LOAD(size) \ void __asan_report_load##size##_noabort(unsigned long addr) \ { \ From patchwork Fri Aug 14 17:26:54 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715129 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 43C11138C for ; Fri, 14 Aug 2020 17:49:43 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 1BB9320829 for ; Fri, 14 Aug 2020 17:49:43 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="ePIAlf3d"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b="ejLtxa5d"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="p38WSimo" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1BB9320829 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=tDpwa00z1PSKKFT9HdoRdnAicOK8u8gV0LBLUPO3mlY=; b=ePIAlf3dJAiYyYM2+R4tM+YBx pDLfu/db1nhDHLVjLsebAfFlCD6HLjMWXrLNG/wbjaKCP3KAbxW9rROqOx6OrMIwW0viwzzM6Lo1s GOWDqtu2mefCc1vpkybGzbufyL5T3pKBde3Giar83NQ5RtW1CcJ3x0H6MDHU6cjiSpm6hm1zI45Q1 N9YGjJmxvmL8Eztkk3MrY7XmxEzdswiaWXXr7KDukHMmfQknaOoYLej/nDl2Ea2yt4xHgBGdZ1sOL 3F/OvExWzX/e/92h/p0lij8ZQifsk3g8n5Nb3xdzAPAmKRTFPzGV0atNlNzJZH9bc5g9sG74mqsDL xta9K46Ug==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6doN-0002O0-WB; Fri, 14 Aug 2020 17:48:16 +0000 Received: from casper.infradead.org ([2001:8b0:10b:1236::1]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6doG-0002K7-6a for linux-arm-kernel@merlin.infradead.org; Fri, 14 Aug 2020 17:48:08 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=Content-Type:Cc:To:From:Subject: References:Mime-Version:Message-Id:In-Reply-To:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=gbewbhEM/mrEwI9f62OGQ1mBf+mvC6G7M7H1HOVG3uM=; b=ejLtxa5dLlmto7TvjT/9iIwDxY HiBEfWWpC+yyuXPBimrlz5uU2RavmQkz7jP3I7Y9NqKwnaas+RAHeuIhZ1N25AiGf46By0b753i0f uZZeSZOz1xSTYAxB6sSTMq1LR0GXVXcAd92Kv/SHa7243ZsoggUieHVc9D30MPLJ+OOebp8ZO4+em dTt/nTjEEu2Lx77Rme4kFVqDO0NJYlw9UkNly7WJQBQe1PULip9gyM/i46AWPwaGKymXWXbEthZMA 3gbS1pPKM/PW212OoL7IRn4kdTgYsrEsYELs/N/aYEvYzTY9halYiu56omY3MMK1xVHmiJd8edBtg tgyYNIKQ==; Received: from mail-wr1-x44a.google.com ([2a00:1450:4864:20::44a]) by casper.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUl-0001PN-L4 for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:03 +0000 Received: by mail-wr1-x44a.google.com with SMTP id 5so3572493wrc.17 for ; Fri, 14 Aug 2020 10:27:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=gbewbhEM/mrEwI9f62OGQ1mBf+mvC6G7M7H1HOVG3uM=; b=p38WSimo2cpemTGnb7ho4xiQdRAKLTT5gOfsAtwG2IJI5IW6e0rFAfadPWj7eFRGop d+rTuTnYeYpjVEx//C+3vfi/7a3XuVT6VGoT/Cc0vMEPRLmWlzDrUn/zXDVrxwqZGNMp Z6TsIZBuG6iydGz5PoTKMNraX8uDzql36SZEQsHuhgNlSKVp4bcKvvHWDXYvjbkIvVFF V+nFIxR/wJk0bKGoF+u3bumLIrRe0GIfupVJcFJQ4/50TQ6NOEU2x2AQjy72yglzoIhC 5YuS544qqFRtck75v8RS7rptoaIjIUCZnmv1mBtiYJVtaNGLd//dR8xRa2vXbt4PidYs kTvg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=gbewbhEM/mrEwI9f62OGQ1mBf+mvC6G7M7H1HOVG3uM=; b=Y7GCX51pPqfsMa65F6sPUavHUcaioFjJUhdKGMwA8TUc1LpPG3o8RtukInp4JFixQB m1OJ/wJEB0umyFTyCLRS/RmfVi9PhOPkR7ATmgEw6mlIN0gYr1ONa/vFcjskROL4akqP bKfTrJMai+7aOIbcZAKhZFdjbpR6C3ZBADyDo0bkztw52XjH88CfB8bZj3GZXAAQHPn5 buvmkmb7XfMJ05pYxTjFzYf70VfDDev5O+EQ+Qsa8EMvH+KkAxXyDtUQiOP06kB0YH6+ Rn333t4Zb72MjBZYOS47PzLiJ0gsd9zAY/FsFuWkM5V+vlWBQC+z73RDZnWRn0ARqDEy HNUw== X-Gm-Message-State: AOAM530rv2BUygguz2d/GpOMIGg1VdbZ/gnPdztigX2kjZLqWB9YhXra ygEFZsFauLBvChJX4jxekQA8hKQxnT2yKhyA X-Google-Smtp-Source: ABdhPJyuuU97eSpS4icZpwsOHx+U2pkrSyE9d1bvaPq4xdMC1pLHfzAVpabPi/a/WtW8O3//dWoEdWo8B9DvLadS X-Received: by 2002:a7b:ca4b:: with SMTP id m11mr3338115wml.120.1597426072804; Fri, 14 Aug 2020 10:27:52 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:54 +0200 In-Reply-To: Message-Id: <63a51e69950d6d93714a96d51165cdc332552393.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 12/35] kasan, arm64: only init shadow for software modes From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_182800_628002_FDBF0B9C X-CRM114-Status: GOOD ( 14.17 ) X-Spam-Score: -9.6 (---------) X-Spam-Report: SpamAssassin version 3.4.4 on casper.infradead.org summary: Content analysis details: (-9.6 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:44a listed in] [list.dnswl.org] -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is a preparatory commit for the upcoming addition of a new hardware tag-based (MTE-based) KASAN mode. Hardware tag-based KASAN won't be using shadow memory. Only initialize it when one of the software KASAN modes are enabled. No functional changes for software modes. Signed-off-by: Andrey Konovalov --- arch/arm64/include/asm/kasan.h | 8 ++++++-- arch/arm64/mm/kasan_init.c | 15 ++++++++++++++- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/arch/arm64/include/asm/kasan.h b/arch/arm64/include/asm/kasan.h index b0dc4abc3589..f7ea70d02cab 100644 --- a/arch/arm64/include/asm/kasan.h +++ b/arch/arm64/include/asm/kasan.h @@ -13,6 +13,12 @@ #define arch_kasan_get_tag(addr) __tag_get(addr) #ifdef CONFIG_KASAN +void kasan_init(void); +#else +static inline void kasan_init(void) { } +#endif + +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) /* * KASAN_SHADOW_START: beginning of the kernel virtual addresses. @@ -33,12 +39,10 @@ #define _KASAN_SHADOW_START(va) (KASAN_SHADOW_END - (1UL << ((va) - KASAN_SHADOW_SCALE_SHIFT))) #define KASAN_SHADOW_START _KASAN_SHADOW_START(vabits_actual) -void kasan_init(void); void kasan_copy_shadow(pgd_t *pgdir); asmlinkage void kasan_early_init(void); #else -static inline void kasan_init(void) { } static inline void kasan_copy_shadow(pgd_t *pgdir) { } #endif diff --git a/arch/arm64/mm/kasan_init.c b/arch/arm64/mm/kasan_init.c index 7291b26ce788..4d35eaf3ec97 100644 --- a/arch/arm64/mm/kasan_init.c +++ b/arch/arm64/mm/kasan_init.c @@ -21,6 +21,8 @@ #include #include +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) + static pgd_t tmp_pg_dir[PTRS_PER_PGD] __initdata __aligned(PGD_SIZE); /* @@ -208,7 +210,7 @@ static void __init clear_pgds(unsigned long start, set_pgd(pgd_offset_k(start), __pgd(0)); } -void __init kasan_init(void) +static void __init kasan_init_shadow(void) { u64 kimg_shadow_start, kimg_shadow_end; u64 mod_shadow_start, mod_shadow_end; @@ -269,6 +271,17 @@ void __init kasan_init(void) memset(kasan_early_shadow_page, KASAN_SHADOW_INIT, PAGE_SIZE); cpu_replace_ttbr1(lm_alias(swapper_pg_dir)); +} + +#else /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS) */ + +static inline void __init kasan_init_shadow(void) { } + +#endif /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS */ + +void __init kasan_init(void) +{ + kasan_init_shadow(); /* At this point kasan is fully initialized. Enable error messages */ init_task.kasan_depth = 0; From patchwork Fri Aug 14 17:26:55 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715037 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 32A92618 for ; Fri, 14 Aug 2020 17:30:53 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 0A833207DA for ; Fri, 14 Aug 2020 17:30:53 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="DNNeYICi"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="ZMtJW6G+" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 0A833207DA Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=s7MZumTYCwvZrf8Lw68OtnjCmEOasCHh0Aj8ny6iZZQ=; b=DNNeYICi2JwQyjJhRpbflaVrF HLVVUqLfKnHk6U1E07fI86X9fsVlIT28V5Kt2/xLvFd+VtfgNtZmaPOSFcu/72N5lzswpm4bOXElC XjL8qZ8BWmf3Wmh2VBiWcxDXfGOxrUZ3ve9ktA6kHFwwm3QngAnC6D3Je9/9c6xCOHz5aPpGyI6El /yPHippIgt4Yznp6gbwCpi4F+u0eb/274LKm+fTQnx3TaPWfXK3uLxq4wd1WtALiCdouRstShL6Sf TWSY+LuuQOTlMS80lXfDhyskeWMLiWtuYIfv175ub46GxfVBOzXugN+0qXfvAwtV0/Z9oiIssQuql XGdFePkCw==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dXJ-0004lX-8b; Fri, 14 Aug 2020 17:30:37 +0000 Received: from mail-qt1-x849.google.com ([2607:f8b0:4864:20::849]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUk-0003Pm-JI for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:11 +0000 Received: by mail-qt1-x849.google.com with SMTP id r9so7477332qtp.7 for ; Fri, 14 Aug 2020 10:27:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=S5YYe9chzXhia6NqEOtjeZEypr/bcyFxBA6eDjcJbWc=; b=ZMtJW6G+Vjha52m+bEG09co9CtryzgL92nDzZ++ZiTa8iJ6DYjw3OCDj9xTihkEr1I gGc/1/u7JnJPQLkFrkXN54ykyGBlBoTHLDg7oxca2j6jqnk9eB7BKwzjLbZiLgzGFjMW mSR7YIOPjXKEZNppDVeRKjsKqRJh2BX3+7C6XhaUbTOii4BPGgZPhEsEzx+iWc3fUPx5 QCzpWdH7hU7h+C4XleqHesY8jAdxFvnYkTVPQlwWcGL2LXF5kumXQYDVdNQ4eP+wOPKw nTDtI6/GRorUo+yG99BJZhM1+v7k9LVKwRT0EfI9g93HSCuEN+isPRSs4pjk6Kp430SO BB/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=S5YYe9chzXhia6NqEOtjeZEypr/bcyFxBA6eDjcJbWc=; b=md1+nY5e6oVEhIXTq5w1KQg678ohnr44ft7zMSVjDocSZpFvXf8gVAsshVRJAm1dbI fbHj6rlW23ALPDo0V505ABRj5UROEghJcsC1jdWHh2W8h77Yq0/Wg8oUiIQ8o046aKvQ RSMx2wWPxTyjFuzjGstQW8rDxaSUabl+WjD3XmExz/m4AKftGHGkvbDBa0y9aCgOQpWe MCqp+2ukvRuq6iuduYpai4PZDnZUNPfuYMMDe8l5eJwJRn/QP07ZZtoLlAOP0JEd1yHt 1FqbCwwzIGLusF0klvb3Y2ujkg9sf4MAJTBT4S9W+gjEU774NahOKdY09u8lbNV+Sr1X aCrQ== X-Gm-Message-State: AOAM533lANVLdV/jZDDZHbFYRZ7pZmBxamvdGKDP3uus2RdbO1Mj9jd+ qw5tB6Hu7GAzZXIYUfRa/rksOheu5Q8lG3E+ X-Google-Smtp-Source: ABdhPJzo2cKJbLBbPoHcwIWfnbiF7pfkJX4TFp4oMthnEZbbluD+IcgMHo2qi+w+eaber0F/RXEscXOcwKfwrJML X-Received: by 2002:ad4:49a1:: with SMTP id u1mr3592719qvx.245.1597426074976; Fri, 14 Aug 2020 10:27:54 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:55 +0200 In-Reply-To: Message-Id: <35c9e6ff0b5cc69cf97ba7dda143f3ca14af6b5c.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 13/35] kasan, arm64: only use kasan_depth for software modes From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132758_719936_23D21DEE X-CRM114-Status: GOOD ( 17.59 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:849 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is a preparatory commit for the upcoming addition of a new hardware tag-based (MTE-based) KASAN mode. Hardware tag-based KASAN won't use kasan_depth. Only define and use it when one of the software KASAN modes are enabled. No functional changes for software modes. Signed-off-by: Andrey Konovalov --- arch/arm64/mm/kasan_init.c | 11 ++++++++--- include/linux/kasan.h | 14 ++++++++++---- include/linux/sched.h | 2 +- init/init_task.c | 2 +- mm/kasan/common.c | 2 ++ mm/kasan/report.c | 2 ++ 6 files changed, 24 insertions(+), 9 deletions(-) diff --git a/arch/arm64/mm/kasan_init.c b/arch/arm64/mm/kasan_init.c index 4d35eaf3ec97..b6b9d55bb72e 100644 --- a/arch/arm64/mm/kasan_init.c +++ b/arch/arm64/mm/kasan_init.c @@ -273,17 +273,22 @@ static void __init kasan_init_shadow(void) cpu_replace_ttbr1(lm_alias(swapper_pg_dir)); } +void __init kasan_init_depth(void) +{ + init_task.kasan_depth = 0; +} + #else /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS) */ static inline void __init kasan_init_shadow(void) { } +static inline void __init kasan_init_depth(void) { } + #endif /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS */ void __init kasan_init(void) { kasan_init_shadow(); - - /* At this point kasan is fully initialized. Enable error messages */ - init_task.kasan_depth = 0; + kasan_init_depth(); pr_info("KernelAddressSanitizer initialized\n"); } diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 18617d5c4cd7..894f4d9163ee 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -52,7 +52,7 @@ static inline void kasan_remove_zero_shadow(void *start, #endif /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS */ -#ifdef CONFIG_KASAN +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) /* Enable reporting bugs after kasan_disable_current() */ extern void kasan_enable_current(void); @@ -60,6 +60,15 @@ extern void kasan_enable_current(void); /* Disable reporting bugs for current task */ extern void kasan_disable_current(void); +#else /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS */ + +static inline void kasan_enable_current(void) {} +static inline void kasan_disable_current(void) {} + +#endif /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS */ + +#ifdef CONFIG_KASAN + void kasan_unpoison_memory(const void *address, size_t size); void kasan_unpoison_task_stack(struct task_struct *task); @@ -110,9 +119,6 @@ static inline void kasan_unpoison_memory(const void *address, size_t size) {} static inline void kasan_unpoison_task_stack(struct task_struct *task) {} -static inline void kasan_enable_current(void) {} -static inline void kasan_disable_current(void) {} - static inline void kasan_alloc_pages(struct page *page, unsigned int order) {} static inline void kasan_free_pages(struct page *page, unsigned int order) {} diff --git a/include/linux/sched.h b/include/linux/sched.h index 692e327d7455..6dca19f2516c 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -1194,7 +1194,7 @@ struct task_struct { u64 timer_slack_ns; u64 default_timer_slack_ns; -#ifdef CONFIG_KASAN +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) unsigned int kasan_depth; #endif #ifdef CONFIG_KCSAN diff --git a/init/init_task.c b/init/init_task.c index 15089d15010a..13f1cf21412b 100644 --- a/init/init_task.c +++ b/init/init_task.c @@ -171,7 +171,7 @@ struct task_struct init_task .numa_group = NULL, .numa_faults = NULL, #endif -#ifdef CONFIG_KASAN +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) .kasan_depth = 1, #endif #ifdef CONFIG_KCSAN diff --git a/mm/kasan/common.c b/mm/kasan/common.c index a2321d35390e..41c7f1105eaa 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -51,6 +51,7 @@ void kasan_set_track(struct kasan_track *track, gfp_t flags) track->stack = kasan_save_stack(flags); } +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) void kasan_enable_current(void) { current->kasan_depth++; @@ -60,6 +61,7 @@ void kasan_disable_current(void) { current->kasan_depth--; } +#endif /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS */ static void __kasan_unpoison_stack(struct task_struct *task, const void *sp) { diff --git a/mm/kasan/report.c b/mm/kasan/report.c index ddaf9d14ca81..8463e35b489f 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -295,8 +295,10 @@ static void print_shadow_for_address(const void *addr) static bool report_enabled(void) { +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) if (current->kasan_depth) return false; +#endif if (test_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags)) return true; return !test_and_set_bit(KASAN_BIT_REPORTED, &kasan_flags); From patchwork Fri Aug 14 17:26:56 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715035 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0FBE5739 for ; Fri, 14 Aug 2020 17:30:34 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id CB2DD20855 for ; Fri, 14 Aug 2020 17:30:33 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Cv+LLAxu"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="DrFj49N6" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org CB2DD20855 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=b0eGjdGtkUzAHhHGL9pLzuTrqQgmuYVbcQgFv/Dm6hQ=; b=Cv+LLAxut6fe3jsHFVUDfZa0p 8Pa/t8Kgb7Nzk69zIBEjT80SGCLfhywGOLOpDoGYgfTHuIMvoFRrBpZ0wgHamFFeaMfwZPwNjQYX0 N6Fk7Gjh73cadwyF6o2+nhBRWjnj7ucbidA0vV6HNJ+cCzM5FxVWKBsf4BbxBVEre8OE5wnhofqKx NE3NRoclTJHENgcLOci2EAgfoLJ/r2pd13AS2GLNmdVomfRiydcsqNjVnShgrDZ2lPZj+ezcWxFUM 23TZMoyxjKmN7Mtr5oZ9akKbc8DYMlXjtajG6S7JvVB1iW/4hGnszl+gqB7ByGAg/v7MyAMT/er/M qbD5Wn/jw==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dWq-0004Ur-MM; Fri, 14 Aug 2020 17:30:08 +0000 Received: from mail-qv1-f73.google.com ([209.85.219.73]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUn-0003RR-BV for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:11 +0000 Received: by mail-qv1-f73.google.com with SMTP id d1so6469300qvs.21 for ; Fri, 14 Aug 2020 10:27:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=uzelTOrZuAbTWnllhx2uagoa2R4S00LwGFOB2texzaA=; b=DrFj49N6R4eCrQJphz6+ETLQSN0RvuR+8g3jRWO5Kv9Cu3h0thzUUGYLi70G7SUsL+ kk40BvPcKjV4y5B+tEwCs0wOVQz3Qo6Srdv07PKEjyECoSiZoRIroE761xkoNWipUcMN roNpIlNYf89LDQz/ZqjUGEJZHvbnTtlRJ0+MUIuDazMnwFSw53XRUzj07eRKXWAfZijn dzNZO8q+k/fcomM5fZfG+FEMWYRiHVBFBoFFEBTlaayDyg+1daA7M4MSqNiq+43cjUm2 g1oHg4iWrX+S5n5/Ax9bx6fOL4mospA1TbRF8FPjvTbwcC/rp93zDPO8bpBJknFheRvr RkUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=uzelTOrZuAbTWnllhx2uagoa2R4S00LwGFOB2texzaA=; b=YKBEOEJ07kZ3gC8f5EVfA1a3NJgGPKGb6YeJuv1mzNzx8Gz/euSpa8DpQDHV2u5J3Z dqPPncL5fwjGfnIl1Ul6E1WL/pkG+VF7pmFRrSxeO8lhEg/p8y9G5XskauPVwl4HlX0J lzTLDol4EhVUNl40zXdKESP9e1pu9XTyQZB4TnLqArZL20uXNLTYXuzjvkh07QVDKsIV HPPtK93Ph5rd0H/QcD8xlNQxRY1EQwTGMgpYv3+/ZdUPRsSuV1k7nRE412K7jcy7ihLU LW4SbzyVy1Ao04w29+ZsxaA5PkguXpQKp9FzidEl0WlSiuI5B/WxQrSQvWhgA91UJ3Gq D+PA== X-Gm-Message-State: AOAM531shI+9wMyEvb6fZz7RPN97xUFXAa4gaEzIutrp7NCDkQ6e2b+t 4hhAvg4ndznWn06tSRB6yWajrtU+oQXhpULj X-Google-Smtp-Source: ABdhPJx9kLUufXWadY2TxpJl/SQvQjOV7v/3wKY2MxvbtkT8yluKpe6HFl7wJbjM0gRLHD3MjV79RqnFtPzqoG66 X-Received: by 2002:a05:6214:8a:: with SMTP id n10mr3654847qvr.13.1597426077265; Fri, 14 Aug 2020 10:27:57 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:56 +0200 In-Reply-To: Message-Id: <82cf4f8007645f8c45e6e4847a28a743dfb9cbda.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 14/35] kasan: rename addr_has_shadow to addr_has_metadata From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132801_544655_3DEB1BE1 X-CRM114-Status: GOOD ( 14.40 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.219.73 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.219.73 listed in wl.mailspike.net] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is a preparatory commit for the upcoming addition of a new hardware tag-based (MTE-based) KASAN mode. Hardware tag-based KASAN won't be using shadow memory, but will reuse this function. Rename "shadow" to implementation-neutral "metadata". No functional changes. Signed-off-by: Andrey Konovalov --- mm/kasan/kasan.h | 2 +- mm/kasan/report.c | 6 +++--- mm/kasan/report_generic.c | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index 15cf3e0018ae..38fa4c202e9a 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -145,7 +145,7 @@ static inline const void *kasan_shadow_to_mem(const void *shadow_addr) << KASAN_SHADOW_SCALE_SHIFT); } -static inline bool addr_has_shadow(const void *addr) +static inline bool addr_has_metadata(const void *addr) { return (addr >= kasan_shadow_to_mem((void *)KASAN_SHADOW_START)); } diff --git a/mm/kasan/report.c b/mm/kasan/report.c index 8463e35b489f..ada3cfb43764 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -334,7 +334,7 @@ static void __kasan_report(unsigned long addr, size_t size, bool is_write, untagged_addr = reset_tag(tagged_addr); info.access_addr = tagged_addr; - if (addr_has_shadow(untagged_addr)) + if (addr_has_metadata(untagged_addr)) info.first_bad_addr = find_first_bad_addr(tagged_addr, size); else info.first_bad_addr = untagged_addr; @@ -345,11 +345,11 @@ static void __kasan_report(unsigned long addr, size_t size, bool is_write, start_report(&flags); print_error_description(&info); - if (addr_has_shadow(untagged_addr)) + if (addr_has_metadata(untagged_addr)) print_tags(get_tag(tagged_addr), info.first_bad_addr); pr_err("\n"); - if (addr_has_shadow(untagged_addr)) { + if (addr_has_metadata(untagged_addr)) { print_address_description(untagged_addr, get_tag(tagged_addr)); pr_err("\n"); print_shadow_for_address(info.first_bad_addr); diff --git a/mm/kasan/report_generic.c b/mm/kasan/report_generic.c index 427f4ac80cca..29d30fae9421 100644 --- a/mm/kasan/report_generic.c +++ b/mm/kasan/report_generic.c @@ -122,7 +122,7 @@ const char *get_bug_type(struct kasan_access_info *info) if (info->access_addr + info->access_size < info->access_addr) return "out-of-bounds"; - if (addr_has_shadow(info->access_addr)) + if (addr_has_metadata(info->access_addr)) return get_shadow_bug_type(info); return get_wild_bug_type(info); } From patchwork Fri Aug 14 17:26:57 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715077 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8553E618 for ; Fri, 14 Aug 2020 17:32:32 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 5882E20768 for ; Fri, 14 Aug 2020 17:32:32 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="R+8AdK/C"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="Y52gb1Nw" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 5882E20768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=oVwB2zBMyN/AmIQVSqbBjXL9gq+7BA8QyVhz02xYw28=; b=R+8AdK/CEzQ2ShKOcq4Cd18XG QrU5Nkl6Dm0H7WL9lGzaRMGRcf7U3IC109TD9IouVPM1NIZaSF0zWvjOF5XhRL+0h2/yr3kLQbOpl wdQPx6rhbQiYphvoOdNigkIOTjQ7MS77AV8dxObgB89wocyjbDL2V0fYCr2q8AsTIGHuz47hd9EYW QvpHoSPnGWncwzEojsr0dfmoJROFtGjxcDquZmB0I/Ke3V8ocopBur5NJqSOJFeiv/4AfhiQJOE1p qlZmYo4cmCpZMyNqSOe7V6CPa1SdN4sGusCDxZaX2JtYX/oFG3SkE+Doq+1OngmOYkY1HVt/jh3Xv Jo26kIJXw==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dX4-0004cT-Fp; Fri, 14 Aug 2020 17:30:22 +0000 Received: from mail-wr1-x449.google.com ([2a00:1450:4864:20::449]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUo-0003SQ-Q1 for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:11 +0000 Received: by mail-wr1-x449.google.com with SMTP id 5so3572587wrc.17 for ; Fri, 14 Aug 2020 10:28:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=cI4OCXXdcluQ8udPJIeOucRKN//yXw3Lt8Ci7TJhPtY=; b=Y52gb1NwOVdnYMzy39zbAEp0AxmkVGEVl5sO8IimEphuNBa46b8UdemRzumD9FchzS rLzWvPrLf42ZtByLKUZis23wh0vVNMMWKrmlakNZyhUgxwGLHQ0j7isTtCP9kLxQKWsI iUFHlaLQj2CWOSPtoa5N5MfbvCuPuWY0/G+z68tmu4jVOhA/kpF87tRprJwHotDxzFz9 nqRDRlOuGfGhohyK3x1wtrLh2l4uFHxbCmb66Caf4wskc7tBCh5B6IOlwI85JRIgEyl+ zl6s/FZ3gp+Dd30wvZV7Ozi551d8uKRsOiyk8ZKZ4fUY6Ax+Vu47Yqdb97WW5es7FCqk 3r7Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=cI4OCXXdcluQ8udPJIeOucRKN//yXw3Lt8Ci7TJhPtY=; b=uRnukNvDdXkhAmccH7eOEBR4jqTiCMemKxCnN64CAsZKDkDRfIgNljxcUXsuN9p4ot dTyxTdVks33Eq8tp+c7LQxCXfmFDhLxnzzpbwCx+NLJSGIgt9uT2NbUOQhDBppZFMTA/ FCHY0Gbwm4yN/O7mHwlFy3rCk6L8CRz/zQAkJOvsC5IpzXQHASxVaDGYC0bthmNpYUor kRTG2T4JJR/iczRXbcqKzRxPv+ib4cEtbBO/1dFMnxj2FPhLIiNBjsY0wM1vACKqjXjU Gc3BJy2eoH+ZNrh/yR5MOFwCEpZqFlV1T07Lb1pQTwMUx2F2N6Yj1FUxpmQEN+tPDR17 AM1g== X-Gm-Message-State: AOAM5312meAGtL7C8S0UnXsXdOp2PjLL4kE0xI2CKvsBAn7YpnwzL+ye NUhpfRn7L917DkWFY0AVht1nm6jpscbhs9hO X-Google-Smtp-Source: ABdhPJwOZsvPwGKa5m7TqARujAwtgW8ZF1arqYgXqkG6x3udD3qrrXjjRug8FIoPmVcf0uINBQGYw7oWCR4/Amlh X-Received: by 2002:a7b:c4d3:: with SMTP id g19mr3322924wmk.29.1597426079500; Fri, 14 Aug 2020 10:27:59 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:57 +0200 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 15/35] kasan: rename print_shadow_for_address to print_memory_metadata From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132802_932806_13C014C7 X-CRM114-Status: GOOD ( 12.94 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:449 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is a preparatory commit for the upcoming addition of a new hardware tag-based (MTE-based) KASAN mode. Hardware tag-based KASAN won't be using shadow memory, but will reuse this function. Rename "shadow" to implementation-neutral "metadata". No functional changes. Signed-off-by: Andrey Konovalov --- mm/kasan/report.