From patchwork Tue Nov 6 17:30:16 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670901 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BBDCC13BF for ; Tue, 6 Nov 2018 17:30:54 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A2BA02ABC5 for ; Tue, 6 Nov 2018 17:30:54 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9643B2ABD9; Tue, 6 Nov 2018 17:30:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 613562ABC8 for ; Tue, 6 Nov 2018 17:30:53 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A44C26B0351; Tue, 6 Nov 2018 12:30:46 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 8DA256B0354; Tue, 6 Nov 2018 12:30:46 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 68B3B6B0351; Tue, 6 Nov 2018 12:30:46 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by kanga.kvack.org (Postfix) with ESMTP id EA8086B034E for ; Tue, 6 Nov 2018 12:30:45 -0500 (EST) Received: by mail-wm1-f69.google.com with SMTP id y185-v6so10273993wmg.6 for ; Tue, 06 Nov 2018 09:30:45 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=/p1C2en6WkzqyYzwqhfMVjEjLC8W2pVad1SwIjalI/E=; b=ZsR0DO37ebxir+Cr0BMcepomaKytyWALk5x9UIJoajB9TiWdGjByzCe5ZmWyc/qfJL KsPakpkbg6um0xnFf62fItd9o1oI+SOqLD73uFfr54EDIiEPKwoSz5huAPFuDOGmbSbX q50y5X/HlcYvJKiBCR91fy0re1qwBAaUF4jfLyI5UebHZJ5II0SDOuugNi+ZPcc24KJL Rq46Qs95OiXYEOV5KQbFZyx4wai0UEjJRnlbFVNF+Nh/SqKbA5f2lRmSPQNIbyu6q4oR yOt43TfTACtWQ81+/ASXHqhEta7kTCO14LDgVuscRnsGVBkfDEhwi01qz2U306AM24Hv +lww== X-Gm-Message-State: AGRZ1gLgMvVdb+Mhg5/F9YJ+Br/5Mkmhw/cie2OHmZtfaocOAiyUNGbT EDbQSf3bO7xQRXu67vrimPGp7CgcNJDlFwLqqOxBWiO/GBQXM7nIm0EoXoXLNkROpDh6cPk+tt9 Ld8xKX5/1v3m6YQUfcojAYKZDtLZ+naM7OlnZsFzCfuegQ6SibeIgvwBzDDncWLDI08wd4J0FFT d9I8TwxWyRw6snfTDQdG8IWBfyBvYTs28Rin1XSfJCquP7R8slUNWO2HaCnEM0rI9ehooS0l7tF Abpu71lWwUHioiYGW36Pz51vbZ6vkrWA5SuInaA/FnboTP9UctwHA2kIx5U1wJLFJm89WMAziTQ v8+7B1dv7tN+f80D/hJ5ZsO0L9/M0TV8qmyG2xoneFsLTp86bY6FfdTOwle4BbzU8GsDMSg3uQR f X-Received: by 2002:adf:e84e:: with SMTP id d14-v6mr21268478wrn.51.1541525444985; Tue, 06 Nov 2018 09:30:44 -0800 (PST) X-Received: by 2002:adf:e84e:: with SMTP id d14-v6mr21268378wrn.51.1541525443171; Tue, 06 Nov 2018 09:30:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525443; cv=none; d=google.com; s=arc-20160816; b=YmIVOo11hz71UEI+6JKn3xhFvlW8HOyYp6ew3N9lw6XbSvqV9jBP2H1stiMjZcF2o1 +1lMNt8lvfRcQlWgjz7qdZgpaUIUb3EnnVF2GGCNQgpSaFA7ytTlDIvTEAGCDvyd/7az W24MzuwFFy/gaN4DqonQagCVwT1Ktu6eHRSfzanmXhISfLB7GCbIS4f3fmt/fvs1Fnkv 9VwTUzqkVx2b7PfJ0IIur6xwztUeAslrTEzJv9MdwDt7rsvri/mkz5CU3bprU77UGIHT qV2YIhxMAnBtNM1V7FWLUB8Yf7BOdS/S3e0qoIxn9HedEViTPB2ZRUmnBFpetUFlQeCU hkkw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=/p1C2en6WkzqyYzwqhfMVjEjLC8W2pVad1SwIjalI/E=; b=hEUGZS1mfBaqPengOXUW6uyZ9i5onWZJHvv8tuv++MhNxwSANl/sljqMi5roTNWrd+ pE/Q8un5h9h0CqgtypzZxhZHcpMlEgt/zSh3DBxeOJunRC6HUFIGz6DmkslBQ7fUXLhT H1eU/bWpzIUailac1HiF9FWAFQCdEhztpP9xMeF3hQWtrDdm47aT7ALhnrufnG9NQfYU qWf8rQxIgx0BkULbCAKXb3IMPlYbb95LOvjGRf31E7f/em4MCaS2Jd+Ub+9SfR0KjNX3 WWnIIkHZurrgFtG05cJBw+WgA5eCSLI3xPhpES1HZViY5+Ejn/WMJWFOI0y9XztJjZ6w 1H0w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=nyATRpiW; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id r23-v6sor1710167wmh.19.2018.11.06.09.30.42 for (Google Transport Security); Tue, 06 Nov 2018 09:30:43 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=nyATRpiW; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=/p1C2en6WkzqyYzwqhfMVjEjLC8W2pVad1SwIjalI/E=; b=nyATRpiWBqngCu7QjqO4XXK83FQNZsKfFPf57sCtgHvviu7PArkTLdMehdnK7dHHpD 9MxiAaBO4bPn5jc383fEGPwHVoeqd1cUxa3eRgNWOHflu7CQyq6OPT1H9TgdwRQ9PguD vzoksX95HHp9ASrKwM8AFZm1E9S3cfhUxtUSjhWcwW3G0g8aQJJwk+2wS8PGHJDgdKcR VE0ke2Wn47WQYQeWqf7VVhqBrfWhVaGtkYM6I5MbsoMQKVc1GsICbypziDotFiYyoeVs PT9kNAEsF6gWVs8+I4JWnU3Ibc5nzd8GP3VrsxoI7HapbLf/O04EgTyNhCrD4SwpYwUi wPmw== X-Google-Smtp-Source: AJdET5cvicvjmlptbgumfF3UL9OrRHXGli3dXE/sunjhu8/9FdOLTQfSyPlfueW9q0xTTyQWW1eaQQ== X-Received: by 2002:a1c:aacf:: with SMTP id t198-v6mr2902444wme.108.1541525442372; Tue, 06 Nov 2018 09:30:42 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.30.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:30:41 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 01/22] kasan, mm: change hooks signatures Date: Tue, 6 Nov 2018 18:30:16 +0100 Message-Id: X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Tag-based KASAN changes the value of the top byte of pointers returned from the kernel allocation functions (such as kmalloc). This patch updates KASAN hooks signatures and their usage in SLAB and SLUB code to reflect that. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 43 +++++++++++++++++++++++++++++-------------- include/linux/slab.h | 4 ++-- mm/kasan/kasan.c | 30 ++++++++++++++++++------------ mm/slab.c | 12 ++++++------ mm/slab.h | 2 +- mm/slab_common.c | 4 ++-- mm/slub.c | 15 +++++++-------- 7 files changed, 65 insertions(+), 45 deletions(-) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 46aae129917c..52c86a568a4e 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -51,16 +51,16 @@ void kasan_cache_shutdown(struct kmem_cache *cache); void kasan_poison_slab(struct page *page); void kasan_unpoison_object_data(struct kmem_cache *cache, void *object); void kasan_poison_object_data(struct kmem_cache *cache, void *object); -void kasan_init_slab_obj(struct kmem_cache *cache, const void *object); +void *kasan_init_slab_obj(struct kmem_cache *cache, const void *object); -void kasan_kmalloc_large(const void *ptr, size_t size, gfp_t flags); +void *kasan_kmalloc_large(const void *ptr, size_t size, gfp_t flags); void kasan_kfree_large(void *ptr, unsigned long ip); void kasan_poison_kfree(void *ptr, unsigned long ip); -void kasan_kmalloc(struct kmem_cache *s, const void *object, size_t size, +void *kasan_kmalloc(struct kmem_cache *s, const void *object, size_t size, gfp_t flags); -void kasan_krealloc(const void *object, size_t new_size, gfp_t flags); +void *kasan_krealloc(const void *object, size_t new_size, gfp_t flags); -void kasan_slab_alloc(struct kmem_cache *s, void *object, gfp_t flags); +void *kasan_slab_alloc(struct kmem_cache *s, void *object, gfp_t flags); bool kasan_slab_free(struct kmem_cache *s, void *object, unsigned long ip); struct kasan_cache { @@ -105,19 +105,34 @@ static inline void kasan_unpoison_object_data(struct kmem_cache *cache, void *object) {} static inline void kasan_poison_object_data(struct kmem_cache *cache, void *object) {} -static inline void kasan_init_slab_obj(struct kmem_cache *cache, - const void *object) {} +static inline void *kasan_init_slab_obj(struct kmem_cache *cache, + const void *object) +{ + return (void *)object; +} -static inline void kasan_kmalloc_large(void *ptr, size_t size, gfp_t flags) {} +static inline void *kasan_kmalloc_large(void *ptr, size_t size, gfp_t flags) +{ + return ptr; +} static inline void kasan_kfree_large(void *ptr, unsigned long ip) {} static inline void kasan_poison_kfree(void *ptr, unsigned long ip) {} -static inline void kasan_kmalloc(struct kmem_cache *s, const void *object, - size_t size, gfp_t flags) {} -static inline void kasan_krealloc(const void *object, size_t new_size, - gfp_t flags) {} +static inline void *kasan_kmalloc(struct kmem_cache *s, const void *object, + size_t size, gfp_t flags) +{ + return (void *)object; +} +static inline void *kasan_krealloc(const void *object, size_t new_size, + gfp_t flags) +{ + return (void *)object; +} -static inline void kasan_slab_alloc(struct kmem_cache *s, void *object, - gfp_t flags) {} +static inline void *kasan_slab_alloc(struct kmem_cache *s, void *object, + gfp_t flags) +{ + return object; +} static inline bool kasan_slab_free(struct kmem_cache *s, void *object, unsigned long ip) { diff --git a/include/linux/slab.h b/include/linux/slab.h index 918f374e7156..351ac48dabc4 100644 --- a/include/linux/slab.h +++ b/include/linux/slab.h @@ -444,7 +444,7 @@ static __always_inline void *kmem_cache_alloc_trace(struct kmem_cache *s, { void *ret = kmem_cache_alloc(s, flags); - kasan_kmalloc(s, ret, size, flags); + ret = kasan_kmalloc(s, ret, size, flags); return ret; } @@ -455,7 +455,7 @@ kmem_cache_alloc_node_trace(struct kmem_cache *s, { void *ret = kmem_cache_alloc_node(s, gfpflags, node); - kasan_kmalloc(s, ret, size, gfpflags); + ret = kasan_kmalloc(s, ret, size, gfpflags); return ret; } #endif /* CONFIG_TRACING */ diff --git a/mm/kasan/kasan.c b/mm/kasan/kasan.c index c3bd5209da38..55deff17a4d9 100644 --- a/mm/kasan/kasan.c +++ b/mm/kasan/kasan.c @@ -474,20 +474,22 @@ struct kasan_free_meta *get_free_info(struct kmem_cache *cache, return (void *)object + cache->kasan_info.free_meta_offset; } -void kasan_init_slab_obj(struct kmem_cache *cache, const void *object) +void *kasan_init_slab_obj(struct kmem_cache *cache, const void *object) { struct kasan_alloc_meta *alloc_info; if (!(cache->flags & SLAB_KASAN)) - return; + return (void *)object; alloc_info = get_alloc_info(cache, object); __memset(alloc_info, 0, sizeof(*alloc_info)); + + return (void *)object; } -void kasan_slab_alloc(struct kmem_cache *cache, void *object, gfp_t flags) +void *kasan_slab_alloc(struct kmem_cache *cache, void *object, gfp_t flags) { - kasan_kmalloc(cache, object, cache->object_size, flags); + return kasan_kmalloc(cache, object, cache->object_size, flags); } static bool __kasan_slab_free(struct kmem_cache *cache, void *object, @@ -528,7 +530,7 @@ bool kasan_slab_free(struct kmem_cache *cache, void *object, unsigned long ip) return __kasan_slab_free(cache, object, ip, true); } -void kasan_kmalloc(struct kmem_cache *cache, const void *object, size_t size, +void *kasan_kmalloc(struct kmem_cache *cache, const void *object, size_t size, gfp_t flags) { unsigned long redzone_start; @@ -538,7 +540,7 @@ void kasan_kmalloc(struct kmem_cache *cache, const void *object, size_t size, quarantine_reduce(); if (unlikely(object == NULL)) - return; + return NULL; redzone_start = round_up((unsigned long)(object + size), KASAN_SHADOW_SCALE_SIZE); @@ -551,10 +553,12 @@ void kasan_kmalloc(struct kmem_cache *cache, const void *object, size_t size, if (cache->flags & SLAB_KASAN) set_track(&get_alloc_info(cache, object)->alloc_track, flags); + + return (void *)object; } EXPORT_SYMBOL(kasan_kmalloc); -void kasan_kmalloc_large(const void *ptr, size_t size, gfp_t flags) +void *kasan_kmalloc_large(const void *ptr, size_t size, gfp_t flags) { struct page *page; unsigned long redzone_start; @@ -564,7 +568,7 @@ void kasan_kmalloc_large(const void *ptr, size_t size, gfp_t flags) quarantine_reduce(); if (unlikely(ptr == NULL)) - return; + return NULL; page = virt_to_page(ptr); redzone_start = round_up((unsigned long)(ptr + size), @@ -574,21 +578,23 @@ void kasan_kmalloc_large(const void *ptr, size_t size, gfp_t flags) kasan_unpoison_shadow(ptr, size); kasan_poison_shadow((void *)redzone_start, redzone_end - redzone_start, KASAN_PAGE_REDZONE); + + return (void *)ptr; } -void kasan_krealloc(const void *object, size_t size, gfp_t flags) +void *kasan_krealloc(const void *object, size_t size, gfp_t flags) { struct page *page; if (unlikely(object == ZERO_SIZE_PTR)) - return; + return ZERO_SIZE_PTR; page = virt_to_head_page(object); if (unlikely(!PageSlab(page))) - kasan_kmalloc_large(object, size, flags); + return kasan_kmalloc_large(object, size, flags); else - kasan_kmalloc(page->slab_cache, object, size, flags); + return kasan_kmalloc(page->slab_cache, object, size, flags); } void kasan_poison_kfree(void *ptr, unsigned long ip) diff --git a/mm/slab.c b/mm/slab.c index 2a5654bb3b3f..26f60a22e5e0 100644 --- a/mm/slab.c +++ b/mm/slab.c @@ -3551,7 +3551,7 @@ void *kmem_cache_alloc(struct kmem_cache *cachep, gfp_t flags) { void *ret = slab_alloc(cachep, flags, _RET_IP_); - kasan_slab_alloc(cachep, ret, flags); + ret = kasan_slab_alloc(cachep, ret, flags); trace_kmem_cache_alloc(_RET_IP_, ret, cachep->object_size, cachep->size, flags); @@ -3617,7 +3617,7 @@ kmem_cache_alloc_trace(struct kmem_cache *cachep, gfp_t flags, size_t size) ret = slab_alloc(cachep, flags, _RET_IP_); - kasan_kmalloc(cachep, ret, size, flags); + ret = kasan_kmalloc(cachep, ret, size, flags); trace_kmalloc(_RET_IP_, ret, size, cachep->size, flags); return ret; @@ -3641,7 +3641,7 @@ void *kmem_cache_alloc_node(struct kmem_cache *cachep, gfp_t flags, int nodeid) { void *ret = slab_alloc_node(cachep, flags, nodeid, _RET_IP_); - kasan_slab_alloc(cachep, ret, flags); + ret = kasan_slab_alloc(cachep, ret, flags); trace_kmem_cache_alloc_node(_RET_IP_, ret, cachep->object_size, cachep->size, flags, nodeid); @@ -3660,7 +3660,7 @@ void *kmem_cache_alloc_node_trace(struct kmem_cache *cachep, ret = slab_alloc_node(cachep, flags, nodeid, _RET_IP_); - kasan_kmalloc(cachep, ret, size, flags); + ret = kasan_kmalloc(cachep, ret, size, flags); trace_kmalloc_node(_RET_IP_, ret, size, cachep->size, flags, nodeid); @@ -3681,7 +3681,7 @@ __do_kmalloc_node(size_t size, gfp_t flags, int node, unsigned long caller) if (unlikely(ZERO_OR_NULL_PTR(cachep))) return cachep; ret = kmem_cache_alloc_node_trace(cachep, flags, node, size); - kasan_kmalloc(cachep, ret, size, flags); + ret = kasan_kmalloc(cachep, ret, size, flags); return ret; } @@ -3719,7 +3719,7 @@ static __always_inline void *__do_kmalloc(size_t size, gfp_t flags, return cachep; ret = slab_alloc(cachep, flags, caller); - kasan_kmalloc(cachep, ret, size, flags); + ret = kasan_kmalloc(cachep, ret, size, flags); trace_kmalloc(caller, ret, size, cachep->size, flags); diff --git a/mm/slab.h b/mm/slab.h index 58c6c1c2a78e..4190c24ef0e9 100644 --- a/mm/slab.h +++ b/mm/slab.h @@ -441,7 +441,7 @@ static inline void slab_post_alloc_hook(struct kmem_cache *s, gfp_t flags, kmemleak_alloc_recursive(object, s->object_size, 1, s->flags, flags); - kasan_slab_alloc(s, object, flags); + p[i] = kasan_slab_alloc(s, object, flags); } if (memcg_kmem_enabled()) diff --git a/mm/slab_common.c b/mm/slab_common.c index 7eb8dc136c1c..5f3504e26d4c 100644 --- a/mm/slab_common.c +++ b/mm/slab_common.c @@ -1204,7 +1204,7 @@ void *kmalloc_order(size_t size, gfp_t flags, unsigned int order) page = alloc_pages(flags, order); ret = page ? page_address(page) : NULL; kmemleak_alloc(ret, size, 1, flags); - kasan_kmalloc_large(ret, size, flags); + ret = kasan_kmalloc_large(ret, size, flags); return ret; } EXPORT_SYMBOL(kmalloc_order); @@ -1482,7 +1482,7 @@ static __always_inline void *__do_krealloc(const void *p, size_t new_size, ks = ksize(p); if (ks >= new_size) { - kasan_krealloc((void *)p, new_size, flags); + p = kasan_krealloc((void *)p, new_size, flags); return (void *)p; } diff --git a/mm/slub.c b/mm/slub.c index e3629cd7aff1..fdd4a86aa882 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -1372,10 +1372,10 @@ static inline void dec_slabs_node(struct kmem_cache *s, int node, * Hooks for other subsystems that check memory allocations. In a typical * production configuration these hooks all should produce no code at all. */ -static inline void kmalloc_large_node_hook(void *ptr, size_t size, gfp_t flags) +static inline void *kmalloc_large_node_hook(void *ptr, size_t size, gfp_t flags) { kmemleak_alloc(ptr, size, 1, flags); - kasan_kmalloc_large(ptr, size, flags); + return kasan_kmalloc_large(ptr, size, flags); } static __always_inline void kfree_hook(void *x) @@ -2768,7 +2768,7 @@ void *kmem_cache_alloc_trace(struct kmem_cache *s, gfp_t gfpflags, size_t size) { void *ret = slab_alloc(s, gfpflags, _RET_IP_); trace_kmalloc(_RET_IP_, ret, size, s->size, gfpflags); - kasan_kmalloc(s, ret, size, gfpflags); + ret = kasan_kmalloc(s, ret, size, gfpflags); return ret; } EXPORT_SYMBOL(kmem_cache_alloc_trace); @@ -2796,7 +2796,7 @@ void *kmem_cache_alloc_node_trace(struct