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mm/kasan/report.c b/mm/kasan/report.c index ada3cfb43764..8ad1ced1607d 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -255,7 +255,7 @@ static int shadow_pointer_offset(const void *row, const void *shadow) (shadow - row) / SHADOW_BYTES_PER_BLOCK + 1; } -static void print_shadow_for_address(const void *addr) +static void print_memory_metadata(const void *addr) { int i; const void *shadow = kasan_mem_to_shadow(addr); @@ -316,7 +316,7 @@ void kasan_report_invalid_free(void *object, unsigned long ip) pr_err("\n"); print_address_description(object, tag); pr_err("\n"); - print_shadow_for_address(object); + print_memory_metadata(object); end_report(&flags); } @@ -352,7 +352,7 @@ static void __kasan_report(unsigned long addr, size_t size, bool is_write, if (addr_has_metadata(untagged_addr)) { print_address_description(untagged_addr, get_tag(tagged_addr)); pr_err("\n"); - print_shadow_for_address(info.first_bad_addr); + print_memory_metadata(info.first_bad_addr); } else { dump_stack(); } From patchwork Fri Aug 14 17:26:58 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715041 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9D7DC739 for ; Fri, 14 Aug 2020 17:31:08 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 4ACF120768 for ; Fri, 14 Aug 2020 17:31:08 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="x2aeOKOU"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="a+6DNaeG" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 4ACF120768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Jc363N4j/Of3BrS4S6Ydw4bDyFpeNd+VgbYugfvEGyk=; b=x2aeOKOU8pMtOTbfxle2uQqZK CyOnNWEo8jDCwX9yhTjmtDEqRluitsoNAP/6VFqgvzaiIam66nxL0BNVNN3oY26DnSuNjkgmiDQie Us3HJhdZEfVDHIHojX192pMevkV4xtzxXpxL83AY3D7pahZ4heIi3dXxjYa6wHVkHca2cQWtMGJ1/ qdJpUfXkXtQxu26IPNNBT83zfXh8R3CuxCSXwZSIGbA4vh0aZ7Kx3ciklDiX4pvOpJd9mMorifsKZ w9EM6OsZII5gYBeOUZ3PMV9trzS+OByw3BYld7JNVR7HkmjP56LGbKswfmY9MT0yOyrFD4TJqGIPi 0gFRzhijQ==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dXR-0004r8-SU; Fri, 14 Aug 2020 17:30:46 +0000 Received: from mail-qv1-xf4a.google.com ([2607:f8b0:4864:20::f4a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUr-0003TX-Dt for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:14 +0000 Received: by mail-qv1-xf4a.google.com with SMTP id d9so6485222qvl.10 for ; Fri, 14 Aug 2020 10:28:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=l6ZIwvY6syyAP67b2MO5JHAbeJPBE9lyCC+sGAziw0Y=; b=a+6DNaeGtiK8RCbbEJSYLo+X1UMhNxWoSfsXBd3ip7DAyvTiyPTnoLrmeGVgbLvsLx CfpZKFFIvUuTxkBYDZDQn4jbGgswxQdQkBs5VxOgEcg5+iRb7bqLWyASx3w3iF6+2dk1 pbgqCiTuFstwf5I6mi0DpUvGIbwg/XLzQm17VEOz7spf7VI+6MEL2AH29BoM7qpqlkUb 9ce6X7/d2RmXIOEQQ9dwmguTJZxg6DC/de53tpFF7HdIloSioMjjzjIprIayyVndKKl+ Dft04zNWux8SRfTG5d0zwMQLGVh2OUWV29lifG2KiF2tIJZ3GI3MbAiHjiMNSGd827mX +UvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=l6ZIwvY6syyAP67b2MO5JHAbeJPBE9lyCC+sGAziw0Y=; b=MM4SJe6vBFeTkvVOhNB127iCuc569S343X5x/M+6C/6dFHtgr40c59bMx+eAyZ5OLY cQ4vAQFDBy1Z9y1endalI8FMl31a7ZCn/JTDI4sPLjsI/XuweSChDFc22xQBQ+0BFExy 2h//NnQaRi76AfLcf8TMpJLfWneNDYpB9ORiw00DY11W81wC8AUknk5PUfin4ekLKtc2 DLVAsXpEcEo8NLUaiOnu0p6J9JyuNWyRhLd6gtk0T6sQcmoK/6I24eh8ZUh+w2Bo9D2A rYZm2cTtGUT2yrcHayNT+Y/Tznqxoig0LQFNr89BU5EbI79zMoVYleCHpqudr8iYTiN3 xmgQ== X-Gm-Message-State: AOAM532hMAzc2kw99YggjuSzckvCXb5DP7uPRceuiBHDaG6K6wsp2y9s 3tyTB+5sl4MhgJnYJ2++3G+Dr4py8RB/kBr6 X-Google-Smtp-Source: ABdhPJy3uOE8d50CkEhPANU8s2DSDIvcOJG7lmvrwT9uA8T2s4Kv8enADBz7gFdwS2uXrMPjd1s0rvPxNPa2NPmj X-Received: by 2002:a05:6214:1841:: with SMTP id d1mr3456365qvy.135.1597426081697; Fri, 14 Aug 2020 10:28:01 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:58 +0200 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 16/35] kasan: kasan_non_canonical_hook only for software modes From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132805_550618_4E300D0A X-CRM114-Status: GOOD ( 12.69 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:f4a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is a preparatory commit for the upcoming addition of a new hardware tag-based (MTE-based) KASAN mode. kasan_non_canonical_hook() is only applicable to KASAN modes that use shadow memory, and won't be needed for hardware tag-based KASAN. No functional changes for software modes. Signed-off-by: Andrey Konovalov --- mm/kasan/report.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mm/kasan/report.c b/mm/kasan/report.c index 8ad1ced1607d..2cce7c9beea3 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -376,7 +376,8 @@ bool kasan_report(unsigned long addr, size_t size, bool is_write, return ret; } -#ifdef CONFIG_KASAN_INLINE +#if (defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)) && \ + defined(CONFIG_KASAN_INLINE) /* * With CONFIG_KASAN_INLINE, accesses to bogus pointers (outside the high * canonical half of the address space) cause out-of-bounds shadow memory reads From patchwork Fri Aug 14 17:26:59 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715087 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 44A59739 for ; Fri, 14 Aug 2020 17:33:16 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id D19F020768 for ; Fri, 14 Aug 2020 17:33:15 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="lJKLOnJb"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="ttJgaF/P" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D19F020768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=MX7hEoy6hzpAn3KRupuzvhSIIczSomx/DIeUOGMxpUg=; b=lJKLOnJbxh0MlNGfynPM48thP RtGP1HPANCVsXDvoBwAEbeRb3HQAEX2GFslPMhyfLiVfnNvRfrPkHrUSldxt4oWpl0o8VyMNhfaZo MZ+GYETASq0O3dje6+5+inxvWoNpy2i6qgm/Jpms/B/ZQ5hQDiPuc/Qglwx4hWKjKAae/oKdV31hi GVesnpkhdCOUq0DQn5aRQ59iFus+DxIbmRitMb5myVQFN7DgnR9NMfJuq+fC+Cbya+uWYvYzgePDk OwZsRHzrGI+/yv+Eb1h0Dlkg8hgU9DWeFpQQNxfJd3iFwfCc40GLHWe9Va5kSD3E3TQtIoM+tRwx0 hwN7TqICA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dXW-0004un-Sv; Fri, 14 Aug 2020 17:30:50 +0000 Received: from mail-qt1-x849.google.com ([2607:f8b0:4864:20::849]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUu-0003UZ-Nl for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:16 +0000 Received: by mail-qt1-x849.google.com with SMTP id p22so7479391qtp.9 for ; Fri, 14 Aug 2020 10:28:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=mCvcC3dYzcxUwc7C0YdRc21YWrhNGjweNe7or4+XlWk=; b=ttJgaF/P3U2oSow7UH8ZHinJK2ntN4CM0o6Ekay4TdHMFd56qT409NSuHPVxrA56h5 SwXrB1xrCWdP52W4WZBRr965mtYnjn35Tq0Gk+EDG2xRUJh7Qkf8IOrv5UwqSrTyRycJ yOAI7dF0zkRvPzw7R+QqT3nFkoY6nHFsEvLDjKUWzuQ60iwzyjXpi81rT5mbx+IxoO59 cw1EVMXw38/5FbII9vnx0nbFNeMtDT6YvbT8UruueGBDnQgnUiTFPgh6nxKfXM+y6VPv u4t+f7POCw97KRCE1yAOFsd1oZBYpDjj95G4NO9SE/RMMvbP5+NciohmFzjEY48S68Ut lJPg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=mCvcC3dYzcxUwc7C0YdRc21YWrhNGjweNe7or4+XlWk=; b=idUnMygDfrRol95wF1HrZaTfWPAiIXjV3OolD5kWVhcKAKvoF8MHwzyacH78pBo3xw V9EFvun2ZoXTa+OgAPD0Jpe0Obdux/W+VtLBT1Tux/+HRzlO2pGMpnAEwO3sT7YllbSR mdQX25pbbklCx/J7mNSR7ypvW4IO9dzxYkDZFbOEadvsHrngDEzoO+mUaCot9J2lLT2b po/xUWgAC9iSCF0cWUt8EWqy2zj8NmiRFENmdFNy3a4VIHcYymufHC20JTn5DGyepFo5 iOvh7UQWjY2pdOZTeUrR4HBeKGRMXLk0Dh7mITSYW046GQzNKT1KVALgFGNpC3HfBQAf 6NGQ== X-Gm-Message-State: AOAM531vxF016MuV8XBUbA9WQ7FLRjI7Al+tf+vjUUqIXFjXJko2FP+w CcziS8NiWPu3Z1VHnKldvxEL/dXzmJgZare8 X-Google-Smtp-Source: ABdhPJwyr1exuUZ/fVZL/EhW5aHt3/m30xzb8gPM63f7667oSE8rNBHS3hr4bCvgKG+YQTcF8zeI8ppWiSbBiHwW X-Received: by 2002:ad4:4ea7:: with SMTP id ed7mr3716612qvb.8.1597426084066; Fri, 14 Aug 2020 10:28:04 -0700 (PDT) Date: Fri, 14 Aug 2020 19:26:59 +0200 In-Reply-To: Message-Id: <1142e2ec61dfc863a4ec5b92b60c97120957ec80.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 17/35] kasan: rename SHADOW layout macros to META From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132809_056766_D6196415 X-CRM114-Status: GOOD ( 13.88 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:849 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is a preparatory commit for the upcoming addition of a new hardware tag-based (MTE-based) KASAN mode. Hardware tag-based KASAN won't be using shadow memory, but will reuse these macros. Rename "SHADOW" to implementation-neutral "META". No functional changes. Signed-off-by: Andrey Konovalov --- mm/kasan/report.c | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/mm/kasan/report.c b/mm/kasan/report.c index 2cce7c9beea3..6306673e7062 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -36,11 +36,11 @@ #include "kasan.h" #include "../slab.h" -/* Shadow layout customization. */ -#define SHADOW_BYTES_PER_BLOCK 1 -#define SHADOW_BLOCKS_PER_ROW 16 -#define SHADOW_BYTES_PER_ROW (SHADOW_BLOCKS_PER_ROW * SHADOW_BYTES_PER_BLOCK) -#define SHADOW_ROWS_AROUND_ADDR 2 +/* Metadata layout customization. */ +#define META_BYTES_PER_BLOCK 1 +#define META_BLOCKS_PER_ROW 16 +#define META_BYTES_PER_ROW (META_BLOCKS_PER_ROW * META_BYTES_PER_BLOCK) +#define META_ROWS_AROUND_ADDR 2 static unsigned long kasan_flags; @@ -243,7 +243,7 @@ static void print_address_description(void *addr, u8 tag) static bool row_is_guilty(const void *row, const void *guilty) { - return (row <= guilty) && (guilty < row + SHADOW_BYTES_PER_ROW); + return (row <= guilty) && (guilty < row + META_BYTES_PER_ROW); } static int shadow_pointer_offset(const void *row, const void *shadow) @@ -252,7 +252,7 @@ static int shadow_pointer_offset(const void *row, const void *shadow) * 3 + (BITS_PER_LONG/8)*2 chars. */ return 3 + (BITS_PER_LONG/8)*2 + (shadow - row)*2 + - (shadow - row) / SHADOW_BYTES_PER_BLOCK + 1; + (shadow - row) / META_BYTES_PER_BLOCK + 1; } static void print_memory_metadata(const void *addr) @@ -262,15 +262,15 @@ static void print_memory_metadata(const void *addr) const void *shadow_row; shadow_row = (void *)round_down((unsigned long)shadow, - SHADOW_BYTES_PER_ROW) - - SHADOW_ROWS_AROUND_ADDR * SHADOW_BYTES_PER_ROW; + META_BYTES_PER_ROW) + - META_ROWS_AROUND_ADDR * META_BYTES_PER_ROW; pr_err("Memory state around the buggy address:\n"); - for (i = -SHADOW_ROWS_AROUND_ADDR; i <= SHADOW_ROWS_AROUND_ADDR; i++) { + for (i = -META_ROWS_AROUND_ADDR; i <= META_ROWS_AROUND_ADDR; i++) { const void *kaddr = kasan_shadow_to_mem(shadow_row); char buffer[4 + (BITS_PER_LONG/8)*2]; - char shadow_buf[SHADOW_BYTES_PER_ROW]; + char shadow_buf[META_BYTES_PER_ROW]; snprintf(buffer, sizeof(buffer), (i == 0) ? ">%px: " : " %px: ", kaddr); @@ -279,17 +279,17 @@ static void print_memory_metadata(const void *addr) * function, because generic functions may try to * access kasan mapping for the passed address. */ - memcpy(shadow_buf, shadow_row, SHADOW_BYTES_PER_ROW); + memcpy(shadow_buf, shadow_row, META_BYTES_PER_ROW); print_hex_dump(KERN_ERR, buffer, - DUMP_PREFIX_NONE, SHADOW_BYTES_PER_ROW, 1, - shadow_buf, SHADOW_BYTES_PER_ROW, 0); + DUMP_PREFIX_NONE, META_BYTES_PER_ROW, 1, + shadow_buf, META_BYTES_PER_ROW, 0); if (row_is_guilty(shadow_row, shadow)) pr_err("%*c\n", shadow_pointer_offset(shadow_row, shadow), '^'); - shadow_row += SHADOW_BYTES_PER_ROW; + shadow_row += META_BYTES_PER_ROW; } } From patchwork Fri Aug 14 17:27:00 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715101 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E9D95739 for ; Fri, 14 Aug 2020 17:34:19 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id B828220829 for ; Fri, 14 Aug 2020 17:34:19 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="cJ8oTYk5"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="YudbnRxx" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B828220829 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=uQqNZhyzXn44fo8voh+Eqo8Hl0IbjzFUT9MSIpi/k28=; b=cJ8oTYk5kSHyhPMX4Cde/Xsqm Swro0g2L7gXQrqwYUsPYtn/s81eaPKzV9rnENkRPvQd4f7O8GLLh4qykxsX+BdiS+6howOqh9sF1C vPtBnE8Unw1UL302NQFtx9lLq4lsXu+0thRq04un1Dq+1YSd1vMK6ENZ/0SceRktAjz4dQ8sC2ReS lNnmhYI6eFi8UvYJyI2TcvP1i5vkQR+dL58IVmUXQ5mTmO0Apcow1nKxMdsZG3SNmEiNRkPN4i6Wj RAUGjGVjqV+bjwV6AroJz+yk2Dxo4mjZIo2cVING7k7v1eBPLjZMR8Jx8t6Y35HSRk7ENXsfp4HOM J/sM/JCPQ==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dY9-0005HM-I0; Fri, 14 Aug 2020 17:31:29 +0000 Received: from mail-wr1-x44a.google.com ([2a00:1450:4864:20::44a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUw-0003Vs-Re for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:19 +0000 Received: by mail-wr1-x44a.google.com with SMTP id z1so3587292wrn.18 for ; Fri, 14 Aug 2020 10:28:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=d/u4o8cOL5u+yhGc4q9ktVy7qi4vlYcfWqeNAALsvIE=; b=YudbnRxxAfDza9Ob1s5ArnAOz+1EGRaJgYbc+niCE71NKhV6G4JRs1GS/K5w24bNUr B/kVJFITB/IGELm7t7feSJ7C/OROLDnd5pbDPJM0gnBEeNbVtdBLK89qQL/2DtpCyScK Ffnh6Mr9T4g3DvA51b63NMKHngoLitiYv2ZSrPU/kKzFeINw2oxGqoA14s/NK8wzluvo Ja9uXKDBdQU/5/v/axLxt0RhJj+RcISivrguLwVGv606pYPpZwMqLFAhOWSTb/FLqKTj 5BGeTY40yacOluHenc5Hjmu/R9lASevoq9VCPvldEme65z2xkyAbbv3xa/WJrdxaoP03 lf3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=d/u4o8cOL5u+yhGc4q9ktVy7qi4vlYcfWqeNAALsvIE=; b=mka4FQByQeV7BvdHYCxTqeTQHPboX5Ucz1bOWWaar0+VqojyvtBIGsXakGgdhmoZYE TXPBcK0ERLsLMkPEiD4TZWoKJ7sWCed+zAfYaBtVTMgVBrDMlSiNFO6pB2YPv4n4QwnK 4grg0LrxmQy8EcWeA57UcfbBzSarwfnkfOXVHejBUTlcT05kKWZOj51pgHzfHVLW1ug7 6pC49NYu8hN6tAAxIXiLLk/qrU5MTMLP6mzuqYJkYdvAaw48sXhRsw+YuGFGfWaYZJA0 Do2AnihTMX2tQ16pPxDSpxVgm7gzZzyQOqovhpH1NlipwcH/EjZHA9bJeRGXo/JyRHAX DMQw== X-Gm-Message-State: AOAM530bU6FV7A/QY74+SOpZRy5W0yaOr9IKKvbUQzBg6sx7ANgouBld Bm93PjSUZRBR1/FuiUndIoYKKSSTrvHYGNSg X-Google-Smtp-Source: ABdhPJwUfre5/KF8bB29t8r0emVBi7vqCOHn70LMl1bwcOmb8g5oyISb2BJmiGdVS4t7AgjEr6kxB9yIrtpc0yKR X-Received: by 2002:a05:600c:c3:: with SMTP id u3mr424029wmm.1.1597426086237; Fri, 14 Aug 2020 10:28:06 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:00 +0200 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 18/35] kasan: separate metadata_fetch_row for each mode From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132811_126814_D9D41862 X-CRM114-Status: GOOD ( 18.04 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:44a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This is a preparatory commit for the upcoming addition of a new hardware tag-based (MTE-based) KASAN mode. Rework print_memory_metadata() to make it agnostic with regard to the way metadata is stored. Allow providing a separate metadata_fetch_row() implementation for each KASAN mode. Hardware tag-based KASAN will provide its own implementation that doesn't use shadow memory. No functional changes for software modes. Signed-off-by: Andrey Konovalov --- mm/kasan/kasan.h | 8 ++++++ mm/kasan/report.c | 56 +++++++++++++++++++-------------------- mm/kasan/report_generic.c | 5 ++++ mm/kasan/report_tags.c | 5 ++++ 4 files changed, 45 insertions(+), 29 deletions(-) diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index 38fa4c202e9a..1d3c7c6ce771 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -56,6 +56,13 @@ #define KASAN_ABI_VERSION 1 #endif +/* Metadata layout customization. */ +#define META_BYTES_PER_BLOCK 1 +#define META_BLOCKS_PER_ROW 16 +#define META_BYTES_PER_ROW (META_BLOCKS_PER_ROW * META_BYTES_PER_BLOCK) +#define META_MEM_BYTES_PER_ROW (META_BYTES_PER_ROW * KASAN_GRANULE_SIZE) +#define META_ROWS_AROUND_ADDR 2 + struct kasan_access_info { const void *access_addr; const void *first_bad_addr; @@ -167,6 +174,7 @@ bool check_invalid_free(void *addr); void *find_first_bad_addr(void *addr, size_t size); const char *get_bug_type(struct kasan_access_info *info); +void metadata_fetch_row(char *buffer, void *row); #ifdef CONFIG_KASAN_STACK_ENABLE void print_address_stack_frame(const void *addr); diff --git a/mm/kasan/report.c b/mm/kasan/report.c index 6306673e7062..c904edab33b8 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -36,12 +36,6 @@ #include "kasan.h" #include "../slab.h" -/* Metadata layout customization. */ -#define META_BYTES_PER_BLOCK 1 -#define META_BLOCKS_PER_ROW 16 -#define META_BYTES_PER_ROW (META_BLOCKS_PER_ROW * META_BYTES_PER_BLOCK) -#define META_ROWS_AROUND_ADDR 2 - static unsigned long kasan_flags; #define KASAN_BIT_REPORTED 0 @@ -241,55 +235,59 @@ static void print_address_description(void *addr, u8 tag) print_address_stack_frame(addr); } -static bool row_is_guilty(const void *row, const void *guilty) +static bool meta_row_is_guilty(const void *row, const void *addr) { - return (row <= guilty) && (guilty < row + META_BYTES_PER_ROW); + return (row <= addr) && (addr < row + META_MEM_BYTES_PER_ROW); } -static int shadow_pointer_offset(const void *row, const void *shadow) +static int meta_pointer_offset(const void *row, const void *addr) { - /* The length of ">ff00ff00ff00ff00: " is - * 3 + (BITS_PER_LONG/8)*2 chars. + /* + * Memory state around the buggy address: + * ff00ff00ff00ff00: 00 00 00 05 fe fe fe fe fe fe fe fe fe fe fe fe + * ... + * + * The length of ">ff00ff00ff00ff00: " is + * 3 + (BITS_PER_LONG / 8) * 2 chars. + * The length of each granule metadata is 2 bytes + * plus 1 byte for space. */ - return 3 + (BITS_PER_LONG/8)*2 + (shadow - row)*2 + - (shadow - row) / META_BYTES_PER_BLOCK + 1; + return 3 + (BITS_PER_LONG / 8) * 2 + + (addr - row) / KASAN_GRANULE_SIZE * 3 + 1; } static void print_memory_metadata(const void *addr) { int i; - const void *shadow = kasan_mem_to_shadow(addr); - const void *shadow_row; + void *row; - shadow_row = (void *)round_down((unsigned long)shadow, - META_BYTES_PER_ROW) - - META_ROWS_AROUND_ADDR * META_BYTES_PER_ROW; + row = (void *)round_down((unsigned long)addr, META_MEM_BYTES_PER_ROW) + - META_ROWS_AROUND_ADDR * META_MEM_BYTES_PER_ROW; pr_err("Memory state around the buggy address:\n"); for (i = -META_ROWS_AROUND_ADDR; i <= META_ROWS_AROUND_ADDR; i++) { - const