kmem_cache *s, trace_kmalloc_node(_RET_IP_, ret, size, s->size, gfpflags, node); - kasan_kmalloc(s, ret, size, gfpflags); + ret = kasan_kmalloc(s, ret, size, gfpflags); return ret; } EXPORT_SYMBOL(kmem_cache_alloc_node_trace); @@ -3784,7 +3784,7 @@ void *__kmalloc(size_t size, gfp_t flags) trace_kmalloc(_RET_IP_, ret, size, s->size, flags); - kasan_kmalloc(s, ret, size, flags); + ret = kasan_kmalloc(s, ret, size, flags); return ret; } @@ -3801,8 +3801,7 @@ static void *kmalloc_large_node(size_t size, gfp_t flags, int node) if (page) ptr = page_address(page); - kmalloc_large_node_hook(ptr, size, flags); - return ptr; + return kmalloc_large_node_hook(ptr, size, flags); } void *__kmalloc_node(size_t size, gfp_t flags, int node) @@ -3829,7 +3828,7 @@ void *__kmalloc_node(size_t size, gfp_t flags, int node) trace_kmalloc_node(_RET_IP_, ret, size, s->size, flags, node); - kasan_kmalloc(s, ret, size, flags); + ret = kasan_kmalloc(s, ret, size, flags); return ret; } From patchwork Tue Nov 6 17:30:17 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670895 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BEC591803 for ; Tue, 6 Nov 2018 17:30:50 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A55912ABB5 for ; Tue, 6 Nov 2018 17:30:50 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 990562AB89; Tue, 6 Nov 2018 17:30:50 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 44A672AB89 for ; Tue, 6 Nov 2018 17:30:50 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7D4736B034F; Tue, 6 Nov 2018 12:30:46 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 7795C6B0353; Tue, 6 Nov 2018 12:30:46 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5F5C86B0352; Tue, 6 Nov 2018 12:30:46 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by kanga.kvack.org (Postfix) with ESMTP id EB8036B034F for ; Tue, 6 Nov 2018 12:30:45 -0500 (EST) Received: by mail-wm1-f70.google.com with SMTP id j124-v6so11417744wmd.4 for ; Tue, 06 Nov 2018 09:30:45 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=bOEKal8RBRTtWSpTxNA94ZGJWCyGRWdgsr1BoKcGe9Y=; b=tz/7Ye3DT49MtZmt2C5c9qpfCVvkihTCcTvDnIaHlGgejVlnULEUiqF+lnTwndzfBC FtgNiKF1Pj1StsVPN0CMBqtM0k1SCILbtiBsPab3xA7WqwBg/554mM4Js5Nxwka40/R0 ZwRCHlRClwAw06yn4wBLNE/kuC/OWg4MdX664nxd1O5D308teAi9JdivcrdT1E2cViK4 zTBLr/yGYPrqLMWBU4ejGaVDCcqXH90PvfJwrcjcYxuiuIGc5K0egXhNVfUs5NamI5Vd L8upyDkM8yeZgaaoAIqipVb95m8pdDRNOAYXluwR5FjDgHvH1IQ/T95r6lXbf/5wiSmA 2u3g== X-Gm-Message-State: AGRZ1gL8vuhnAi+b/3H0HbcpKDJEds/M8hKPM7dGkmkljdSAbrwuIjPR n2jqXj7NQCppu0j+TX29M9O4cK3UymWikvZqfqGjYOK6EOsAf0KNQwnwD6tV3wXqc9sxOg6LA38 DZ3Hc3RJuh2IJXxg8R266apyR+7kenm1sCVmj1H/vSfKdpBQiWoN4SBMqIL9oZXMPtP6s5aNPL2 QwxiTM6iaMxL5XuIQSwG8//shb65Ojtr1pFZy0SLRjcmKVfZUwHXXa9uZ/1qzs9nziVi/+91kAu YyPLSM1d12WCY4GhEz4qBiqUlxUDtIknIB50zNQPfCjBNlOckDmSDCHEMhkS7Y7ZyQ4TpPU8Izr kblt4pD5xmBQdt09eGmRAhO5UnGRvWW1SMTpk15iXqg6x7LdeI2SAq6i1XDVzEQL3b1zcJO3i4X 8 X-Received: by 2002:a1c:4407:: with SMTP id r7-v6mr2815536wma.16.1541525445476; Tue, 06 Nov 2018 09:30:45 -0800 (PST) X-Received: by 2002:a1c:4407:: with SMTP id r7-v6mr2815487wma.16.1541525444528; Tue, 06 Nov 2018 09:30:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525444; cv=none; d=google.com; s=arc-20160816; b=yzZUtvAs3Zi8j19OiS14BDwu/W3hpPrTSPWw5cm+m1RxgSohmlXtv9w0AAP0sUgi4l G80GYyv+DN6FndCLvvuk9QrKv8b9V0TapEpy3qLQ/A57q+ir+BcVI53reSu2yg2dJ7zh lMvTo5gb8WDoyyZNOvaO2L3Ya+KPJ9AGkXaTx7UWH03tflc26GgHQgvsDLMlQN2Hw4dg j8ixzePhKu38JMjTLW0SCX6tiV70TnepuMzY128SgS9Ux6q4N1b4deewZ6T5zU4jrnOQ 21nDnnDOO01NClOP7mnRUPM/KKTkOIafyph5Ghq3BrFAm+b8HjW7QI6OXAXkVZWcRrEt m6WA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=bOEKal8RBRTtWSpTxNA94ZGJWCyGRWdgsr1BoKcGe9Y=; b=0gSw8Is72q/CzgYBV4vB2Jw0m4FMf5hgn7CxmS4DgA7uYXT00jjEL9SPlHWcx/qBQA jDD2NLcfI16WkAiMe0Pt1I0z58UVv3u28b6SiNI8Uhwt5Pe+WtKE7ekhyfK9ZXfUjL9U OJVWPSXM/TXAkq5xaauZJLHlVsBjrYnLW3MZXeyVhF+wa3EBiO1mNbI4Ay+p169YMUNw 8gqu8NheFnaRHqGLI2RWtShRbToP7LsN6fb/fkPVAbGffePdaxkJgiyfl3AsYeZ8pJnF 4TZjRvNTZZEHhUEa/0fLuHAYde+a1AhKekTtUCbsHncWkbk7DYRup73GOFS308NMLiep ENtA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Y+JaKNNg; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id k140-v6sor1680147wmd.25.2018.11.06.09.30.44 for (Google Transport Security); Tue, 06 Nov 2018 09:30:44 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Y+JaKNNg; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=bOEKal8RBRTtWSpTxNA94ZGJWCyGRWdgsr1BoKcGe9Y=; b=Y+JaKNNgXBgr6Jwh77JFn54Ud9LeC25orGV/QEwMUJVZJOpZMlBYwv++U+CYCLelPU vj0qUgYsRe3ImvGiWtzR0lfkqoNrpLrIeBHcuByNoVKslQJ9vxAUJSnYAr0poPt78I7D mWqMTMtiao+3C5hZyPLfjow9DWPjGjEwY2dy7x8MPT46QXCjUDa+fOuywqKiokAeQM1j qgoRzxOd08r7H/xMb2tEYutlTFK3SS/4M8LhMUTq2wa29hMVBvGFDu5SYN5Z0r+gF0mW rRw9MzJ+cNMEN8kqmxC1y7d0T7MalzIruz+SoiVY1SLeX4wVbktJFPzOHahQPV5d7jBd pxBQ== X-Google-Smtp-Source: AJdET5dBD0E5xJ40vEso8U5nzyUsyOPliGVN3y8L7pt7/Ig65473+BQawanYnU0kxpouZIDmv1Cubw== X-Received: by 2002:a1c:2dd0:: with SMTP id t199-v6mr2801475wmt.50.1541525444008; Tue, 06 Nov 2018 09:30:44 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.30.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:30:43 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 02/22] kasan, slub: handle pointer tags in early_kmem_cache_node_alloc Date: Tue, 6 Nov 2018 18:30:17 +0100 Message-Id: <76e40ec9137224352051f1e3ebcd8e8ee95044e1.1541525354.git.andreyknvl@google.com> X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The previous patch updated KASAN hooks signatures and their usage in SLAB and SLUB code, except for the early_kmem_cache_node_alloc function. This patch handles that function separately, as it requires to reorder some of the initialization code to correctly propagate a tagged pointer in case a tag is assigned by kasan_kmalloc. Signed-off-by: Andrey Konovalov --- mm/slub.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/mm/slub.c b/mm/slub.c index fdd4a86aa882..8561a32910dd 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -3364,16 +3364,16 @@ static void early_kmem_cache_node_alloc(int node) n = page->freelist; BUG_ON(!n); - page->freelist = get_freepointer(kmem_cache_node, n); - page->inuse = 1; - page->frozen = 0; - kmem_cache_node->node[node] = n; #ifdef CONFIG_SLUB_DEBUG init_object(kmem_cache_node, n, SLUB_RED_ACTIVE); init_tracking(kmem_cache_node, n); #endif - kasan_kmalloc(kmem_cache_node, n, sizeof(struct kmem_cache_node), + n = kasan_kmalloc(kmem_cache_node, n, sizeof(struct kmem_cache_node), GFP_KERNEL); + page->freelist = get_freepointer(kmem_cache_node, n); + page->inuse = 1; + page->frozen = 0; + kmem_cache_node->node[node] = n; init_kmem_cache_node(n); inc_slabs_node(kmem_cache_node, node, page->objects); From patchwork Tue Nov 6 17:30:18 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670917 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3874A13BF for ; Tue, 6 Nov 2018 17:31:02 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 223512AB90 for ; Tue, 6 Nov 2018 17:31:02 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 132BF2ABBE; Tue, 6 Nov 2018 17:31:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D4DAD2AB91 for ; Tue, 6 Nov 2018 17:30:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 68F5F6B0353; Tue, 6 Nov 2018 12:30:50 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 645526B0355; Tue, 6 Nov 2018 12:30:50 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4DED86B0356; Tue, 6 Nov 2018 12:30:50 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by kanga.kvack.org (Postfix) with ESMTP id BAD3B6B0353 for ; Tue, 6 Nov 2018 12:30:49 -0500 (EST) Received: by mail-wm1-f70.google.com with SMTP id a126-v6so10354529wmf.4 for ; Tue, 06 Nov 2018 09:30:49 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=Jrl6Iz5NCriLdz7XOIU1jTj0/A3oQyv/lSX00RAUH3Q=; b=BMRV4+n7mMRyddjGxuwUzT4Q6Byqkvx549VXyD8hp8toX0EU9sBv6lHPzoTitR2kC1 B4cyDb7Ts/6GO0Bi0OYw6Tzo3UMqA4hHoMg+t8TQBVhQm6IwsohfhIxvzKDb1gVDj54V abviPhVvPuGTjAUMmBzxJRQXW4b21t6GtiqdrOqVEigetZJo1zVP9B7BVZhVUBBhMqPJ 5Imtv2emTUppQshe/Qd6rt6eq0vOBQzmfWTaJANkFazQfkXk+wSoNu8pPLi+p85eyY5C Xccbz4kzbRdxrEmlr5xbgmpAEOLpFIRtC5yFWq7+IH/NbSHVirLVpmh1kpZzLQDZ1OhR beAQ== X-Gm-Message-State: AGRZ1gIxZxmfi1COL8RbmFLNf51ByrjoeNXCGGJ/dV81PT0V8fwBXNt2 q9rdOy8Ypgi8xWWECH3OkY758F9hwF67O4Qc5mKw4q2SZ0dzJFf3HqpeU5S83O8Tb6dyNNqoogi rDVw7z/NY2HCN883yvKKdJmRUQWFa2QZYMXUC4PIt4q3CiKvISPtUTLlWmPrFhBp15Xz4pIh6pY xboD8/rNl+qFe4E54JuHzH2Q33F6Pf0giyck3VleBCZqYO1kXmDy2Cs1jfd0cxevmY4i4GAxeGp kEduvQQdo7SY5H5kJvuZRVSDuMQTgHWm6fOjB1XEXZ6GHZ2NQqzHip79lwXjvl0+aJn8/yFPTbM ZB0/QuWYADgBNL6RlJVd1mu8yownG2fL9tIdDI15PaGmiwlF2UbDY5FfzBJMZe+sV98MD/Cbsy4 T X-Received: by 2002:a5d:4a11:: with SMTP id m17-v6mr20132791wrq.259.1541525449184; Tue, 06 Nov 2018 09:30:49 -0800 (PST) X-Received: by 2002:a5d:4a11:: with SMTP id m17-v6mr20132663wrq.259.1541525446897; Tue, 06 Nov 2018 09:30:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525446; cv=none; d=google.com; s=arc-20160816; b=hQ9yzXrgNRHGcM91vfebG/Mr6N9TH6sUH9b2fVnqKMnN+zzmVN3jmZ/XyEW72eqjI7 nkWqh4JG0Z0CXPiySV+VYe33kzmoKyviH1H5a+50aLJWg37zKEoekh1rPi0JF4B/9MDk m8yovCPp3VgYWJVJfXiWLCqq8WQi1lyO/62YzgkJr+BVhffl+A7priY2rvuwpzIhoaXX umXbqgWFZvAmmKOjKaR1fKalP3QofsHsNaxphDOgftGuZLyK5nTj7D3qjhNaFNjqfvro coqySPk5Zg92K9hEOD4IhAPop39sZc0Cs4K03xWvOKLKsAP9LfhqiAaV6kFw0KKsxmQH IXCA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=Jrl6Iz5NCriLdz7XOIU1jTj0/A3oQyv/lSX00RAUH3Q=; b=x5q3UzA6ekyuqQiZQms0OYT60+CVTYWc6qid1jUWDuha447VsjzHtHm9iowHALWoiC tHnpXBhHDzdiDs8pgtu3cRjc8YQjS96q2gbuQ+j4POeWoE/U0yAA7OgMG1Co+iUFKjZg OYB6WKlLEbBmTpikJsyzpY6jnz+cDSL66e+L+pH2qufbvunShY0HcNdhOKPJuWD0mogM mhfSQCMwS4JJu3R43hde6aPwmLi4sScvRd9fRhc6wFp3iGGHyMlYJoXBJsLxWzbp4ti/ pFGw3SW+4xl8PuDTmS/h3/T9mU16XazqhEgkG+HKkWQzhuUv69Mwh4KOGL0yo9XF4u5L YVOQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=NWNiXRt1; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id s15-v6sor30460738wrn.35.2018.11.06.09.30.46 for (Google Transport Security); Tue, 06 Nov 2018 09:30:46 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=NWNiXRt1; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Jrl6Iz5NCriLdz7XOIU1jTj0/A3oQyv/lSX00RAUH3Q=; b=NWNiXRt1Ux5THpX0L7pcX/ZViA2r5zT6Kxy5RWhRIC9u16ixfY5JQJ6YhG8xZDVbpH roiu8neyB2Gjp1NPtSzfJh+k9LE8Tjqc3pMcowKAEpaztNrw2f8OD07oxq8r+kK5p5H4 RID8L+R2lSNxLDCNlbemLCJLmNbbnwIQvqC+Ws90EtjfzN40tF96IpTYv2YoglztRP0J mqdQGjt0q2fvWCw786KxomhUDrK8cr/W4rUHBlqAh7mSb1ufYUv+ewwocaPC7wT8r4yb JI5GhhOmdWFnozPE1sYnrbZejwo6e1DdjyrmlbdZaxXOffy1Z5LEoedIk6r/Vh/NpE97 wkPg== X-Google-Smtp-Source: AJdET5fp9v51PqZ2CzbwGPv8lnMr9AENQJH8+pX0neAYJxsUkwdQkH4stqPZGiON7CnvcnlsQ8JzyA== X-Received: by 2002:a5d:4cc6:: with SMTP id c6-v6mr2013340wrt.75.1541525445797; Tue, 06 Nov 2018 09:30:45 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.30.44 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:30:44 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 03/22] kasan: move common generic and tag-based code to common.c Date: Tue, 6 Nov 2018 18:30:18 +0100 Message-Id: X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Tag-based KASAN reuses a significant part of the generic KASAN code, so move the common parts to common.c without any functional changes. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- mm/kasan/Makefile | 5 +- mm/kasan/common.c | 603 ++++++++++++++++++++++++++++++++++++++++++++++ mm/kasan/kasan.c | 570 +------------------------------------------ mm/kasan/kasan.h | 5 + 4 files changed, 614 insertions(+), 569 deletions(-) create mode 100644 mm/kasan/common.c diff --git a/mm/kasan/Makefile b/mm/kasan/Makefile index 3289db38bc87..a6df14bffb6b 100644 --- a/mm/kasan/Makefile +++ b/mm/kasan/Makefile @@ -1,11 +1,14 @@ # SPDX-License-Identifier: GPL-2.0 KASAN_SANITIZE := n +UBSAN_SANITIZE_common.o := n UBSAN_SANITIZE_kasan.o := n KCOV_INSTRUMENT := n CFLAGS_REMOVE_kasan.o = -pg # Function splitter causes unnecessary splits in __asan_load1/__asan_store1 # see: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63533 + +CFLAGS_common.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector) CFLAGS_kasan.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector) -obj-y := kasan.o report.o kasan_init.o quarantine.o +obj-y := common.o kasan.o report.o kasan_init.o quarantine.o diff --git a/mm/kasan/common.c b/mm/kasan/common.c new file mode 100644 index 000000000000..5f68c93734ba --- /dev/null +++ b/mm/kasan/common.c @@ -0,0 +1,603 @@ +/* + * This file contains common generic and tag-based KASAN code. + * + * Copyright (c) 2014 Samsung Electronics Co., Ltd. + * Author: Andrey Ryabinin + * + * Some code borrowed from https://github.com/xairy/kasan-prototype by + * Andrey Konovalov + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "kasan.h" +#include "../slab.h" + +static inline int in_irqentry_text(unsigned long ptr) +{ + return (ptr >= (unsigned long)&__irqentry_text_start && + ptr < (unsigned long)&__irqentry_text_end) || + (ptr >= (unsigned long)&__softirqentry_text_start && + ptr < (unsigned long)&__softirqentry_text_end); +} + +static inline void filter_irq_stacks(struct stack_trace *trace) +{ + int i; + + if (!trace->nr_entries) + return; + for (i = 0; i < trace->nr_entries; i++) + if (in_irqentry_text(trace->entries[i])) { + /* Include the irqentry function into the stack. */ + trace->nr_entries = i + 1; + break; + } +} + +static inline depot_stack_handle_t save_stack(gfp_t flags) +{ + unsigned long entries[KASAN_STACK_DEPTH]; + struct stack_trace trace = { + .nr_entries = 0, + .entries = entries, + .max_entries = KASAN_STACK_DEPTH, + .skip = 0 + }; + + save_stack_trace(&trace); + filter_irq_stacks(&trace); + if (trace.nr_entries != 0 && + trace.entries[trace.nr_entries-1] == ULONG_MAX) + trace.nr_entries--; + + return depot_save_stack(&trace, flags); +} + +static inline void set_track(struct kasan_track *track, gfp_t flags) +{ + track->pid = current->pid; + track->stack = save_stack(flags); +} + +void kasan_enable_current(void) +{ + current->kasan_depth++; +} + +void kasan_disable_current(void) +{ + current->kasan_depth--; +} + +void kasan_check_read(const volatile void *p, unsigned int size) +{ + check_memory_region((unsigned long)p, size, false, _RET_IP_); +} +EXPORT_SYMBOL(kasan_check_read); + +void kasan_check_write(const volatile void *p, unsigned int size) +{ + check_memory_region((unsigned long)p, size, true, _RET_IP_); +} +EXPORT_SYMBOL(kasan_check_write); + +#undef memset +void *memset(void *addr, int c, size_t len) +{ + check_memory_region((unsigned long)addr, len, true, _RET_IP_); + + return __memset(addr, c, len); +} + +#undef memmove +void *memmove(void *dest, const void *src, size_t len) +{ + check_memory_region((unsigned long)src, len, false, _RET_IP_); + check_memory_region((unsigned long)dest, len, true, _RET_IP_); + + return __memmove(dest, src, len); +} + +#undef memcpy +void *memcpy(void *dest, const void *src, size_t len) +{ + check_memory_region((unsigned long)src, len, false, _RET_IP_); + check_memory_region((unsigned long)dest, len, true, _RET_IP_); + + return __memcpy(dest, src, len); +} + +/* + * Poisons the shadow memory for 'size' bytes starting from 'addr'. + * Memory addresses should be aligned to KASAN_SHADOW_SCALE_SIZE. + */ +void kasan_poison_shadow(const void *address, size_t size, u8 value) +{ + void *shadow_start, *shadow_end; + + shadow_start = kasan_mem_to_shadow(address); + shadow_end = kasan_mem_to_shadow(address + size); + + __memset(shadow_start, value, shadow_end - shadow_start); +} + +void kasan_unpoison_shadow(const void *address, size_t size) +{ + kasan_poison_shadow(address, size, 0); + + if (size & KASAN_SHADOW_MASK) { + u8 *shadow = (u8 *)kasan_mem_to_shadow(address + size); + *shadow = size & KASAN_SHADOW_MASK; + } +} + +static void __kasan_unpoison_stack(struct task_struct *task, const void *sp) +{ + void *base = task_stack_page(task); + size_t size = sp - base; + + kasan_unpoison_shadow(base, size); +} + +/* Unpoison the entire stack for a task. */ +void kasan_unpoison_task_stack(struct task_struct *task) +{ + __kasan_unpoison_stack(task, task_stack_page(task) + THREAD_SIZE); +} + +/* Unpoison the stack for the current task beyond a watermark sp value. */ +asmlinkage void kasan_unpoison_task_stack_below(const void *watermark) +{ + /* + * Calculate the task stack base address. Avoid using 'current' + * because this function is called by early resume code which hasn't + * yet set up the percpu register (%gs). + */ + void *base = (void *)((unsigned long)watermark & ~(THREAD_SIZE - 1)); + + kasan_unpoison_shadow(base, watermark - base); +} + +/* + * Clear all poison for the region between the current SP and a provided + * watermark value, as is sometimes required prior to hand-crafted asm function + * returns in the middle of functions. + */ +void kasan_unpoison_stack_above_sp_to(const void *watermark) +{ + const void *sp = __builtin_frame_address(0); + size_t size = watermark - sp; + + if (WARN_ON(sp > watermark)) + return; + kasan_unpoison_shadow(sp, size); +} + +void kasan_alloc_pages(struct page *page, unsigned int order) +{ + if (likely(!PageHighMem(page))) + kasan_unpoison_shadow(page_address(page), PAGE_SIZE << order); +} + +void kasan_free_pages(struct page *page, unsigned int order) +{ + if (likely(!PageHighMem(page))) + kasan_poison_shadow(page_address(page), + PAGE_SIZE << order, + KASAN_FREE_PAGE); +} + +/* + * Adaptive redzone policy taken from the userspace AddressSanitizer runtime. + * For larger allocations larger redzones are used. + */ +static inline unsigned int optimal_redzone(unsigned int object_size) +{ + return + object_size <= 64 - 16 ? 