void *kaddr = kasan_shadow_to_mem(shadow_row); - char buffer[4 + (BITS_PER_LONG/8)*2]; - char shadow_buf[META_BYTES_PER_ROW]; + char buffer[4 + (BITS_PER_LONG / 8) * 2]; + char metadata[META_BYTES_PER_ROW]; snprintf(buffer, sizeof(buffer), - (i == 0) ? ">%px: " : " %px: ", kaddr); + (i == 0) ? ">%px: " : " %px: ", row); + /* * We should not pass a shadow pointer to generic * function, because generic functions may try to * access kasan mapping for the passed address. */ - memcpy(shadow_buf, shadow_row, META_BYTES_PER_ROW); + metadata_fetch_row(&metadata[0], row); + print_hex_dump(KERN_ERR, buffer, DUMP_PREFIX_NONE, META_BYTES_PER_ROW, 1, - shadow_buf, META_BYTES_PER_ROW, 0); + metadata, META_BYTES_PER_ROW, 0); - if (row_is_guilty(shadow_row, shadow)) - pr_err("%*c\n", - shadow_pointer_offset(shadow_row, shadow), - '^'); + if (meta_row_is_guilty(row, addr)) + pr_err("%*c\n", meta_pointer_offset(row, addr), '^'); - shadow_row += META_BYTES_PER_ROW; + row += META_MEM_BYTES_PER_ROW; } } diff --git a/mm/kasan/report_generic.c b/mm/kasan/report_generic.c index 29d30fae9421..6524651b5d2e 100644 --- a/mm/kasan/report_generic.c +++ b/mm/kasan/report_generic.c @@ -127,6 +127,11 @@ const char *get_bug_type(struct kasan_access_info *info) return get_wild_bug_type(info); } +void metadata_fetch_row(char *buffer, void *row) +{ + memcpy(buffer, kasan_mem_to_shadow(row), META_BYTES_PER_ROW); +} + #ifdef CONFIG_KASAN_STACK_ENABLE static bool __must_check tokenize_frame_descr(const char **frame_descr, char *token, size_t max_tok_len, diff --git a/mm/kasan/report_tags.c b/mm/kasan/report_tags.c index 6ddb55676a7c..4060d0503462 100644 --- a/mm/kasan/report_tags.c +++ b/mm/kasan/report_tags.c @@ -85,6 +85,11 @@ void *find_first_bad_addr(void *addr, size_t size) return p; } +void metadata_fetch_row(char *buffer, void *row) +{ + memcpy(buffer, kasan_mem_to_shadow(row), META_BYTES_PER_ROW); +} + void print_tags(u8 addr_tag, const void *addr) { u8 *shadow = (u8 *)kasan_mem_to_shadow(addr); From patchwork Fri Aug 14 17:27:01 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715045 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 96120618 for ; Fri, 14 Aug 2020 17:31:36 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 6B8CC20768 for ; Fri, 14 Aug 2020 17:31:36 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="lQneFmYU"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="MpeccDbA" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6B8CC20768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=h7pZPa8BS/Ty3WL70LSNIPKrY8pzIY2gMRjDPVY1DKg=; b=lQneFmYUqMPN9pYQfDsQQgSlW yUqbkrxblZVDKY7FYWKgusJn4d9C/5pgNM0Zg/h24Chn7stIFd3X2mHWOA72FnagC8MqgGBWxmgTm Oz1XOOuecdschJ7C7UndIs59ndPWsCl2hR803O7gCOWmK2hNsUH9vG9X4K5jTOaCjNFEDldau+kYd 3AFzBGGYvhyWoKTd6izPK+9Tg/Pero6cB125ME0vfHnV3aig4Vnv9Lh01CPtW88GPrldNWtujCsXX tDVzFz/vgdzbO/HjMsYZeSwrL/ptyZ3sy2vAiq7jZUS9qssTm4CDfMeiBy0zXOST061Jg9Mqace2f xLKGid4UA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dY0-00058H-Pt; Fri, 14 Aug 2020 17:31:20 +0000 Received: from mail-wm1-x349.google.com ([2a00:1450:4864:20::349]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dUy-0003Wj-87 for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:19 +0000 Received: by mail-wm1-x349.google.com with SMTP id p184so3409805wmp.7 for ; Fri, 14 Aug 2020 10:28:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=zi4RvguO5V6krMCBAUSDmKnZjdOOk8JOKWNtsbuVl1k=; b=MpeccDbAmyi9zM+1C8dkn9B/K4wceTNQ+tgcRDm6+AgQur9nWRGo8BEGb8+vArokqc IW2bWkZP3jiKyf9bYyFJBUkxRKVAf2Q++mSmPf6yMZGRtTtBdzg3pRP6EQFuJXfkLvpX eB+KAJ1HEYfvJOrMIUN4mgwLwhTY0ol+7kOJqYVCAIGbkauE3yWAQuQZYOvYx3rSLbhl NmUGdNfY8bwRRHD1QQ03HPw64mDJ8yz0ultoUUq2xTqHAKzpqdv7kojqWmoGjQkfzwuc 0ynqhDy7TcxwWoXQTproKjfj5IP6dX/0XwWTdaSRRnQ3wR7gGzf+ZlydxaY0zVve9rQf oFIA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=zi4RvguO5V6krMCBAUSDmKnZjdOOk8JOKWNtsbuVl1k=; b=khR+3r7JKa9oiP33FcbbxQwdpPgzMi5/WUbZmWwKrkJaZQGHJIh4iHl6SUkSD8VTtT R5QDP+IXcRI6bUjtI90x190t5Y6zp6hvCs/qCfQbP6FRQpSJhdDR1zkQ1IRkLYDECz5B VMFZqxDnFIRLqR0bVtYmHbTMiNzIY6gBzfWKlcOgfP5Xl8V9ePJWH4Nu2vvMoBh/566q npSl1fj58w0HS9g1pQWGwcuM6sOf/n0xklknWXU1YqKJYQ+KtVfKdS0LXuqKwwF3x7tl Bd/BQwgWxeCfb58YRNMAihQrlkSA1kv1sUeEmO4W9KvZhNseSHYTmfuYXx7vJQWaNKhH mYuA== X-Gm-Message-State: AOAM532hHYwb8JCHDTqy8tpWYaGCAwnQQ07EcHVADrvWdbP7v9t9d+8u hG6kBZ4JU+vpc57O8QgMp0OqCSWnVAEE8lRc X-Google-Smtp-Source: ABdhPJzq9OwNzATVl4TndqLv6+0Tp14X5TVHCU7ZPirTCFmbUTEDo8lEUat6Xbd7IquaS/4zCQSouYUdw0JF7qhI X-Received: by 2002:a7b:c219:: with SMTP id x25mr3405298wmi.101.1597426088961; Fri, 14 Aug 2020 10:28:08 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:01 +0200 In-Reply-To: Message-Id: <5185661d553238884613a432cf1d71b1480a23ba.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 19/35] kasan: don't allow SW_TAGS with ARM64_MTE From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132812_372341_211CB3C5 X-CRM114-Status: GOOD ( 10.87 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:349 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org Software tag-based KASAN provides its own tag checking machinery that can conflict with MTE. Don't allow enabling software tag-based KASAN when MTE is enabled. Signed-off-by: Andrey Konovalov --- lib/Kconfig.kasan | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan index b4cf6c519d71..e500c18cbe79 100644 --- a/lib/Kconfig.kasan +++ b/lib/Kconfig.kasan @@ -69,6 +69,7 @@ config KASAN_GENERIC config KASAN_SW_TAGS bool "Software tag-based mode" depends on HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS + depends on !ARM64_MTE help Enables software tag-based KASAN mode. From patchwork Fri Aug 14 17:27:02 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715071 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 70312618 for ; Fri, 14 Aug 2020 17:32:16 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 4761520768 for ; Fri, 14 Aug 2020 17:32:16 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="qyoBBMbY"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="r3Pq4Nw/" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 4761520768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=+UJFQQ/YFkIB/RYqex7fQ4+QL4+Ytu2/k0XMfPlzKoQ=; b=qyoBBMbYHUgRsKKp08ttYrcdM 1xISJdsv+vSZh2SQwt62ldX7h8rxDcq4N1BpW03lBZ6W+9N2TNDH5s6ZU6TLn+HO2TDYQCEXuD+CG xBOY86X2RPA1gQ2wkuTqj5Aod2Cyq2MKBJF6tXBAv2rD6v3GhP6kMyzlfWtexyFBedMTS+2u4G47O ne8RCrNlb7BVM2Ux8qfUCQ+U+6x5MUwLv47CciDRRxxw+nEGagUpARaXwpTSzshYHeOR/L7VZDKNB h6i/hrwZiP+I7HfEzf5PxZ7eGX4Q2WMBmjAuj7Lyf3sa+ZjnWvN2BLtyBtpxyHZQGBbWtdqWNNziB mEZxqyScQ==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dYN-0005PB-Kd; Fri, 14 Aug 2020 17:31:43 +0000 Received: from mail-wr1-x44a.google.com ([2a00:1450:4864:20::44a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dV1-0003YP-K5 for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:24 +0000 Received: by mail-wr1-x44a.google.com with SMTP id r14so3614000wrq.3 for ; Fri, 14 Aug 2020 10:28:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=Riwx46dUdQZCUBoIKFQK30aeY6nxibjjbFZQvhGTSVk=; b=r3Pq4Nw/CaoWG6G6om2TkSeS2q3clDVrI1jCJZUuPgJWrFW56RmBaxQJTKiw8RDwkv SXknHXxNubQ/xsH4JUduXI8P7Ao0rNKHTmxWSLd6+rR3L+eMVGvfYsQZCNJcqno+0SvU tQTCc0IaZnYqxsGgZIWb6dR600zBkz4ATNFlZXN0oodOskMVMbwApFhSiSS8Hc5kEo1o 2keQXF4RswsJN9aziL4F/HMIxE1tLyJyZehyXq70N4BsfEQC2/qJApII530XcFa6vDo9 umF+SAHHeQEUyeUJl91ZaJnkzhY9dZLQUxwtVJNYU4o96vxe2Ib/F+vtqvgmZyDaI9I/ HVjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=Riwx46dUdQZCUBoIKFQK30aeY6nxibjjbFZQvhGTSVk=; b=IjbClgHa6DuQdYwmiZxj7QRjEgnIJc8BsQ1zd/4RJdhP93EE/I4OD36cWBnu10Rybb PVBqBmqR/+6Sgow95M5IyIKgomwbz2cB7MH4QQtflDPEwmSnw/RC8VAUKsDcr3fceE+i dr3SRWnISOg5d5Az06rfqvuC6kXIUBAIjX2qPc7j1Z5Dt7mYxGhKe/gyrjumzvoAotCo EEyA+wYzuorDqAfhtZzkDvAtTnMvD1yngw9jXt9ekbJvqBoH3V4GiY5WPx1V4QkuqaG7 V5qbgfPKtlw+gCURfq1EcvtOz5E4i2zBtttgSccHSn9/nV5pMWAeGt7VbX/qSKPApjSy 2hnw== X-Gm-Message-State: AOAM531aKRcY4EE9MH/znO495XFg53fAWh59V7gjKV9dLTi/vN8aahwZ ZafgBR1h3j8teZPwc1AG8dyjClnWvNpRwkCs X-Google-Smtp-Source: ABdhPJw/jNH9QPIZc2t+4rbadjLlOE44b7TKGySp7yNB+Ni/K8pn2eaB/l/BXc2r60vcjhzOsBbB8v3UAMZ+9JJW X-Received: by 2002:a05:600c:c3:: with SMTP id u3mr424057wmm.1.1597426091488; Fri, 14 Aug 2020 10:28:11 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:02 +0200 In-Reply-To: Message-Id: <2cf260bdc20793419e32240d2a3e692b0adf1f80.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 20/35] arm64: mte: Add in-kernel MTE helpers From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132815_775665_781ED647 X-CRM114-Status: GOOD ( 22.43 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:44a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org From: Vincenzo Frascino Provide helper functions to manipulate allocation and pointer tags for kernel addresses. Low-level helper functions (mte_assign_*, written in assembly) operate tag values from the [0x0, 0xF] range. High-level helper functions (mte_get/set_*) use the [0xF0, 0xFF] range to preserve compatibility with normal kernel pointers that have 0xFF in their top byte. MTE_GRANULE_SIZE definition is moved to mte_asm.h header that doesn't have any dependencies and is safe to include into any low-level header. Signed-off-by: Vincenzo Frascino Co-developed-by: Andrey Konovalov Signed-off-by: Andrey Konovalov --- arch/arm64/include/asm/esr.h | 1 + arch/arm64/include/asm/mte.h | 46 +++++++++++++++++++++++++++++--- arch/arm64/include/asm/mte_asm.h | 10 +++++++ arch/arm64/kernel/mte.c | 43 +++++++++++++++++++++++++++++ arch/arm64/lib/mte.S | 41 ++++++++++++++++++++++++++++ 5 files changed, 138 insertions(+), 3 deletions(-) create mode 100644 arch/arm64/include/asm/mte_asm.h diff --git a/arch/arm64/include/asm/esr.h b/arch/arm64/include/asm/esr.h index 035003acfa87..bc0dc66a6a27 100644 --- a/arch/arm64/include/asm/esr.h +++ b/arch/arm64/include/asm/esr.h @@ -103,6 +103,7 @@ #define ESR_ELx_FSC (0x3F) #define ESR_ELx_FSC_TYPE (0x3C) #define ESR_ELx_FSC_EXTABT (0x10) +#define ESR_ELx_FSC_MTE (0x11) #define ESR_ELx_FSC_SERROR (0x11) #define ESR_ELx_FSC_ACCESS (0x08) #define ESR_ELx_FSC_FAULT (0x04) diff --git a/arch/arm64/include/asm/mte.h b/arch/arm64/include/asm/mte.h index 1c99fcadb58c..733be1cb5c95 100644 --- a/arch/arm64/include/asm/mte.h +++ b/arch/arm64/include/asm/mte.h @@ -5,14 +5,19 @@ #ifndef __ASM_MTE_H #define __ASM_MTE_H -#define MTE_GRANULE_SIZE UL(16) +#include + #define MTE_GRANULE_MASK (~(MTE_GRANULE_SIZE - 1)) #define MTE_TAG_SHIFT 56 #define MTE_TAG_SIZE 4 +#define MTE_TAG_MASK GENMASK((MTE_TAG_SHIFT + (MTE_TAG_SIZE - 1)), MTE_TAG_SHIFT) +#define MTE_TAG_MAX (MTE_TAG_MASK >> MTE_TAG_SHIFT) #ifndef __ASSEMBLY__ +#include #include +#include #include @@ -45,7 +50,16 @@ long get_mte_ctrl(struct task_struct *task); int mte_ptrace_copy_tags(struct task_struct *child, long request, unsigned long addr, unsigned long data); -#else +void *mte_assign_valid_ptr_tag(void *ptr); +void *mte_assign_random_ptr_tag(void *ptr); +void mte_assign_mem_tag_range(void *addr, size_t size); + +#define mte_get_ptr_tag(ptr) ((u8)(((u64)(ptr)) >> MTE_TAG_SHIFT)) +u8 mte_get_mem_tag(void *addr); +u8 mte_get_random_tag(void); +void *mte_set_mem_tag_range(void *addr, size_t size, u8 tag); + +#else /* CONFIG_ARM64_MTE */ /* unused if !CONFIG_ARM64_MTE, silence the compiler */ #define PG_mte_tagged 0 @@ -80,7 +94,33 @@ static inline int mte_ptrace_copy_tags(struct task_struct *child, return -EIO; } -#endif +static inline void *mte_assign_valid_ptr_tag(void *ptr) +{ + return ptr; +} +static inline void *mte_assign_random_ptr_tag(void *ptr) +{ + return ptr; +} +static inline void mte_assign_mem_tag_range(void *addr, size_t size) +{ +} + +#define mte_get_ptr_tag(ptr) 0xFF +static inline u8 mte_get_mem_tag(void *addr) +{ + return 0xFF; +} +static inline u8 mte_get_random_tag(void) +{ + return 0xFF; +} +static inline void *mte_set_mem_tag_range(void *addr, size_t size, u8 tag) +{ + return addr; +} + +#endif /* CONFIG_ARM64_MTE */ #endif /* __ASSEMBLY__ */ #endif /* __ASM_MTE_H */ diff --git a/arch/arm64/include/asm/mte_asm.h b/arch/arm64/include/asm/mte_asm.h new file mode 100644 index 000000000000..aa532c1851e1 --- /dev/null +++ b/arch/arm64/include/asm/mte_asm.h @@ -0,0 +1,10 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Copyright (C) 2020 ARM Ltd. + */ +#ifndef __ASM_MTE_ASM_H +#define __ASM_MTE_ASM_H + +#define MTE_GRANULE_SIZE UL(16) + +#endif /* __ASM_MTE_ASM_H */ diff --git a/arch/arm64/kernel/mte.c b/arch/arm64/kernel/mte.c index eb39504e390a..e2d708b4583d 100644 --- a/arch/arm64/kernel/mte.c +++ b/arch/arm64/kernel/mte.c @@ -13,8 +13,10 @@ #include #include #include +#include #include +#include #include #include #include @@ -72,6 +74,47 @@ int memcmp_pages(struct page *page1, struct page *page2) return ret; } +u8 mte_get_mem_tag(void *addr) +{ + if (system_supports_mte()) + addr = mte_assign_valid_ptr_tag(addr); + + return 0xF0 | mte_get_ptr_tag(addr); +} + +u8 mte_get_random_tag(void) +{ + u8 tag = 0xF; + + if (system_supports_mte()) + tag = mte_get_ptr_tag(mte_assign_random_ptr_tag(NULL)); + + return 0xF0 | tag; +} + +void * __must_check mte_set_mem_tag_range(void *addr, size_t size, u8 tag) +{ + void *ptr = addr; + + if ((!system_supports_mte()) || (size == 0)) + return addr; + + tag = 0xF0 | (tag & 0xF); + ptr = (void *)__tag_set(ptr, tag); + size = ALIGN(size, MTE_GRANULE_SIZE); + + mte_assign_mem_tag_range(ptr, size); + + /* + * mte_assign_mem_tag_range() can be invoked in a multi-threaded + * context, ensure that tags are written in memory before the + * reference is used. + */ + smp_wmb(); + + return ptr; +} + static void update_sctlr_el1_tcf0(u64 tcf0) { /* ISB required for the kernel uaccess routines */ diff --git a/arch/arm64/lib/mte.S b/arch/arm64/lib/mte.S index 03ca6d8b8670..8c743540e32c 100644 --- a/arch/arm64/lib/mte.S +++ b/arch/arm64/lib/mte.S @@ -149,3 +149,44 @@ SYM_FUNC_START(mte_restore_page_tags) ret SYM_FUNC_END(mte_restore_page_tags) + +/* + * Assign pointer tag based on the allocation tag + * x0 - source pointer + * Returns: + * x0 - pointer with the correct tag to access memory + */ +SYM_FUNC_START(mte_assign_valid_ptr_tag) + ldg x0, [x0] + ret +SYM_FUNC_END(mte_assign_valid_ptr_tag) + +/* + * Assign random pointer tag + * x0 - source pointer + * Returns: + * x0 - pointer with a random tag + */ +SYM_FUNC_START(mte_assign_random_ptr_tag) + irg x0, x0 + ret +SYM_FUNC_END(mte_assign_random_ptr_tag) + +/* + * Assign allocation tags for a region of memory based on the pointer tag + * x0 - source pointer + * x1 - size + * + * Note: size is expected to be MTE_GRANULE_SIZE aligned + */ +SYM_FUNC_START(mte_assign_mem_tag_range) + /* if (src == NULL) return; */ + cbz x0, 2f + /* if (size == 0) return; */ + cbz x1, 2f +1: stg x0, [x0] + add x0, x0, #MTE_GRANULE_SIZE + sub x1, x1, #MTE_GRANULE_SIZE + cbnz x1, 1b +2: ret +SYM_FUNC_END(mte_assign_mem_tag_range) From patchwork Fri Aug 14 17:27:03 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715107 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id DAE5D618 for ; Fri, 14 Aug 2020 17:34:29 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 67BB720829 for ; Fri, 14 Aug 2020 17:34:29 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="TTHrJjLO"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="J0yRjS8w" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 67BB720829 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=9NJ2uECvAI2ctQZiK5eVdID7nz8rNxxkizOg3g0CAdw=; b=TTHrJjLOt8szBBPtBxGBejUeH unzs10lx0jyTdaaMyPSKQKHg+54XneOJ+0oE0Z7rkmEDdqOELI/qZibr/qwiqYWIjuEXwS4oN+dOY cjKiJwAJkjKmo/xdIFAOA0KmgEejivZAV07H9Q40yu4sVR+3bLhWp6FOYMWtRpG+OsIxigBvD026C Es7sI4WoWUl36OQhzN6mr40pvk7oh3nKyofuW+cTJPd6GV4neSDRpv9hRd/hzMcM3iETG8dITqrJC IzjWK9TaSaS3fq4Etz/J7PbguVPNBFC0Rq+lOmaCMH1y80kQecIU1bscFRrUn/c/AZgtZZisZdsLu coj0xMjGA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dYs-0005i2-Lp; Fri, 14 Aug 2020 17:32:14 +0000 Received: from mail-qv1-xf49.google.com ([2607:f8b0:4864:20::f49]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dV3-0003Zd-Qf for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:27 +0000 Received: by mail-qv1-xf49.google.com with SMTP id x4so6481766qvu.18 for ; Fri, 14 Aug 2020 10:28:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=E0RrGh1M0jqaaDoEOkU8MvQi4g07cx9su4pS9IT1SWw=; b=J0yRjS8wAi98SLl40BtGkKwGJXb87bHWptPKQUee0Z7i8RnowmsAsnTsSSGI/mRVKG /jBE+O/OM0IlfTDa5WKWGDVszoGwgZAxqhir2+UYOvzVv0T0kxYGs89EIVE3j7zvDcQP GPQ1zisFX3ghoL4cEwaGUe+RAIqE8fE978O2GWSaMwrA6JP4uyHCDH6oudvPU+qzrFnK s/DztyfYwRhXAGuuuDUHlU5qU/ik0sNsoQCOVLC2aU7SaX6rXyrlmEfq6jLz9760Mo/W YzyxoAF7tuNY/jCOHcxGNwqQSk8KoNiASEdIQr3iycLeHaTqYkXL/Uqo8uXoj1mabJku 9Q2Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=E0RrGh1M0jqaaDoEOkU8MvQi4g07cx9su4pS9IT1SWw=; b=eS3zv/8aqLGvuIvRBOCMpBTtV/jNssS4sZCMDVQ1rlMOqOCvCh/3j5xIA1lXWT2gQe j803zLmEhNmepxBfYLbS3Nl1Wk2oquSNCaupkzg0UOhlTvQbChtnHh7Lun93+Ae2Zbia NZsSakMKEA2TTuXM3eIUnTyRDFhd4GjI90ES6aGC3HdjY6zBrERdQ8LLty51eopwg2xx Gv8aei5k37pYTZoDpjKvOJJwfAXgAlOWSFcV1K/cW682oche33HLEgnDszN/J/cQjMhT yuqVf35sBlWTPMdMUv3HD3CV+isWja2m9BfpLDyxVpDgBj5fhh14AwRwEXZcCT3H7eAP VpeA== X-Gm-Message-State: AOAM531WQzBFr6oCb9RwlVjWGyA/BPtfxCDQqIxucWnuNlA3Q0JPS97d RYDRt+fhK/kRE2Ncj51Nfl+Qgc9Gcz/EX6SX X-Google-Smtp-Source: ABdhPJy3SdR9WMFOSxqndhovcLxyBqUrrg3mnD1AcV1Kt+RAUKx381UmFBB5e6t6uAgctFxBWyRwguDJG3EOOPOZ X-Received: by 2002:a0c:9a0c:: with SMTP id p12mr3610073qvd.75.1597426093874; Fri, 14 Aug 2020 10:28:13 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:03 +0200 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 21/35] arm64: mte: Add in-kernel tag fault handler From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132818_057923_4AAE0BA0 X-CRM114-Status: GOOD ( 18.81 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:f49 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org From: Vincenzo Frascino Add the implementation of the in-kernel fault handler. When a tag fault happens on a kernel address: * a warning is logged, * the faulting instruction is skipped, * the execution continues. When a tag fault happens on a user address: * the kernel executes do_bad_area() and panics. Signed-off-by: Vincenzo Frascino Co-developed-by: Andrey Konovalov Signed-off-by: Andrey Konovalov --- arch/arm64/mm/fault.c | 50 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 49 insertions(+), 1 deletion(-) diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c index 5e832b3387f1..c62c8ba85c0e 100644 --- a/arch/arm64/mm/fault.c +++ b/arch/arm64/mm/fault.c @@ -33,6 +33,7 @@ #include #include #include +#include #include #include #include @@ -222,6 +223,20 @@ int ptep_set_access_flags(struct vm_area_struct *vma, return 1; } +static bool is_el1_mte_sync_tag_check_fault(unsigned int esr) +{ + unsigned int ec = ESR_ELx_EC(esr); + unsigned int fsc = esr & ESR_ELx_FSC; + + if (ec != ESR_ELx_EC_DABT_CUR) + return false; + + if (fsc == ESR_ELx_FSC_MTE) + return true; + + return false; +} + static bool is_el1_instruction_abort(unsigned int esr) { return ESR_ELx_EC(esr) == ESR_ELx_EC_IABT_CUR; @@ -294,6 +309,18 @@ static void die_kernel_fault(const char *msg, unsigned long addr, do_exit(SIGKILL); } +static void report_tag_fault(unsigned long addr, unsigned int esr, + struct pt_regs *regs) +{ + bool is_write = ((esr & ESR_ELx_WNR) >> ESR_ELx_WNR_SHIFT) != 0; + + pr_alert("Memory Tagging Extension Fault in %pS\n", (void *)regs->pc); + pr_alert(" %s at address %lx\n", is_write ? "Write" : "Read", addr); + pr_alert(" Pointer tag: [%02x], memory tag: [%02x]\n", + mte_get_ptr_tag(addr), + mte_get_mem_tag((void *)addr)); +} + static void __do_kernel_fault(unsigned long addr, unsigned int esr, struct pt_regs *regs) { @@ -317,12 +344,16 @@ static void __do_kernel_fault(unsigned long addr, unsigned int esr, msg = "execute from non-executable memory"; else msg = "read from unreadable memory"; + } else if (is_el1_mte_sync_tag_check_fault(esr)) { + report_tag_fault(addr, esr, regs); + msg = "memory tagging extension fault"; } else if (addr < PAGE_SIZE) { msg = "NULL pointer dereference"; } else { msg = "paging request"; } + die_kernel_fault(msg, addr, esr, regs); } @@ -658,10 +689,27 @@ static int do_sea(unsigned long addr, unsigned int esr, struct pt_regs *regs) return 0; } +static int