16 : + object_size <= 128 - 32 ? 32 : + object_size <= 512 - 64 ? 64 : + object_size <= 4096 - 128 ? 128 : + object_size <= (1 << 14) - 256 ? 256 : + object_size <= (1 << 15) - 512 ? 512 : + object_size <= (1 << 16) - 1024 ? 1024 : 2048; +} + +void kasan_cache_create(struct kmem_cache *cache, unsigned int *size, + slab_flags_t *flags) +{ + unsigned int orig_size = *size; + int redzone_adjust; + + /* Add alloc meta. */ + cache->kasan_info.alloc_meta_offset = *size; + *size += sizeof(struct kasan_alloc_meta); + + /* Add free meta. */ + if (cache->flags & SLAB_TYPESAFE_BY_RCU || cache->ctor || + cache->object_size < sizeof(struct kasan_free_meta)) { + cache->kasan_info.free_meta_offset = *size; + *size += sizeof(struct kasan_free_meta); + } + redzone_adjust = optimal_redzone(cache->object_size) - + (*size - cache->object_size); + + if (redzone_adjust > 0) + *size += redzone_adjust; + + *size = min_t(unsigned int, KMALLOC_MAX_SIZE, + max(*size, cache->object_size + + optimal_redzone(cache->object_size))); + + /* + * If the metadata doesn't fit, don't enable KASAN at all. + */ + if (*size <= cache->kasan_info.alloc_meta_offset || + *size <= cache->kasan_info.free_meta_offset) { + cache->kasan_info.alloc_meta_offset = 0; + cache->kasan_info.free_meta_offset = 0; + *size = orig_size; + return; + } + + *flags |= SLAB_KASAN; +} + +size_t kasan_metadata_size(struct kmem_cache *cache) +{ + return (cache->kasan_info.alloc_meta_offset ? + sizeof(struct kasan_alloc_meta) : 0) + + (cache->kasan_info.free_meta_offset ? + sizeof(struct kasan_free_meta) : 0); +} + +struct kasan_alloc_meta *get_alloc_info(struct kmem_cache *cache, + const void *object) +{ + BUILD_BUG_ON(sizeof(struct kasan_alloc_meta) > 32); + return (void *)object + cache->kasan_info.alloc_meta_offset; +} + +struct kasan_free_meta *get_free_info(struct kmem_cache *cache, + const void *object) +{ + BUILD_BUG_ON(sizeof(struct kasan_free_meta) > 32); + return (void *)object + cache->kasan_info.free_meta_offset; +} + +void kasan_poison_slab(struct page *page) +{ + kasan_poison_shadow(page_address(page), + PAGE_SIZE << compound_order(page), + KASAN_KMALLOC_REDZONE); +} + +void kasan_unpoison_object_data(struct kmem_cache *cache, void *object) +{ + kasan_unpoison_shadow(object, cache->object_size); +} + +void kasan_poison_object_data(struct kmem_cache *cache, void *object) +{ + kasan_poison_shadow(object, + round_up(cache->object_size, KASAN_SHADOW_SCALE_SIZE), + KASAN_KMALLOC_REDZONE); +} + +void *kasan_init_slab_obj(struct kmem_cache *cache, const void *object) +{ + struct kasan_alloc_meta *alloc_info; + + if (!(cache->flags & SLAB_KASAN)) + return (void *)object; + + alloc_info = get_alloc_info(cache, object); + __memset(alloc_info, 0, sizeof(*alloc_info)); + + return (void *)object; +} + +void *kasan_slab_alloc(struct kmem_cache *cache, void *object, gfp_t flags) +{ + return kasan_kmalloc(cache, object, cache->object_size, flags); +} + +static bool __kasan_slab_free(struct kmem_cache *cache, void *object, + unsigned long ip, bool quarantine) +{ + s8 shadow_byte; + unsigned long rounded_up_size; + + if (unlikely(nearest_obj(cache, virt_to_head_page(object), object) != + object)) { + kasan_report_invalid_free(object, ip); + return true; + } + + /* RCU slabs could be legally used after free within the RCU period */ + if (unlikely(cache->flags & SLAB_TYPESAFE_BY_RCU)) + return false; + + shadow_byte = READ_ONCE(*(s8 *)kasan_mem_to_shadow(object)); + if (shadow_byte < 0 || shadow_byte >= KASAN_SHADOW_SCALE_SIZE) { + kasan_report_invalid_free(object, ip); + return true; + } + + rounded_up_size = round_up(cache->object_size, KASAN_SHADOW_SCALE_SIZE); + kasan_poison_shadow(object, rounded_up_size, KASAN_KMALLOC_FREE); + + if (!quarantine || unlikely(!(cache->flags & SLAB_KASAN))) + return false; + + set_track(&get_alloc_info(cache, object)->free_track, GFP_NOWAIT); + quarantine_put(get_free_info(cache, object), cache); + return true; +} + +bool kasan_slab_free(struct kmem_cache *cache, void *object, unsigned long ip) +{ + return __kasan_slab_free(cache, object, ip, true); +} + +void *kasan_kmalloc(struct kmem_cache *cache, const void *object, size_t size, + gfp_t flags) +{ + unsigned long redzone_start; + unsigned long redzone_end; + + if (gfpflags_allow_blocking(flags)) + quarantine_reduce(); + + if (unlikely(object == NULL)) + return NULL; + + redzone_start = round_up((unsigned long)(object + size), + KASAN_SHADOW_SCALE_SIZE); + redzone_end = round_up((unsigned long)object + cache->object_size, + KASAN_SHADOW_SCALE_SIZE); + + kasan_unpoison_shadow(object, size); + kasan_poison_shadow((void *)redzone_start, redzone_end - redzone_start, + KASAN_KMALLOC_REDZONE); + + if (cache->flags & SLAB_KASAN) + set_track(&get_alloc_info(cache, object)->alloc_track, flags); + + return (void *)object; +} +EXPORT_SYMBOL(kasan_kmalloc); + +void *kasan_kmalloc_large(const void *ptr, size_t size, gfp_t flags) +{ + struct page *page; + unsigned long redzone_start; + unsigned long redzone_end; + + if (gfpflags_allow_blocking(flags)) + quarantine_reduce(); + + if (unlikely(ptr == NULL)) + return NULL; + + page = virt_to_page(ptr); + redzone_start = round_up((unsigned long)(ptr + size), + KASAN_SHADOW_SCALE_SIZE); + redzone_end = (unsigned long)ptr + (PAGE_SIZE << compound_order(page)); + + kasan_unpoison_shadow(ptr, size); + kasan_poison_shadow((void *)redzone_start, redzone_end - redzone_start, + KASAN_PAGE_REDZONE); + + return (void *)ptr; +} + +void *kasan_krealloc(const void *object, size_t size, gfp_t flags) +{ + struct page *page; + + if (unlikely(object == ZERO_SIZE_PTR)) + return (void *)object; + + page = virt_to_head_page(object); + + if (unlikely(!PageSlab(page))) + return kasan_kmalloc_large(object, size, flags); + else + return kasan_kmalloc(page->slab_cache, object, size, flags); +} + +void kasan_poison_kfree(void *ptr, unsigned long ip) +{ + struct page *page; + + page = virt_to_head_page(ptr); + + if (unlikely(!PageSlab(page))) { + if (ptr != page_address(page)) { + kasan_report_invalid_free(ptr, ip); + return; + } + kasan_poison_shadow(ptr, PAGE_SIZE << compound_order(page), + KASAN_FREE_PAGE); + } else { + __kasan_slab_free(page->slab_cache, ptr, ip, false); + } +} + +void kasan_kfree_large(void *ptr, unsigned long ip) +{ + if (ptr != page_address(virt_to_head_page(ptr))) + kasan_report_invalid_free(ptr, ip); + /* The object will be poisoned by page_alloc. */ +} + +int kasan_module_alloc(void *addr, size_t size) +{ + void *ret; + size_t scaled_size; + size_t shadow_size; + unsigned long shadow_start; + + shadow_start = (unsigned long)kasan_mem_to_shadow(addr); + scaled_size = (size + KASAN_SHADOW_MASK) >> KASAN_SHADOW_SCALE_SHIFT; + shadow_size = round_up(scaled_size, PAGE_SIZE); + + if (WARN_ON(!PAGE_ALIGNED(shadow_start))) + return -EINVAL; + + ret = __vmalloc_node_range(shadow_size, 1, shadow_start, + shadow_start + shadow_size, + GFP_KERNEL | __GFP_ZERO, + PAGE_KERNEL, VM_NO_GUARD, NUMA_NO_NODE, + __builtin_return_address(0)); + + if (ret) { + find_vm_area(addr)->flags |= VM_KASAN; + kmemleak_ignore(ret); + return 0; + } + + return -ENOMEM; +} + +void kasan_free_shadow(const struct vm_struct *vm) +{ + if (vm->flags & VM_KASAN) + vfree(kasan_mem_to_shadow(vm->addr)); +} + +#ifdef CONFIG_MEMORY_HOTPLUG +static bool shadow_mapped(unsigned long addr) +{ + pgd_t *pgd = pgd_offset_k(addr); + p4d_t *p4d; + pud_t *pud; + pmd_t *pmd; + pte_t *pte; + + if (pgd_none(*pgd)) + return false; + p4d = p4d_offset(pgd, addr); + if (p4d_none(*p4d)) + return false; + pud = pud_offset(p4d, addr); + if (pud_none(*pud)) + return false; + + /* + * We can't use pud_large() or pud_huge(), the first one is + * arch-specific, the last one depends on HUGETLB_PAGE. So let's abuse + * pud_bad(), if pud is bad then it's bad because it's huge. + */ + if (pud_bad(*pud)) + return true; + pmd = pmd_offset(pud, addr); + if (pmd_none(*pmd)) + return false; + + if (pmd_bad(*pmd)) + return true; + pte = pte_offset_kernel(pmd, addr); + return !pte_none(*pte); +} + +static int __meminit kasan_mem_notifier(struct notifier_block *nb, + unsigned long action, void *data) +{ + struct memory_notify *mem_data = data; + unsigned long nr_shadow_pages, start_kaddr, shadow_start; + unsigned long shadow_end, shadow_size; + + nr_shadow_pages = mem_data->nr_pages >> KASAN_SHADOW_SCALE_SHIFT; + start_kaddr = (unsigned long)pfn_to_kaddr(mem_data->start_pfn); + shadow_start = (unsigned long)kasan_mem_to_shadow((void *)start_kaddr); + shadow_size = nr_shadow_pages << PAGE_SHIFT; + shadow_end = shadow_start + shadow_size; + + if (WARN_ON(mem_data->nr_pages % KASAN_SHADOW_SCALE_SIZE) || + WARN_ON(start_kaddr % (KASAN_SHADOW_SCALE_SIZE << PAGE_SHIFT))) + return NOTIFY_BAD; + + switch (action) { + case MEM_GOING_ONLINE: { + void *ret; + + /* + * If shadow is mapped already than it must have been mapped + * during the boot. This could happen if we onlining previously + * offlined memory. + */ + if (shadow_mapped(shadow_start)) + return NOTIFY_OK; + + ret = __vmalloc_node_range(shadow_size, PAGE_SIZE, shadow_start, + shadow_end, GFP_KERNEL, + PAGE_KERNEL, VM_NO_GUARD, + pfn_to_nid(mem_data->start_pfn), + __builtin_return_address(0)); + if (!ret) + return NOTIFY_BAD; + + kmemleak_ignore(ret); + return NOTIFY_OK; + } + case MEM_CANCEL_ONLINE: + case MEM_OFFLINE: { + struct vm_struct *vm; + + /* + * shadow_start was either mapped during boot by kasan_init() + * or during memory online by __vmalloc_node_range(). + * In the latter case we can use vfree() to free shadow. + * Non-NULL result of the find_vm_area() will tell us if + * that was the second case. + * + * Currently it's not possible to free shadow mapped + * during boot by kasan_init(). It's because the code + * to do that hasn't been written yet. So we'll just + * leak the memory. + */ + vm = find_vm_area((void *)shadow_start); + if (vm) + vfree((void *)shadow_start); + } + } + + return NOTIFY_OK; +} + +static int __init kasan_memhotplug_init(void) +{ + hotplug_memory_notifier(kasan_mem_notifier, 0); + + return 0; +} + +core_initcall(kasan_memhotplug_init); +#endif diff --git a/mm/kasan/kasan.c b/mm/kasan/kasan.c index 55deff17a4d9..44ec228de0a2 100644 --- a/mm/kasan/kasan.c +++ b/mm/kasan/kasan.c @@ -1,5 +1,5 @@ /* - * This file contains shadow memory manipulation code. + * This file contains core KASAN code. * * Copyright (c) 2014 Samsung Electronics Co., Ltd. * Author: Andrey Ryabinin @@ -40,82 +40,6 @@ #include "kasan.h" #include "../slab.h" -void kasan_enable_current(void) -{ - current->kasan_depth++; -} - -void kasan_disable_current(void) -{ - current->kasan_depth--; -} - -/* - * Poisons the shadow memory for 'size' bytes starting from 'addr'. - * Memory addresses should be aligned to KASAN_SHADOW_SCALE_SIZE. - */ -static void kasan_poison_shadow(const void *address, size_t size, u8 value) -{ - void *shadow_start, *shadow_end; - - shadow_start = kasan_mem_to_shadow(address); - shadow_end = kasan_mem_to_shadow(address + size); - - memset(shadow_start, value, shadow_end - shadow_start); -} - -void kasan_unpoison_shadow(const void *address, size_t size) -{ - kasan_poison_shadow(address, size, 0); - - if (size & KASAN_SHADOW_MASK) { - u8 *shadow = (u8 *)kasan_mem_to_shadow(address + size); - *shadow = size & KASAN_SHADOW_MASK; - } -} - -static void __kasan_unpoison_stack(struct task_struct *task, const void *sp) -{ - void *base = task_stack_page(task); - size_t size = sp - base; - - kasan_unpoison_shadow(base, size); -} - -/* Unpoison the entire stack for a task. */ -void kasan_unpoison_task_stack(struct task_struct *task) -{ - __kasan_unpoison_stack(task, task_stack_page(task) + THREAD_SIZE); -} - -/* Unpoison the stack for the current task beyond a watermark sp value. */ -asmlinkage void kasan_unpoison_task_stack_below(const void *watermark) -{ - /* - * Calculate the task stack base address. Avoid using 'current' - * because this function is called by early resume code which hasn't - * yet set up the percpu register (%gs). - */ - void *base = (void *)((unsigned long)watermark & ~(THREAD_SIZE - 1)); - - kasan_unpoison_shadow(base, watermark - base); -} - -/* - * Clear all poison for the region between the current SP and a provided - * watermark value, as is sometimes required prior to hand-crafted asm function - * returns in the middle of functions. - */ -void kasan_unpoison_stack_above_sp_to(const void *watermark) -{ - const void *sp = __builtin_frame_address(0); - size_t size = watermark - sp; - - if (WARN_ON(sp > watermark)) - return; - kasan_unpoison_shadow(sp, size); -} - /* * All functions below always inlined so compiler could * perform better optimizations in each of __asan_loadX/__assn_storeX @@ -260,121 +184,12 @@ static __always_inline void check_memory_region_inline(unsigned long addr, kasan_report(addr, size, write, ret_ip); } -static void check_memory_region(unsigned long addr, - size_t size, bool write, +void check_memory_region(unsigned long addr, size_t size, bool write, unsigned long ret_ip) { check_memory_region_inline(addr, size, write, ret_ip); } -void kasan_check_read(const volatile void *p, unsigned int size) -{ - check_memory_region((unsigned long)p, size, false, _RET_IP_); -} -EXPORT_SYMBOL(kasan_check_read); - -void kasan_check_write(const volatile void *p, unsigned int size) -{ - check_memory_region((unsigned long)p, size, true, _RET_IP_); -} -EXPORT_SYMBOL(kasan_check_write); - -#undef memset -void *memset(void *addr, int c, size_t len) -{ - check_memory_region((unsigned long)addr, len, true, _RET_IP_); - - return __memset(addr, c, len); -} - -#undef memmove -void *memmove(void *dest, const void *src, size_t len) -{ - check_memory_region((unsigned long)src, len, false, _RET_IP_); - check_memory_region((unsigned long)dest, len, true, _RET_IP_); - - return __memmove(dest, src, len); -} - -#undef memcpy -void *memcpy(void *dest, const void *src, size_t len) -{ - check_memory_region((unsigned long)src, len, false, _RET_IP_); - check_memory_region((unsigned long)dest, len, true, _RET_IP_); - - return __memcpy(dest, src, len); -} - -void kasan_alloc_pages(struct page *page, unsigned int order) -{ - if (likely(!PageHighMem(page))) - kasan_unpoison_shadow(page_address(page), PAGE_SIZE << order); -} - -void kasan_free_pages(struct page *page, unsigned int order) -{ - if (likely(!PageHighMem(page))) - kasan_poison_shadow(page_address(page), - PAGE_SIZE << order, - KASAN_FREE_PAGE); -} - -/* - * Adaptive redzone policy taken from the userspace AddressSanitizer runtime. - * For larger allocations larger redzones are used. - */ -static unsigned int optimal_redzone(unsigned int object_size) -{ - return - object_size <= 64 - 16 ? 