do_tag_recovery(unsigned long addr, unsigned int esr, + struct pt_regs *regs) +{ + report_tag_fault(addr, esr, regs); + + /* Skip over the faulting instruction and continue: */ + arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); + + return 0; +} + + static int do_tag_check_fault(unsigned long addr, unsigned int esr, struct pt_regs *regs) { - do_bad_area(addr, esr, regs); + /* The tag check fault (TCF) is per TTBR */ + if (is_ttbr0_addr(addr)) + do_bad_area(addr, esr, regs); + else + do_tag_recovery(addr, esr, regs); + return 0; } From patchwork Fri Aug 14 17:27:04 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715081 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 376A6739 for ; Fri, 14 Aug 2020 17:32:45 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 1081F20829 for ; Fri, 14 Aug 2020 17:32:45 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="2ONGBHDd"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="VBd8Y8/0" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1081F20829 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=d86LobiB87yyTy/icJsCdB3ONN9kuuIMmxtjfdYz5Ww=; b=2ONGBHDd7zZiDDt5J1MvKjjdf 94vLucekbCQvjF9nb3NjqzNwJOVSDwnt9+hzgkIoKS0rgnikHTdUVhwk0KZWYLz8/1lCGPDADLWn8 qfTxiR7dtY/b1XXXIpn/4z8TC5cvrvebg3jt4/gg7GKs2SaGFI93za3FF/CXAqte1qShILjeiM4d6 PpCfdZWNFrHRgO9m7FKESSi+hQunLeprDIMd4z9BC/QyCQRC3aScRGxBs1W5Py+B1IstQzOVvYZVq Pbs1ljs3g9nWmkcL+ngAlBR6uGVoJPZkm/NIppIIPXAU27FNluAXRKg9wreT0VTvBdeY/3c50Y9Jf 7lj6w2WLg==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dZ3-0005os-8a; Fri, 14 Aug 2020 17:32:25 +0000 Received: from mail-qt1-x849.google.com ([2607:f8b0:4864:20::849]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dV5-0003ad-MO for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:28 +0000 Received: by mail-qt1-x849.google.com with SMTP id r9so7477991qtp.7 for ; Fri, 14 Aug 2020 10:28:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=LewkbAtBTS3fxa2ioFCrxocMUQLUBlN7d9swTrdmfVk=; b=VBd8Y8/0sCJNp9OLxtpbP3YFD0V7v4ivH9Cj8L45fMKAxsbpM/7wFGcDUQeyy72z7+ 0+83oUrkvXL/wVWdOLiGRPDkN9cxYy25dwFuY6WlobJRoBw5Hv9a+2zjxhhnyquGKy9S 2EZU9tkO5wLg8/RgIx9m7DsZYXR3314Znfr6vJ3MNxMoELwXKZlF+NlGBiOEjdt+YbH/ M8jvnzzivlTluFx2uqs4r137zk+fAgcIbSEWAReQBWWz/UFUwoH8b3I68Z73ieYmMigU ntrskJrbnmV1HFKyooD68AjgyDl3B/zvkVc8r7dyFNQz5HrEOh+GjWU5ZP9+NGOy7Czk g76Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=LewkbAtBTS3fxa2ioFCrxocMUQLUBlN7d9swTrdmfVk=; b=Xm/6xfIAHniIoMHcVRMGEkLEP4AZYNKL2lp/uS9F6J9Npb2owuedESnm4tpxQQLpxf s03x+Uw7dskh2m2pYjn1OJ5jbMVwGdPWEJFFi81E9GElGQMKPeKd2Owuy+Pr/prN6oPi n0wtPqk3tDrl8cZOR6FyaF5uNXzOu0f+G36328lVTOpPrfxMtCESm4dQ2Kdq5YKOB3NN opYSbjaEsfjMLGVRhFsZdIgZpW+8x/CL3Bs/FGsys7PwyldZR0sH+VdqzM5m6kilwUYG lXYBSAUGOaqIlcKPvfbYLzBXJ3UposMUWr28R6QxZedAcQs0+/fw75Vxlz2j31coLvgd jfmQ== X-Gm-Message-State: AOAM530t86fV9nK9k3Tmy38i4GmpUi66N1SiQMzx4vDa5v1uJhndennW o4seS3z0vKcLRP4M0yI0utRF9agWzTi7qi9f X-Google-Smtp-Source: ABdhPJwkBrAQ8GyLssKpf9q7VKymTxaofLqPPbiLmDAQiv3UZOFrLINHymedM0M36JyCRp99bnQq9F+T3nsH6DvR X-Received: by 2002:ad4:4b0b:: with SMTP id r11mr3633062qvw.94.1597426095910; Fri, 14 Aug 2020 10:28:15 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:04 +0200 In-Reply-To: Message-Id: <6a83a47d9954935d37a654978e96c951cc56a2f6.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 22/35] arm64: mte: Enable in-kernel MTE From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132819_859661_599A004B X-CRM114-Status: GOOD ( 14.07 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:849 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org From: Vincenzo Frascino The Tag Checking operation causes a synchronous data abort as a consequence of a tag check fault when MTE is configured in synchronous mode. Enable MTE in Synchronous mode in EL1 to provide a more immediate way of tag check failure detection in the kernel. As part of this change enable match-all tag for EL1 to allow the kernel to access user pages without faulting. This is required because the kernel does not have knowledge of the tags set by the user in a page. Note: For MTE, the TCF bit field in SCTLR_EL1 affects only EL1 in a similar way as TCF0 affects EL0. Signed-off-by: Vincenzo Frascino --- arch/arm64/kernel/cpufeature.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index 4d3abb51f7d4..4d94af19d8f6 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -1670,6 +1670,9 @@ static void cpu_enable_mte(struct arm64_cpu_capabilities const *cap) write_sysreg_s(0, SYS_TFSR_EL1); write_sysreg_s(0, SYS_TFSRE0_EL1); + /* Enable Match-All at EL1 */ + sysreg_clear_set(tcr_el1, 0, SYS_TCR_EL1_TCMA1); + /* * CnP must be enabled only after the MAIR_EL1 register has been set * up. Inconsistent MAIR_EL1 between CPUs sharing the same TLB may @@ -1687,6 +1690,9 @@ static void cpu_enable_mte(struct arm64_cpu_capabilities const *cap) mair &= ~MAIR_ATTRIDX(MAIR_ATTR_MASK, MT_NORMAL_TAGGED); mair |= MAIR_ATTRIDX(MAIR_ATTR_NORMAL_TAGGED, MT_NORMAL_TAGGED); write_sysreg_s(mair, SYS_MAIR_EL1); + + /* Enable MTE Sync Mode for EL1 */ + sysreg_clear_set(sctlr_el1, SCTLR_ELx_TCF_MASK, SCTLR_ELx_TCF_SYNC); isb(); local_flush_tlb_all(); From patchwork Fri Aug 14 17:27:05 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715135 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 2757E16B1 for ; Fri, 14 Aug 2020 18:05:02 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id F033F20771 for ; Fri, 14 Aug 2020 18:05:01 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="BQosj73b"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="wLdpPUJw" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org F033F20771 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=iB8o4oXxZN0wIEWJJSpXYgooXzg/n2RWXdD4OCPgTgg=; b=BQosj73bayBCkFymow4hmJgjp 1CFNHuv7G0YP+0vHIcjJFswOHEt0wpDEU3AUKcmKWTdlh3oPcmJ/UhC46McgAdNikMUxcMcAxnLNg L+kFaKoJgUnRfPUlemSzlnonNMbQM/zx0s9UgzkeESSwVwprtp2bRzbDXax5IQh+1+Z93TcxTnzz5 nwKGZDo/6kQZ9f+S3ck5DDnFACpxHu/e58SQHf8hbVAm6tLCQ5Gt/FPi1+2pBbdHOelS6ey390hWB MygaaQXJ2CiOBvdSDnczU8oz4gNKbKTfmA57SNYyCcZz0NnQ7EP7Im/FKR4YYlM5xkdW7OO/9tbXt TqVtMD4mg==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dZS-00067Q-FE; Fri, 14 Aug 2020 17:32:50 +0000 Received: from mail-wm1-x34a.google.com ([2a00:1450:4864:20::34a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dV7-0003bs-L3 for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:32 +0000 Received: by mail-wm1-x34a.google.com with SMTP id z10so3531968wmi.8 for ; Fri, 14 Aug 2020 10:28:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=ZkzH9bOmKLetwfTAc91nMyZnzSTKk7nABhSXX08ok80=; b=wLdpPUJww5Ou2gUNuObrOdFaQJnwk0f2wflLug0UxXjjB+JUFXEgy0pH9EJA0zc2Sa SV/JD6gXxYc8wagutHbT1eUXJ9ZAuMFvhoOliuhpaoQLHOz/NNoYpBIB4Na0gKA8ML/9 1IygqyNxrVi5xO4HBEfdG9bBZQt2GIQr9oN+HYuAyHMXgprw4bxZWFeJoyOjRVvNxO5T xY06EZ2RFKc4m+QOjEBnFNnkS47Tv3wDXKIY+t5vcT7jIKe5RGeipEE/Je9CVTeGOKPX 4tpGn5ZtbfVXXOeirPojx390N6o1GbaZYW/Pa2alwkhzB6IopgXoC2j5AIc8GQcYVYLi XytQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=ZkzH9bOmKLetwfTAc91nMyZnzSTKk7nABhSXX08ok80=; b=Tm21yH7yqMcwUzcorOuniCLEAap6wfk8orRbPTrNwePZFWxbhAbS0qB7WOoGOtFXzt 4D5dwDbPnSWhRfsdyMH05xE3mBxTZUotoMctbmvEu/WQbncwaGbcQJy7NxVdZ0EUt8tI hhog6PaJ5WQDCWbeDu8PAymTonKSyNg1gglzwMquwZ9JjCI9xrSM4LdUe6Ow2TttxdSi CXzGzf8HM9UI6/LFDK5oHCvvFQXk05cX3UEF+3kxA9VF8++deDcSEryuCQo/zk8qOCJ5 3P5LqPlbiW2MReGIBvY84GoV8SPrFjZPBSMkbgquIYXX/1PTwEsKYf9oW2lidVy/Fe9e V6Xw== X-Gm-Message-State: AOAM533+TXcTbO2/YI2Ohprjsjh6YLG9MeHzO6lwn/0lSvigcNZGckGU ArlJaZ06WPxUKuFpxId6fE9s8TZOZdSAkYYG X-Google-Smtp-Source: ABdhPJx5Ck5Wm3Z23U/jQ6DdPc0XSBI9kJNP63nW1NBupfmsFurN9ES0UHSW0KHc3wLY01k6oB2+DKHrQsXny6lv X-Received: by 2002:a05:6000:1085:: with SMTP id y5mr3627507wrw.100.1597426098448; Fri, 14 Aug 2020 10:28:18 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:05 +0200 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 23/35] arm64: mte: Convert gcr_user into an exclude mask From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132821_815746_CEC3EA09 X-CRM114-Status: GOOD ( 17.56 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:34a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org From: Vincenzo Frascino The gcr_user mask is a per thread mask that represents the tags that are excluded from random generation when the Memory Tagging Extension is present and an 'irg' instruction is invoked. gcr_user affects the behavior on EL0 only. Currently that mask is an include mask and it is controlled by the user via prctl() while GCR_EL1 accepts an exclude mask. Convert the include mask into an exclude one to make it easier the register setting. Note: This change will affect gcr_kernel (for EL1) introduced with a future patch. Signed-off-by: Vincenzo Frascino --- arch/arm64/include/asm/processor.h | 2 +- arch/arm64/kernel/mte.c | 29 +++++++++++++++-------------- 2 files changed, 16 insertions(+), 15 deletions(-) diff --git a/arch/arm64/include/asm/processor.h b/arch/arm64/include/asm/processor.h index fec204d28fce..ed9efa5be8eb 100644 --- a/arch/arm64/include/asm/processor.h +++ b/arch/arm64/include/asm/processor.h @@ -153,7 +153,7 @@ struct thread_struct { #endif #ifdef CONFIG_ARM64_MTE u64 sctlr_tcf0; - u64 gcr_user_incl; + u64 gcr_user_excl; #endif }; diff --git a/arch/arm64/kernel/mte.c b/arch/arm64/kernel/mte.c index e2d708b4583d..7717ea9bc2a7 100644 --- a/arch/arm64/kernel/mte.c +++ b/arch/arm64/kernel/mte.c @@ -135,23 +135,22 @@ static void set_sctlr_el1_tcf0(u64 tcf0) preempt_enable(); } -static void update_gcr_el1_excl(u64 incl) +static void update_gcr_el1_excl(u64 excl) { - u64 excl = ~incl & SYS_GCR_EL1_EXCL_MASK; /* - * Note that 'incl' is an include mask (controlled by the user via - * prctl()) while GCR_EL1 accepts an exclude mask. + * Note that the mask controlled by the user via prctl() is an + * include while GCR_EL1 accepts an exclude mask. * No need for ISB since this only affects EL0 currently, implicit * with ERET. */ sysreg_clear_set_s(SYS_GCR_EL1, SYS_GCR_EL1_EXCL_MASK, excl); } -static void set_gcr_el1_excl(u64 incl) +static void set_gcr_el1_excl(u64 excl) { - current->thread.gcr_user_incl = incl; - update_gcr_el1_excl(incl); + current->thread.gcr_user_excl = excl; + update_gcr_el1_excl(excl); } void flush_mte_state(void) @@ -166,7 +165,7 @@ void flush_mte_state(void) /* disable tag checking */ set_sctlr_el1_tcf0(SCTLR_EL1_TCF0_NONE); /* reset tag generation mask */ - set_gcr_el1_excl(0); + set_gcr_el1_excl(SYS_GCR_EL1_EXCL_MASK); } void mte_thread_switch(struct task_struct *next) @@ -177,7 +176,7 @@ void mte_thread_switch(struct task_struct *next) /* avoid expensive SCTLR_EL1 accesses if no change */ if (current->thread.sctlr_tcf0 != next->thread.sctlr_tcf0) update_sctlr_el1_tcf0(next->thread.sctlr_tcf0); - update_gcr_el1_excl(next->thread.gcr_user_incl); + update_gcr_el1_excl(next->thread.gcr_user_excl); } void mte_suspend_exit(void) @@ -185,13 +184,14 @@ void mte_suspend_exit(void) if (!system_supports_mte()) return; - update_gcr_el1_excl(current->thread.gcr_user_incl); + update_gcr_el1_excl(current->thread.gcr_user_excl); } long set_mte_ctrl(struct task_struct *task, unsigned long arg) { u64 tcf0; - u64 gcr_incl = (arg & PR_MTE_TAG_MASK) >> PR_MTE_TAG_SHIFT; + u64 gcr_excl = ~((arg & PR_MTE_TAG_MASK) >> PR_MTE_TAG_SHIFT) & + SYS_GCR_EL1_EXCL_MASK; if (!system_supports_mte()) return 0; @@ -212,10 +212,10 @@ long set_mte_ctrl(struct task_struct *task, unsigned long arg) if (task != current) { task->thread.sctlr_tcf0 = tcf0; - task->thread.gcr_user_incl = gcr_incl; + task->thread.gcr_user_excl = gcr_excl; } else { set_sctlr_el1_tcf0(tcf0); - set_gcr_el1_excl(gcr_incl); + set_gcr_el1_excl(gcr_excl); } return 0; @@ -224,11 +224,12 @@ long set_mte_ctrl(struct task_struct *task, unsigned long arg) long get_mte_ctrl(struct task_struct *task) { unsigned long ret; + u64 incl = ~task->thread.gcr_user_excl & SYS_GCR_EL1_EXCL_MASK; if (!system_supports_mte()) return 0; - ret = task->thread.gcr_user_incl << PR_MTE_TAG_SHIFT; + ret = incl << PR_MTE_TAG_SHIFT; switch (task->thread.sctlr_tcf0) { case SCTLR_EL1_TCF0_NONE: From patchwork Fri Aug 14 17:27:06 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715093 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9B4EF13A4 for ; Fri, 14 Aug 2020 17:33:37 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 6B39220768 for ; Fri, 14 Aug 2020 17:33:37 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="LtDMYehD"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="k89gPw1h" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6B39220768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Y9avS5UL//jdvrlDroZca1rqJ6ndjsBsRJsJXMuuTKs=; b=LtDMYehDPdpHITDGBzlasvvEQ eTzzGpWXOPUDmbiKVg751JzoEbOK/bLCwCj+/SpjXlFxYz1vCInJfrp61Q5wCOH/k0O6DWCi1uvAo qeiBOKZeEYFxRRkBfdhwm54JgAMfcUhanmi39C1xm7BnoB+oGgGf3nk76hh+2a3STX3qFs8Q5AOnt gKcJJt2C/naiJYnMXckdUYf+9lz/YxapxurAx3eKtOtHRrYIajWB5I4Tkwm8fx2hqD3Ep/rERsu7H YFgVSlRADGcKn/30/9SecdE8PGWUtDdJziP+gkGbJIyLPO0e3j1bBT1RMpnh5OrE7X106XmZLYBmR wo3C3MQtA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dZi-0006IO-5a; Fri, 14 Aug 2020 17:33:07 +0000 Received: from mail-qt1-x84a.google.com ([2607:f8b0:4864:20::84a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dVA-0003cw-VR for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:37 +0000 Received: by mail-qt1-x84a.google.com with SMTP id r9so7478107qtp.7 for ; Fri, 14 Aug 2020 10:28:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=r38RFVTSLd39a5IgqHvrDDhgXMykJLxcJUtVzw/ztLU=; b=k89gPw1hPq2wJ8rV9u6UUbSraGzwBr28moBXi+a5ajthPSSFNgDzLbB7yD7E9VVduW bb1FPYG80QSJuOFlmro9W2sHggJVSzZb4PoCGw5e8mvd21JrIclIf+mTQ9WusHpxVmfG hAk4ETY+l+V4G5cIKpHSmNa9tsC+jM2LhzFeXOnZh9DXupz5s4/f0CJeHH/bb/+iLCXI sWc5pSDNh4dejREZORo/hp3bsnnN+6KyRF1It0dPJbNuSyBMdpJ/lxUh2iPelYprvnHB 9iMHKrAGdqspXD0MNb/WHKEAVzWRaNtgXebWPlYiV1k2xIzKoufnpV/wWROlspteTtTi hdTg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=r38RFVTSLd39a5IgqHvrDDhgXMykJLxcJUtVzw/ztLU=; b=hmyzahJ0FZhg8BPKEZEOwrKOTJV4d6mhCUARNs0p8Ra/EPFToN23vL9nkumrs1clMR vrbUFsoQfkWp+40RnqGw5h+gtwN1BUK0VrhFt0CP3FSvisLMOjpfnloZ1/OI6h2MRSew ZhIg4IhB+5exIj4L3UIJfAvgZEBRXMCvy2zyVNdOwyqWAzIN3zpoKr7cODhmXVM11YJT BuhETs5Je+ut1kgCult5YsTgqROzXD3prFZwyfTHYjrtvT1ogM8iKtOkKq5CJmhGCirW uDfEFnarJ/kDzqgZBB42MVMFp+LWczcIw9aXJcTlxgYt+VOj9OUQQFiRSgcVVDQRyfmH 3EAw== X-Gm-Message-State: AOAM530HyGcGibDfm7WqzNVdoTNHb4hl0kkQW58uaX6udVDEXeuUHpl9 WLutAD1no6IfQTqfuROcdWawklv+inGpfLyM X-Google-Smtp-Source: ABdhPJzPwzsCUtH6q3FBA06VRf3lQgmqmcjUr9G6+YfQA/bmj4JUsU/c1PJ+jnrjKX1u//YJ5oMhBAA6LfdIekt7 X-Received: by 2002:a0c:fa92:: with SMTP id o18mr3670188qvn.182.1597426100756; Fri, 14 Aug 2020 10:28:20 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:06 +0200 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 24/35] arm64: mte: Switch GCR_EL1 in kernel entry and exit From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132825_214938_8879278B X-CRM114-Status: GOOD ( 20.77 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:84a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org From: Vincenzo Frascino When MTE is present, the GCR_EL1 register contains the tags mask that allows to exclude tags from the random generation via the IRG instruction. With the introduction of the new Tag-Based KASAN API that provides a mechanism to reserve tags for special reasons, the MTE implementation has to make sure that the GCR_EL1 setting for the kernel does not affect the userspace processes and viceversa. Save and restore the kernel/user mask in GCR_EL1 in kernel entry and exit. Signed-off-by: Vincenzo Frascino --- arch/arm64/include/asm/mte.h | 8 ++++++++ arch/arm64/kernel/asm-offsets.c | 3 +++ arch/arm64/kernel/cpufeature.c | 5 +++-- arch/arm64/kernel/entry.S | 28 ++++++++++++++++++++++++++++ arch/arm64/kernel/mte.c | 19 +++++++++++++++++-- 5 files changed, 59 insertions(+), 4 deletions(-) diff --git a/arch/arm64/include/asm/mte.h b/arch/arm64/include/asm/mte.h index 733be1cb5c95..4929f744d103 100644 --- a/arch/arm64/include/asm/mte.h +++ b/arch/arm64/include/asm/mte.h @@ -21,6 +21,8 @@ #include +extern u64 gcr_kernel_excl; + void mte_clear_page_tags(void *addr); unsigned long mte_copy_tags_from_user(void *to, const void __user *from, unsigned long n); @@ -59,6 +61,8 @@ u8 mte_get_mem_tag(void *addr); u8 mte_get_random_tag(void); void *mte_set_mem_tag_range(void *addr, size_t size, u8 tag); +void mte_init_tags(u64 max_tag); + #else /* CONFIG_ARM64_MTE */ /* unused if !CONFIG_ARM64_MTE, silence the compiler */ @@ -120,6 +124,10 @@ static inline void *mte_set_mem_tag_range(void *addr, size_t size, u8 tag) return addr; } +static inline void mte_init_tags(u64 max_tag) +{ +} + #endif /* CONFIG_ARM64_MTE */ #endif /* __ASSEMBLY__ */ diff --git a/arch/arm64/kernel/asm-offsets.c b/arch/arm64/kernel/asm-offsets.c index 0577e2142284..a1ef256cad4f 100644 --- a/arch/arm64/kernel/asm-offsets.c +++ b/arch/arm64/kernel/asm-offsets.c @@ -47,6 +47,9 @@ int main(void) #ifdef CONFIG_ARM64_PTR_AUTH DEFINE(THREAD_KEYS_USER, offsetof(struct task_struct, thread.keys_user)); DEFINE(THREAD_KEYS_KERNEL, offsetof(struct task_struct, thread.keys_kernel)); +#endif +#ifdef CONFIG_ARM64_MTE + DEFINE(THREAD_GCR_EL1_USER, offsetof(struct task_struct, thread.gcr_user_excl)); #endif BLANK(); DEFINE(S_X0, offsetof(struct pt_regs, regs[0])); diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index 4d94af19d8f6..54bc3b315063 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -1665,14 +1665,15 @@ static void cpu_enable_mte(struct arm64_cpu_capabilities const *cap) { u64 mair; - /* all non-zero tags excluded by default */ - write_sysreg_s(SYS_GCR_EL1_RRND | SYS_GCR_EL1_EXCL_MASK, SYS_GCR_EL1); write_sysreg_s(0, SYS_TFSR_EL1); write_sysreg_s(0, SYS_TFSRE0_EL1); /* Enable Match-All at EL1 */ sysreg_clear_set(tcr_el1, 0, SYS_TCR_EL1_TCMA1); + /* Enable the kernel exclude mask for random tags generation */ + write_sysreg_s((SYS_GCR_EL1_RRND | gcr_kernel_excl), SYS_GCR_EL1); + /* * CnP must be enabled only after the MAIR_EL1 register has been set * up. Inconsistent MAIR_EL1 between CPUs sharing the same TLB may diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S index cde127508e38..a17fefb0571b 100644 --- a/arch/arm64/kernel/entry.S +++ b/arch/arm64/kernel/entry.S @@ -172,6 +172,29 @@ alternative_else_nop_endif #endif .endm + /* Note: tmp should always be a callee-saved register */ + .macro mte_restore_gcr, el, tsk, tmp, tmp2 +#ifdef CONFIG_ARM64_MTE +alternative_if_not ARM64_MTE + b 1f +alternative_else_nop_endif + .if \el == 0 + ldr \tmp, [\tsk, #THREAD_GCR_EL1_USER] + .else + ldr_l \tmp, gcr_kernel_excl + .endif + /* + * Calculate and set the exclude mask preserving + * the RRND (bit[16]) setting. + */ + mrs_s \tmp2, SYS_GCR_EL1 + bfi \tmp2, \tmp, #0, #16 + msr_s SYS_GCR_EL1, \tmp2 + isb +1: +#endif + .endm + .macro kernel_entry, el, regsize = 64 .if \regsize == 32 mov w0, w0 // zero upper 32 bits of x0 @@ -209,6 +232,8 @@ alternative_else_nop_endif ptrauth_keys_install_kernel tsk, x20, x22, x23 + mte_restore_gcr 1, tsk, x22, x23 + scs_load tsk, x20 .else add x21, sp, #S_FRAME_SIZE @@ -386,6 +411,8 @@ alternative_else_nop_endif /* No kernel C function calls after this as user keys are set. */ ptrauth_keys_install_user tsk, x0, x1, x2 + mte_restore_gcr 0, tsk, x0, x1 + apply_ssbd 0, x0, x1 .endif @@ -957,6 +984,7 @@ SYM_FUNC_START(cpu_switch_to) mov sp, x9 msr sp_el0, x1 ptrauth_keys_install_kernel x1, x8, x9, x10 + mte_restore_gcr 1, x1, x8, x9 scs_save x0, x8 scs_load x1, x8 ret diff --git a/arch/arm64/kernel/mte.c b/arch/arm64/kernel/mte.c index 7717ea9bc2a7..cfac7d02f032 100644 --- a/arch/arm64/kernel/mte.c +++ b/arch/arm64/kernel/mte.c @@ -18,10 +18,14 @@ #include #include +#include +#include #include #include #include +u64 gcr_kernel_excl __read_mostly; + static void mte_sync_page_tags(struct page *page, pte_t *ptep, bool check_swap) { pte_t old_pte = READ_ONCE(*ptep); @@ -115,6 +119,13 @@ void * __must_check mte_set_mem_tag_range(void *addr, size_t size, u8 tag) return ptr; } +void mte_init_tags(u64 max_tag) +{ + u64 incl = ((1ULL << ((max_tag & MTE_TAG_MAX) + 1)) - 1); + + gcr_kernel_excl = ~incl & SYS_GCR_EL1_EXCL_MASK; +} + static void update_sctlr_el1_tcf0(u64 tcf0) { /* ISB required for the kernel uaccess routines */ @@ -150,7 +161,11 @@ static void update_gcr_el1_excl(u64 excl) static void set_gcr_el1_excl(u64 excl) { current->thread.gcr_user_excl = excl; - update_gcr_el1_excl(excl); + + /* + * SYS_GCR_EL1 will be set to current->thread.gcr_user_incl value + * by mte_restore_gcr() in kernel_exit, + */ } void flush_mte_state(void) @@ -184,7 +199,7 @@ void mte_suspend_exit(void) if (!system_supports_mte()) return; - update_gcr_el1_excl(current->thread.gcr_user_excl); + update_gcr_el1_excl(gcr_kernel_excl); } long set_mte_ctrl(struct task_struct *task, unsigned long arg) From patchwork Fri Aug 14 17:27:07 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715099 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8CA28739 for ; Fri, 14 Aug 2020 17:34:05 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 6564320768 for ; Fri, 14 Aug 2020 17:34:05 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="kjvxZD9u"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="iN00ACnX" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6564320768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=HxJU5G5yHP8WsJr10uUTe+AxO2D1qQfHYGsJvU4w3zw=; b=kjvxZD9uS7haALXPpkUrWnYK6 6ZJbt5/8k+PBUIa9XG/6Xhfj/uYIWxqr8+/i+av/y1zR2oWcHf4co5qiGRMrAVl0plK1ku5JT9msF S0pMfDshtP0EUpBPPFzjEkn1nN0hSwnKScloKQoN2XpN/lKJmtGOrl3m7al0CXCFLpilHOKPYTTfJ 8Vm1t1rrRdPk6lEhJ7OTw1sLBQXYWvF8vhKd2ZNGg3PavZqDi5hsdzCNiaoYGY6+iYm6od1aW2cpU SGsqVIx+A+/FQS95OeUhFk5EJh5U2kCg+pT0Rd2/2TdsQ6wAV3RuW8wy+pDRzCmM7EGpcW9Un3+4/ 6DNaTVUiA==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6daE-0006ch-6E; Fri, 14 Aug 2020 17:33:38 +0000 Received: from mail-wr1-x449.google.com ([2a00:1450:4864:20::449]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dVD-0003eH-72 for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:40 +0000 Received: by mail-wr1-x449.google.com with SMTP id f7so3593266wrs.8 for ; Fri, 14 Aug 2020 10:28:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=G1m+mBc5DHN9N1yWiSk6nb4X2zq+d5nDMgJyTLNPPRc=; b=iN00ACnXSigVftuw0EX8zS6BlCZnflPn/Q/U+4zt3OGmV18sNHa8QInILgUE3bS1S3 +uaZ0yTubCRhMfO57RaPHcuTDWncpDx0+fuTlmzvwx/KHz0kyKif5pbWIpihjJ7pDOyI FkHIfnJt0HsbPI80RU8DfmVLmHCInLIlVsNUFfjboDUt80RBuDkFyDZt2ZqnFr7TOSWK VaVuQLtjwRVXX69n6Y9ra/d6a1d8BAdl8bpvGHA14kF8zqvCgMUPZr68ys/Y3JBy/FAA kk3ZPayQN2mg/AatquaXwle9h+/8OfNC1Bo52nN96Tf9POfPQHBPOCHfs9K+l84SbCvP E6Lw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=G1m+mBc5DHN9N1yWiSk6nb4X2zq+d5nDMgJyTLNPPRc=; b=QsnU/LKVTjfDwCX3IhreQnA7zyh6kvBkX71DRMJ7Hk+ZX8qIpbIqpvTnKYbCPfKIOg fmahouaofmiQkeiao+7P/uqh75LBcdYGQAyj/fRxQRCXYw/prs9CSSkIiovsqdh6b/nb iUiASUYH1kLPTNnpvcVEAyZWwL2/kYVxlDoh5oPlTsEiR+0v8QjSpJmFDh4ZqQ3b1hb8 xZSJi4IYaxhVAtQxS9gBxlzqzTQ/dAYVsATN+GfRQV5G61RwhiSbJ/MEc7xCoaZVPfpv LuasV4RLI/uCJg/fkyWoJiYzxysXcvXgg0gap432FTPEeS2w+JEBeGN4DIG/zGd0RHDv ArTw== X-Gm-Message-State: AOAM532rmq/iplWsPKNWyj46bJLN6+6+vhf7+o9bmBDZhXZQ9/BgqF8C 2lDbPY0+774CIxxuYfgWGvSIYhTRsbbYjpUB X-Google-Smtp-Source: ABdhPJwmPyfcBdf/Nisj5qqVZNt2nZ+O/Vnc7pjOKCV5aU3t/ELZ7Z9s59RcLiYOKvcmEwq9jb4R/mo0VgSbpBiG X-Received: by 2002:a1c:32c3:: with SMTP id y186mr3400306wmy.15.1597426103272; Fri, 14 Aug 2020 10:28:23 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:07 +0200 In-Reply-To: Message-Id: <8a499341bbe4767a4ee1d3b8acb8bd83420ce3a5.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 25/35] kasan: introduce CONFIG_KASAN_HW_TAGS From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132827_355968_4B8FCB73 X-CRM114-Status: GOOD ( 15.56 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:449 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org This patch adds a configuration option for a new KASAN mode called hardware tag-based KASAN. This mode uses the memory tagging approach like the software tag-based mode, but relies on arm64 Memory Tagging Extension feature for tag management and access checking. Signed-off-by: Andrey Konovalov --- lib/Kconfig.kasan | 46 ++++++++++++++++++++++++++++++++-------------- 1 file changed, 32 insertions(+), 14 deletions(-) diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan index e500c18cbe79..0d4160ce5ee8 100644 --- a/lib/Kconfig.kasan +++ b/lib/Kconfig.kasan @@ -6,7 +6,10 @@ config HAVE_ARCH_KASAN config HAVE_ARCH_KASAN_SW_TAGS bool -config HAVE_ARCH_KASAN_VMALLOC +config HAVE_ARCH_KASAN_HW_TAGS + bool + +config HAVE_ARCH_KASAN_VMALLOC bool config CC_HAS_KASAN_GENERIC @@ -20,10 +23,11 @@ config CC_HAS_WORKING_NOSANITIZE_ADDRESS menuconfig KASAN bool "KASAN: runtime memory debugger" - depends on (HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC) || \ - (HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS) + depends on (((HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC) || \ + (HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS)) && \ + CC_HAS_WORKING_NOSANITIZE_ADDRESS) || \ + HAVE_ARCH_KASAN_HW_TAGS depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB) - depends on CC_HAS_WORKING_NOSANITIZE_ADDRESS select SLUB_DEBUG if SLUB select CONSTRUCTORS select STACKDEPOT @@ -38,13 +42,18 @@ choice prompt "KASAN mode" default KASAN_GENERIC help - KASAN has two modes: generic KASAN (similar to userspace ASan, - x86_64/arm64/xtensa, enabled with CONFIG_KASAN_GENERIC) and - software tag-based KASAN (a version based on software memory - tagging, arm64 only, similar to userspace HWASan, enabled with - CONFIG_KASAN_SW_TAGS). + KASAN has three modes: + 1. generic KASAN (similar to userspace ASan, + x86_64/arm64/xtensa, enabled with CONFIG_KASAN_GENERIC), + 2. software tag-based KASAN (arm64 only, based on software + memory tagging (similar to userspace HWASan), enabled with + CONFIG_KASAN_SW_TAGS), and + 3. hardware tag-based KASAN (arm64-only, based hardware + memory tagging (MTE), enabled with CONFIG_KASAN_HW_TAGS). + + All KASAN modes are strictly debugging features. - Both generic and tag-based KASAN are strictly debugging features. + For better error detection enable CONFIG_STACKTRACE. config KASAN_GENERIC bool "Generic mode" @@ -61,8 +70,6 @@ config KASAN_GENERIC and introduces an overhead of ~x1.5 for the rest of the allocations. The performance slowdown is ~x3. - For better error detection enable CONFIG_STACKTRACE. - Currently CONFIG_KASAN_GENERIC doesn't work with CONFIG_DEBUG_SLAB (the resulting kernel does not boot). @@ -83,15 +90,25 @@ config KASAN_SW_TAGS casting and comparison, as it embeds tags into the top byte of each pointer. - For better error detection enable CONFIG_STACKTRACE. - Currently CONFIG_KASAN_SW_TAGS doesn't work with CONFIG_DEBUG_SLAB (the resulting kernel does not boot). +config KASAN_HW_TAGS + bool "Hardware tag-based mode" + depends on HAVE_ARCH_KASAN_HW_TAGS + depends on SLUB + help + Enables hardware tag-based KASAN mode. + + This mode requires both Memory Tagging Extension and Top Byte Ignore + support by the CPU and therefore is only supported for modern arm64 + CPUs (MTE added in ARMv8.5 ISA). + endchoice choice prompt "Instrumentation type" + depends on KASAN_GENERIC || KASAN_SW_TAGS default KASAN_OUTLINE config KASAN_OUTLINE @@ -115,6 +132,7 @@ endchoice config KASAN_STACK_ENABLE bool "Enable stack instrumentation (unsafe)" if CC_IS_CLANG && !COMPILE_TEST + depends on KASAN_GENERIC || KASAN_SW_TAGS help The LLVM stack address sanitizer has a know problem that causes excessive stack usage in a lot of functions, see From patchwork Fri Aug 14 17:27:08 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715155 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E409414E3 for ; Fri, 14 Aug 2020 19:09:17 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id BC95D20791 for ; Fri, 14 Aug 2020 19:09:17 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="bWeRTagG"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="RoM8+KMI" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org BC95D20791 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=3wsDliqb3ZgrrlB1TJCGAr0iAg3PhDddkPrYi92/KAg=; b=bWeRTagGcb1ww9sofmkEePlPa OQBwxPFLx6j6w2eKGEcMPMTRYQzhEfGZvG+3EDCSD7ejGn6Yb8Gur6eORF+MiifvDW/XcXVfDsZNH idHkC/7urjBbCWFo0bVkmjXskwmPs4An0M5p7B4s87WneHbNTuVElTofX3HRdgVq/Sb2jnE56eh9B 0s1C21+Jw0smkSIuZO387JEAkLi3nGIuLmsD+4i9pKtpP9A3COGV76jzSiceKapse8hjqSkhN95Az bCa2mvMaUv0lGp58UH79yo4n6TQ/YSnD+StR3JtrY0oRUPhi97jx5mJPtzMxuddWt8k2CoPzAdshP C5EFrV4Rg==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6daN-0006ko-Kp; Fri, 14 Aug 2020 17:33:47 +0000 Received: from mail-qt1-x84a.google.com ([2607:f8b0:4864:20::84a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dVF-0003fL-IP for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:43 +0000 Received: by mail-qt1-x84a.google.com with SMTP id b18so7438356qte.18 for ; Fri, 14 Aug 2020 10:28:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=PrZ8Xx7ZOES69PjxJ7W+uco2MTpU8K38pV5r5s6HLuc=; b=RoM8+KMI2h2GGKlzWuBgOR8Py0rNY7TZMU06j0CyrdWaNMgFm+s8aVx1SJGX4Gx0Yu 7iL0jYVGq/ZpqBnKxoozCPmzSxL5lsRQMy2MGg2ljRc0JK9qid+eJ2ca8kYM11IVazPU 5D7wAuSxLeuNoPDkQezSRD7cNU5Z09U4lP7ujCWlF7UV9xrPSIT3wWXn4AmlrwKCmmZ6 MvANSRo5c7D+PDmzdXHvWcV6sxBbvbluV5BCCH721wPS6ssCiOTdk5t/CEy4TJHFjQzX YS8XRg4nwVZIqyKJ+wlb4D/ziTqK/qXt72NUwCDuxOh4M1MUX8qf3kZgQYHweBxv5nTr VPGQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=PrZ8Xx7ZOES69PjxJ7W+uco2MTpU8K38pV5r5s6HLuc=; b=KiDvNH8yErms/N2rY1QVA92uIw/S5bJd+1RQ19XHZS0+NH9JG+gIqxIHoWgffZM4hk 1QMzavkb7byU3CFsZrxHupv9FJhLd1YyjZ5JmmCwweqbBUoHyhsgPyyLO3B1tgNo3xhc 8/nP0ligtXveA1VFlGmHmurSwen7hMCeyBitYm43vDq+2yVKoleJIn5mHjWRCk1IrbiF 7gtcIcm5Hi3R/CABsIRYXjHD3eGHSGjM/E9fU77AqPQCmCg7e53hLxu5nnIe7iIKvzxH v4JIfgafCQnNZ/axzZMXRX2mlSrscxusKW3pbh27LhypX/4ePSZsSuAdvwF2A5bULjKe LyzA== X-Gm-Message-State: AOAM530Vl4PtoppZ1cYDwxzXyyorKY1hA36t+kwvVTrrJr5yPhTQGpxF o4ymm+l+CaxYftQ21BcJGAFBlbXUqBU5e623 X-Google-Smtp-Source: ABdhPJyLILHteR8XQv6ASUjnKzzYpuETsrstUrOhCFHCsdKqZXOKezDHAwecoNC7DdH7utKm4OIpglyx7bKUIliq X-Received: by 2002:a0c:99c8:: with SMTP id y8mr3624054qve.57.1597426105434; Fri, 14 Aug 2020 10:28:25 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:08 +0200 In-Reply-To: Message-Id: <518da1e5169a4e343caa3c37feed5ad551b77a34.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 26/35] kasan, arm64: Enable TBI EL1 From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132829_740751_63AC9789 X-CRM114-Status: GOOD ( 13.00 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:84a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org From: Vincenzo Frascino Hardware tag-based KASAN relies on Memory Tagging Extension (MTE) that is built on top of the Top Byte Ignore (TBI) feature. Enable in-kernel TBI when CONFIG_KASAN_HW_TAGS is turned on by enabling the TCR_TBI1 bit in proc.S. Signed-off-by: Vincenzo Frascino --- arch/arm64/mm/proc.S | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/mm/proc.S b/arch/arm64/mm/proc.S index 152d74f2cc9c..6880ddaa5144 100644 --- a/arch/arm64/mm/proc.S +++ b/arch/arm64/mm/proc.S @@ -38,7 +38,7 @@ /* PTWs cacheable, inner/outer WBWA */ #define TCR_CACHE_FLAGS TCR_IRGN_WBWA | TCR_ORGN_WBWA -#ifdef CONFIG_KASAN_SW_TAGS +#if defined(CONFIG_KASAN_SW_TAGS) || defined(CONFIG_KASAN_HW_TAGS) #define TCR_KASAN_FLAGS TCR_TBI1 #else #define TCR_KASAN_FLAGS 0 From patchwork Fri Aug 14 17:27:09 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715149 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5AEE51392 for ; Fri, 14 Aug 2020 18:24:56 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 2E54320768 for ; Fri, 14 Aug 2020 18:24:56 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="AS8omL5Q"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="K0McFcU/" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 2E54320768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=dJgNvrHXGGD9nsRWnRp7IK1mtQaGW9kKK1CXzcMi+JA=; b=AS8omL5QgSj6vbalI2Zr5TjYy A/e17YsQrGuTd5rh0KxK7Towaz39N6Pvkhf3zh7DYSbJmV/RWDSpZ+dx/+o2IHwYvRLEFU9SoOStC OEffA3oVES8aCriTcB6xk4/35+BRnHsVoxoKgls6EsRk9jFhvn+dFP+Z8aAVUvCd7WMURDXZy9Tol V3SkCDti9ZLZP0TisGH+AcqW6+xtNio6L7Q/dlaqBYXzl1HdGsW0DnXpFf7qLHmu2gYy5OBJxZREn HUErs0CGKYXPNlwUEc5JrTdGnwQSS//ZecD42dcRJzOMwjDkhNGAOoXW7LdWAb2y1XyOg1itngGlb Nui8VxV5g==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dai-000709-JC; Fri, 14 Aug 2020 17:34:08 +0000 Received: from mail-wr1-x449.google.com ([2a00:1450:4864:20::449]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dVH-0003gO-Kr for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:46 +0000 Received: by mail-wr1-x449.google.com with SMTP id r29so3604107wrr.10 for ; Fri, 14 Aug 2020 10:28:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=iIfWl4J1G8iITi93NOgHDi/s/4XpKw61QWFW+N1x36I=; b=K0McFcU/NW1+4TvtV86hOikuP0uc1Kbkt2X8tcu4BRVbwNsVpniTx+A+AKeGlPqG83 mDjfa19TeWpTVuAyrf2m4ekXSu4Ecbf1od7anACVOSDVBEjaPHpORnhAcHk92lv7DGK3 1KsptAncsZTva96Ki3faKev2CnXqKgjzWMgc6yLoY2DRSl7Z8Cv4ahqL0N37YEsUa/LR nNj/HdX4ESnken+QG+7W+11MnJKKKb0UQ0oF5FhAbPlgMkNcuivbJXZT0/a3EYzegMap ZsB1bcAemES+BlSUgzQbTWZqOcU08p0fReSogKNCW7czoDgg8kwWLFZCZ5NsU5OFQTF3 pLjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=iIfWl4J1G8iITi93NOgHDi/s/4XpKw61QWFW+N1x36I=; b=afaCTich/VT68Vf2Tc/AdPmUp6geoJLs0xl+Hn+vo7rBg1Zuo0qk07r4wxGSknkoGK lX1PD77HQ8LydrS6AQngbTnGskXhi1MpDQaiM627bnrvnKaucr/WihnbhRdQSfscsJjB e5a4g3ANtIvd0tUV4WnXn9DJb+csn3JbJc4aKOb6yrScPJYjP8VgKTugB3w2MfzGmf15 /7bzeMtiyvnge/DJPJ2KjKIqYjoJLIq1SZGRSCiZMTbRuSxYNyXwUxNkylo08Dc1M3OD vFOh3XzwGW/GhUl//H6DIAfgIhilCa8Vud2N8PUpfgJ5DD9oKvjmRnBFqleUHqM3ks+Y bwPw== X-Gm-Message-State: AOAM530zNgLG69WFfzOvvfrewCc5ac63pV9kTgBnQ40AF3LVc1odEYK8 LqHCLpE8RsoVI122T3jRhLUC0SPGfFtRijxs X-Google-Smtp-Source: ABdhPJy/WRGBFbHW6yzu3fXjbbh6ZfhsR5aLr+bVb6qX539D5XqF883Lkwh9f6pP5sIhJRXvKfWE1HxGbtWAPR5g X-Received: by 2002:a1c:8094:: with SMTP id b142mr3616367wmd.59.1597426107618; Fri, 14 Aug 2020 10:28:27 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:09 +0200 In-Reply-To: Message-Id: <4e2dea1d2163dc6f5a3ceb943f485b09cbd252e0.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 27/35] kasan, arm64: align allocations for HW_TAGS From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132831_806590_B7EA7374 X-CRM114-Status: GOOD ( 11.50 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:449 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org Hardware tag-based KASAN uses the memory tagging approach, which requires all allocations to be aligned to the memory granule size. Align the allocations to MTE_GRANULE_SIZE via ARCH_SLAB_MINALIGN when CONFIG_KASAN_HW_TAGS is enabled. Signed-off-by: Andrey Konovalov --- arch/arm64/include/asm/cache.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/arm64/include/asm/cache.h b/arch/arm64/include/asm/cache.h index a4d1b5f771f6..b8a0cae38470 100644 --- a/arch/arm64/include/asm/cache.h +++ b/arch/arm64/include/asm/cache.h @@ -6,6 +6,7 @@ #define __ASM_CACHE_H #include +#include #define CTR_L1IP_SHIFT 14 #define CTR_L1IP_MASK 3 @@ -50,6 +51,8 @@ #ifdef CONFIG_KASAN_SW_TAGS #define ARCH_SLAB_MINALIGN (1ULL << KASAN_SHADOW_SCALE_SHIFT) +#elif defined(CONFIG_KASAN_HW_TAGS) +#define ARCH_SLAB_MINALIGN MTE_GRANULE_SIZE #endif #ifndef __ASSEMBLY__ From patchwork Fri Aug 14 17:27:10 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715109 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D9C1A739 for ; Fri, 14 Aug 2020 17:34:54 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id B2CBE20768 for ; Fri, 14 Aug 2020 17:34:54 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="xK0302Ur"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="LuGw15Zk" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B2CBE20768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=s02itM1Y9FSN1mQP3rgJeSIubDknR0Wdzw1+XUVKJDY=; b=xK0302UrL6oDrdpPJcDME5byQ uLhAZOj5WC02W0oMwiwUBhr43AqTlDzpA8dMXH+ERoOb0/Uql3bCCHojAbkRUfNOthq7d3zpAQOcL JD2lhwxFj/wCoQjlnbdsy4m6VYyeqyAlBm/QNWYPVPWmS3i30YlXTNtp/mm4Mnkh012WHIf5gPl2E fXMCApqRp021wpRpCfuv/BG+ahHt/pFy+kcnhXIbBZ7Cd/l+QJVhHV+FY21uCfB3P+gXsO51SZEES qOohxVWS2mQa8T+ctjFRRkI7cupat7L8mm78Fy9eZIUS5BOcYtrD6NOe9Z0bVZPRvOIjz+xW15aBW ognFZ2B2Q==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6db7-0007Al-8k; Fri, 14 Aug 2020 17:34:33 +0000 Received: from mail-qv1-xf49.google.com ([2607:f8b0:4864:20::f49]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dVJ-0003hQ-TR for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:48 +0000 Received: by mail-qv1-xf49.google.com with SMTP id q12so6494163qvm.19 for ; Fri, 14 Aug 2020 10:28:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=Aq2upZC9S5Ys9XP2AH7I4ISIryYXBDc2x7o0GoeV4Tk=; b=LuGw15Zke5Ae/pDbTgYTpYfh2zw7zg1gh8rl6NeN4AGUiGtOgQrWlvhHdiP01WtjeF gPbZdiTHKtVlNBMURMqJKH70HLuFDCcyY7K63iFcHcfiTqAy72YPVXO2s7tj6WUdasie LSNN56Qt2JsZQI6RoEJ6bqi8ZSk+tbIUZAyB0NyWM5Q+cWE4kks5klNCVCuWUA2AwdED Iiogfds/x//LanybCwaVx43Gg8FX0gPl+FenU8VBpe3VwGcqyx6IKKwcLN4CjN2/b8lW ezTn1x2aDEYLo2sh3zAh2430UJfQVAECwvvHTa7cQAdEt7xYMD1jNBIJBb2Z5DxWQroL oNww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=Aq2upZC9S5Ys9XP2AH7I4ISIryYXBDc2x7o0GoeV4Tk=; b=TcY3uG9DxMJTfViJmh7PVMY3QNXf8kT+45SU90BJAQUXQSqLajp6y9ZAoSVq9clj4K XrqsC3cb4LIjvpRfQ/l59eA0nXz7QQsrBmviEggVjlmlCzBtIXbjwtj8dikyV6nlr2ja zlQrig4MD1pboG23Br8l716p68rjYFGu5llNEFTE54Bfn132e5AhnOK/168861xShy2c Ivv55VwbCyDkDq0+w57UmDRF18z9YNPqmhip/vacOTTqeh0n2XhJUoA5A8R0xRzcsqwb 4Wgs8vKLVPgbGRFYSe3Hh7dUX+vP7qgrebVQqrj5AyhbVG2YD4mMqd7JpJF1IReqck/q npSA== X-Gm-Message-State: AOAM533O1uIjUi1HWeprxNA9jCnqqWDENMQZey/dt3cW4yKZdUuY/dXl iJK18CRGwyHvho0HZXFRidtbaLPSbCJJUXE+ X-Google-Smtp-Source: ABdhPJztNAgwVlYKdx1N8aglSzF1FROrdQbV1VPur/Gdjkp6gFX4cRqk46lqcix5COecb/sqk/aIJq04YlccAYyo X-Received: by 2002:a0c:e883:: with SMTP id b3mr3537357qvo.133.1597426109995; Fri, 14 Aug 2020 10:28:29 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:10 +0200 In-Reply-To: Message-Id: <07455abaab13824579c1b8e50cc038cf8a0f3369.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 28/35] kasan: define KASAN_GRANULE_SIZE for HW_TAGS From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132834_105682_1FEC97EB X-CRM114-Status: GOOD ( 10.00 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:f49 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org Hardware tag-based KASAN has granules of MTE_GRANULE_SIZE. Define KASAN_GRANULE_SIZE to MTE_GRANULE_SIZE for CONFIG_KASAN_HW_TAGS. Signed-off-by: Andrey Konovalov --- mm/kasan/kasan.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index 1d3c7c6ce771..4d8e229f8e01 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -5,7 +5,13 @@ #include #include +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) #define KASAN_GRANULE_SIZE (1UL << KASAN_SHADOW_SCALE_SHIFT) +#else +#include +#define KASAN_GRANULE_SIZE (MTE_GRANULE_SIZE) +#endif + #define KASAN_GRANULE_MASK (KASAN_GRANULE_SIZE - 1) #define KASAN_TAG_KERNEL 0xFF /* native kernel pointers tag */ From patchwork Fri Aug 14 17:27:11 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715119 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E91ED16B1 for ; Fri, 14 Aug 2020 17:38:03 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id BFEDD20768 for ; Fri, 14 Aug 2020 17:38:03 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="WnldTVwg"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="B++G553D" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org BFEDD20768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=tQcgoTM7on36OtgqvqNiOitCGSSJIvu94Fe3xI6Rx1E=; b=WnldTVwgm5tlS6rlDYm7u/537 BDVK4XpsxyhTabEaMQ13PSGo+LArx5Zkn08Pv5N/bNJvm/XGwZmqsCA9FmUwuBHB0tWqfW4Sqx2oI J3OTvR0OaI7CRssqX3ryw1H8oNHUSYnJ49tpKnfCaLyxcUtESJMHxGraRh8nLQt7UpyBnq1tqG28g 1ZmMZ8rTihEGy+pkUOiQBowRZmktU9D/mhM65pSwpZWT7DeACi+vjEVWTDs2d8EVwi/BYdbINkqoA TiocW5qTQkrJsr0g3wy9jcjRhJ08UnSV0cBFMWdrQ2+iqbQEV8a2dhKWr5fu3TdEnzrr9P1Mtwe7L 5DYLgha5g==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dct-0000JM-VB; Fri, 14 Aug 2020 17:36:23 +0000 Received: from mail-qv1-xf4a.google.com ([2607:f8b0:4864:20::f4a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dVM-0003iN-B5 for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:49 +0000 Received: by mail-qv1-xf4a.google.com with SMTP id d1so6470239qvs.21 for ; Fri, 14 Aug 2020 10:28:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=lhqV5mQvN7E+6IRby7TSffIB2FjRKGUNLHJKKPPYQHw=; b=B++G553D5YRfzBibD52/YbmLsetWRzAA+mz8eYde400Dt3AEX/vseByvilgBu/RIty m11Xpzhzd4fCTyIgDM3Aczj2BOJayGGNmGHctNqvXNTkecsq8v3oeABP2jnHSM5Sy/oT TRlXjAJ0TBbepqTIGEs3YLtgZQZ77lzQJPQ/C8eCHyjGN8okRpzyZYmC+oSiUmjgSH8d GO69c6LHJqVmLxayxM0kpmxCGfm+uXZCCzh2zdglLXW4JcO9BNFJdnkCs9ihI/YbjeUt PY221wPX7nEb3zD22xIzTFeLGFYldtf8rkWyhu3EMaLFbGQb1pdI0FM0lUdnMNysOTrI Ochg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=lhqV5mQvN7E+6IRby7TSffIB2FjRKGUNLHJKKPPYQHw=; b=YTPalvi6jz+vjYNcR0uH8zg+G1L32ljM58zdqTRvvUnkXSVOW4lFGlovK97DTNUk78 3+CYzZCe9qvrPXZUUjaT2uKKhLiN4xkLndHnPNmDWrkp3VAvD/69QfSUthd+QupRY706 4rKJVdiSUA1aXOZ77jFOlPCfhY+hllzxuQcqi61MR5KN9olvkzG7BC2uLjtEO4zNhLEf CgN2Wk+HL5j8iOUIKiE++7j2+W89/V3KaHkgcd96QfjgTKpe7EGmrAwg/nKxwTnaIyOP OZxNSX+pUs5WqzlTiYIfdjKaBCxr6327QW7LZcUlN1+al5X5FRwHRUnT5fn2iC7gCPXU 4Pyw== X-Gm-Message-State: AOAM533VzIs8xgJdb+G+MCUFhJxLSAolQgSdcJ7uP/4fzHJT4AbeZlLm 4qVfO8+ysnCCR9AhFhY276ZWvlIUY7QpJz1p X-Google-Smtp-Source: ABdhPJyEB6r3EZb1/dD1PV8DgiQHfViC9Gw1KcFHaQCLBJDygARswv1n+YYRwOw9Yas1PVhHZwOIsetdUJwayE9i X-Received: by 2002:a0c:e00c:: with SMTP id j12mr3697232qvk.127.1597426112116; Fri, 14 Aug 2020 10:28:32 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:11 +0200 In-Reply-To: Message-Id: <042119d239d929be8d4b479825091fb088c7543a.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 29/35] kasan, x86, s390: update undef CONFIG_KASAN From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132836_515072_095378A7 X-CRM114-Status: GOOD ( 12.19 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:f4a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org With the intoduction of hardware tag-based KASAN some kernel checks of this kind: ifdef CONFIG_KASAN will be updated to: if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) x86 and s390 use a trick to #undef CONFIG_KASAN for some of the code that isn't linked with KASAN runtime and shouldn't have any KASAN annotations. Also #undef CONFIG_KASAN_GENERIC with CONFIG_KASAN. Signed-off-by: Andrey Konovalov --- arch/s390/boot/string.c | 1 + arch/x86/boot/compressed/misc.h | 1 + 2 files changed, 2 insertions(+) diff --git a/arch/s390/boot/string.c b/arch/s390/boot/string.c index b11e8108773a..faccb33b462c 100644 --- a/arch/s390/boot/string.c +++ b/arch/s390/boot/string.c @@ -3,6 +3,7 @@ #include #include #undef CONFIG_KASAN +#undef CONFIG_KASAN_GENERIC #include "../lib/string.c" int strncmp(const char *cs, const char *ct, size_t count) diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h index 726e264410ff..2ac973983a8e 100644 --- a/arch/x86/boot/compressed/misc.h +++ b/arch/x86/boot/compressed/misc.h @@ -12,6 +12,7 @@ #undef CONFIG_PARAVIRT_XXL #undef CONFIG_PARAVIRT_SPINLOCKS #undef CONFIG_KASAN +#undef CONFIG_KASAN_GENERIC /* cpu_feature_enabled() cannot be used this early */ #define USE_EARLY_PGTABLE_L5 From patchwork Fri Aug 14 17:27:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715131 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 2B72E1392 for ; Fri, 14 Aug 2020 17:49:48 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id E58F020791 for ; Fri, 14 Aug 2020 17:49:47 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="PdxYT6Do"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b="U/Ot/idL"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="kwoF/VYN" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org E58F020791 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=AqpRgv+rnMod6sXCGMHap1JWB4VKOf2w2pb/rlwIDbo=; b=PdxYT6Do2YXA0tkObjGz6czYS xcv0iFkfuqSwRAdp3fSoiES+7A/R4y6z9geL0KJj9obZldDB99z5zWalYn/sG+TtBbeSOCg7aZiFi tTDYZF+VUvI5qBX8R4FIstIP6YZ9fbR56fOgW+e/Zg330PBQFX+RiCaW6TuakjQxIXxIRqo0xUBZq GsBDuMwZuN5UrM+X81AkW69qG0Qt1oZLR8Jx2mMc6c7Kqp+8pS3uSJ4r2alJlLvelE3prSrkbihJB HkL3KQejLNmdeNy0XW5tza9TxmKkDcKh/pJIqcmMJJcZjZlmkafut6uedpvyu6M57tkg80ZjqGYK/ LDT2v2oxw==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6doG-0002M1-Mv; Fri, 14 Aug 2020 17:48:08 +0000 Received: from casper.infradead.org ([2001:8b0:10b:1236::1]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6doB-0002K7-Or for linux-arm-kernel@merlin.infradead.org; Fri, 14 Aug 2020 17:48:03 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=Content-Type:Cc:To:From:Subject: References:Mime-Version:Message-Id:In-Reply-To:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=yvYQszTRrx8ntvEq6Qcrq8fyLKT0lW9ZP3vFTaTmLjo=; b=U/Ot/idLGE6SJ116HYMq7Usx/l vq2eMxJRV2ARu+kViRK8m5C7+BtcgVHcxeb0L4kd76rFBmU3LewVxO7UgXQMVKb/tgyL0BFfK5Tzg BbW2PeLNHA51POltEPFzV7rhMQB+Ae0qme0M7XutMU1oKqg0f9qdyQ2VcV4c/VkM3jWq6wfSge1hK Qy3Oq4sVOhSzvHIxPFQMQz/6xTNk/bOV0pHi79kkCx1SegoojBm38qjeL513XdHmkiiyZxWJ3cFQO DZoFZV6xmsFqrc6dBsjIF95L6Bzeoa5n+AdxaIxTZVIlFm1kNyPUd95L18rrMIb+CUz2oy/twYtbO yklpIGIw==; Received: from mail-yb1-xb4a.google.com ([2607:f8b0:4864:20::b4a]) by casper.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dVM-0001Zv-VG for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:40 +0000 Received: by mail-yb1-xb4a.google.com with SMTP id a5so10684305ybh.3 for ; Fri, 14 Aug 2020 10:28:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=yvYQszTRrx8ntvEq6Qcrq8fyLKT0lW9ZP3vFTaTmLjo=; b=kwoF/VYNH81Wq5oxRmBS/t6isOHxSA1+nk7yFG/ctYk1dMtUFAssZRouR3ifCgmied HCuEfscJx4hXYpJpUou/VViHr9lanozcwuQm1U5u/0tDMytMBVr7C8d3mDNs3ibggKNp F/Aa5FlHOPTTPcn5j5e2zwGLlVXP9Ll9g9T+ipgxhJUMkl1ptNNMmDug0rxj6JlAFAOT a/xbumJfdyTXcP7pFh7kRQ0Ob427pQyR3lIsHts4xkPbcD6fbKyHIow4+xI8eO260iTH LH7GmsWk+GAk8LKF2Ys6149+2tlLyQMH3ULlSvp4zlDgna+xDAWU8z5T0qW5jPMCinRM kLew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=yvYQszTRrx8ntvEq6Qcrq8fyLKT0lW9ZP3vFTaTmLjo=; b=kIEKzlGACH+QtHSqBSvwM1KXX5c979OhyKUFNDCLYakV1P+MlBisXbpunyp2Z/Bc6H L4YqZWtTh9BnNEy1fxPbaKnXDXV/aXT4ef1VVRhZwMPPyzjhf0n8O1kqc3Mb2oFVCQSK xaaIjO5Sw7oIyiByUFl5Kz0KIb0bD/44yCxbYfRo6MUws01sAhOwZmKtjCbhketVw43e A8I9GZEVcoLdJWkUYqNCIUHPzVZlQQWWA/CHCFmEzXy5+OPJonKu36X+EXKD1BDg05yB L92CRb4NLP6cOurDaKBbrWay8tTniQNh7sQRZUf75ili3yS7Nu96+QKAEvyEAv1x7i8w pr8g== X-Gm-Message-State: AOAM533klaHN2BB9KyTaQUC3t8k6QIPzd6IXLPTLgkyOiD8K5yEK9Wwx XMb3dXkyqbmItbwRCYaZv5oa56a+5/JEhiSs X-Google-Smtp-Source: ABdhPJxMkNkayXmom9Crca+A9DYJPsn/opssoVn4Ch8j5PCmvAli8vL+/pOquIkx8fK6lqFW2m8WxnJcR6fmeb+3 X-Received: by 2002:a25:7310:: with SMTP id o16mr5154152ybc.415.1597426114537; Fri, 14 Aug 2020 10:28:34 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:12 +0200 In-Reply-To: Message-Id: <33118d2b5d458fab42db9485389b5e8159ca3b02.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 30/35] kasan, arm64: expand CONFIG_KASAN checks From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_182837_303552_7E11ADC9 X-CRM114-Status: GOOD ( 20.42 ) X-Spam-Score: -9.6 (---------) X-Spam-Report: SpamAssassin version 3.4.4 on casper.infradead.org summary: Content analysis details: (-9.6 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:b4a listed in] [list.dnswl.org] 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org Some #ifdef CONFIG_KASAN checks are only relevant for software KASAN modes (either related to shadow memory or compiler instrumentation). Expand those into CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS. Signed-off-by: Andrey Konovalov --- arch/arm64/Kconfig | 2 +- arch/arm64/Makefile | 2 +- arch/arm64/include/asm/assembler.h | 2 +- arch/arm64/include/asm/memory.h | 2 +- arch/arm64/include/asm/string.h | 5 +++-- arch/arm64/kernel/head.S | 2 +- arch/arm64/kernel/image-vars.h | 2 +- arch/arm64/mm/dump.c | 6 +++--- include/linux/kasan-checks.h | 2 +- include/linux/kasan.h | 7 ++++--- include/linux/moduleloader.h | 3 ++- include/linux/string.h | 2 +- mm/ptdump.c | 13 ++++++++----- scripts/Makefile.lib | 2 ++ 14 files changed, 30 insertions(+), 22 deletions(-) diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 32ceff21acc1..70a7880d5145 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -320,7 +320,7 @@ config BROKEN_GAS_INST config KASAN_SHADOW_OFFSET hex - depends on KASAN + depends on KASAN_GENERIC || KASAN_SW_TAGS default 0xdfffa00000000000 if (ARM64_VA_BITS_48 || ARM64_VA_BITS_52) && !KASAN_SW_TAGS default 0xdfffd00000000000 if ARM64_VA_BITS_47 && !KASAN_SW_TAGS default 0xdffffe8000000000 if ARM64_VA_BITS_42 && !KASAN_SW_TAGS diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile index a0d94d063fa8..89df029a3cff 100644 --- a/arch/arm64/Makefile +++ b/arch/arm64/Makefile @@ -125,7 +125,7 @@ TEXT_OFFSET := 0x0 ifeq ($(CONFIG_KASAN_SW_TAGS), y) KASAN_SHADOW_SCALE_SHIFT := 4 -else +else ifeq ($(CONFIG_KASAN_GENERIC), y) KASAN_SHADOW_SCALE_SHIFT := 3 endif diff --git a/arch/arm64/include/asm/assembler.h b/arch/arm64/include/asm/assembler.h index 54d181177656..bc9ace1e5f3a 100644 --- a/arch/arm64/include/asm/assembler.h +++ b/arch/arm64/include/asm/assembler.h @@ -464,7 +464,7 @@ USER(\label, ic ivau, \tmp2) // invalidate I line PoU #define NOKPROBE(x) #endif -#ifdef CONFIG_KASAN +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) #define EXPORT_SYMBOL_NOKASAN(name) #else #define EXPORT_SYMBOL_NOKASAN(name) EXPORT_SYMBOL(name) diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h index 770535b7ca35..8881849929e3 100644 --- a/arch/arm64/include/asm/memory.h +++ b/arch/arm64/include/asm/memory.h @@ -75,7 +75,7 @@ * address space for the shadow region respectively. They can bloat the stack * significantly, so double the (minimum) stack size when they are in use. */ -#ifdef CONFIG_KASAN +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) #define KASAN_SHADOW_OFFSET _AC(CONFIG_KASAN_SHADOW_OFFSET, UL) #define KASAN_SHADOW_END ((UL(1) << (64 - KASAN_SHADOW_SCALE_SHIFT)) \ + KASAN_SHADOW_OFFSET) diff --git a/arch/arm64/include/asm/string.h b/arch/arm64/include/asm/string.h index b31e8e87a0db..3a3264ff47b9 100644 --- a/arch/arm64/include/asm/string.h +++ b/arch/arm64/include/asm/string.h @@ -5,7 +5,7 @@ #ifndef __ASM_STRING_H #define __ASM_STRING_H -#ifndef CONFIG_KASAN +#if !(defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)) #define __HAVE_ARCH_STRRCHR extern char *strrchr(const char *, int c); @@ -48,7 +48,8 @@ extern void *__memset(void *, int, __kernel_size_t); void memcpy_flushcache(void *dst, const void *src, size_t cnt); #endif -#if defined(CONFIG_KASAN) && !defined(__SANITIZE_ADDRESS__) +#if (defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)) && \ + !defined(__SANITIZE_ADDRESS__) /* * For files that are not instrumented (e.g. mm/slub.c) we diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S index 037421c66b14..427ded9e68e8 100644 --- a/arch/arm64/kernel/head.S +++ b/arch/arm64/kernel/head.S @@ -452,7 +452,7 @@ SYM_FUNC_START_LOCAL(__primary_switched) bl __pi_memset dsb ishst // Make zero page visible to PTW -#ifdef CONFIG_KASAN +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) bl kasan_early_init #endif #ifdef CONFIG_RANDOMIZE_BASE diff --git a/arch/arm64/kernel/image-vars.h b/arch/arm64/kernel/image-vars.h index be0a63ffed23..b85372eba2d6 100644 --- a/arch/arm64/kernel/image-vars.h +++ b/arch/arm64/kernel/image-vars.h @@ -37,7 +37,7 @@ __efistub_strncmp = __pi_strncmp; __efistub_strrchr = __pi_strrchr; __efistub___clean_dcache_area_poc = __pi___clean_dcache_area_poc; -#ifdef CONFIG_KASAN +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) __efistub___memcpy = __pi_memcpy; __efistub___memmove = __pi_memmove; __efistub___memset = __pi_memset; diff --git a/arch/arm64/mm/dump.c b/arch/arm64/mm/dump.c index ba6d1d89f9b2..bf8ddeac5d8f 100644 --- a/arch/arm64/mm/dump.c +++ b/arch/arm64/mm/dump.c @@ -29,7 +29,7 @@ enum address_markers_idx { PAGE_OFFSET_NR = 0, PAGE_END_NR, -#ifdef CONFIG_KASAN +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) KASAN_START_NR, #endif }; @@ -37,7 +37,7 @@ enum address_markers_idx { static struct addr_marker address_markers[] = { { PAGE_OFFSET, "Linear Mapping start" }, { 0 /* PAGE_END */, "Linear Mapping end" }, -#ifdef CONFIG_KASAN +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) { 0 /* KASAN_SHADOW_START */, "Kasan shadow start" }, { KASAN_SHADOW_END, "Kasan shadow end" }, #endif @@ -381,7 +381,7 @@ void ptdump_check_wx(void) static int ptdump_init(void) { address_markers[PAGE_END_NR].start_address = PAGE_END; -#ifdef CONFIG_KASAN +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) address_markers[KASAN_START_NR].start_address = KASAN_SHADOW_START; #endif ptdump_initialize(); diff --git a/include/linux/kasan-checks.h b/include/linux/kasan-checks.h index ac6aba632f2d..ca5e89fb10d3 100644 --- a/include/linux/kasan-checks.h +++ b/include/linux/kasan-checks.h @@ -9,7 +9,7 @@ * even in compilation units that selectively disable KASAN, but must use KASAN * to validate access to an address. Never use these in header files! */ -#ifdef CONFIG_KASAN +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) bool __kasan_check_read(const volatile void *p, unsigned int size); bool __kasan_check_write(const volatile void *p, unsigned int size); #else diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 894f4d9163ee..875bbcedd994 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -232,7 +232,8 @@ static inline void kasan_release_vmalloc(unsigned long start, #endif /* CONFIG_KASAN_VMALLOC */ -#if defined(CONFIG_KASAN) && !defined(CONFIG_KASAN_VMALLOC) +#if (defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)) && \ + !defined(CONFIG_KASAN_VMALLOC) /* * These functions provide a special case to support backing module @@ -242,12 +243,12 @@ static inline void kasan_release_vmalloc(unsigned long start, int kasan_module_alloc(void *addr, size_t size); void kasan_free_shadow(const struct vm_struct *vm); -#else /* CONFIG_KASAN && !CONFIG_KASAN_VMALLOC */ +#else /* (CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS) && !CONFIG_KASAN_VMALLOC */ static inline int kasan_module_alloc(void *addr, size_t size) { return 0; } static inline void kasan_free_shadow(const struct vm_struct *vm) {} -#endif /* CONFIG_KASAN && !CONFIG_KASAN_VMALLOC */ +#endif /* (CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS) && !CONFIG_KASAN_VMALLOC */ #ifdef CONFIG_KASAN_INLINE void kasan_non_canonical_hook(unsigned long addr); diff --git a/include/linux/moduleloader.h b/include/linux/moduleloader.h index 4fa67a8b2265..9e09d11ffe5b 100644 --- a/include/linux/moduleloader.h +++ b/include/linux/moduleloader.h @@ -96,7 +96,8 @@ void module_arch_cleanup(struct module *mod); /* Any cleanup before freeing mod->module_init */ void module_arch_freeing_init(struct module *mod); -#if defined(CONFIG_KASAN) && !defined(CONFIG_KASAN_VMALLOC) +#if (defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)) && \ + !defined(CONFIG_KASAN_VMALLOC) #include #define MODULE_ALIGN (PAGE_SIZE << KASAN_SHADOW_SCALE_SHIFT) #else diff --git a/include/linux/string.h b/include/linux/string.h index 9b7a0632e87a..607322616363 100644 --- a/include/linux/string.h +++ b/include/linux/string.h @@ -273,7 +273,7 @@ void __write_overflow(void) __compiletime_error("detected write beyond size of o #if !defined(__NO_FORTIFY) && defined(__OPTIMIZE__) && defined(CONFIG_FORTIFY_SOURCE) -#ifdef CONFIG_KASAN +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) extern void *__underlying_memchr(const void *p, int c, __kernel_size_t size) __RENAME(memchr); extern int __underlying_memcmp(const void *p, const void *q, __kernel_size_t size) __RENAME(memcmp); extern void *__underlying_memcpy(void *p, const void *q, __kernel_size_t size) __RENAME(memcpy); diff --git a/mm/ptdump.c b/mm/ptdump.c index ba88ec43ff21..4354c1422d57 100644 --- a/mm/ptdump.c +++ b/mm/ptdump.c @@ -4,7 +4,7 @@ #include #include -#ifdef CONFIG_KASAN +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) /* * This is an optimization for KASAN=y case. Since all kasan page tables * eventually point to the kasan_early_shadow_page we could call note_page() @@ -31,7 +31,8 @@ static int ptdump_pgd_entry(pgd_t *pgd, unsigned long addr, struct ptdump_state *st = walk->private; pgd_t val = READ_ONCE(*pgd); -#if CONFIG_PGTABLE_LEVELS > 4 && defined(CONFIG_KASAN) +#if CONFIG_PGTABLE_LEVELS > 4 && \ + (defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)) if (pgd_page(val) == virt_to_page(lm_alias(kasan_early_shadow_p4d))) return note_kasan_page_table(walk, addr); #endif @@ -51,7 +52,8 @@ static int ptdump_p4d_entry(p4d_t *p4d, unsigned long addr, struct ptdump_state *st = walk->private; p4d_t val = READ_ONCE(*p4d); -#if CONFIG_PGTABLE_LEVELS > 3 && defined(CONFIG_KASAN) +#if CONFIG_PGTABLE_LEVELS > 3 && \ + (defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)) if (p4d_page(val) == virt_to_page(lm_alias(kasan_early_shadow_pud))) return note_kasan_page_table(walk, addr); #endif @@ -71,7 +73,8 @@ static int ptdump_pud_entry(pud_t *pud, unsigned long addr, struct ptdump_state *st = walk->private; pud_t val = READ_ONCE(*pud); -#if CONFIG_PGTABLE_LEVELS > 2 && defined(CONFIG_KASAN) +#if CONFIG_PGTABLE_LEVELS > 2 && \ + (defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)) if (pud_page(val) == virt_to_page(lm_alias(kasan_early_shadow_pmd))) return note_kasan_page_table(walk, addr); #endif @@ -91,7 +94,7 @@ static int ptdump_pmd_entry(pmd_t *pmd, unsigned long addr, struct ptdump_state *st = walk->private; pmd_t val = READ_ONCE(*pmd); -#if defined(CONFIG_KASAN) +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) if (pmd_page(val) == virt_to_page(lm_alias(kasan_early_shadow_pte))) return note_kasan_page_table(walk, addr); #endif diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib index 99ac59c59826..e527d06b9da8 100644 --- a/scripts/Makefile.lib +++ b/scripts/Makefile.lib @@ -135,10 +135,12 @@ endif # we don't want to check (depends on variables KASAN_SANITIZE_obj.o, KASAN_SANITIZE) # ifeq ($(CONFIG_KASAN),y) +ifneq ($(CONFIG_KASAN_HW_TAGS),y) _c_flags += $(if $(patsubst n%,, \ $(KASAN_SANITIZE_$(basetarget).o)$(KASAN_SANITIZE)y), \ $(CFLAGS_KASAN), $(CFLAGS_KASAN_NOSANITIZE)) endif +endif ifeq ($(CONFIG_UBSAN),y) _c_flags += $(if $(patsubst n%,, \ From patchwork Fri Aug 14 17:27:13 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715125 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9C09C138C for ; Fri, 14 Aug 2020 17:49:37 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 62DFB20791 for ; Fri, 14 Aug 2020 17:49:37 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="M3O8awwX"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=infradead.org header.i=@infradead.org header.b="kyijh6Iw"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="TwBLRF/r" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 62DFB20791 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=cUrmhSsE7pMAnL5oNrFaETcE8GUQMCX7RA8KgfJvwvY=; b=M3O8awwXQ9d+T6pEKXa9Re/RO CwMN17UJQs7i3DGpTbrNl02mGod1PZXBT6nSFuWXjV6tdjFsNrnPEwqdbcZQ448AsQSU0iA5cHvfw KTAXMY9cb8DkufjvKEfYlLsM9+aJl2NPywy3pG3lI+U7HlfCYHiabCZ/w2AK5HSJZl4gflSfB+n86 ralilqLfrnD0uZAA+M91oxHlWst0SK8v/z3bGNuJLczy3H/g6oTd3aIwW6IdvQsCXJNqx7MySoQ4z D7ryr9aeN0wJ9qwn6TYBTm5MCKoWrufbrkti3ljzpBc2Tlc2AlBK4Em6KwVUQI9fsrSKDRsLol93T /xjvt66WQ==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6doD-0002LL-Id; Fri, 14 Aug 2020 17:48:05 +0000 Received: from casper.infradead.org ([2001:8b0:10b:1236::1]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6doA-0002K7-6R for linux-arm-kernel@merlin.infradead.org; Fri, 14 Aug 2020 17:48:02 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=Content-Type:Cc:To:From:Subject: References:Mime-Version:Message-Id:In-Reply-To:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=zw6ofl64XJvLyRlNnYu73LFjRJ5KYIbvH8mlto9sbqM=; b=kyijh6IwBR7jpOtsNC46/Og5hX gPfovMpcmpEv5GlB0WLF7N7wVrFTcokRhdtvMeEWcG2wFLslH4J2DJdTJEBmkoBrS4tZTBH7YA98A RUZBwYd205ZO3JjWzHRHR/Gs/FXD1vonyTqTPssGcqvfwNsHm4NCiR46cs+BrLxWbxR8hr2ZB/Rss PAIcgXy4/fg1HYKwPM3KAeU79fsBnNpkXi8kZW74gDuX2RLM+BQeNwZmTlzxng6SFEToKxXePjgOQ HHTQsKE5pSFoNS2q0PWr0itI4PZO8cE8VHtr9Mgc1g5aQuoEJEkJAJylOMAkCdi4L2lP7P/a2H6it W6SPyniA==; Received: from mail-wr1-x449.google.com ([2a00:1450:4864:20::449]) by casper.