16 : - object_size <= 128 - 32 ? 32 : - object_size <= 512 - 64 ? 64 : - object_size <= 4096 - 128 ? 128 : - object_size <= (1 << 14) - 256 ? 256 : - object_size <= (1 << 15) - 512 ? 512 : - object_size <= (1 << 16) - 1024 ? 1024 : 2048; -} - -void kasan_cache_create(struct kmem_cache *cache, unsigned int *size, - slab_flags_t *flags) -{ - unsigned int orig_size = *size; - int redzone_adjust; - - /* Add alloc meta. */ - cache->kasan_info.alloc_meta_offset = *size; - *size += sizeof(struct kasan_alloc_meta); - - /* Add free meta. */ - if (cache->flags & SLAB_TYPESAFE_BY_RCU || cache->ctor || - cache->object_size < sizeof(struct kasan_free_meta)) { - cache->kasan_info.free_meta_offset = *size; - *size += sizeof(struct kasan_free_meta); - } - redzone_adjust = optimal_redzone(cache->object_size) - - (*size - cache->object_size); - - if (redzone_adjust > 0) - *size += redzone_adjust; - - *size = min_t(unsigned int, KMALLOC_MAX_SIZE, - max(*size, cache->object_size + - optimal_redzone(cache->object_size))); - - /* - * If the metadata doesn't fit, don't enable KASAN at all. - */ - if (*size <= cache->kasan_info.alloc_meta_offset || - *size <= cache->kasan_info.free_meta_offset) { - cache->kasan_info.alloc_meta_offset = 0; - cache->kasan_info.free_meta_offset = 0; - *size = orig_size; - return; - } - - *flags |= SLAB_KASAN; -} - void kasan_cache_shrink(struct kmem_cache *cache) { quarantine_remove_cache(cache); @@ -386,277 +201,6 @@ void kasan_cache_shutdown(struct kmem_cache *cache) quarantine_remove_cache(cache); } -size_t kasan_metadata_size(struct kmem_cache *cache) -{ - return (cache->kasan_info.alloc_meta_offset ? - sizeof(struct kasan_alloc_meta) : 0) + - (cache->kasan_info.free_meta_offset ? - sizeof(struct kasan_free_meta) : 0); -} - -void kasan_poison_slab(struct page *page) -{ - kasan_poison_shadow(page_address(page), - PAGE_SIZE << compound_order(page), - KASAN_KMALLOC_REDZONE); -} - -void kasan_unpoison_object_data(struct kmem_cache *cache, void *object) -{ - kasan_unpoison_shadow(object, cache->object_size); -} - -void kasan_poison_object_data(struct kmem_cache *cache, void *object) -{ - kasan_poison_shadow(object, - round_up(cache->object_size, KASAN_SHADOW_SCALE_SIZE), - KASAN_KMALLOC_REDZONE); -} - -static inline int in_irqentry_text(unsigned long ptr) -{ - return (ptr >= (unsigned long)&__irqentry_text_start && - ptr < (unsigned long)&__irqentry_text_end) || - (ptr >= (unsigned long)&__softirqentry_text_start && - ptr < (unsigned long)&__softirqentry_text_end); -} - -static inline void filter_irq_stacks(struct stack_trace *trace) -{ - int i; - - if (!trace->nr_entries) - return; - for (i = 0; i < trace->nr_entries; i++) - if (in_irqentry_text(trace->entries[i])) { - /* Include the irqentry function into the stack. */ - trace->nr_entries = i + 1; - break; - } -} - -static inline depot_stack_handle_t save_stack(gfp_t flags) -{ - unsigned long entries[KASAN_STACK_DEPTH]; - struct stack_trace trace = { - .nr_entries = 0, - .entries = entries, - .max_entries = KASAN_STACK_DEPTH, - .skip = 0 - }; - - save_stack_trace(&trace); - filter_irq_stacks(&trace); - if (trace.nr_entries != 0 && - trace.entries[trace.nr_entries-1] == ULONG_MAX) - trace.nr_entries--; - - return depot_save_stack(&trace, flags); -} - -static inline void set_track(struct kasan_track *track, gfp_t flags) -{ - track->pid = current->pid; - track->stack = save_stack(flags); -} - -struct kasan_alloc_meta *get_alloc_info(struct kmem_cache *cache, - const void *object) -{ - BUILD_BUG_ON(sizeof(struct kasan_alloc_meta) > 32); - return (void *)object + cache->kasan_info.alloc_meta_offset; -} - -struct kasan_free_meta *get_free_info(struct kmem_cache *cache, - const void *object) -{ - BUILD_BUG_ON(sizeof(struct kasan_free_meta) > 32); - return (void *)object + cache->kasan_info.free_meta_offset; -} - -void *kasan_init_slab_obj(struct kmem_cache *cache, const void *object) -{ - struct kasan_alloc_meta *alloc_info; - - if (!(cache->flags & SLAB_KASAN)) - return (void *)object; - - alloc_info = get_alloc_info(cache, object); - __memset(alloc_info, 0, sizeof(*alloc_info)); - - return (void *)object; -} - -void *kasan_slab_alloc(struct kmem_cache *cache, void *object, gfp_t flags) -{ - return kasan_kmalloc(cache, object, cache->object_size, flags); -} - -static bool __kasan_slab_free(struct kmem_cache *cache, void *object, - unsigned long ip, bool quarantine) -{ - s8 shadow_byte; - unsigned long rounded_up_size; - - if (unlikely(nearest_obj(cache, virt_to_head_page(object), object) != - object)) { - kasan_report_invalid_free(object, ip); - return true; - } - - /* RCU slabs could be legally used after free within the RCU period */ - if (unlikely(cache->flags & SLAB_TYPESAFE_BY_RCU)) - return false; - - shadow_byte = READ_ONCE(*(s8 *)kasan_mem_to_shadow(object)); - if (shadow_byte < 0 || shadow_byte >= KASAN_SHADOW_SCALE_SIZE) { - kasan_report_invalid_free(object, ip); - return true; - } - - rounded_up_size = round_up(cache->object_size, KASAN_SHADOW_SCALE_SIZE); - kasan_poison_shadow(object, rounded_up_size, KASAN_KMALLOC_FREE); - - if (!quarantine || unlikely(!(cache->flags & SLAB_KASAN))) - return false; - - set_track(&get_alloc_info(cache, object)->free_track, GFP_NOWAIT); - quarantine_put(get_free_info(cache, object), cache); - return true; -} - -bool kasan_slab_free(struct kmem_cache *cache, void *object, unsigned long ip) -{ - return __kasan_slab_free(cache, object, ip, true); -} - -void *kasan_kmalloc(struct kmem_cache *cache, const void *object, size_t size, - gfp_t flags) -{ - unsigned long redzone_start; - unsigned long redzone_end; - - if (gfpflags_allow_blocking(flags)) - quarantine_reduce(); - - if (unlikely(object == NULL)) - return NULL; - - redzone_start = round_up((unsigned long)(object + size), - KASAN_SHADOW_SCALE_SIZE); - redzone_end = round_up((unsigned long)object + cache->object_size, - KASAN_SHADOW_SCALE_SIZE); - - kasan_unpoison_shadow(object, size); - kasan_poison_shadow((void *)redzone_start, redzone_end - redzone_start, - KASAN_KMALLOC_REDZONE); - - if (cache->flags & SLAB_KASAN) - set_track(&get_alloc_info(cache, object)->alloc_track, flags); - - return (void *)object; -} -EXPORT_SYMBOL(kasan_kmalloc); - -void *kasan_kmalloc_large(const void *ptr, size_t size, gfp_t flags) -{ - struct page *page; - unsigned long redzone_start; - unsigned long redzone_end; - - if (gfpflags_allow_blocking(flags)) - quarantine_reduce(); - - if (unlikely(ptr == NULL)) - return NULL; - - page = virt_to_page(ptr); - redzone_start = round_up((unsigned long)(ptr + size), - KASAN_SHADOW_SCALE_SIZE); - redzone_end = (unsigned long)ptr + (PAGE_SIZE << compound_order(page)); - - kasan_unpoison_shadow(ptr, size); - kasan_poison_shadow((void *)redzone_start, redzone_end - redzone_start, - KASAN_PAGE_REDZONE); - - return (void *)ptr; -} - -void *kasan_krealloc(const void *object, size_t size, gfp_t flags) -{ - struct page *page; - - if (unlikely(object == ZERO_SIZE_PTR)) - return ZERO_SIZE_PTR; - - page = virt_to_head_page(object); - - if (unlikely(!PageSlab(page))) - return kasan_kmalloc_large(object, size, flags); - else - return kasan_kmalloc(page->slab_cache, object, size, flags); -} - -void kasan_poison_kfree(void *ptr, unsigned long ip) -{ - struct page *page; - - page = virt_to_head_page(ptr); - - if (unlikely(!PageSlab(page))) { - if (ptr != page_address(page)) { - kasan_report_invalid_free(ptr, ip); - return; - } - kasan_poison_shadow(ptr, PAGE_SIZE << compound_order(page), - KASAN_FREE_PAGE); - } else { - __kasan_slab_free(page->slab_cache, ptr, ip, false); - } -} - -void kasan_kfree_large(void *ptr, unsigned long ip) -{ - if (ptr != page_address(virt_to_head_page(ptr))) - kasan_report_invalid_free(ptr, ip); - /* The object will be poisoned by page_alloc. */ -} - -int kasan_module_alloc(void *addr, size_t size) -{ - void *ret; - size_t scaled_size; - size_t shadow_size; - unsigned long shadow_start; - - shadow_start = (unsigned long)kasan_mem_to_shadow(addr); - scaled_size = (size + KASAN_SHADOW_MASK) >> KASAN_SHADOW_SCALE_SHIFT; - shadow_size = round_up(scaled_size, PAGE_SIZE); - - if (WARN_ON(!PAGE_ALIGNED(shadow_start))) - return -EINVAL; - - ret = __vmalloc_node_range(shadow_size, 1, shadow_start, - shadow_start + shadow_size, - GFP_KERNEL | __GFP_ZERO, - PAGE_KERNEL, VM_NO_GUARD, NUMA_NO_NODE, - __builtin_return_address(0)); - - if (ret) { - find_vm_area(addr)->flags |= VM_KASAN; - kmemleak_ignore(ret); - return 0; - } - - return -ENOMEM; -} - -void kasan_free_shadow(const struct vm_struct *vm) -{ - if (vm->flags & VM_KASAN) - vfree(kasan_mem_to_shadow(vm->addr)); -} - static void register_global(struct kasan_global *global) { size_t aligned_size = round_up(global->size, KASAN_SHADOW_SCALE_SIZE); @@ -797,113 +341,3 @@ DEFINE_ASAN_SET_SHADOW(f2); DEFINE_ASAN_SET_SHADOW(f3); DEFINE_ASAN_SET_SHADOW(f5); DEFINE_ASAN_SET_SHADOW(f8); - -#ifdef CONFIG_MEMORY_HOTPLUG -static bool shadow_mapped(unsigned long addr) -{ - pgd_t *pgd = pgd_offset_k(addr); - p4d_t *p4d; - pud_t *pud; - pmd_t *pmd; - pte_t *pte; - - if (pgd_none(*pgd)) - return false; - p4d = p4d_offset(pgd, addr); - if (p4d_none(*p4d)) - return false; - pud = pud_offset(p4d, addr); - if (pud_none(*pud)) - return false; - - /* - * We can't use pud_large() or pud_huge(), the first one is - * arch-specific, the last one depends on HUGETLB_PAGE. So let's abuse - * pud_bad(), if pud is bad then it's bad because it's huge. - */ - if (pud_bad(*pud)) - return true; - pmd = pmd_offset(pud, addr); - if (pmd_none(*pmd)) - return false; - - if (pmd_bad(*pmd)) - return true; - pte = pte_offset_kernel(pmd, addr); - return !pte_none(*pte); -} - -static int __meminit kasan_mem_notifier(struct notifier_block *nb, - unsigned long action, void *data) -{ - struct memory_notify *mem_data = data; - unsigned long nr_shadow_pages, start_kaddr, shadow_start; - unsigned long shadow_end, shadow_size; - - nr_shadow_pages = mem_data->nr_pages >> KASAN_SHADOW_SCALE_SHIFT; - start_kaddr = (unsigned long)pfn_to_kaddr(mem_data->start_pfn); - shadow_start = (unsigned long)kasan_mem_to_shadow((void *)start_kaddr); - shadow_size = nr_shadow_pages << PAGE_SHIFT; - shadow_end = shadow_start + shadow_size; - - if (WARN_ON(mem_data->nr_pages % KASAN_SHADOW_SCALE_SIZE) || - WARN_ON(start_kaddr % (KASAN_SHADOW_SCALE_SIZE << PAGE_SHIFT))) - return NOTIFY_BAD; - - switch (action) { - case MEM_GOING_ONLINE: { - void *ret; - - /* - * If shadow is mapped already than it must have been mapped - * during the boot. This could happen if we onlining previously - * offlined memory. - */ - if (shadow_mapped(shadow_start)) - return NOTIFY_OK; - - ret = __vmalloc_node_range(shadow_size, PAGE_SIZE, shadow_start, - shadow_end, GFP_KERNEL, - PAGE_KERNEL, VM_NO_GUARD, - pfn_to_nid(mem_data->start_pfn), - __builtin_return_address(0)); - if (!ret) - return NOTIFY_BAD; - - kmemleak_ignore(ret); - return NOTIFY_OK; - } - case MEM_CANCEL_ONLINE: - case MEM_OFFLINE: { - struct vm_struct *vm; - - /* - * shadow_start was either mapped during boot by kasan_init() - * or during memory online by __vmalloc_node_range(). - * In the latter case we can use vfree() to free shadow. - * Non-NULL result of the find_vm_area() will tell us if - * that was the second case. - * - * Currently it's not possible to free shadow mapped - * during boot by kasan_init(). It's because the code - * to do that hasn't been written yet. So we'll just - * leak the memory. - */ - vm = find_vm_area((void *)shadow_start); - if (vm) - vfree((void *)shadow_start); - } - } - - return NOTIFY_OK; -} - -static int __init kasan_memhotplug_init(void) -{ - hotplug_memory_notifier(kasan_mem_notifier, 0); - - return 0; -} - -core_initcall(kasan_memhotplug_init); -#endif diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index c12dcfde2ebd..659463800f10 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -105,6 +105,11 @@ static inline const void *kasan_shadow_to_mem(const void *shadow_addr) << KASAN_SHADOW_SCALE_SHIFT); } +void kasan_poison_shadow(const void *address, size_t size, u8 value); + +void check_memory_region(unsigned long addr, size_t size, bool write, + unsigned long ret_ip); + void kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip); void kasan_report_invalid_free(void *object, unsigned long ip); From patchwork Tue Nov 6 17:30:19 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670907 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0611B1803 for ; Tue, 6 Nov 2018 17:30:57 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E3F1B2ABA2 for ; Tue, 6 Nov 2018 17:30:56 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D354A2AB87; Tue, 6 Nov 2018 17:30:56 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4F4C12ABB2 for ; Tue, 6 Nov 2018 17:30:56 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CC0426B0354; Tue, 6 Nov 2018 12:30:49 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id C0E876B0356; Tue, 6 Nov 2018 12:30:49 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A5FBB6B0355; Tue, 6 Nov 2018 12:30:49 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by kanga.kvack.org (Postfix) with ESMTP id 497B46B0353 for ; Tue, 6 Nov 2018 12:30:49 -0500 (EST) Received: by mail-wm1-f70.google.com with SMTP id d8-v6so9911665wmb.5 for ; Tue, 06 Nov 2018 09:30:49 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=uFXbDXBBL0TkI32ZOkP12VFoaipD/tLiCoQgwqz5odA=; b=A3OUV0VC/ZfV6csLOenMpRveoEMjIalaZaEkbsbfHJBLUsWc2AoTBe0wC9S+tF+E0O lRB7bDT5Guv8N/PpQtRInZwHu3qDjyNXr1Gpn0g7FaMRIWLzo+WLCBR/fkzx/2PRgp/i 3fMXEPN0UDZLfHT0px4Q9LxSWM4VHDCoaZPIb0RcklF79ot3ZL8H1NAwLwD6PZUceWY4 J9CAQIQ07cJkKeKs/DuVDk5v+q9UciTTyzxS8VQB5G5o5fjiypNLIVvguxyGsL4bsbdo 6h+UmVTmJY9NbW/VEuimrYl6/mzQgLnrLjK/728cSQr7IdlG7P6Zzb3QxbSGvZOCjyNw b+Fw== X-Gm-Message-State: AGRZ1gKmN4ON1GTWA/NO1btxwyBOYEFVywd5DH9sI5cTv95FJVNg5jEj 6RAYmzF4OwM5YYIO2aV8IEsTEHd5d5voZzuvL7azSNOnbzu9ZduDbMiiaXYvK9Zzia3E8AI/LY+ V6694oJj3fjFo73+CkLRAlgbs9T08aTlfX2w9Xtek9pqLxEohcgBcnC1yUG+wh8OJkTnTm/efa2 fEZ3CD8LCAHwrqU/8yljSk9+vNcjcW73MA7LOIyPtj9BxE+LC1WZsGwRGBJsSjkFFlurBV6TWCG ekiz3guDgSyFwWo/Ta1PduobDMUSbmfrXYIfbBqd9eTQrVZzPsoeuH6HtWklj3/FCnRuhdAA+Pt rouXo0Pt7BsPDGXFy6U4bq2EtNSKECHIutOMWDL0fipwKRuUAPPsjRKHOfH0hoR+5Ni7YvcFnav w X-Received: by 2002:adf:dc0d:: with SMTP id t13-v6mr9731763wri.107.1541525448845; Tue, 06 Nov 2018 09:30:48 -0800 (PST) X-Received: by 2002:adf:dc0d:: with SMTP id t13-v6mr9731719wri.107.1541525448054; Tue, 06 Nov 2018 09:30:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525448; cv=none; d=google.com; s=arc-20160816; b=sS8j3//jasOeKlI/Fe7x5/hSwE5nNIxYlpTqF6Ri8v55yQP+1uAbYUmHtCVactG0Rt Bs7coocvLvqmZIX/ek8ffCUgvNtpNjMQtgAuVRSZjFC47YmRkHSc/KA2Whw8yuzcPQlZ fmLIJqmLyhfwD872uBSFwM8Eq1Qgkxa94IwlUdttQodXnGAizjWA9FkJ3uoIpbKgTKi1 nNF1HLfZN8N55iCudNxLl9S4w17G5JIi+JzV6UbDnLJAa1OFsZrOQy0iFPKbrSr2SbRM HhR92pGiv/SXcXsIxJMWzoG82cXj2HAxTAT+TW8PfRLzmL1jYEZNY+Cp9Nli/qfYERXn AOvg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=uFXbDXBBL0TkI32ZOkP12VFoaipD/tLiCoQgwqz5odA=; b=suzMkKjZT0GrVGblQ0Gejaxdn1A18RoOS4YCUesobIh8/gTfLnijiG5DA8z5ChBKwm mEDK41wfoEX6Vq6f4UfyWai+uRXzaR3OqDQidLxh2VRUbjzUWeU8pTJUvNAIV27XeE50 hdjbYDKQLtIEKbXl2W+x3jSqujUk/o6XgWVjPSxZZjZuzAdhGXVBcZQAhjvuyo6KQ+ne 8xC4e59Xg3IWHKzZ7dHVdJ8XkDGGv/KfmeyslqhSynVXy5+KYwQX/uILj/WsFGjA5nO6 F8xg3idb8SNThaLqAVI6BenukMiPkXa7SsXqU8mz2qV/CnWYXMvpGlAe6g2yrxV4jfeT 0Z/Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Ml3obd1u; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id n2-v6sor3916219wri.6.2018.11.06.09.30.47 for (Google Transport Security); Tue, 06 Nov 2018 09:30:48 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Ml3obd1u; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=uFXbDXBBL0TkI32ZOkP12VFoaipD/tLiCoQgwqz5odA=; b=Ml3obd1uR8RA+9+kPyhYpuUlNKibYa2CRfEbIgyyBjJQQsxI6O4jyB2v5aISRpt4Fb rj4kSRubmtB2gfIcZerb9slf7GTBlw5Tbp5c6iugUfnuzQC3XsITzLENuD6X3Z/YVueS bl9A1RcdoBcA5tpBEPGGsPvphoq47rYDLEthUDE1Hiqg/OBDYoq+iQomOZZipqa6qEqA gh6W9WBQf63nRue+Lp+Lr0m7GGRxT+OuaVzn4d2W9CtavCwPeOK+zHxnbC181eLpQfwB irf9RttaDlwEot1Pj/F6sKVqzuewyv/+3sbuY8ZQkS5ntsRoTJp/p4MtvWOF16tdHpIJ 9hKg== X-Google-Smtp-Source: AJdET5c+bHFl6qHCJUo73l2cQqmAl8DcYcsx+G0rN/ISh1Rrs2TxDP7+TGu2bV1DVX4z9B3j3X+3mQ== X-Received: by 2002:adf:a31c:: with SMTP id c28-v6mr24695147wrb.195.1541525447608; Tue, 06 Nov 2018 09:30:47 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.30.45 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:30:46 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 04/22] kasan: rename source files to reflect the new naming scheme Date: Tue, 6 Nov 2018 18:30:19 +0100 Message-Id: <05fbfe73d79159af71bfded4d3b46f8055329e1a.1541525354.git.andreyknvl@google.com> X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP We now have two KASAN modes: generic KASAN and tag-based KASAN. Rename kasan.c to generic.c to reflect that. Also rename kasan_init.c to init.c as it contains initialization code for both KASAN modes. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- mm/kasan/Makefile | 8 ++++---- mm/kasan/{kasan.c => generic.c} | 0 mm/kasan/{kasan_init.c => init.c} | 0 3 files changed, 4 insertions(+), 4 deletions(-) rename mm/kasan/{kasan.c => generic.c} (100%) rename mm/kasan/{kasan_init.c => init.c} (100%) diff --git a/mm/kasan/Makefile b/mm/kasan/Makefile index a6df14bffb6b..d643530b24aa 100644 --- a/mm/kasan/Makefile +++ b/mm/kasan/Makefile @@ -1,14 +1,14 @@ # SPDX-License-Identifier: GPL-2.0 KASAN_SANITIZE := n UBSAN_SANITIZE_common.o := n -UBSAN_SANITIZE_kasan.o := n +UBSAN_SANITIZE_generic.o := n KCOV_INSTRUMENT := n -CFLAGS_REMOVE_kasan.o = -pg +CFLAGS_REMOVE_generic.o = -pg # Function splitter causes unnecessary splits in __asan_load1/__asan_store1 # see: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63533 CFLAGS_common.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector) -CFLAGS_kasan.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector) +CFLAGS_generic.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector) -obj-y := common.o kasan.o report.o kasan_init.o quarantine.o +obj-y := common.o generic.o report.o init.o quarantine.o diff --git a/mm/kasan/kasan.c b/mm/kasan/generic.c similarity index 100% rename from mm/kasan/kasan.c rename to mm/kasan/generic.c diff --git a/mm/kasan/kasan_init.c b/mm/kasan/init.c similarity index 100% rename from mm/kasan/kasan_init.c rename to mm/kasan/init.c From patchwork Tue Nov 6 17:30:20 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670923 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id EAB1415E9 for ; Tue, 6 Nov 2018 17:31:04 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D425D2ABBB for ; Tue, 6 Nov 2018 17:31:04 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C7DAE2ABBE; Tue, 6 Nov 2018 17:31:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A260F2ABC8 for ; Tue, 6 Nov 2018 17:31:03 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2BDA96B0356; Tue, 6 Nov 2018 12:30:53 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 270E26B0358; Tue, 6 Nov 2018 12:30:53 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0FE456B0356; Tue, 6 Nov 2018 12:30:53 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by kanga.kvack.org (Postfix) with ESMTP id 8C7526B0356 for ; Tue, 6 Nov 2018 12:30:52 -0500 (EST) Received: by mail-wm1-f72.google.com with SMTP id a126-v6so10354615wmf.4 for ; Tue, 06 Nov 2018 09:30:52 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=oQj9DpOXX4lncPGFD/QV9vV1LYB/eGPKqssZh9orags=; b=rl/GTy8EFOS720RPFJ6CUQKI9yggrIudrQAEc3W7QOr5r4jp6dsAWO4Wwi89nwCpTg wFaAm4AErPIGS71YPm2IKXGOGXTSiNWfFp2a4Rte8lCdYgJfUIdcG2evpDFBEA2YSjRW FWjv+qEs5rQyPpA2Zper157fPAp2VIv9OgWdB40LR1WINVTISvLSJdI9tnvlFG6c/YVL eetWuC2D4yxysChYq+pHI5JhzpaknBbl1Wfbbpx54Xm595Wfvvk7ApSDE3fIqMctLU8i tv2ciYkdZVyIv1jvhfKSYx+giRkX/lPKKrc+Smh65sjOJDMZxMjkaWaJdMhuUQP/SfIM kKKg== X-Gm-Message-State: AGRZ1gK3do8HAQsZ47VKrPA9yz5t/nl8ZGLDPbfIH+vqCDs31vtKZ3/b W2YtmYIk6/Z01mhq5VP7Z+SXrxH/dsZz0guL4PFjWeMbOFa/4rFVSSAXNzeuPRLOsFPDugI+jsf h3hqhrLcER7nMkaEXjtxyulF1AG9N2A/6ehGvIy9Ly21+j0WdHsQpXeLq5AZsDbqNQxfMf+GESR YOh52Ctd/O6soejggvAE7EN6RSmJAverDoLGuMw5uO4D96VG4F72zc1CW45IAOgBjADH3GbaqHi VtnoDrq6QiVVXW4xi3hNY5Q6rtaG80tXHIJS2C9ffwCqu7n4SPPii2StLC91q+4TmxrmNyhxGzP SZtJZUp1C4xoF6kO/4p2c1g5HyRoCsScs2ECrRZ5Lbi/wJQHW3PqnT/y3jqzZzgsA3s2sHzpq3h j X-Received: by 2002:a1c:adc7:: with SMTP id w190-v6mr2580148wme.96.1541525451977; Tue, 06 Nov 2018 09:30:51 -0800 (PST) X-Received: by 2002:a1c:adc7:: with SMTP id w190-v6mr2580045wme.96.1541525450171; Tue, 06 Nov 2018 09:30:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525450; cv=none; d=google.com; s=arc-20160816; b=mSiuaPSlr2sZl8AQw7tSWqO2R5bh/V+OB9FBi9atUoqPumyH41RJ7ScNpnRGayQLrk lQkuhLboLeARNma9xjKaNJdrtTW/zd5GW4khUljccW9M+yz1FuBc28Htu+eoN0ixZDwo iqm+tQTL7W5EUzKzTww+utQNs59S295vmeiYplv8Gf8DWwIApaUHfSHHkSDXeKv0/yl2 XP6vvxgzvx79vn8+I7xQnj6C4dcUQbWqgv1uM0KnhEByvKDGe8qZBfQ2C2mL46KUNhrt yyI5t5saiOU/cFe82cOzJek/w0fOFLJhDTgCYSr8CONYTY6ct4Q3CPO7X/3mLj32mnX6 xOpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=oQj9DpOXX4lncPGFD/QV9vV1LYB/eGPKqssZh9orags=; b=tk4c2sjGkrjP11JCICW8mmG2RG3LFXXdxKGK/MLM7fLvF2eOwdx1WNLuiCHPfXogYy VyjI4WnsmYsbEvoded0Ue4gwseVrFMz8D0HVC0hPDtmiseGOnOuFdJ5HiYHbY+lUePUC XngSrUHA40iVfaWArf5OolmP3cdYKb+ZlL2dnfYSrHN/u7PryVDDyFtGnp/eVNc10FU5 SOg43heeNNwv3wL/RyWbx1thmn8a3PMr/U2ltaxr2AoJmYGJFHJ5eZSpKuRvaRdHZmsm 9XIgxvMFUbpUtFTZeBr71z+O0sJbbUYpgnrIUlJtuuva4BRbBR2NEsMlMxkQset7vKZ3 jPVA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=nMiC2csF; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id b77-v6sor1688428wme.9.2018.11.06.09.30.50 for (Google Transport Security); Tue, 06 Nov 2018 09:30:50 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=nMiC2csF; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=oQj9DpOXX4lncPGFD/QV9vV1LYB/eGPKqssZh9orags=; b=nMiC2csF7wIkovHcHDcKhPOGep9XLJX7aWDjmT4XhUPns/OxfrouOK9ZXPqONDbWLx 2s4Wz96w/l8N+S2bKozXRwIJtX1wUEbYkL9yu30mEGFt7q4F6WAG16JHRwquRWyVDJhc Y408Sonb5e1JKsNrhW1j7uBAqH8JrPoS9aYRa7iNIBc0njSIGqgEYuC2MKUHg1IxpVRc 0d8Vbt1zaygU2O9TO5H0hcd2hcXYVSiuXm/74iFl02joKZblrvBjN2M94Hu78heV90fm t01K9RegHhHBDSX14Po4VQi9wri+nph2lvz9ul/oU00c++HldT807wYLlHWcl5P+at76 50jA== X-Google-Smtp-Source: AJdET5dclGiVxDA9PeefCYzpNXTvp6EX1XGYY9meSvzolKXS2Jq8b6QXojdJFXdljXBDC7KWoNB+XQ== X-Received: by 2002:a1c:dc86:: with SMTP id t128-v6mr2726803wmg.111.1541525449364; Tue, 06 Nov 2018 09:30:49 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.30.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:30:48 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 05/22] kasan: add CONFIG_KASAN_GENERIC and CONFIG_KASAN_SW_TAGS Date: Tue, 6 Nov 2018 18:30:20 +0100 Message-Id: X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP This commit splits the current CONFIG_KASAN config option into two: 1. CONFIG_KASAN_GENERIC, that enables the generic KASAN mode (the one that exists now); 2. CONFIG_KASAN_SW_TAGS, that enables the software tag-based KASAN mode. The name CONFIG_KASAN_SW_TAGS is chosen as in the future we will have another hardware tag-based KASAN mode, that will rely on hardware memory tagging support in arm64. With CONFIG_KASAN_SW_TAGS enabled, compiler options are changed to instrument kernel files with -fsantize=kernel-hwaddress (except the ones for which KASAN_SANITIZE := n is set). Both CONFIG_KASAN_GENERIC and CONFIG_KASAN_SW_TAGS support both CONFIG_KASAN_INLINE and CONFIG_KASAN_OUTLINE instrumentation modes. This commit also adds empty placeholder (for now) implementation of tag-based KASAN specific hooks inserted by the compiler and adjusts common hooks implementation to compile correctly with each of the config options. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- arch/arm64/Kconfig | 1 + include/linux/compiler-clang.h | 5 +- include/linux/compiler-gcc.h | 6 ++ include/linux/compiler_attributes.h | 13 ----- include/linux/kasan.h | 16 ++++-- lib/Kconfig.kasan | 87 +++++++++++++++++++++++------ mm/kasan/Makefile | 6 +- mm/kasan/generic.c | 2 +- mm/kasan/kasan.h | 3 +- mm/kasan/tags.c | 75 +++++++++++++++++++++++++ mm/slub.c | 2 +- scripts/Makefile.kasan | 27 ++++++++- 12 files changed, 201 insertions(+), 42 deletions(-) create mode 100644 mm/kasan/tags.c diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 787d7850e064..8b331dcfb48e 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -111,6 +111,7 @@ config ARM64 select HAVE_ARCH_JUMP_LABEL select HAVE_ARCH_JUMP_LABEL_RELATIVE select HAVE_ARCH_KASAN if !(ARM64_16K_PAGES && ARM64_VA_BITS_48) + select HAVE_ARCH_KASAN_SW_TAGS if !(ARM64_16K_PAGES && ARM64_VA_BITS_48) select HAVE_ARCH_KGDB select HAVE_ARCH_MMAP_RND_BITS select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT diff --git a/include/linux/compiler-clang.h b/include/linux/compiler-clang.h index 3e7dafb3ea80..59db75f03218 100644 --- a/include/linux/compiler-clang.h +++ b/include/linux/compiler-clang.h @@ -16,9 +16,12 @@ /* all clang versions usable with the kernel support KASAN ABI version 5 */ #define KASAN_ABI_VERSION 5 +#if __has_feature(address_sanitizer) || __has_feature(hwaddress_sanitizer) /* emulate gcc's __SANITIZE_ADDRESS__ flag */ -#if __has_feature(address_sanitizer) #define __SANITIZE_ADDRESS__ +#define __no_sanitize_address __attribute__((no_sanitize("address", "hwaddress"))) +#else +#define __no_sanitize_address #endif /* diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h index c0f5db3a9621..c5e1142f36df 100644 --- a/include/linux/compiler-gcc.h +++ b/include/linux/compiler-gcc.h @@ -143,6 +143,12 @@ #define KASAN_ABI_VERSION 3 #endif +#if __has_attribute(__no_sanitize_address__) +#define __no_sanitize_address __attribute__((no_sanitize_address)) +#else +#define __no_sanitize_address +#endif + /* * Because __no_sanitize_address conflicts with inlining: * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67368 diff --git a/include/linux/compiler_attributes.h b/include/linux/compiler_attributes.h index 6b28c1b7310c..84f433ef0f87 100644 --- a/include/linux/compiler_attributes.h +++ b/include/linux/compiler_attributes.h @@ -202,19 +202,6 @@ */ #define __noreturn __attribute__((__noreturn__)) -/* - * Optional: only supported since gcc >= 4.8 - * Optional: not supported by icc - * - * gcc: https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html#index-no_005fsanitize_005faddress-function-attribute - * clang: https://clang.llvm.org/docs/AttributeReference.html#no-sanitize-address-no-address-safety-analysis - */ -#if __has_attribute(__no_sanitize_address__) -# define __no_sanitize_address __attribute__((__no_sanitize_address__)) -#else -# define __no_sanitize_address -#endif - /* * gcc: https://gcc.gnu.org/onlinedocs/gcc/Common-Type-Attributes.html#index-packed-type-attribute * clang: https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html#index-packed-variable-attribute diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 52c86a568a4e..b66fdf5ea7ab 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -45,8 +45,6 @@ void kasan_free_pages(struct page *page, unsigned int order); void kasan_cache_create(struct kmem_cache *cache, unsigned int *size, slab_flags_t *flags); -void kasan_cache_shrink(struct kmem_cache *cache); -void kasan_cache_shutdown(struct kmem_cache *cache); void kasan_poison_slab(struct page *page); void kasan_unpoison_object_data(struct kmem_cache *cache, void *object); @@ -97,8 +95,6 @@ static inline void kasan_free_pages(struct page *page, unsigned int order) {} static inline void kasan_cache_create(struct kmem_cache *cache, unsigned int *size, slab_flags_t *flags) {} -static inline void kasan_cache_shrink(struct kmem_cache *cache) {} -static inline void kasan_cache_shutdown(struct kmem_cache *cache) {} static inline void kasan_poison_slab(struct page *page) {} static inline void kasan_unpoison_object_data(struct kmem_cache *cache, @@ -155,4 +151,16 @@ static inline size_t kasan_metadata_size(struct kmem_cache *cache) { return 0; } #endif /* CONFIG_KASAN */ +#ifdef CONFIG_KASAN_GENERIC + +void kasan_cache_shrink(struct kmem_cache *cache); +void kasan_cache_shutdown(struct kmem_cache *cache); + +#else /* CONFIG_KASAN_GENERIC */ + +static inline void kasan_cache_shrink(struct kmem_cache *cache) {} +static inline void kasan_cache_shutdown(struct kmem_cache *cache) {} + +#endif /* CONFIG_KASAN_GENERIC */ + #endif /* LINUX_KASAN_H */ diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan index d0bad1bd9a2b..d99f6bf5fb90 100644 --- a/lib/Kconfig.kasan +++ b/lib/Kconfig.kasan @@ -1,35 +1,86 @@ config HAVE_ARCH_KASAN bool +config HAVE_ARCH_KASAN_SW_TAGS + bool + if HAVE_ARCH_KASAN config KASAN - bool "KASan: runtime memory debugger" + bool "KASAN: runtime memory debugger" + help + Enables KASAN (KernelAddressSANitizer) - runtime memory debugger, + designed to find out-of-bounds accesses and use-after-free bugs. + See Documentation/dev-tools/kasan.rst for details. + +choice + prompt "KASAN mode" + depends on KASAN + default KASAN_GENERIC + help + KASAN has two modes: generic KASAN (similar to userspace ASan, + x86_64/arm64/xtensa, enabled with CONFIG_KASAN_GENERIC) and + software tag-based KASAN (a version based on software memory + tagging, arm64 only, similar to userspace HWASan, enabled with + CONFIG_KASAN_SW_TAGS). + Both generic and tag-based KASAN are strictly debugging features. + +config KASAN_GENERIC + bool "Generic mode" depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB) select SLUB_DEBUG if SLUB select CONSTRUCTORS select STACKDEPOT help - Enables kernel address sanitizer - runtime memory debugger, - designed to find out-of-bounds accesses and use-after-free bugs. - This is strictly a debugging feature and it requires a gcc version - of 4.9.2 or later. Detection of out of bounds accesses to stack or - global variables requires gcc 5.0 or later. - This feature consumes about 1/8 of available memory and brings about - ~x3 performance slowdown. + Enables generic KASAN mode. + Supported in both GCC and Clang. With GCC it requires version 4.9.2 + or later for basic support and version 5.0 or later for detection of + out-of-bounds accesses for stack and global variables and for inline + instrumentation mode (CONFIG_KASAN_INLINE). With Clang it requires + version 3.7.0 or later and it doesn't support detection of + out-of-bounds accesses for global variables yet. + This mode consumes about 1/8th of available memory at kernel start + and