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dVP-0001ab-0s for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:42 +0000 Received: by mail-wr1-x449.google.com with SMTP id e12so3602889wra.13 for ; Fri, 14 Aug 2020 10:28:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=zw6ofl64XJvLyRlNnYu73LFjRJ5KYIbvH8mlto9sbqM=; b=TwBLRF/rbeilcvS01IZuZ8boRDiC6kFFx13ZcBf5v8mBAFeeaqe/K/9g7SUMFB46AN Uk3TL8JI3lrDJkWTbRdOk/fse8WgCD1driXZKcovyFmknL9fbJfj7HcM0bodkOaPLNjv YRgj0eAgN1ZzE63L/sOBlK03Tc53hVXAKv0nTdcuvJLjYv5Fe9+awXM+hfzXUOlkN+Tt GxATPebvj+ViVNh8i62GpbNAhOY1SIqqrmlj2bNxDjuDMwabsP8FSug+OYEp5YnMb8+K IV03rYHAw7C3axHhi+y9R6Qkf95rKcuF51EYLOYQJPFiN8c/xCbObF+CDH1bMwVAYaJq B93A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=zw6ofl64XJvLyRlNnYu73LFjRJ5KYIbvH8mlto9sbqM=; b=sI53e5xumNasEkudlkZ2JtqkBEAR6W+WKk5JFuHOTZRZfAgXSuTE9rMOvwXLMDDcDF DNFfD4YH56y7xQx294DvM4mQg0/4RV5Lp7JczZ8kdAfaZzu7UG6sPAbSI8Hc0kVceYE6 l0sHNkcb70IF32CyNHJDyUIh0oNkWhQusDiG63mvihwDG9Dz4h+gB9nJOdi51Zd7XFMf nXAE95fHBhxmakI5jYZ9hxAmyuQZ/1tbGtllguuVp1WqM9hzo00rWR2z0aDU8cRs51WC r/FX4mp1A4e9LF+0TTLu+JTH98sMieCoopze2934GXaNEU15jb0mIJdKHJaKSKzJAYtg +u/g== X-Gm-Message-State: AOAM532eoC27M1M/g/OhfnQhR4djhQ9ssgIDeFlfkjQx9byFHXyOrKiw MLpOz1bg/C8nT/lcoRCLBkQ++JilVzlI5SyR X-Google-Smtp-Source: ABdhPJxLmPsPnfg0Y41GurSwvgB4B/jdKBBKFqKNYmRmKfoTpx+VKGlsXRfM1sIRvRSEllGqzRWaQiKQyM5zkrho X-Received: by 2002:adf:97d3:: with SMTP id t19mr3454793wrb.138.1597426117123; Fri, 14 Aug 2020 10:28:37 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:13 +0200 In-Reply-To: Message-Id: <4e86d422f930831666137e06a71dff4a7a16a5cd.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 31/35] kasan, arm64: implement HW_TAGS runtime From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_182839_475792_DB3016C9 X-CRM114-Status: GOOD ( 25.76 ) X-Spam-Score: -9.6 (---------) X-Spam-Report: SpamAssassin version 3.4.4 on casper.infradead.org summary: Content analysis details: (-9.6 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:449 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org Provide implementation of KASAN functions required for the hardware tag-based mode. Those include core functions for memory and pointer tagging (mte.c) and bug reporting (report_mte.c). Also adapt common KASAN code to support the new mode. Signed-off-by: Andrey Konovalov --- arch/arm64/include/asm/memory.h | 4 +- arch/arm64/kernel/setup.c | 1 - include/linux/kasan.h | 6 +-- include/linux/mm.h | 2 +- include/linux/page-flags-layout.h | 2 +- mm/kasan/Makefile | 5 ++ mm/kasan/common.c | 14 +++--- mm/kasan/kasan.h | 17 +++++-- mm/kasan/mte.c | 76 +++++++++++++++++++++++++++++++ mm/kasan/report_mte.c | 47 +++++++++++++++++++ mm/kasan/shadow.c | 2 +- 11 files changed, 158 insertions(+), 18 deletions(-) create mode 100644 mm/kasan/mte.c create mode 100644 mm/kasan/report_mte.c diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h index 8881849929e3..433341acf3f3 100644 --- a/arch/arm64/include/asm/memory.h +++ b/arch/arm64/include/asm/memory.h @@ -214,7 +214,7 @@ static inline unsigned long kaslr_offset(void) (__force __typeof__(addr))__addr; \ }) -#ifdef CONFIG_KASAN_SW_TAGS +#if defined(CONFIG_KASAN_SW_TAGS) || defined(CONFIG_KASAN_HW_TAGS) #define __tag_shifted(tag) ((u64)(tag) << 56) #define __tag_reset(addr) __untagged_addr(addr) #define __tag_get(addr) (__u8)((u64)(addr) >> 56) @@ -222,7 +222,7 @@ static inline unsigned long kaslr_offset(void) #define __tag_shifted(tag) 0UL #define __tag_reset(addr) (addr) #define __tag_get(addr) 0 -#endif /* CONFIG_KASAN_SW_TAGS */ +#endif /* CONFIG_KASAN_SW_TAGS || CONFIG_KASAN_HW_TAGS */ static inline const void *__tag_set(const void *addr, u8 tag) { diff --git a/arch/arm64/kernel/setup.c b/arch/arm64/kernel/setup.c index 575da075a2b9..4bee6e70eef4 100644 --- a/arch/arm64/kernel/setup.c +++ b/arch/arm64/kernel/setup.c @@ -352,7 +352,6 @@ void __init __no_sanitize_address setup_arch(char **cmdline_p) smp_init_cpus(); smp_build_mpidr_hash(); - /* Init percpu seeds for random tags after cpus are set up. */ kasan_init_tags(); #ifdef CONFIG_ARM64_SW_TTBR0_PAN diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 875bbcedd994..613c9d38eee5 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -184,7 +184,7 @@ static inline void kasan_record_aux_stack(void *ptr) {} #endif /* CONFIG_KASAN_GENERIC */ -#ifdef CONFIG_KASAN_SW_TAGS +#if defined(CONFIG_KASAN_SW_TAGS) || defined(CONFIG_KASAN_HW_TAGS) void kasan_init_tags(void); @@ -193,7 +193,7 @@ void *kasan_reset_tag(const void *addr); bool kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip); -#else /* CONFIG_KASAN_SW_TAGS */ +#else /* CONFIG_KASAN_SW_TAGS || CONFIG_KASAN_HW_TAGS */ static inline void kasan_init_tags(void) { } @@ -202,7 +202,7 @@ static inline void *kasan_reset_tag(const void *addr) return (void *)addr; } -#endif /* CONFIG_KASAN_SW_TAGS */ +#endif /* CONFIG_KASAN_SW_TAGS || CONFIG_KASAN_HW_TAGS*/ #ifdef CONFIG_KASAN_VMALLOC diff --git a/include/linux/mm.h b/include/linux/mm.h index 65cbbfaa739b..94581f82c1b3 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -1395,7 +1395,7 @@ static inline bool cpupid_match_pid(struct task_struct *task, int cpupid) } #endif /* CONFIG_NUMA_BALANCING */ -#ifdef CONFIG_KASAN_SW_TAGS +#if defined(CONFIG_KASAN_SW_TAGS) || defined(CONFIG_KASAN_HW_TAGS) static inline u8 page_kasan_tag(const struct page *page) { return (page->flags >> KASAN_TAG_PGSHIFT) & KASAN_TAG_MASK; diff --git a/include/linux/page-flags-layout.h b/include/linux/page-flags-layout.h index 71283739ffd2..75945732a58b 100644 --- a/include/linux/page-flags-layout.h +++ b/include/linux/page-flags-layout.h @@ -77,7 +77,7 @@ #define LAST_CPUPID_SHIFT 0 #endif -#ifdef CONFIG_KASAN_SW_TAGS +#if defined(CONFIG_KASAN_SW_TAGS) || defined(CONFIG_KASAN_HW_TAGS) #define KASAN_TAG_WIDTH 8 #else #define KASAN_TAG_WIDTH 0 diff --git a/mm/kasan/Makefile b/mm/kasan/Makefile index 007c824f6f43..182095c6af28 100644 --- a/mm/kasan/Makefile +++ b/mm/kasan/Makefile @@ -10,9 +10,11 @@ CFLAGS_REMOVE_init.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_quarantine.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_report.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_report_generic.o = $(CC_FLAGS_FTRACE) +CFLAGS_REMOVE_report_mte.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_report_tags.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_shadow.o = $(CC_FLAGS_FTRACE) CFLAGS_REMOVE_tags.o = $(CC_FLAGS_FTRACE) +CFLAGS_REMOVE_mte.o = $(CC_FLAGS_FTRACE) # Function splitter causes unnecessary splits in __asan_load1/__asan_store1 # see: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63533 @@ -27,10 +29,13 @@ CFLAGS_init.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_quarantine.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_report.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_report_generic.o := $(CC_FLAGS_KASAN_RUNTIME) +CFLAGS_report_mte.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_report_tags.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_shadow.o := $(CC_FLAGS_KASAN_RUNTIME) CFLAGS_tags.o := $(CC_FLAGS_KASAN_RUNTIME) +CFLAGS_mte.o := $(CC_FLAGS_KASAN_RUNTIME) obj-$(CONFIG_KASAN) := common.o report.o obj-$(CONFIG_KASAN_GENERIC) += init.o generic.o report_generic.o shadow.o quarantine.o obj-$(CONFIG_KASAN_SW_TAGS) += init.o report_tags.o shadow.o tags.o +obj-$(CONFIG_KASAN_HW_TAGS) += mte.o report_mte.o diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 41c7f1105eaa..412a23d1546b 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -118,7 +118,7 @@ void kasan_free_pages(struct page *page, unsigned int order) */ static inline unsigned int optimal_redzone(unsigned int object_size) { - if (IS_ENABLED(CONFIG_KASAN_SW_TAGS)) + if (!IS_ENABLED(CONFIG_KASAN_GENERIC)) return 0; return @@ -183,14 +183,14 @@ size_t kasan_metadata_size(struct kmem_cache *cache) struct kasan_alloc_meta *get_alloc_info(struct kmem_cache *cache, const void *object) { - return (void *)object + cache->kasan_info.alloc_meta_offset; + return (void *)reset_tag(object) + cache->kasan_info.alloc_meta_offset; } struct kasan_free_meta *get_free_info(struct kmem_cache *cache, const void *object) { BUILD_BUG_ON(sizeof(struct kasan_free_meta) > 32); - return (void *)object + cache->kasan_info.free_meta_offset; + return (void *)reset_tag(object) + cache->kasan_info.free_meta_offset; } void kasan_poison_slab(struct page *page) @@ -272,7 +272,8 @@ void * __must_check kasan_init_slab_obj(struct kmem_cache *cache, alloc_info = get_alloc_info(cache, object); __memset(alloc_info, 0, sizeof(*alloc_info)); - if (IS_ENABLED(CONFIG_KASAN_SW_TAGS)) + if (IS_ENABLED(CONFIG_KASAN_SW_TAGS) || + IS_ENABLED(CONFIG_KASAN_HW_TAGS)) object = set_tag(object, assign_tag(cache, object, true, false)); @@ -342,10 +343,11 @@ static void *__kasan_kmalloc(struct kmem_cache *cache, const void *object, redzone_end = round_up((unsigned long)object + cache->object_size, KASAN_GRANULE_SIZE); - if (IS_ENABLED(CONFIG_KASAN_SW_TAGS)) + if (IS_ENABLED(CONFIG_KASAN_SW_TAGS) || + IS_ENABLED(CONFIG_KASAN_HW_TAGS)) tag = assign_tag(cache, object, false, keep_tag); - /* Tag is ignored in set_tag without CONFIG_KASAN_SW_TAGS */ + /* Tag is ignored in set_tag without CONFIG_KASAN_SW/HW_TAGS */ kasan_unpoison_memory(set_tag(object, tag), size); kasan_poison_memory((void *)redzone_start, redzone_end - redzone_start, KASAN_KMALLOC_REDZONE); diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index 4d8e229f8e01..bc56cf8b9c48 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -152,6 +152,10 @@ struct kasan_alloc_meta *get_alloc_info(struct kmem_cache *cache, struct kasan_free_meta *get_free_info(struct kmem_cache *cache, const void *object); +void kasan_poison_memory(const void *address, size_t size, u8 value); + +#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) + static inline const void *kasan_shadow_to_mem(const void *shadow_addr) { return (void *)(((unsigned long)shadow_addr - KASAN_SHADOW_OFFSET) @@ -163,8 +167,6 @@ static inline bool addr_has_metadata(const void *addr) return (addr >= kasan_shadow_to_mem((void *)KASAN_SHADOW_START)); } -void kasan_poison_memory(const void *address, size_t size, u8 value); - /** * check_memory_region - Check memory region, and report if invalid access. * @addr: the accessed address @@ -176,6 +178,15 @@ void kasan_poison_memory(const void *address, size_t size, u8 value); bool check_memory_region(unsigned long addr, size_t size, bool write, unsigned long ret_ip); +#else /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS */ + +static inline bool addr_has_metadata(const void *addr) +{ + return true; +} + +#endif /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS */ + bool check_invalid_free(void *addr); void *find_first_bad_addr(void *addr, size_t size); @@ -212,7 +223,7 @@ static inline void quarantine_reduce(void) { } static inline void quarantine_remove_cache(struct kmem_cache *cache) { } #endif -#ifdef CONFIG_KASAN_SW_TAGS +#if defined(CONFIG_KASAN_SW_TAGS) || defined(CONFIG_KASAN_HW_TAGS) void print_tags(u8 addr_tag, const void *addr); diff --git a/mm/kasan/mte.c b/mm/kasan/mte.c new file mode 100644 index 000000000000..43b7d74161e5 --- /dev/null +++ b/mm/kasan/mte.c @@ -0,0 +1,76 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * This file contains hardware tag-based (MTE-based) KASAN code. + * + * Copyright (c) 2020 Google, Inc. + * Author: Andrey Konovalov + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + */ + +#include +#include +#include +#include +#include +#include + +#include "kasan.h" + +void kasan_init_tags(void) +{ + mte_init_tags(KASAN_TAG_MAX); +} + +void *kasan_reset_tag(const void *addr) +{ + return reset_tag(addr); +} + +void kasan_poison_memory(const void *address, size_t size, u8 value) +{ + mte_set_mem_tag_range(reset_tag(address), size, value); +} + +void kasan_unpoison_memory(const void *address, size_t size) +{ + mte_set_mem_tag_range(reset_tag(address), size, get_tag(address)); +} + +u8 random_tag(void) +{ + return mte_get_random_tag(); +} + +bool check_invalid_free(void *addr) +{ + u8 ptr_tag = get_tag(addr); + u8 mem_tag = mte_get_mem_tag(addr); + + if (mem_tag == KASAN_TAG_INVALID) + return true; + if (ptr_tag != KASAN_TAG_KERNEL && ptr_tag != mem_tag) + return true; + return false; +} + +void kasan_set_free_info(struct kmem_cache *cache, + void *object, u8 tag) +{ + struct kasan_alloc_meta *alloc_meta; + + alloc_meta = get_alloc_info(cache, object); + kasan_set_track(&alloc_meta->free_track[0], GFP_NOWAIT); +} + +struct kasan_track *kasan_get_free_track(struct kmem_cache *cache, + void *object, u8 tag) +{ + struct kasan_alloc_meta *alloc_meta; + + alloc_meta = get_alloc_info(cache, object); + return &alloc_meta->free_track[0]; +} diff --git a/mm/kasan/report_mte.c b/mm/kasan/report_mte.c new file mode 100644 index 000000000000..dbbf3aaa8798 --- /dev/null +++ b/mm/kasan/report_mte.c @@ -0,0 +1,47 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * This file contains Hardware Tag-Based (MTE-based) KASAN code. + * + * Copyright (c) 2020 Google, Inc. + * Author: Andrey Konovalov + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + */ + +#include +#include +#include +#include +#include +#include + +#include "kasan.h" + +const char *get_bug_type(struct kasan_access_info *info) +{ + return "invalid-access"; +} + +void *find_first_bad_addr(void *addr, size_t size) +{ + return reset_tag(addr); +} + +void metadata_fetch_row(char *buffer, void *row) +{ + int i; + + for (i = 0; i < META_BYTES_PER_ROW; i++) + buffer[i] = mte_get_mem_tag(row + i * KASAN_GRANULE_SIZE); +} + +void print_tags(u8 addr_tag, const void *addr) +{ + u8 memory_tag = mte_get_mem_tag((void *)addr); + + pr_err("Pointer tag: [%02x], memory tag: [%02x]\n", + addr_tag, memory_tag); +} diff --git a/mm/kasan/shadow.c b/mm/kasan/shadow.c index 4888084ecdfc..ca69726adf8f 100644 --- a/mm/kasan/shadow.c +++ b/mm/kasan/shadow.c @@ -111,7 +111,7 @@ void kasan_unpoison_memory(const void *address, size_t size) if (IS_ENABLED(CONFIG_KASAN_SW_TAGS)) *shadow = tag; - else + else /* CONFIG_KASAN_GENERIC */ *shadow = size & KASAN_GRANULE_MASK; } } From patchwork Fri Aug 14 17:27:14 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715113 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 802451744 for ; Fri, 14 Aug 2020 17:36:57 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 5407320768 for ; Fri, 14 Aug 2020 17:36:57 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="De1WrNpz"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="ku0irwum" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 5407320768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=EOJ6S7FW6SLnQ8UsO7g5tQoKBBSXIEFoaJKsCgD8S2E=; b=De1WrNpzN7/PFspmSnqHLTYGP I5PpiowJXf0kAK8Q0vcYNJeCquPlujMr0DcZcR9gd1sHVdVK2/OA29Oe4JZmdhcqZ5RirTHEyGssg weORbtfQ72YvqV+BdEBNxyAbVklQzVh5xgb0tLW9S/jtGw3N0JtPaPSgIEpXhphvIJHl1M7yf7y4M X9zHTU/cM91gqN+f8w4VdZLY0bFFuI8lfdaI0JS4BqrlD2yS38WOQBToScr0Uu3XIpd66WjtjCKKi GspvfoIyjPWjEzDcy9DxWk1KZO3ud6alZMKj1t+gCMuhCRyQIg79HQSmK0ruTWCGlE/I0dUhO0z4y hYNt9MgPQ==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dcw-0000Ky-9e; Fri, 14 Aug 2020 17:36:26 +0000 Received: from mail-qt1-x849.google.com ([2607:f8b0:4864:20::849]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dVT-0003mP-6v for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:54 +0000 Received: by mail-qt1-x849.google.com with SMTP id w30so7476024qte.14 for ; Fri, 14 Aug 2020 10:28:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=q24QkMKZO6T4dOo8z/uPgVahsCI2M3nldwxAJ8Cpi0Y=; b=ku0irwumRN6Ip49VSreq9f2tsq3r4WWyUSZtTgT8ZfbqcamgfahfJv6gpuKCz5H6gy Q2EQk2cVD2v4NT1Ndg/ERBlP8Mgblb3K+/EoQ0OaVHn92co8FyMN4gM6NFFNb/tcKxjn Chs+FedkWOcYI+GgaEaP+culABQRUNCY66Cfnp7MkT41IEgPXFAcRnWVRitd5Cf27eWM fzIiG7nA/mXCk86tQkqB4dpoZomH7hfjiyqs6xYKrhnfdK1btBGZGw0MSLjRiPEUI+UR CJ9Sj6V3KiwOY8URNLAZ4vHQO2revQtUcwm4pEV1kgvvn62rjIw734f9oWX9GBeblCSl lpzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=q24QkMKZO6T4dOo8z/uPgVahsCI2M3nldwxAJ8Cpi0Y=; b=t7KYYMdXBCQiFzORCcuPMUO3tMW1sJCkINdQHuPTd0t3ApTlr5e1qbn6RjyT9lujtK +TfO2urvimfxJP/lkgiIyYvxJaiZpaQ2Odp+pl1/K66RLbYZfhBxVxaGeMq6tP8ju1e4 s4AeIpa/mR2hudG755b9p8zKJ5UQtvAB0A+4x473hz4QTO3CM8R3Au5oDD2KIw/FdpQK ZVRfGv3tC2s8ZSzNpyGoHuZDt1fJC0T4C7S++sVps4o8Igdus1cNFVA1YYnilQyf3pGh y/M1OS25Fd0iS5Xm0u1LeqdXio9W+KuQnUHUjQugUzJ4je3Fc1xZoHXUHiyswPwW+GAU ToYg== X-Gm-Message-State: AOAM532/bC4Rx59OtAmJdeNlA/DsOglwyQWLj+9npLNQ/SrBgplONHCT LziKKND0lOOHalQ0/yLzaikzyJTn5xF3NIGA X-Google-Smtp-Source: ABdhPJw4HoEDexHBBMUv3XZU8fBSAnmUvYtM/53KDfmikkTGWUkMCsOZ+SysTqaaaZvlv5gyrbE1cTAASfH+tBvs X-Received: by 2002:a0c:b895:: with SMTP id y21mr3726762qvf.87.1597426119355; Fri, 14 Aug 2020 10:28:39 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:14 +0200 In-Reply-To: Message-Id: <4691d6019ef00c11007787f5190841b47ba576c4.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 32/35] kasan, arm64: print report from tag fault handler From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132843_397321_970FB558 X-CRM114-Status: GOOD ( 13.90 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:849 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org Add error reporting for hardware tag-based KASAN. When CONFIG_KASAN_HW_TAGS is enabled, print KASAN report from the arm64 tag fault handler. SAS bits aren't set in ESR for all faults reported in EL1, so it's impossible to find out the size of the access the caused the fault. Adapt KASAN reporting code to handle this case. Signed-off-by: Andrey Konovalov --- arch/arm64/mm/fault.c | 9 +++++++++ mm/kasan/report.c | 11 ++++++++--- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c index c62c8ba85c0e..cf00b3942564 100644 --- a/arch/arm64/mm/fault.c +++ b/arch/arm64/mm/fault.c @@ -14,6 +14,7 @@ #include #include #include +#include #include #include #include @@ -314,11 +315,19 @@ static void report_tag_fault(unsigned long addr, unsigned int esr, { bool is_write = ((esr & ESR_ELx_WNR) >> ESR_ELx_WNR_SHIFT) != 0; +#ifdef CONFIG_KASAN_HW_TAGS + /* + * SAS bits aren't set for all faults reported in EL1, so we can't + * find out access size. + */ + kasan_report(addr, 0, is_write, regs->pc); +#else pr_alert("Memory Tagging Extension Fault in %pS\n", (void *)regs->pc); pr_alert(" %s at address %lx\n", is_write ? "Write" : "Read", addr); pr_alert(" Pointer tag: [%02x], memory tag: [%02x]\n", mte_get_ptr_tag(addr), mte_get_mem_tag((void *)addr)); +#endif } static void __do_kernel_fault(unsigned long addr, unsigned int esr, diff --git a/mm/kasan/report.c b/mm/kasan/report.c index c904edab33b8..34ef81736d73 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -65,9 +65,14 @@ static void print_error_description(struct kasan_access_info *info) { pr_err("BUG: KASAN: %s in %pS\n", get_bug_type(info), (void *)info->ip); - pr_err("%s of size %zu at addr %px by task %s/%d\n", - info->is_write ? "Write" : "Read", info->access_size, - info->access_addr, current->comm, task_pid_nr(current)); + if (info->access_size) + pr_err("%s of size %zu at addr %px by task %s/%d\n", + info->is_write ? "Write" : "Read", info->access_size, + info->access_addr, current->comm, task_pid_nr(current)); + else + pr_err("%s at addr %px by task %s/%d\n", + info->is_write ? "Write" : "Read", + info->access_addr, current->comm, task_pid_nr(current)); } static DEFINE_SPINLOCK(report_lock); From patchwork Fri Aug 14 17:27:15 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715111 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id DC6E616B1 for ; Fri, 14 Aug 2020 17:36:56 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id AE5F520768 for ; Fri, 14 Aug 2020 17:36:56 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="WzEpFNH6"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="I7BFJRn9" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org AE5F520768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=lcjaXJNCJJuLHHey063Xqtvd8c0xoVeOdj1yDh4bExI=; b=WzEpFNH6N/3Q4wDdCGBYooIcJ B2zW8p1Y9ZXkD08INZ8LcCf6ZJTNR1H2NS11H2Cul5zxevjmtRbTzqMRAoeSUBvS35zjw/Dw3WSMQ rkk8g/S95KZe5qqtKBb3yurHpKq8Ivr7VqD16ofAkJWM8IRyT2ldIPyTaO/wb/c/MqcSqYgiEeWJq UW99lKT+U7AQBh4TaLR1d7CMetc0fuI/MH8ikCeu1WhJW+tUjfZq80Y1VJ2+XsNwpkUvoLIjPqNoR 3NW1aMVlt2iC0fdhfqAfK59y6V4LGZURn1h91uVlzOCoMzMDTgOUz4+m5N5h/Qki9ICA2RwFhCsLE 4PESDgj+w==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dd1-0000MT-G3; Fri, 14 Aug 2020 17:36:31 +0000 Received: from mail-wr1-x44a.google.com ([2a00:1450:4864:20::44a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dVU-0003nA-Ri for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:57 +0000 Received: by mail-wr1-x44a.google.com with SMTP id t12so3615910wrp.0 for ; Fri, 14 Aug 2020 10:28:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=kJlHQlyHf1HvTYFCcN+LwDe0IIk6i9RqNd5dGciZ6Z0=; b=I7BFJRn9BbumelTeTM7IKHGPfBZcynJd43gIcFrt5XEcvzxy0Wzf8WnsNKaTIax5jr HUvBgUpYNKNWZYu+bURQKRH5n06/cdNWba7CPxSKJgV5qIs+RECFgmKBeRLYIxOLAZCG 1dKItAvdJfm8oSnX6tKqt5qngTIxJJ7zST11LP47f1lDcYJY1GwVjpWIpmjB6qNRDmvb Ch05VqLHv7VZA2+ppDka6QFrspWllhq5h62z64FvDAzfq6S81KVTNScwgvfSyGN56MO2 HR5lZx+yeJC57vDA/Fn4Jf2BN3rzo6Jo4txHmxqoaqx/w6IO/faSFD8SdIfaeg0DU1gH LoNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=kJlHQlyHf1HvTYFCcN+LwDe0IIk6i9RqNd5dGciZ6Z0=; b=XblMqpnHBVGl8tXoOsJqAkBYfygxaSx9zr4nZm7/+YM8jmNQNVd5f0CtLPEJxWLg70 TQEgHvqcJQzypL0AFny6g5rEetWP3DMZ1qOWTyH5Wb+oriKzKkWWCSRGKuw/ggsfOcgt RPIuyEjz96QYA032IJw7w367I/7Cm0+Dlu+kjewaJeVXjEzzAniLbSgLSYuP3343IGz8 hDNauf5WaaXLzAFiXOZtteCRCAROfG7Wi5rasZWgHKzhRAjyr18QHDyHZ+q2WAjJ1Tch zOthB8C/uGUiu0eq13wF0U950kxW577jms22qDo8cvYB6QWo4JfRUsME6iNzaCOlFi4S RM9g== X-Gm-Message-State: AOAM530pnt3mtBea8vmnVw2UD2rUSl8CGR/nLtwWxz1CFOu2mFELMeDJ 9JqbBbd8B3PNNTIZ5X2KOUnKH7JEojfcU/ch X-Google-Smtp-Source: ABdhPJxqdUAPjARnbQ5lX0fWboRK95ldEyr+27Agji2Z4xPsor/NlyQqlIQmOJATBl8+Gaf9vkUxDnSSxUMU/xLW X-Received: by 2002:a1c:2e4e:: with SMTP id u75mr3382777wmu.134.1597426121790; Fri, 14 Aug 2020 10:28:41 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:15 +0200 In-Reply-To: Message-Id: <8384a6b24203b5719ef4f3a0339f740ad3299e9c.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 33/35] kasan, slub: reset tags when accessing metadata From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132844_993633_3487C778 X-CRM114-Status: GOOD ( 17.19 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:44a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org SLUB allocator accesses metadata for slab objects, that may lie out-of-bounds of the object itself, or be accessed when an object is freed. Handle this for Hardware tag-based KASAN by resetting tags when accessing metadata. Hardware tag-based KASAN doesn't rely on metadata_access_disable/enable(), and therefore requires resetting tags in the sections of code guarded by those annotations. Signed-off-by: Andrey Konovalov --- mm/page_poison.c | 2 +- mm/slub.c | 25 ++++++++++++++----------- 2 files changed, 15 insertions(+), 12 deletions(-) diff --git a/mm/page_poison.c b/mm/page_poison.c index 34b9181ee5d1..d90d342a391f 100644 --- a/mm/page_poison.c +++ b/mm/page_poison.c @@ -43,7 +43,7 @@ static void poison_page(struct page *page) /* KASAN still think the page is in-use, so skip it. */ kasan_disable_current(); - memset(addr, PAGE_POISON, PAGE_SIZE); + memset(kasan_reset_tag(addr), PAGE_POISON, PAGE_SIZE); kasan_enable_current(); kunmap_atomic(addr); } diff --git a/mm/slub.c b/mm/slub.c index ef303070d175..a786e1cee095 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -249,7 +249,7 @@ static inline void *freelist_ptr(const struct kmem_cache *s, void *ptr, { #ifdef CONFIG_SLAB_FREELIST_HARDENED /* - * When CONFIG_KASAN_SW_TAGS is enabled, ptr_addr might be tagged. + * When CONFIG_KASAN_SW/HW_TAGS is enabled, ptr_addr might be tagged. * Normally, this doesn't cause any issues, as both set_freepointer() * and get_freepointer() are called with a pointer with the same tag. * However, there are some issues with CONFIG_SLUB_DEBUG code. For @@ -275,6 +275,7 @@ static inline void *freelist_dereference(const struct kmem_cache *s, static inline void *get_freepointer(struct kmem_cache *s, void *object) { + object = kasan_reset_tag(object); return freelist_dereference(s, object + s->offset); } @@ -304,6 +305,7 @@ static inline void set_freepointer(struct kmem_cache *s, void *object, void *fp) BUG_ON(object == fp); /* naive detection of double free or corruption */ #endif + freeptr_addr = (unsigned long)kasan_reset_tag((void *)freeptr_addr); *(void **)freeptr_addr = freelist_ptr(s, fp, freeptr_addr); } @@ -546,8 +548,8 @@ static void print_section(char *level, char *text, u8 *addr, unsigned int length) { metadata_access_enable(); - print_hex_dump(level, text, DUMP_PREFIX_ADDRESS, 16, 1, addr, - length, 1); + print_hex_dump(level, kasan_reset_tag(text), DUMP_PREFIX_ADDRESS, + 16, 1, addr, length, 1); metadata_access_disable(); } @@ -578,7 +580,7 @@ static struct track *get_track(struct kmem_cache *s, void *object, p = object + get_info_end(s); - return p + alloc; + return kasan_reset_tag(p + alloc); } static void set_track(struct kmem_cache *s, void *object, @@ -591,7 +593,8 @@ static void set_track(struct kmem_cache *s, void *object, unsigned int nr_entries; metadata_access_enable(); - nr_entries = stack_trace_save(p->addrs, TRACK_ADDRS_COUNT, 3); + nr_entries = stack_trace_save(kasan_reset_tag(p->addrs), + TRACK_ADDRS_COUNT, 3); metadata_access_disable(); if (nr_entries < TRACK_ADDRS_COUNT) @@ -755,7 +758,7 @@ static __printf(3, 4) void slab_err(struct kmem_cache *s, struct page *page, static void init_object(struct kmem_cache *s, void *object, u8 val) { - u8 *p = object; + u8 *p = kasan_reset_tag(object); if (s->flags & SLAB_RED_ZONE) memset(p - s->red_left_pad, val, s->red_left_pad); @@ -785,7 +788,7 @@ static int check_bytes_and_report(struct kmem_cache *s, struct page *page, u8 *addr = page_address(page); metadata_access_enable(); - fault = memchr_inv(start, value, bytes); + fault = memchr_inv(kasan_reset_tag(start), value, bytes); metadata_access_disable(); if (!fault) return 1; @@ -881,7 +884,7 @@ static int slab_pad_check(struct kmem_cache *s, struct page *page) pad = end - remainder; metadata_access_enable(); - fault = memchr_inv(pad, POISON_INUSE, remainder); + fault = memchr_inv(kasan_reset_tag(pad), POISON_INUSE, remainder); metadata_access_disable(); if (!fault) return 1; @@ -1126,7 +1129,7 @@ void setup_page_debug(struct kmem_cache *s, struct page *page, void *addr) return; metadata_access_enable(); - memset(addr, POISON_INUSE, page_size(page)); + memset(kasan_reset_tag(addr), POISON_INUSE, page_size(page)); metadata_access_disable(); } @@ -2816,10 +2819,10 @@ static __always_inline void *slab_alloc_node(struct kmem_cache *s, stat(s, ALLOC_FASTPATH); } - maybe_wipe_obj_freeptr(s, object); + maybe_wipe_obj_freeptr(s, kasan_reset_tag(object)); if (unlikely(slab_want_init_on_alloc(gfpflags, s)) && object) - memset(object, 0, s->object_size); + memset(kasan_reset_tag(object), 0, s->object_size); slab_post_alloc_hook(s, gfpflags, 1, &object); From patchwork Fri Aug 14 17:27:16 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715121 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 574C5138C for ; Fri, 14 Aug 2020 17:38:05 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 2A90320768 for ; Fri, 14 Aug 2020 17:38:05 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="e9mqeQaw"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="TXhmlUEH" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 2A90320768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=o9cC0Cu7+/oH2GT4HbOczzyPhAtvO6TGlyIyOZM8A5Y=; b=e9mqeQawJRSrsvr11g9O3Clnh KYynLvT3OUosZccwbry/tzLqr+3FRRH8GM5jnWzLCK7wKAe5zyspgN34oB0StfUCUANOLsGMWfELj I0pJhk+A9JhFWiwMNyMoF3rBS/uqi8LvOPzEaHxMQa4YNpAcrP6IpzYpX4PEjJTrNRY+yjU2vS7tc NkWM2hKQ9YRZ0j9bAomCQWYzz8nhO2jRmRLMdSyoyYxSADpnqRH6BvRlAKv6lX7OzMWWXkL4+FEAZ F+WhJbuV9AGGlORvJrWBYJMvw4x+XzR8rG9ufxIkpjAdnSWaZ+z8hR/yfzSX4CJXz6cGUPyuVEkda 10HLV9gEg==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dcy-0000Li-Tg; Fri, 14 Aug 2020 17:36:28 +0000 Received: from mail-wm1-x34a.google.com ([2a00:1450:4864:20::34a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dVX-0003o1-3F for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:56 +0000 Received: by mail-wm1-x34a.google.com with SMTP id i15so3417176wmb.5 for ; Fri, 14 Aug 2020 10:28:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=Pcjdii+vI+eVQZmrwdTthlIVK/0Kn69OYG7nvUYx2MA=; b=TXhmlUEHDRckSGvHoUR2RSs3GBYIjhjy7m4nTmMXexkRfXA10vAJF6k5mECttOVnch kWUNho/tQga+95V9quRaVvU2VA8tG+7jMFVkGyUBQY9IyzZa75akJ7KpZlkAAfAlJYGy 9JReDVTXFMsstYkUaHpGqABQvdI3wJJVIJ0ANXr3yySqFVvp2DHUWCY/Hu7wfxbjH4iN jGJOjRzFpPTo0QeOKwthIK7eGCPn3KUf7vr2zk0qvprLlMAEba02C65//Gs6IkzaUUtj UA7PrI3d/hYvXOSbHNATESa3jeaLrMwpkIfmvpzy3TzaNjRNMnkjbCDxMssa59fC/pMj vfog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=Pcjdii+vI+eVQZmrwdTthlIVK/0Kn69OYG7nvUYx2MA=; b=INwY9wzGCjJ1JgdwoS7mM6qDXO7R4u4oPGjb6vgO0kNRSWvIxE8HnehYP5QT/Jm2K/ JZg9ZyshWkSteDmMwW8UjWL8zNMf7VQmNCVPYnzynqTRVLkhiLdEBo87dBEwXB+qCoyE zhExdaUAUwJALVwjm9M5aXddZUqVh0qsEffcQaC3Y6wErMin8aXAZ7lo7aI0q14+0cHo mJd4tj+03oJCuuumTEwqb1XH1gorKFk2duN3pLSNc0mOL38s6BeF5N+jT5o7OB3Z4Hxm UXyxXAPI4Mdu31NHZLnVV7KsdfYPnbieJM2VHYv4M3pEIj7XJssNQyuyQqaMU6CIVyIf r53A== X-Gm-Message-State: AOAM532ss/+fn/6LoywJC9c7kFA0IHP+cJ4qI8XRl30/E/06tFo44D1Y Q5jBzAwDcJj8JBSt5tOs9zQYNVmwsZOJmrUy X-Google-Smtp-Source: ABdhPJwGtKOUaM9cDXGccXYrlTX/mHgBIiWRUSJFoL3akBtuqei2t6t2Xj/3Q/TY5PmNwmQ5jMza6h7dr+dQTGY+ X-Received: by 2002:a1c:6083:: with SMTP id u125mr3397670wmb.161.1597426123818; Fri, 14 Aug 2020 10:28:43 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:16 +0200 In-Reply-To: Message-Id: <8cea9310fa8d55775ec137e5df4d8bb654bc24fe.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 34/35] kasan, arm64: enable CONFIG_KASAN_HW_TAGS From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132847_343688_3B8B23CA X-CRM114-Status: GOOD ( 11.17 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:34a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org Hardware tag-based KASAN is now ready, enable the configuration option. Signed-off-by: Andrey Konovalov --- arch/arm64/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 70a7880d5145..0d95d8391d0f 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -131,6 +131,7 @@ config ARM64 select HAVE_ARCH_JUMP_LABEL_RELATIVE select HAVE_ARCH_KASAN if !(ARM64_16K_PAGES && ARM64_VA_BITS_48) select HAVE_ARCH_KASAN_SW_TAGS if HAVE_ARCH_KASAN + select HAVE_ARCH_KASAN_HW_TAGS if (HAVE_ARCH_KASAN && ARM64_MTE) select HAVE_ARCH_KGDB select HAVE_ARCH_MMAP_RND_BITS select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT From patchwork Fri Aug 14 17:27:17 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 11715123 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E561116B1 for ; Fri, 14 Aug 2020 17:38:06 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id BD72520768 for ; Fri, 14 Aug 2020 17:38:06 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="WPYaSCZy"; dkim=fail reason="signature verification failed" (2048-bit key) header.d=google.com header.i=@google.com header.b="VpPdM4Kj" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org BD72520768 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:To:From:Subject:References:Mime-Version:Message-Id: In-Reply-To:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=f+PlcU+pcIELl53Xv+N2aDn+6aJQPwEK/qCmpFOwdnY=; b=WPYaSCZyt4uX/cm3Z4skU1yP7 tr3tuENlUs4cyyi7NMAfkGdAWgEissDN4nWp1qoPO/QcAtOwBJ5eGfeaFiwoUDS2nZlzbpBTTZ8Sl VbiEzKsffkMgRA6n1shEML/clF8FCGoIqBm9F4Lqq2dGN5eWGbjMGnXusECGbySyaW37ksDYbMd8w 3AHcgZDNnERA0B3zLR04XFUS9+P8VravXvjDzvTraYe2z/SbtOQHhGYjqxxeVsfxKIpCtBsiZ7amW XAnDIi1z16g6m/U3hsxygHJJM1u2tHNYubsa09w8b46m8hGK8kgn6pP4h0du2c147o1pRkOvNpvQ8 sACXfLdDg==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dd3-0000Mj-Rf; Fri, 14 Aug 2020 17:36:33 +0000 Received: from mail-wr1-x44a.google.com ([2a00:1450:4864:20::44a]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1k6dVZ-0003og-FE for linux-arm-kernel@lists.infradead.org; Fri, 14 Aug 2020 17:28:59 +0000 Received: by mail-wr1-x44a.google.com with SMTP id d6so3592052wrv.23 for ; Fri, 14 Aug 2020 10:28:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=ZNAU/quOyDd65Y8FbbPHdMn2fE8Roa22GmWzXnVDZak=; b=VpPdM4KjSqSmi15WeszefkGFIv0AyTX0aHnAZL6iexBFZD0v86l5iCux6uY1gkgnfs ClcC0AVbghTzetFwaDUUh+9i4JVbBqkuhu4WZ9khBNrrsUUITZMejQr9xUPp8ei9ASJY hzXxWtzTJSqOep3y4/sJXpo1rCCxpmSyQFHS499mnp9fq6JWyWYXZrBn+9atF2VwImqf 5DinyUih8C2eUEjwXAtcahxIh0w0ll0zPTahMEeEY7SmvR59hNooOyoPEOkIS391v3Jx A8HU0xnEe5UoZ8Za37Ia0/M/z9+iYtsR6UANiQw6Sw7vzTXZ591Wf6i7Yc+fdbiCiEq+ TfQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=ZNAU/quOyDd65Y8FbbPHdMn2fE8Roa22GmWzXnVDZak=; b=gae9HtorpEboEx8/YKIQ8n69eZPazQfcMooG5Wl07XVFPzw/AxvEF7NdlZYYxI8sw5 P7mZtGMvnRpmx3A5JCY5IEO4j4IOBTIAji5x/cFFXzKThGl3Wdeyl5bosst9lo5rKKrp oA74gppXXTAYIeCxUydIsJzR+322kcIcTZFwLUDmAlt8nqyNvA4EE1H7Nhfcaq0OcQxv GOTWGvjyruAinJQ7Gw5qzqfqC4ll6mgR9kUN2LpZFD62Jn8hl/sw51oeXwIiS1GgiXhP iI9Nz4Z/U3WwxoZl39/jAOZkr/Gi6A3HJ7y94v1w0437HwazC50RVZU1R7WkpMOrdG8d oJdQ== X-Gm-Message-State: AOAM533iJ9jTQITtD0P5e1jPAEaUvBVJLLrgNlf7kugBPLOr1SF2w8qM rVwmyrhnZ/wiJ4N+mrhY2AozLDpV/8S/iVxZ X-Google-Smtp-Source: ABdhPJwnoFj2TAGCyi9g4boF8m4IogDAYSFYwYDUR8UydD3LEC6RXiTNFFPR4QBOBXysmoVhu+Tx8c3QIXSNDMYM X-Received: by 2002:a1c:f416:: with SMTP id z22mr3308371wma.62.1597426126049; Fri, 14 Aug 2020 10:28:46 -0700 (PDT) Date: Fri, 14 Aug 2020 19:27:17 +0200 In-Reply-To: Message-Id: <5d0f3c0ee55c58ffa9f58bdea6fa6bf4f6f973a4.1597425745.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.28.0.220.ged08abb693-goog Subject: [PATCH 35/35] kasan: add documentation for hardware tag-based mode From: Andrey Konovalov To: Dmitry Vyukov , Vincenzo Frascino , Catalin Marinas , kasan-dev@googlegroups.com X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200814_132849_628648_CFFBE5CD X-CRM114-Status: GOOD ( 18.13 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-7.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:44a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM white-list 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 DKIMWL_WL_MED DKIMwl.org - Medium sender X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Marco Elver , Elena Petrova , Andrey Konovalov , Kevin Brodsky , Will Deacon , Branislav Rankov , linux-kernel@vger.kernel.org, linux-mm@kvack.org, Alexander Potapenko , linux-arm-kernel@lists.infradead.org, Andrey Ryabinin , Andrew Morton , Evgenii Stepanov Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org Add documentation for hardware tag-based KASAN mode and also add some clarifications for software tag-based mode. Signed-off-by: Andrey Konovalov --- Documentation/dev-tools/kasan.rst | 73 +++++++++++++++++++++---------- 1 file changed, 51 insertions(+), 22 deletions(-) diff --git a/Documentation/dev-tools/kasan.rst b/Documentation/dev-tools/kasan.rst index a3030fc6afe5..aeed89d6eaf5 100644 --- a/Documentation/dev-tools/kasan.rst +++ b/Documentation/dev-tools/kasan.rst @@ -5,12 +5,14 @@ Overview -------- KernelAddressSANitizer (KASAN) is a dynamic memory error detector designed to -find out-of-bound and use-after-free bugs. KASAN has two modes: generic KASAN -(similar to userspace ASan) and software tag-based KASAN (similar to userspace -HWASan). +find out-of-bound and use-after-free bugs. KASAN has three modes: +1. generic KASAN (similar to userspace ASan), +2. software tag-based KASAN (similar to userspace HWASan), +3. hardware tag-based KASAN (based on hardware memory tagging). -KASAN uses compile-time instrumentation to insert validity checks before every -memory access, and therefore requires a compiler version that supports that. +Software KASAN modes (1 and 2) use compile-time instrumentation to insert +validity checks before every memory access, and therefore require a compiler +version that supports that. Generic KASAN is supported in both GCC and Clang. With GCC it requires version 8.3.0 or later. With Clang it requires version 7.0.0 or later, but detection of @@ -19,7 +21,7 @@ out-of-bounds accesses for global variables is only supported since Clang 11. Tag-based KASAN is only supported in Clang and requires version 7.0.0 or later. Currently generic KASAN is supported for the x86_64, arm64, xtensa, s390 and -riscv architectures, and tag-based KASAN is supported only for arm64. +riscv architectures, and tag-based KASAN modes are supported only for arm64. Usage ----- @@ -28,14 +30,16 @@ To enable KASAN configure kernel with:: CONFIG_KASAN = y -and choose between CONFIG_KASAN_GENERIC (to enable generic KASAN) and -CONFIG_KASAN_SW_TAGS (to enable software tag-based KASAN). +and choose between CONFIG_KASAN_GENERIC (to enable generic KASAN), +CONFIG_KASAN_SW_TAGS (to enable software tag-based KASAN), and +CONFIG_KASAN_HW_TAGS (to enable hardware tag-based KASAN). -You also need to choose between CONFIG_KASAN_OUTLINE and CONFIG_KASAN_INLINE. -Outline and inline are compiler instrumentation types. The former produces -smaller binary while the latter is 1.1 - 2 times faster. +For software modes, you also need to choose between CONFIG_KASAN_OUTLINE and +CONFIG_KASAN_INLINE. Outline and inline are compiler instrumentation types. +The former produces smaller binary while the latter is 1.1 - 2 times faster. -Both KASAN modes work with both SLUB and SLAB memory allocators. +Both software KASAN modes work with both SLUB and SLAB memory allocators, +hardware tag-based KASAN currently only support SLUB. For better bug detection and nicer reporting, enable CONFIG_STACKTRACE. To augment reports with last allocation and freeing stack of the physical page, @@ -196,17 +200,20 @@ and the second to last. Software tag-based KASAN ~~~~~~~~~~~~~~~~~~~~~~~~ -Tag-based KASAN uses the Top Byte Ignore (TBI) feature of modern arm64 CPUs to -store a pointer tag in the top byte of kernel pointers. Like generic KASAN it -uses shadow memory to store memory tags associated with each 16-byte memory -cell (therefore it dedicates 1/16th of the kernel memory for shadow memory). +Software tag-based KASAN uses the Top Byte Ignore (TBI) feature of modern arm64 +CPUs to store a pointer tag in the top byte of kernel pointers. Like generic +KASAN it uses shadow memory to store memory tags associated with each 16-byte +memory cell (therefore it dedicates 1/16th of the kernel memory for shadow +memory). + +On each memory allocation software tag-based KASAN generates a random tag, tags +the allocated memory with this tag, and embeds this tag into the returned +pointer. -On each memory allocation tag-based KASAN generates a random tag, tags the -allocated memory with this tag, and embeds this tag into the returned pointer. Software tag-based KASAN uses compile-time instrumentation to insert checks before each memory access. These checks make sure that tag of the memory that is being accessed is equal to tag of the pointer that is used to access this -memory. In case of a tag mismatch tag-based KASAN prints a bug report. +memory. In case of a tag mismatch software tag-based KASAN prints a bug report. Software tag-based KASAN also has two instrumentation modes (outline, that emits callbacks to check memory accesses; and inline, that performs the shadow @@ -215,9 +222,31 @@ simply printed from the function that performs the access check. With inline instrumentation a brk instruction is emitted by the compiler, and a dedicated brk handler is used to print bug reports. -A potential expansion of this mode is a hardware tag-based mode, which would -use hardware memory tagging support instead of compiler instrumentation and -manual shadow memory manipulation. +Software tag-based KASAN uses 0xFF as a match-all pointer tag (accesses aren't +checked). + +Software tag-based KASAN currently only supports tagging of slab memory. + +Hardware tag-based KASAN +~~~~~~~~~~~~~~~~~~~~~~~~ + +Hardware tag-based KASAN is similar to the software mode in concept, but uses +hardware memory tagging support instead of compiler instrumentation and +shadow memory. + +Hardware tag-based KASAN is based on both arm64 Memory Tagging Extension (MTE) +introduced in ARMv8.5 Instruction Set Architecture, and Top Byte Ignore (TBI). + +Special arm64 instructions are used to assign memory tags for each allocation. +Same tags are assigned to pointers to those allocations. On every memory +access, hardware makes sure that tag of the memory that is being accessed is +equal to tag of the pointer that is used to access this memory. In case of a +tag mismatch a fault is generated and a report is printed. + +Hardware tag-based KASAN uses 0xFF as a match-all pointer tag (accesses aren't +checked). + +Hardware tag-based KASAN currently only supports tagging of slab memory. What memory accesses are sanitised by KASAN? --------------------------------------------