introduces an overhead of ~x1.5 for the rest of the allocations. + The performance slowdown is ~x3. For better error detection enable CONFIG_STACKTRACE. - Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB + Currently CONFIG_KASAN_GENERIC doesn't work with CONFIG_DEBUG_SLAB (the resulting kernel does not boot). +if HAVE_ARCH_KASAN_SW_TAGS + +config KASAN_SW_TAGS + bool "Software tag-based mode" + depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB) + select SLUB_DEBUG if SLUB + select CONSTRUCTORS + select STACKDEPOT + help + Enables software tag-based KASAN mode. + This mode requires Top Byte Ignore support by the CPU and therefore + is only supported for arm64. + This mode requires Clang version 7.0.0 or later. + This mode consumes about 1/16th of available memory at kernel start + and introduces an overhead of ~20% for the rest of the allocations. + This mode may potentially introduce problems relating to pointer + casting and comparison, as it embeds tags into the top byte of each + pointer. + For better error detection enable CONFIG_STACKTRACE. + Currently CONFIG_KASAN_SW_TAGS doesn't work with CONFIG_DEBUG_SLAB + (the resulting kernel does not boot). + +endif + +endchoice + config KASAN_EXTRA - bool "KAsan: extra checks" - depends on KASAN && DEBUG_KERNEL && !COMPILE_TEST + bool "KASAN: extra checks" + depends on KASAN_GENERIC && DEBUG_KERNEL && !COMPILE_TEST help - This enables further checks in the kernel address sanitizer, for now - it only includes the address-use-after-scope check that can lead - to excessive kernel stack usage, frame size warnings and longer + This enables further checks in generic KASAN, for now it only + includes the address-use-after-scope check that can lead to + excessive kernel stack usage, frame size warnings and longer compile time. - https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715 has more + See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715 choice @@ -53,7 +104,7 @@ config KASAN_INLINE memory accesses. This is faster than outline (in some workloads it gives about x2 boost over outline instrumentation), but make kernel's .text size much bigger. - This requires a gcc version of 5.0 or later. + For CONFIG_KASAN_GENERIC this requires GCC 5.0 or later. endchoice @@ -67,11 +118,11 @@ config KASAN_S390_4_LEVEL_PAGING 4-level paging instead. config TEST_KASAN - tristate "Module for testing kasan for bug detection" + tristate "Module for testing KASAN for bug detection" depends on m && KASAN help This is a test module doing various nasty things like out of bounds accesses, use after free. It is useful for testing - kernel debugging features like kernel address sanitizer. + kernel debugging features like KASAN. endif diff --git a/mm/kasan/Makefile b/mm/kasan/Makefile index d643530b24aa..68ba1822f003 100644 --- a/mm/kasan/Makefile +++ b/mm/kasan/Makefile @@ -2,6 +2,7 @@ KASAN_SANITIZE := n UBSAN_SANITIZE_common.o := n UBSAN_SANITIZE_generic.o := n +UBSAN_SANITIZE_tags.o := n KCOV_INSTRUMENT := n CFLAGS_REMOVE_generic.o = -pg @@ -10,5 +11,8 @@ CFLAGS_REMOVE_generic.o = -pg CFLAGS_common.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector) CFLAGS_generic.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector) +CFLAGS_tags.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector) -obj-y := common.o generic.o report.o init.o quarantine.o +obj-$(CONFIG_KASAN) := common.o init.o report.o +obj-$(CONFIG_KASAN_GENERIC) += generic.o quarantine.o +obj-$(CONFIG_KASAN_SW_TAGS) += tags.o diff --git a/mm/kasan/generic.c b/mm/kasan/generic.c index 44ec228de0a2..b8de6d33c55c 100644 --- a/mm/kasan/generic.c +++ b/mm/kasan/generic.c @@ -1,5 +1,5 @@ /* - * This file contains core KASAN code. + * This file contains core generic KASAN code. * * Copyright (c) 2014 Samsung Electronics Co., Ltd. * Author: Andrey Ryabinin diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index 659463800f10..19b950eaccff 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -114,7 +114,8 @@ void kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip); void kasan_report_invalid_free(void *object, unsigned long ip); -#if defined(CONFIG_SLAB) || defined(CONFIG_SLUB) +#if defined(CONFIG_KASAN_GENERIC) && \ + (defined(CONFIG_SLAB) || defined(CONFIG_SLUB)) void quarantine_put(struct kasan_free_meta *info, struct kmem_cache *cache); void quarantine_reduce(void); void quarantine_remove_cache(struct kmem_cache *cache); diff --git a/mm/kasan/tags.c b/mm/kasan/tags.c new file mode 100644 index 000000000000..04194923c543 --- /dev/null +++ b/mm/kasan/tags.c @@ -0,0 +1,75 @@ +/* + * This file contains core tag-based KASAN code. + * + * Copyright (c) 2018 Google, Inc. + * Author: Andrey Konovalov + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + */ + +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt +#define DISABLE_BRANCH_PROFILING + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "kasan.h" +#include "../slab.h" + +void check_memory_region(unsigned long addr, size_t size, bool write, + unsigned long ret_ip) +{ +} + +#define DEFINE_HWASAN_LOAD_STORE(size) \ + void __hwasan_load##size##_noabort(unsigned long addr) \ + { \ + } \ + EXPORT_SYMBOL(__hwasan_load##size##_noabort); \ + void __hwasan_store##size##_noabort(unsigned long addr) \ + { \ + } \ + EXPORT_SYMBOL(__hwasan_store##size##_noabort) + +DEFINE_HWASAN_LOAD_STORE(1); +DEFINE_HWASAN_LOAD_STORE(2); +DEFINE_HWASAN_LOAD_STORE(4); +DEFINE_HWASAN_LOAD_STORE(8); +DEFINE_HWASAN_LOAD_STORE(16); + +void __hwasan_loadN_noabort(unsigned long addr, unsigned long size) +{ +} +EXPORT_SYMBOL(__hwasan_loadN_noabort); + +void __hwasan_storeN_noabort(unsigned long addr, unsigned long size) +{ +} +EXPORT_SYMBOL(__hwasan_storeN_noabort); + +void __hwasan_tag_memory(unsigned long addr, u8 tag, unsigned long size) +{ +} +EXPORT_SYMBOL(__hwasan_tag_memory); diff --git a/mm/slub.c b/mm/slub.c index 8561a32910dd..e739d46600b9 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -2992,7 +2992,7 @@ static __always_inline void slab_free(struct kmem_cache *s, struct page *page, do_slab_free(s, page, head, tail, cnt, addr); } -#ifdef CONFIG_KASAN +#ifdef CONFIG_KASAN_GENERIC void ___cache_free(struct kmem_cache *cache, void *x, unsigned long addr) { do_slab_free(cache, virt_to_head_page(x), x, NULL, 1, addr); diff --git a/scripts/Makefile.kasan b/scripts/Makefile.kasan index 69552a39951d..5bf3a808a282 100644 --- a/scripts/Makefile.kasan +++ b/scripts/Makefile.kasan @@ -1,5 +1,5 @@ # SPDX-License-Identifier: GPL-2.0 -ifdef CONFIG_KASAN +ifdef CONFIG_KASAN_GENERIC ifdef CONFIG_KASAN_INLINE call_threshold := 10000 else @@ -42,6 +42,29 @@ ifdef CONFIG_KASAN_EXTRA CFLAGS_KASAN += $(call cc-option, -fsanitize-address-use-after-scope) endif -CFLAGS_KASAN_NOSANITIZE := -fno-builtin +endif + +ifdef CONFIG_KASAN_SW_TAGS + +ifdef CONFIG_KASAN_INLINE + instrumentation_flags := -mllvm -hwasan-mapping-offset=$(KASAN_SHADOW_OFFSET) +else + instrumentation_flags := -mllvm -hwasan-instrument-with-calls=1 +endif +CFLAGS_KASAN := -fsanitize=kernel-hwaddress \ + -mllvm -hwasan-instrument-stack=0 \ + $(instrumentation_flags) + +ifeq ($(call cc-option, $(CFLAGS_KASAN) -Werror),) + ifneq ($(CONFIG_COMPILE_TEST),y) + $(warning Cannot use CONFIG_KASAN_SW_TAGS: \ + -fsanitize=hwaddress is not supported by compiler) + endif +endif + +endif + +ifdef CONFIG_KASAN +CFLAGS_KASAN_NOSANITIZE := -fno-builtin endif From patchwork Tue Nov 6 17:30:21 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670925 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4430F15E9 for ; Tue, 6 Nov 2018 17:31:07 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2E0FE2ABB2 for ; Tue, 6 Nov 2018 17:31:07 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2BCAC2ABBA; Tue, 6 Nov 2018 17:31:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B71D52ABB2 for ; Tue, 6 Nov 2018 17:31:06 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B9B436B0357; Tue, 6 Nov 2018 12:30:53 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id B23086B0358; Tue, 6 Nov 2018 12:30:53 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9731D6B0359; Tue, 6 Nov 2018 12:30:53 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com [209.85.221.71]) by kanga.kvack.org (Postfix) with ESMTP id 3B7286B0357 for ; Tue, 6 Nov 2018 12:30:53 -0500 (EST) Received: by mail-wr1-f71.google.com with SMTP id q1-v6so12316005wrr.9 for ; Tue, 06 Nov 2018 09:30:53 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=zR59Oh4f3YmUUjWQVuUWbISM47BcdXN0TxZaGQsGruw=; b=B8CW0VQu8JpTin0lzKPmzqpNJn0bu7WgyXHjq8diA6XvP858D+tbXyfB7lkcMrsKlu 3ZcQQA6W/OFK1HbliaTQ84Jr6Yp4dW7Zg7HcoSGe/mVzv092UZE7UfAOjXVb4uWuTa6o p+0IQzSDSAAWX3zqAG6HHiJK9S1q+vaYLw2OgBJC3V2IMFUC7DJZuZa2mMIgL8auAw1N DnerHX8qZcunvfE3W4PVDiJNVoaJ/Sirzm+9D8nBDNHsR0tbfV4d4JJrFMs3lat0Bzfq 6AvUYwfrElXXDtrFZE/NQrui/L0ee8moAoJvhWIu1aSRGxRUqz8FwPs1zVD8Koqkstyh YbpA== X-Gm-Message-State: AGRZ1gKsgC/gB1TWL1CECeJR32bkkaGP/X0UpjHQWIzn4lB+5EmSll3C x3uwj7TXwPVHofN2u7vi70dyFzP4aLkMW0bTTYWNCao+7U8IqmayCGyOdPUyq2pjxFbRuOT2eRY gGhRIfwpFDRcF3r7v7htNDXFUzKBVBpJqYk6092U1O9zsqY6Vcvn6NW0oPdg7L+cHuXbXbhz4Z4 6KJZFJgHlVKx4KnX4JPD5VwVAmy3Jg3oGG2QuruHSXp5TxI7l2e422g2dDMsvKUgjgCirU9oaT4 O+CXqRXzdVT70RLWgoo53NhWt+WbSybTwcU1r82I4/fkjpOkDzx0dJwenxGLnOO0x+Q3cKMsahg VH2NeB6dBWtr15VdF646/RQgD1+GpIJWdcQKUwc2HU3W4XkJ/PYMyRiv8u4KY2JQRenTPfC4+6F I X-Received: by 2002:a1c:5788:: with SMTP id l130-v6mr2702746wmb.60.1541525452695; Tue, 06 Nov 2018 09:30:52 -0800 (PST) X-Received: by 2002:a1c:5788:: with SMTP id l130-v6mr2702696wmb.60.1541525451641; Tue, 06 Nov 2018 09:30:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525451; cv=none; d=google.com; s=arc-20160816; b=QWv5QnfRNL/RAri3h9snnq5TUQI0MQaSXleyL99iMYx0GeTV+C8FSmI3s6hv3xBY2q Gm49TgaMv686z00sVk4T2Qq9FuNcK9MWouNjHeyKn519l1Xnak5GRRJwr7tGDeUEZydo 2xNxvcmIskZUN2o/h14GXRsBcSFRUflnv1uO+6Z7f1ITMjPpTUg9c9fdVPMRaoDhDpHJ QQxBMGU1jGnEhxT6K7BFO7orCubQlwfu1y2BudxhAZg/lr/RKHI8W9cpJlpnplGsBgZB fmIfggWeoQxa4DgCQKM3QbX5qDdSAPQ2+8Hid4AWq+pO8UZ77jHyvLENw/HtOY0zzX89 SGZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=zR59Oh4f3YmUUjWQVuUWbISM47BcdXN0TxZaGQsGruw=; b=u8GcjclCDfjwWiF1A7sc5dDLRgp9Ycqo04p8r7KVeZNjYhsuhn11uf8Vc6F9Rz6OJm adlFje6h27VsZ8qZfz74cQ4qtXk28JHn+WW1BDwIguUXQwaxnyp/do8WFskCjZ701DDT YyxfJ+dzsErl2l4GZYgJ3itmQHctEHWSXQ5GxoxYeeg5F4UfwW1sAVFv6lcLGRNIfYlm 4kA/2SUwlatv9VKv8Z8iySDhuEffR3XpcqGgpI3O5zVt5ncsjmD3bsFrvmlwXH3N3ZER d/CGLt59qySPIFw2fQgqO4gPCmvCr5HG2DEUAkzKl3yw1OlDxFx/7atBtyH1cpN6OXf8 M9aw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=KYgRkNeE; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id z3-v6sor1504291wru.7.2018.11.06.09.30.51 for (Google Transport Security); Tue, 06 Nov 2018 09:30:51 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=KYgRkNeE; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=zR59Oh4f3YmUUjWQVuUWbISM47BcdXN0TxZaGQsGruw=; b=KYgRkNeECJs3IElsm0p/zMKWz/tzGt+6DJSzEuOn81O+jW9wjUl7WlsyE44DwW2UBJ IGjSnu8L6/Px81VwxB66DoNIWe9Fv13N1ZxhAB1MOHFuxbZpt5gBXpIC08ZcsnoU//06 p6ZwWNCogZ6ijzbJ2QLRUniM6z71avQSO6O3Dpg2UYO2qU8fsC6elqb+ah3SvDv1lQ0v D9t2T4M5r4m1nXUM/NX8cheOTr7DtYbhC9LBM/lc/47TWAtYevFH5WcZYmfAbmPPZwG6 CHwa7OZJXdLdFCnVq1AdWznvOE+WGHUxDfCZ5LT1J7r+8k29rGlpDeXzjJ8OYkGlKfR9 I2CA== X-Google-Smtp-Source: AJdET5eezPyu5zivf/GdDpGQTMhCVkl0xj8xUSgzntxDQd3ItQFM5kt+5hhSTXC4DgW6e/T6ozoIbw== X-Received: by 2002:adf:9589:: with SMTP id p9-v6mr24794256wrp.270.1541525451174; Tue, 06 Nov 2018 09:30:51 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.30.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:30:50 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 06/22] kasan, arm64: adjust shadow size for tag-based mode Date: Tue, 6 Nov 2018 18:30:21 +0100 Message-Id: <86d1b17c755d8bfd6e44e6869a16f4a409e7bd06.1541525354.git.andreyknvl@google.com> X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Tag-based KASAN uses 1 shadow byte for 16 bytes of kernel memory, so it requires 1/16th of the kernel virtual address space for the shadow memory. This commit sets KASAN_SHADOW_SCALE_SHIFT to 4 when the tag-based KASAN mode is enabled. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- arch/arm64/Makefile | 2 +- arch/arm64/include/asm/memory.h | 13 +++++++++---- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile index 6cb9fc7e9382..9887492381d9 100644 --- a/arch/arm64/Makefile +++ b/arch/arm64/Makefile @@ -94,7 +94,7 @@ endif # KASAN_SHADOW_OFFSET = VA_START + (1 << (VA_BITS - KASAN_SHADOW_SCALE_SHIFT)) # - (1 << (64 - KASAN_SHADOW_SCALE_SHIFT)) # in 32-bit arithmetic -KASAN_SHADOW_SCALE_SHIFT := 3 +KASAN_SHADOW_SCALE_SHIFT := $(if $(CONFIG_KASAN_SW_TAGS), 4, 3) KASAN_SHADOW_OFFSET := $(shell printf "0x%08x00000000\n" $$(( \ (0xffffffff & (-1 << ($(CONFIG_ARM64_VA_BITS) - 32))) \ + (1 << ($(CONFIG_ARM64_VA_BITS) - 32 - $(KASAN_SHADOW_SCALE_SHIFT))) \ diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h index b96442960aea..0f1e024a951f 100644 --- a/arch/arm64/include/asm/memory.h +++ b/arch/arm64/include/asm/memory.h @@ -74,12 +74,17 @@ #define KERNEL_END _end /* - * KASAN requires 1/8th of the kernel virtual address space for the shadow - * region. KASAN can bloat the stack significantly, so double the (minimum) - * stack size when KASAN is in use. + * Generic and tag-based KASAN require 1/8th and 1/16th of the kernel virtual + * address space for the shadow region respectively. They can bloat the stack + * significantly, so double the (minimum) stack size when they are in use. */ -#ifdef CONFIG_KASAN +#ifdef CONFIG_KASAN_GENERIC #define KASAN_SHADOW_SCALE_SHIFT 3 +#endif +#ifdef CONFIG_KASAN_SW_TAGS +#define KASAN_SHADOW_SCALE_SHIFT 4 +#endif +#ifdef CONFIG_KASAN #define KASAN_SHADOW_SIZE (UL(1) << (VA_BITS - KASAN_SHADOW_SCALE_SHIFT)) #define KASAN_THREAD_SHIFT 1 #else From patchwork Tue Nov 6 17:30:22 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670927 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B70D613BF for ; Tue, 6 Nov 2018 17:31:11 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A27682ABBB for ; Tue, 6 Nov 2018 17:31:11 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 963AF2ABBE; Tue, 6 Nov 2018 17:31:11 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 761EA2ABCB for ; Tue, 6 Nov 2018 17:31:10 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3F5F96B0359; Tue, 6 Nov 2018 12:30:55 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 3CD9B6B035A; Tue, 6 Nov 2018 12:30:55 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 221416B035B; Tue, 6 Nov 2018 12:30:55 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by kanga.kvack.org (Postfix) with ESMTP id BF29E6B0359 for ; Tue, 6 Nov 2018 12:30:54 -0500 (EST) Received: by mail-wm1-f72.google.com with SMTP id t130-v6so8417688wmt.3 for ; Tue, 06 Nov 2018 09:30:54 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=Ce4N/nMYo7+RfxBkmlKo7hExteLUxNUpfT4nrnEM84A=; b=auDhzXTIfmaW3MPl2PBIGzyEmagtR9FkLkcHBPXhbAAKcfuqNhh7V/RyCTGjoTjZ5r MMZ4q6cXtnk8zVTkDITIQVYHe+CvJd9398QsOqWU9wYQqcq4ZWTwAg7q4zj/A0HYX76C B6KKAQ9po43fPjpKR9/Z6VUxDsoYOqiXQnTyleBA6q76hB2qdOwG4Y3/Rpdt2umS39fH 4Q2jIZbgWanzqRA6CU2tEJznctp/SJVw6o6zr+z9DtUUyCXmspHPY26PQeLsss/sl3WL imj7oNX4b5J3k7E6c57EN2x0ONVs/pVT08lEkYAp6uk2YBfrpR9F8gxpjJsk/O+GoY1O +rVQ== X-Gm-Message-State: AGRZ1gKA31YXixhRrRQZkG2uPsYVuki7MjFseEv/wSXVRJb5GuKtL4CE 1SaMHOtDg6405UGnNhWZknaBukGiknskTTtHkBdhpe1AzRLZM0KUF5GvcQCp5GfyjtJU5SNzhyB wpZufkCLBBH8sIxhWS6jBZlXpEjmDknxZzy+ad/XCndd9DCi0DUoawVQBDhuCbPyCekhwq4lXoS Xgl1I/IhJc/vSTJW+bzWSdzbz65YCRjLwnh7c7Liq8uRy8APV68taocX+zmMRv0g88zpo0P7kLC srslviIKBYWDdo0D4RNJWmzFJT1IEhcr/Rio4HU5E3BXr0S7q5qGgz17Rq7P6fg6aTZkVewdHpf NKHCv3LTnt4ixNkvy/npCK6bz3HZpTAP+rXuVndPttetVgvLT+RkmseGFm3fyMqTKXpfCjtZOre 7 X-Received: by 2002:a5d:4bd2:: with SMTP id l18-v6mr25432327wrt.168.1541525454317; Tue, 06 Nov 2018 09:30:54 -0800 (PST) X-Received: by 2002:a5d:4bd2:: with SMTP id l18-v6mr25432272wrt.168.1541525453441; Tue, 06 Nov 2018 09:30:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525453; cv=none; d=google.com; s=arc-20160816; b=ORsaIHdoNRGb4AMAwL4XKOAyvekOSdC+Z+k9nF2gnis3fb37R5CppU49qwOSjAy1O8 nspKI5trxr/2tMA+6AgPrJS3rtWlZt2kMCgBAtFgrQMH7NhgeyJWfKY9CAed5GJyeH+X ltEqWtxDRvxONqsEpPsqPlxNx5Rs21lWa9jrB2CUW8i4zA8qiRs7l1qlbxd5hxu/bRO+ fIm2QSxMbAYL4udlnmCOrRVgXzCqHYaO+DIxvIDNVLVe9AOrvhJ12WPx0fdSCkrfi8Fj zr9NYztqGevpIa+7fiyJbBc6BaMpm/503HvRS5iXPh70gmsWUyWJVWp2CgDPBLqQeQF2 o5nA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=Ce4N/nMYo7+RfxBkmlKo7hExteLUxNUpfT4nrnEM84A=; b=dz4/KqFop3VzCKc1giRQVYJ5Zoid0lPMFMni8RxI1a3sJeTcoNlLPyC8i+GnrejYE4 cXRu3yMRIMBT9k6HpSp2vS3qImXJvlK0F5ia5y0rG++Am9YjLeA+7sY6c1/tmDF0AY6d FayAkzZhfD6pU++LgAUTiNRpBqyRKdw2zZMJX4spxIE5MgNaNxeQIIAgfzrP05+x+FPV 29KLrZgV37vJ/3z9sK5jmzO4ZPMns+6i77Kq8pMuSvMqTHcRRpc86tBmS0DT1+LToDM3 bhurc7JBqRohcRBjg7zTf7f37EdpaMP2VRc6NTQNeaPs2wO+mncNXCBDykHlwNjnrYYB AXYQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Vsfw56KN; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id 3-v6sor1645468wmd.3.2018.11.06.09.30.53 for (Google Transport Security); Tue, 06 Nov 2018 09:30:53 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Vsfw56KN; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Ce4N/nMYo7+RfxBkmlKo7hExteLUxNUpfT4nrnEM84A=; b=Vsfw56KNSA0j9i4jZTEMw40brJDN+L6Vk6DCkdODL+7mPErtmtlQkMDqok/+LxZTIA Fft8ZXVpiqCJCP8miE5QzIVVR0eJpPs/kLTUgPPTN8npCXvrIHnQywVjXmvpIh5HPIAe Wa7BMy38S7p9H8D/B9xnivP/Ilz8RTzDI0NFXnMY4KF1cUTUopybY81MTIEXSbkQ8k4b +E58TE1QbFn70oHBRkLa8Che+5cPhJvjnPLMHITMfgwQzHhRskF+aYV9mO2sNYi/cltS EV/yZHL9/gfcte5RkSa8/Haz7iYyw4HKPiuISIuf7vrZZhH59ApyKYhy7WYnKkpEF4Va 9sRw== X-Google-Smtp-Source: AJdET5dN2RP29VYyaLlKwxLPMus2CsNsK+huRP1o94zV2LhR/oELAyawrtwYhu4G/QM2rYIsYijVRg== X-Received: by 2002:a1c:d181:: with SMTP id i123-v6mr2789337wmg.124.1541525452833; Tue, 06 Nov 2018 09:30:52 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.30.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:30:52 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 07/22] kasan: initialize shadow to 0xff for tag-based mode Date: Tue, 6 Nov 2018 18:30:22 +0100 Message-Id: <9405f32797b52616cd0746bcea37df94e8e4256a.1541525354.git.andreyknvl@google.com> X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP A tag-based KASAN shadow memory cell contains a memory tag, that corresponds to the tag in the top byte of the pointer, that points to that memory. The native top byte value of kernel pointers is 0xff, so with tag-based KASAN we need to initialize shadow memory to 0xff. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- arch/arm64/mm/kasan_init.c | 16 ++++++++++++++-- include/linux/kasan.h | 8 ++++++++ mm/kasan/common.c | 3 ++- 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/arch/arm64/mm/kasan_init.c b/arch/arm64/mm/kasan_init.c index 63527e585aac..18ebc8994a7b 100644 --- a/arch/arm64/mm/kasan_init.c +++ b/arch/arm64/mm/kasan_init.c @@ -43,6 +43,15 @@ static phys_addr_t __init kasan_alloc_zeroed_page(int node) return __pa(p); } +static phys_addr_t __init kasan_alloc_raw_page(int node) +{ + void *p = memblock_alloc_try_nid_raw(PAGE_SIZE, PAGE_SIZE, + __pa(MAX_DMA_ADDRESS), + MEMBLOCK_ALLOC_ACCESSIBLE, + node); + return __pa(p); +} + static pte_t *__init kasan_pte_offset(pmd_t *pmdp, unsigned long addr, int node, bool early) { @@ -88,7 +97,9 @@ static void __init kasan_pte_populate(pmd_t *pmdp, unsigned long addr, do { phys_addr_t page_phys = early ? __pa_symbol(kasan_zero_page) - : kasan_alloc_zeroed_page(node); + : kasan_alloc_raw_page(node); + if (!early) + memset(__va(page_phys), KASAN_SHADOW_INIT, PAGE_SIZE); next = addr + PAGE_SIZE; set_pte(ptep, pfn_pte(__phys_to_pfn(page_phys), PAGE_KERNEL)); } while (ptep++, addr = next, addr != end && pte_none(READ_ONCE(*ptep))); @@ -138,6 +149,7 @@ asmlinkage void __init kasan_early_init(void) KASAN_SHADOW_END - (1UL << (64 - KASAN_SHADOW_SCALE_SHIFT))); BUILD_BUG_ON(!IS_ALIGNED(KASAN_SHADOW_START, PGDIR_SIZE)); BUILD_BUG_ON(!IS_ALIGNED(KASAN_SHADOW_END, PGDIR_SIZE)); + kasan_pgd_populate(KASAN_SHADOW_START, KASAN_SHADOW_END, NUMA_NO_NODE, true); } @@ -234,7 +246,7 @@ void __init kasan_init(void) set_pte(&kasan_zero_pte[i], pfn_pte(sym_to_pfn(kasan_zero_page), PAGE_KERNEL_RO)); - memset(kasan_zero_page, 0, PAGE_SIZE); + memset(kasan_zero_page, KASAN_SHADOW_INIT, PAGE_SIZE); cpu_replace_ttbr1(lm_alias(swapper_pg_dir)); /* At this point kasan is fully initialized. Enable error messages */ diff --git a/include/linux/kasan.h b/include/linux/kasan.h index b66fdf5ea7ab..7f6574c35c62 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -153,6 +153,8 @@ static inline size_t kasan_metadata_size(struct kmem_cache *cache) { return 0; } #ifdef CONFIG_KASAN_GENERIC +#define KASAN_SHADOW_INIT 0 + void kasan_cache_shrink(struct kmem_cache *cache); void kasan_cache_shutdown(struct kmem_cache *cache); @@ -163,4 +165,10 @@ static inline void kasan_cache_shutdown(struct kmem_cache *cache) {} #endif /* CONFIG_KASAN_GENERIC */ +#ifdef CONFIG_KASAN_SW_TAGS + +#define KASAN_SHADOW_INIT 0xFF + +#endif /* CONFIG_KASAN_SW_TAGS */ + #endif /* LINUX_KASAN_H */ diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 5f68c93734ba..7134e75447ff 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -473,11 +473,12 @@ int kasan_module_alloc(void *addr, size_t size) ret = __vmalloc_node_range(shadow_size, 1, shadow_start, shadow_start + shadow_size, - GFP_KERNEL | __GFP_ZERO, + GFP_KERNEL, PAGE_KERNEL, VM_NO_GUARD, NUMA_NO_NODE, __builtin_return_address(0)); if (ret) { + __memset(ret, KASAN_SHADOW_INIT, shadow_size); find_vm_area(addr)->flags |= VM_KASAN; kmemleak_ignore(ret); return 0; From patchwork Tue Nov 6 17:30:23 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670931 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 992AA13BF for ; Tue, 6 Nov 2018 17:31:14 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 81CCF2ABB7 for ; Tue, 6 Nov 2018 17:31:14 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7591F2AB8C; Tue, 6 Nov 2018 17:31:14 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 07DCB2ABC9 for ; Tue, 6 Nov 2018 17:31:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 312CA6B035A; Tue, 6 Nov 2018 12:30:57 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 2DAAB6B035B; Tue, 6 Nov 2018 12:30:56 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 861C76B035C; Tue, 6 Nov 2018 12:30:56 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) by kanga.kvack.org (Postfix) with ESMTP id 3213A6B035A for ; Tue, 6 Nov 2018 12:30:56 -0500 (EST) Received: by mail-wr1-f72.google.com with SMTP id q1-v6so12316125wrr.9 for ; Tue, 06 Nov 2018 09:30:56 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=iAdA2FIVXKrjFBT52+TbmLiPLvAT0qhuSkNJfNCOc2A=; b=X/16Q0/HLh3kWu41ZgJ012EE+fNaCSlZXvte/3viMIOejAqfcHHQHmfjrTsGVQOn/n 3CY/JO+ON1cQJHTGaJbFAE20GvMFMosZu4muYcGrXOh4yEVcaspPBmkulWXPoVD1D+nD coQ95erpGtsu5U95vIVSiazFqBqAXoYkkwPKIITKGvv2xeFdQDCZs9rozVROBYBqXl7r /KCjajtSgTUM8ODjlBHLQnXOtf7RB1PzA1jcNyQZjQ/694uV67alPlLRf3godlCUG0b3 PrY3wJ0myZlyeUlMw9z3iVGVRWICAKEwCbvkOlAZRv46b7Nrbi1c7j/Xj+7/L1CG37k8 UL9A== X-Gm-Message-State: AGRZ1gIcsW2zncx+CQGIFxrKmNlJYcxbaFUib/jdgh8VJJwaCJi6kjk/ Gdjea4BM9mNLAxk862ht77HMb+Y2DMHkR932RH/shBaEReqTWLy3t6drC77znyrk5bdiu4pHpOy 5Z6cPKU8qeW7XWpDjOlpvHz6BhfZo36K21rgfqKzCkTAbkA8g4kxgzIp/wyIWjqWv3qCFKZJt5p 9LZWamlGoKh3ZQ5aYKRKFXgUMKzFES7Pb53OUkgXbupx51HPml7kvGkFxc3RZD4dRPbkRilKXl1 6kmACyJA7paJXrxZOslU7F7mdJA0a5Kd2hLossnEnmD4a6v+vDanwDMpq8akadXe3uVUaO4t22M CFBE5AyeecaXTULL43xbP/fJIdCsPI0tdxtPzuVt+phP1QhZ3MfPU83xmth5YeNTr5HX8di1DEO c X-Received: by 2002:adf:bf10:: with SMTP id p16-v6mr23388263wrh.235.1541525455748; Tue, 06 Nov 2018 09:30:55 -0800 (PST) X-Received: by 2002:adf:bf10:: with SMTP id p16-v6mr23388219wrh.235.1541525455033; Tue, 06 Nov 2018 09:30:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525455; cv=none; d=google.com; s=arc-20160816; b=QPHMA/TibpRs9aJVgx6jaNWEgtMy8pVqJ+V59lvaFdKcaWJjVfHVKUnirjJ3IUKzg0 Rzoc6d5jzmP1gyh++ruUmbLXhNZMMDmPTB5iK3h3RV4VPpvZLgT4O+niDq201UT6bJ0g wbAJeFLah5s7klweShHNMMYwCQeE6kWaTU920SYQkpeVGfknFGm0f2IP1HKCvHYkLEjZ goA6mSrlw5ba3cTGkwRW+M8R0KLhC6UD2iLI5p2CtyWYpWoX7c+VNKjPkgyaB+jpA3iD W1qr0BAxC9a7p+vwAB3idVW+ksXLPXyRhmrbjge+n+P6XTNKVloLR1MggS03LFgMg/jS 7f7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=iAdA2FIVXKrjFBT52+TbmLiPLvAT0qhuSkNJfNCOc2A=; b=UYqLRaSkJJ1p/8Li+VCjnSZF91bp6i9/cGf7yVKslrDrPOFBAMOumJj9+H/JgOu/dh uQrD/+7hyuhx7d3U9VDrfSkg2610MPpTG1o0MPbE4SD7hO6Kp+tHz/+gHLFfSbWZo+JM VjHQh4T0PXQ4k9xo3aU66O2hU0yqorNMHJUDOw6abG1VZCRNUNN8iV5AxrjdT2U6WRFl +bK4fjpZnPb3FwR3qz8fLU6BRC2IRKdCPYNONzxKj14aKIwR0EMCpHh5rnSNQNcD62gC m0+/nM+NqH2hIM44ilgHBnT+KdNFbER/OfiGXucL1/mvr2Bp8ZNU1HSq6xccj/QiK+fK odxg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=PGq5Em+h; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id m18-v6sor8352239wrn.12.2018.11.06.09.30.54 for (Google Transport Security); Tue, 06 Nov 2018 09:30:55 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=PGq5Em+h; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=iAdA2FIVXKrjFBT52+TbmLiPLvAT0qhuSkNJfNCOc2A=; b=PGq5Em+hIMGRrbgQhOj9WL7gicpV1a3cL1rwh4lemyPxMvFq4cG0mLriMBcSZkZUkh y+3GtrAF+dUXGDq1ZluSY4Ae+lNWq96tu7xFx8+3iUW74K5mMz0bNUjL+NF6zctA+4QS qnxDtpPcAEaC7j/9Pr+9+iCcTjIRBCQDBlqgv7jG812R/tkMjbJxP0Ho79hqKU+e0BK/ 1V3aOBfi8vX1vQdtwGNFcAWiS0iJHMNQQEwB2emM9/9GBvWQmJ/6N9TDkBQji3hVOuxH OvBCjaHDQv/WAwDgrbXwVByowANBHjdFk09bux4a/YZWYWedpIt49wvjAZbdfS4GERDS Djtg== X-Google-Smtp-Source: AJdET5f8uBubLHMHT+u4DepXXo41R1BmOHzAcM6VRyMsXW0CF05mu1xpsp3a9dayz1rV+f4WhA8xlg== X-Received: by 2002:adf:8989:: with SMTP id x9-v6mr22834650wrx.184.1541525454442; Tue, 06 Nov 2018 09:30:54 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.30.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:30:53 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 08/22] kasan, arm64: untag address in __kimg_to_phys and _virt_addr_is_linear Date: Tue, 6 Nov 2018 18:30:23 +0100 Message-Id: X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP __kimg_to_phys (which is used by virt_to_phys) and _virt_addr_is_linear (which is used by virt_addr_valid) assume that the top byte of the address is 0xff, which isn't always the case with tag-based KASAN. This patch resets the tag in those macros. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- arch/arm64/include/asm/memory.h | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h index 0f1e024a951f..3226a0218b0b 100644 --- a/arch/arm64/include/asm/memory.h +++ b/arch/arm64/include/asm/memory.h @@ -92,6 +92,15 @@ #define KASAN_THREAD_SHIFT 0 #endif +#ifdef CONFIG_KASAN_SW_TAGS +#define KASAN_TAG_SHIFTED(tag) ((unsigned long)(tag) << 56) +#define KASAN_SET_TAG(addr, tag) (((addr) & ~KASAN_TAG_SHIFTED(0xff)) | \ + KASAN_TAG_SHIFTED(tag)) +#define KASAN_RESET_TAG(addr) KASAN_SET_TAG(addr, 0xff) +#else +#define KASAN_RESET_TAG(addr) addr +#endif + #define MIN_THREAD_SHIFT (14 + KASAN_THREAD_SHIFT) /* @@ -232,7 +241,7 @@ static inline unsigned long kaslr_offset(void) #define __is_lm_address(addr) (!!((addr) & BIT(VA_BITS - 1))) #define __lm_to_phys(addr) (((addr) & ~PAGE_OFFSET) + PHYS_OFFSET) -#define __kimg_to_phys(addr) ((addr) - kimage_voffset) +#define __kimg_to_phys(addr) (KASAN_RESET_TAG(addr) - kimage_voffset) #define __virt_to_phys_nodebug(x) ({ \ phys_addr_t __x = (phys_addr_t)(x); \ @@ -308,7 +317,8 @@ static inline void *phys_to_virt(phys_addr_t x) #endif #endif -#define _virt_addr_is_linear(kaddr) (((u64)(kaddr)) >= PAGE_OFFSET) +#define _virt_addr_is_linear(kaddr) (KASAN_RESET_TAG((u64)(kaddr)) >= \ + PAGE_OFFSET) #define virt_addr_valid(kaddr) (_virt_addr_is_linear(kaddr) && \ _virt_addr_valid(kaddr)) From patchwork Tue Nov 6 17:30:24 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670937 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 445C813BF for ; Tue, 6 Nov 2018 17:31:18 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2F0892ABA2 for ; Tue, 6 Nov 2018 17:31:18 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2C5D22ABC1; Tue, 6 Nov 2018 17:31:18 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 954352ABB0 for ; Tue, 6 Nov 2018 17:31:17 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1D39D6B035C; Tue, 6 Nov 2018 12:30:59 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 1ACCF6B035D; Tue, 6 Nov 2018 12:30:59 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id F41446B035E; Tue, 6 Nov 2018 12:30:58 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) by kanga.kvack.org (Postfix) with ESMTP id 99FE76B035C for ; Tue, 6 Nov 2018 12:30:58 -0500 (EST) Received: by mail-wr1-f69.google.com with SMTP id n14-v6so279345wrv.14 for ; Tue, 06 Nov 2018 09:30:58 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=O1vMMTGgXT5THnLF0kAS8Fu/LaAMqGXOrnmJN3ed1dI=; b=hpULYdsLfe6MZKy+tr4C3qlYDG3ss3QLsfC90qsCLaUorGpQwbiSOOHYFSdrWTRRhA Y1wf7GOI2NrBz/cMaxNqzaTXid01gxN3dMNBud/lPCb0hGzArBOdvE4DXr1w7s/SbQZ1 qDPrFx1EoskyIyurH14IBXvV8AdNLYZYtM/oGqlAp3fwdRWuyY7DXOjyHFkvKrgJ3INl tit7Gxp4/Y1yO/Ly3TmaDpa0bG2H/uun5MplpezxxQjRvaGO3O91atmW5qgcRSorJIV0 9gNUaDwUPT8iqiBbLjDRY6Tn5lAUN4qCFvKOZXiWQhdLb4OmyxodKdZaPPAeiAmsqGpa BSFQ== X-Gm-Message-State: AGRZ1gJbUPqxQMeUfBtqPO8z+yh42fJe/6RJ/XX3lyJ2SST3mTXyPI37 vJ//5xr/ERTuebfgMwsOXSy37XtVUErRtH7g1mllIC2gUGMjysd/dUPMCMS+k7dt9Uuk6Pd96yd RpR3pm1IAArXJ9fjTKtAjlMt38MUyR7UgNiPc6Of9bFkMTcvrGcd87NI1EkaBpDigY3tzjRyT2m lhIUxOdr6IzieJAtx/eIEMG1wxX8lWWd89iWPfxJf5VEymx+IKus9zC7oW+y6BJnJMdTClUXAQx qDecj6fRwDtJY54lZLZuCiIZMZyjqFgKQtLVcP1r48AjabNG87h1ZcDFRTQTGfrxW1j+XLM9vpp gfRGO4RchIHcNNQQ4R8Rny+VMzlKueeWo6d9X6cs/obd4Ldf84VCyXBdbhdN8MHJ/GcuTanxLAn a X-Received: by 2002:adf:ea82:: with SMTP id s2-v6mr16617936wrm.180.1541525458144; Tue, 06 Nov 2018 09:30:58 -0800 (PST) X-Received: by 2002:adf:ea82:: with SMTP id s2-v6mr16617878wrm.180.1541525457049; Tue, 06 Nov 2018 09:30:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525457; cv=none; d=google.com; s=arc-20160816; b=VIwt+yTIGCCw9mhUweCXGzuFuP3N+EualXjMOqtZfSRmBORR7DjJ2QSd9v92S0LUAN z1QfqD21WKRi6dyTnrnbCh1+PgAz+njlIb4CrmZB5imk4G1AqwwTeFmUQl0L8aiSeAtA bpaIEBcfXdsyG/DJYd7DDl1g5R7qNqqlacaR2MbWUaVgOPJos5kRdwlGIt3LbFU1W8kU T5MZmBHp6vhPktPUKHXzhdiCx/cktASsw1lC3zrg/TgVOX/i6MZN6t8UgCqL4Q2Pme+5 nAbOmMDN0idVXGjBfdROw77qvMv0dzysHPEVVtJosjCAX1pM7oCbE76irtcyHCgofFup x8fA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=O1vMMTGgXT5THnLF0kAS8Fu/LaAMqGXOrnmJN3ed1dI=; b=cRO2hw7E9ZNSWdtVAVAwrdpRwh7ToR9k3Ya6wU7KL5I7KfyOpF74xfCYHp80aGWjdD 8qWMDdTF8dXsGPH1YkW3Dl1VY1mckyxJbbGH+CY7HnOF/TEWXssNmM1iMDkI6JktkCsF 1Nu/qUV4vmTZCdmvtFVn1qAvxUXLp46xI7oqk0oRZqblOZ+pJnqLhfy1IdOLOslLm4ee ayCQOaio3cbOkK35Uh0rQbdVQReG3HFEyNYPfwwB6z2y1O/Ql9/hefw5rO9how+zNtze fih05udGW3JYiPud8rNw9jH/JBBvFie0GKTQwzdff5cGVreSmdXg0nfZqONEWfxDRIVt lOtg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=JU9c3Lh5; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id w7-v6sor4540602wrn.19.2018.11.06.09.30.56 for (Google Transport Security); Tue, 06 Nov 2018 09:30:57 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=JU9c3Lh5; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=O1vMMTGgXT5THnLF0kAS8Fu/LaAMqGXOrnmJN3ed1dI=; b=JU9c3Lh5W2wYLQLUGxv+kevVq4L9hn60DTsEYc25P4TeQg+ERcQx2FYrqNFAvEfwbe jqgqDdrR6kuCTDLQ4eWuEQP+DuGe18bR9H3mFPicPIZIOdHQa243yR+g7tRmvCh34XWL u7pHrogECFVqcjMlrB8JlJdq4BoPgjg8+zgcnSMtYkJ4aiTkDac6/UZheFcBy37thRON ii20clEmzr0bTQCUTZyhEib9HP1cOak0Iue3dVihlXHzPci5dFagib7AZS1yImZOR9XA 4/jLQ3Jh/ADBzJEbzF33Ocf39QDTIZBR9QL5ffaIOOlVIESWjJj3WRlpXmCTtsgoJPAC aWtg== X-Google-Smtp-Source: AJdET5fvpmqGThFn+TWNzkerNUYwlOHmwCZNa3bl6LBLNUt6/mMfc5adpzrhtoxCTLMvuK3yymuxVA== X-Received: by 2002:adf:8b0a:: with SMTP id n10-v6mr22592268wra.282.1541525456128; Tue, 06 Nov 2018 09:30:56 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.30.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:30:55 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 09/22] kasan: add tag related helper functions Date: Tue, 6 Nov 2018 18:30:24 +0100 Message-Id: X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP This commit adds a few helper functions, that are meant to be used to work with tags embedded in the top byte of kernel pointers: to set, to get or to reset (set to 0xff) the top byte. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- arch/arm64/mm/kasan_init.c | 2 ++ include/linux/kasan.h | 13 +++++++++ mm/kasan/kasan.h | 55 ++++++++++++++++++++++++++++++++++++++ mm/kasan/tags.c | 37 +++++++++++++++++++++++++ 4 files changed, 107 insertions(+) diff --git a/arch/arm64/mm/kasan_init.c b/arch/arm64/mm/kasan_init.c index 18ebc8994a7b..370b19d0e2fb 100644 --- a/arch/arm64/mm/kasan_init.c +++ b/arch/arm64/mm/kasan_init.c @@ -249,6 +249,8 @@ void __init kasan_init(void) memset(kasan_zero_page, KASAN_SHADOW_INIT, PAGE_SIZE); cpu_replace_ttbr1(lm_alias(swapper_pg_dir)); + kasan_init_tags(); + /* At this point kasan is fully initialized. Enable error messages */ init_task.kasan_depth = 0; pr_info("KernelAddressSanitizer initialized\n"); diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 7f6574c35c62..4c9d6f9029f2 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -169,6 +169,19 @@ static inline void kasan_cache_shutdown(struct kmem_cache *cache) {} #define KASAN_SHADOW_INIT 0xFF +void kasan_init_tags(void); + +void *kasan_reset_tag(const void *addr); + +#else /* CONFIG_KASAN_SW_TAGS */ + +static inline void kasan_init_tags(void) { } + +static inline void *kasan_reset_tag(const void *addr) +{ + return (void *)addr; +} + #endif /* CONFIG_KASAN_SW_TAGS */ #endif /* LINUX_KASAN_H */ diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index 19b950eaccff..f16bee55b610 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -8,6 +8,10 @@ #define KASAN_SHADOW_SCALE_SIZE (1UL << KASAN_SHADOW_SCALE_SHIFT) #define KASAN_SHADOW_MASK (KASAN_SHADOW_SCALE_SIZE - 1) +#define KASAN_TAG_KERNEL 0xFF /* native kernel pointers tag */ +#define KASAN_TAG_INVALID 0xFE /* inaccessible memory tag */ +#define KASAN_TAG_MAX 0xFD /* maximum value for random tags */ + #define KASAN_FREE_PAGE 0xFF /* page was freed */ #define KASAN_PAGE_REDZONE 0xFE /* redzone for kmalloc_large allocations */ #define KASAN_KMALLOC_REDZONE 0xFC /* redzone inside slub object */ @@ -126,6 +130,57 @@ static inline void quarantine_reduce(void) { } static inline void quarantine_remove_cache(struct kmem_cache *cache) { } #endif +#ifdef CONFIG_KASAN_SW_TAGS + +#define KASAN_PTR_TAG_SHIFT 56 +#define KASAN_PTR_TAG_MASK (0xFFUL << KASAN_PTR_TAG_SHIFT) + +u8 random_tag(void); + +static inline void *set_tag(const void *addr, u8 tag) +{ + u64 a = (u64)addr; + + a &= ~KASAN_PTR_TAG_MASK; + a |= ((u64)tag << KASAN_PTR_TAG_SHIFT); + + return (void *)a; +} + +static inline u8 get_tag(const void *addr) +{ + return (u8)((u64)addr >> KASAN_PTR_TAG_SHIFT); +} + +static inline void *reset_tag(const void *addr) +{ + return set_tag(addr, KASAN_TAG_KERNEL); +} + +#else /* CONFIG_KASAN_SW_TAGS */ + +static inline u8 random_tag(void) +{ + return 0; +} + +static inline void *set_tag(const void *addr, u8 tag) +{ + return (void *)addr; +} + +static inline u8 get_tag(const void *addr) +{ + return 0; +} + +static inline void *reset_tag(const void *addr) +{ + return (void *)addr; +} + +#endif /* CONFIG_KASAN_SW_TAGS */ + /* * Exported functions for interfaces called from assembly or from generated * code. Declarations here to avoid warning about missing declarations. diff --git a/mm/kasan/tags.c b/mm/kasan/tags.c index 04194923c543..700323946867 100644 --- a/mm/kasan/tags.c +++ b/mm/kasan/tags.c @@ -38,6 +38,43 @@ #include "kasan.h" #include "../slab.h" +static DEFINE_PER_CPU(u32, prng_state); + +void kasan_init_tags(void) +{ + int cpu; + + for_each_possible_cpu(cpu) + per_cpu(prng_state, cpu) = get_random_u32(); +} + +/* + * If a preemption happens between this_cpu_read and this_cpu_write, the only + * side effect is that we'll give a few allocated in different contexts objects + * the same tag. Since tag-based KASAN is meant to be used a probabilistic + * bug-detection debug feature, this doesn’t have significant negative impact. + * + * Ideally the tags use strong randomness to prevent any attempts to predict + * them during explicit exploit attempts. But strong randomness is expensive, + * and we did an intentional trade-off to use a PRNG. This non-atomic RMW + * sequence has in fact positive effect, since interrupts that randomly skew + * PRNG at unpredictable points do only good. + */ +u8 random_tag(void) +{ + u32 state = this_cpu_read(prng_state); + + state = 1664525 * state + 1013904223; + this_cpu_write(prng_state, state); + + return (u8)(state % (KASAN_TAG_MAX + 1)); +} + +void *kasan_reset_tag(const void *addr) +{ + return reset_tag(addr); +} + void check_memory_region(unsigned long addr, size_t size, bool write, unsigned long ret_ip) { From patchwork Tue Nov 6 17:30:25 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670943 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 42E8413BF for ; Tue, 6 Nov 2018 17:31:22 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2A3172ABCA for ; Tue, 6 Nov 2018 17:31:22 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1CA4A2ABD4; Tue, 6 Nov 2018 17:31:22 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 97B1C2ABCA for ; Tue, 6 Nov 2018 17:31:21 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B484F6B035D; Tue, 6 Nov 2018 12:31:00 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id AFAFA6B035E; Tue, 6 Nov 2018 12:31:00 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 973526B035F; Tue, 6 Nov 2018 12:31:00 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) by kanga.kvack.org (Postfix) with ESMTP id 409886B035D for ; Tue, 6 Nov 2018 12:31:00 -0500 (EST) Received: by mail-wr1-f72.google.com with SMTP id 37-v6so12407149wrb.15 for ; Tue, 06 Nov 2018 09:31:00 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=T48YNHXSNi4eeu2bzn4PMsbpUkqEeLL24cz/k9DQXN4=; b=mD6Kpzev24OdskLrQfQ8kXvr7S8QQk2V96o0hG4dg6qqIOEyyBfxJMg8qpGhBU7ShN wdS9ga5pD7JIjW/bz0rdB0gQ2GK9fDA56kzTUze11TOSOXW/DcmvlLsrkGb/f/WrgX/8 lFoRniHkijS4KRcUKjB4VMEbMepE1FjdgKhpDQIx/UqLYUXLWyJpvGnprrTUEkkXzH0H 1db72iacxU0zxOzgxOA5nM/Jg1gxW8S7MDVdKrhcqlK4CtqmjMHN4YtHtnupIVeQZ1p7 iDybKpD6UTlLVAJBzy+ZWaFIRMfxA4y9C+Vgi8EueJkZDQ5Y+zGm78EL/12rcs2X/+0Y NFZA== X-Gm-Message-State: AGRZ1gIb+Un0/a29BLGs6I8LigUAeXbQT8EZMe8euhvzyKe0ztGwWjyS /LVfWTQ4Qcw9abts01DMkelWa1t4X/6bQ5pBVPblQpSH1kIuh9MKsBbN2SddlhoetB+NjNqR5YY E5nsZxIooHiry+nZMoNvmsNoX2l3I1CXEJBNtw9pOOX8cp6NiVXzmPpwBeTM0kYEqRIHZkKftMt S78ck3SWzJcVIdik/Yn5VIexUYph3yKW2yYAJ2SeIBQjGDEcpGTCBXgMVEV8fUBtD0PNGar1Vqn vPkLCXC8dPg8iHYsfEEDJDTQ/dazIPhCTzDesCdIcKPmZ/UygLVoragnCxKEmmU2sE/892nFvbF W89kWjPrLUcYjt0uxqO+YNdNaijR3GCa8/7z9YjnVHMzbLCsetJsHsnH8yZIYsPb2PiIvadZrIW f X-Received: by 2002:a5d:6a8d:: with SMTP id s13-v6mr9397405wru.179.1541525459792; Tue, 06 Nov 2018 09:30:59 -0800 (PST) X-Received: by 2002:a5d:6a8d:: with SMTP id s13-v6mr9397334wru.179.1541525458573; Tue, 06 Nov 2018 09:30:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525458; cv=none; d=google.com; s=arc-20160816; b=dKsgdBUfrcC06TVC/Y1LtGdT2/AQGSohrhTxohvb3o5NfKSUBIpyTH36URM1C4UHUg SKz+NCEr4vEj4AynFiUiUXU4/5UtscWLgir7m1ezDeOfnOdSofHwrrhjyyoJj/vaKk89 8HosQi5fzDpqR+JD93WoqAd/R1bMCNvUNmz8rCGFdWfexLPQowxchgKN/3jKtAG+6Yyp DRaFWi/3JRb+DDRIPTf057JQj/SYrm0862jC+lVH+FOeAxTOSe2VO5p8UYa9V9auBMOU +ebzdEBszFIjYRNgM55v6Nt4Qp1Vem8uYCsYZgu9331NXzx0zGfixUM86jGzSJUcQpnH yMzg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=T48YNHXSNi4eeu2bzn4PMsbpUkqEeLL24cz/k9DQXN4=; b=Dbh4vWtloNXm5fCxTcqXufMesgW+3/zi+s7wIgeTWUv10HXaf317iLjwqm5H/w9kpW HkMASVajYmmBfxUlnANzG8DB+xsuuAlftWFGrUMF6QXEvKeu8rE0S6gSv7Diy7pHGy9J Q2Pt4IEBtb5lQ+aW068CCsLkctnVDdxDBSZj5q7Ab2eIaCR83BFyjAt1wz3U5ZxKOKvU safXwbHeQU12rA8IyfWeJ8FFMPV8/8MXegCmt+mf4rwSgE3hAC3ueZ5apyIHCk5C+lWW +WkL6vsuzX3qZRfijVlVINl2MP7Uy04Cs1x/U9wzpq4dlZ/PeKVkei5RMMWtak0n+MuO fNcg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=loc8gPpA; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id p127-v6sor1697443wmd.28.2018.11.06.09.30.58 for (Google Transport Security); Tue, 06 Nov 2018 09:30:58 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=loc8gPpA; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=T48YNHXSNi4eeu2bzn4PMsbpUkqEeLL24cz/k9DQXN4=; b=loc8gPpA6BsyBfsLQZ1xJJK8SKgPFvND8p3yzI24gRT2R2tnyR8tmqImgBFESqB8u6 PsKYO6u6js23G9tUx/zXdhJPXl+StChQkny+zenERtzcQKXZX8ErExSxCBBX0yJgxY9q ixayJsgrtswgOvbM6wpAqylRzFKJAPeUvLDsu3CzamxYGtDIKdwUQIQqlWUq2a9OtTnM YJ3/ly3iHAfyh/CxczjrHcrrDPYqCFrsso3DtMOk5fQuf3lw29WfInkABtCJROdU18/4 tb44qp9/xEdYSkh/b4qqUwewkJgv1o4YKZIPZTgkYWer1OOoqUZO6eD68PC/TJpFaWzl /5Zg== X-Google-Smtp-Source: AJdET5cxhc/meAOXt3ESBWUaU6vT9ON5JhSvHyq74Qc/JQ1ollGs24FteiQAUYp/Kw4/4V5LhOwRHw== X-Received: by 2002:a1c:d78e:: with SMTP id o136-v6mr2759533wmg.124.1541525458005; Tue, 06 Nov 2018 09:30:58 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.30.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:30:57 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 10/22] kasan: preassign tags to objects with ctors or SLAB_TYPESAFE_BY_RCU Date: Tue, 6 Nov 2018 18:30:25 +0100 Message-Id: X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP An object constructor can initialize pointers within this objects based on the address of the object. Since the object address might be tagged, we need to assign a tag before calling constructor. The implemented approach is to assign tags to objects with constructors when a slab is allocated and call constructors once as usual. The downside is that such object would always have the same tag when it is reallocated, so we won't catch use-after-frees on it. Also pressign tags for objects from SLAB_TYPESAFE_BY_RCU caches, since they can be validy accessed after having been freed. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- mm/slab.c | 2 +- mm/slub.c | 24 ++++++++++++++---------- 2 files changed, 15 insertions(+), 11 deletions(-) diff --git a/mm/slab.c b/mm/slab.c index 26f60a22e5e0..27859fb39889 100644 --- a/mm/slab.c +++ b/mm/slab.c @@ -2574,7 +2574,7 @@ static void cache_init_objs(struct kmem_cache *cachep, for (i = 0; i < cachep->num; i++) { objp = index_to_obj(cachep, page, i); - kasan_init_slab_obj(cachep, objp); + objp = kasan_init_slab_obj(cachep, objp); /* constructor could break poison info */ if (DEBUG == 0 && cachep->ctor) { diff --git a/mm/slub.c b/mm/slub.c index e739d46600b9..08740c3f3745 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -1451,16 +1451,17 @@ static inline bool slab_free_freelist_hook(struct kmem_cache *s, #endif } -static void setup_object(struct kmem_cache *s, struct page *page, +static void *setup_object(struct kmem_cache *s, struct page *page, void *object) { setup_object_debug(s, page, object); - kasan_init_slab_obj(s, object); + object = kasan_init_slab_obj(s, object); if (unlikely(s->ctor)) { kasan_unpoison_object_data(s, object); s->ctor(object); kasan_poison_object_data(s, object); } + return object; } /* @@ -1568,16 +1569,16 @@ static bool shuffle_freelist(struct kmem_cache *s, struct page *page) /* First entry is used as the base of the freelist */ cur = next_freelist_entry(s, page, &pos, start, page_limit, freelist_count); + cur = setup_object(s, page, cur); page->freelist = cur; for (idx = 1; idx < page->objects; idx++) { - setup_object(s, page, cur); next = next_freelist_entry(s, page, &pos, start, page_limit, freelist_count); + next = setup_object(s, page, next); set_freepointer(s, cur, next); cur = next; } - setup_object(s, page, cur); set_freepointer(s, cur, NULL); return true; @@ -1599,7 +1600,7 @@ static struct page *allocate_slab(struct kmem_cache *s, gfp_t flags, int node) struct page *page; struct kmem_cache_order_objects oo = s->oo; gfp_t alloc_gfp; - void *start, *p; + void *start, *p, *next; int idx, order; bool shuffle; @@ -1651,13 +1652,16 @@ static struct page *allocate_slab(struct kmem_cache *s, gfp_t flags, int node) if (!shuffle) { for_each_object_idx(p, idx, s, start, page->objects) { - setup_object(s, page, p); - if (likely(idx < page->objects)) - set_freepointer(s, p, p + s->size); - else + if (likely(idx < page->objects)) { + next = p + s->size; + next = setup_object(s, page, next); + set_freepointer(s, p, next); + } else set_freepointer(s, p, NULL); } - page->freelist = fixup_red_left(s, start); + start = fixup_red_left(s, start); + start = setup_object(s, page, start); + page->freelist = start; } page->inuse = page->objects; From patchwork Tue Nov 6 17:30:26 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670949 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5B93213BF for ; Tue, 6 Nov 2018 17:31:26 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 44D452ABBF for ; Tue, 6 Nov 2018 17:31:26 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 41D192ABCC; Tue, 6 Nov 2018 17:31:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B3BC42AB5C for ; Tue, 6 Nov 2018 17:31:25 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A5FC36B0364; Tue, 6 Nov 2018 12:31:02 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id A385A6B0366; Tue, 6 Nov 2018 12:31:02 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8B8B96B0367; Tue, 6 Nov 2018 12:31:02 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by kanga.kvack.org (Postfix) with ESMTP id 274956B0364 for ; Tue, 6 Nov 2018 12:31:02 -0500 (EST) Received: by mail-wm1-f72.google.com with SMTP id c64-v6so11381012wma.2 for ; Tue, 06 Nov 2018 09:31:02 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=rI9jB7TmpIHEDx4oMZya4ulbXmsHhxN+ATa3+HN3hoo=; b=Ww8mmtcGzEQ1waCxJ5GaFjP18jnevVAmhI1/vX2KjBKreVhA+pAuaOzGl5IBo9l+Gu dG1fOo9ukQLidd2E9rVHwF/dyLkaQhzXQLe8Qz4BsKkXSB/3dFU3jFyFn/G+H9ITMzeT wswwCFqz+r1D6XS96pAzJBn0i/2MnUch2YLyirNym8XVEFLh8f7JV67CzwbaO6AHltDo OkXapH3VedYJzaIXVeO95fnQMRcs+BZaRqRahuto24ZzXSFHKf8qvfZSYIilI8C/Rg79 5MRDz1iFQHwSumRwUqYRFoLWV9B7GRsfWkXEXw+5Aw+tV/w3Vhwll0SyGLeCgEQRChuS VoSQ== X-Gm-Message-State: AGRZ1gKA0GHVhCa31twV0gBqmvV+c5auA7xbzTgdawzMsb+ct7YTdBCq 45CpBylDScZolB753IALvdDxLPj2LVzNzyPlCOXtdHUDM6+hs6Sp82Jabf9rVNaWd7qxUj4Ar9z 4Ai8om1J5t8wkth2dlu2cIf4vaHEnPKBQwYCdEhWbGIL2qLsNiDml3sDg+PGCF8x9BYYQzxZO8K MpouKZMINDznGeE7g3wfjpfsY4ETkiyMJkrdTubiLfxQjO5ING9MBRtdzsJKFXgkHajGSgw7GJG vTHNaoGJjqelZy+U4yAYsBcFIG1siE44xzPsf5NsVgGQWCJfLqoO3Z5uKYCOvKvdqmBBHEz+m0A N8CtVk2K7JUlbubnZbftdnSpwI7tOa7r5xlzFVY96vkvq8LEuHqzNWXqpBypdRZS/plO9/OL/JU U X-Received: by 2002:a1c:9182:: with SMTP id t124-v6mr2683662wmd.8.1541525461447; Tue, 06 Nov 2018 09:31:01 -0800 (PST) X-Received: by 2002:a1c:9182:: with SMTP id t124-v6mr2683613wmd.8.1541525460472; Tue, 06 Nov 2018 09:31:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525460; cv=none; d=google.com; s=arc-20160816; b=pqLLuW0DMXSeY56Q0K8ieJcGbvUliXgL/f+OVI+G83n8TN145K8hokaCy9twTXqUSW dkFp15ooMCsc9PHGOGtopRePCc6M1105HJiGBQT/vMB+s9LO4IGl1b/bicN63ySbbGRa zMvjdCi74FilHb3EzjeUL9tqFSP4m3wQLSy3oDL0dz8bKPlCzGKC9CxSp2QXqH9h+D9j +Al7be6giekzLZo16DuLQh4vdpRcysWn216+jrL761ec5Y7z8vI9oxlQNKZcnqD/RW1Z bX5/c6Mf63GBmJ1Y0ERTf8mmcOlvcQPBPPhPMEmQkbAj6dERTUctKEyJvsH9k7EJucv/ QdiA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=rI9jB7TmpIHEDx4oMZya4ulbXmsHhxN+ATa3+HN3hoo=; b=cm2L2DdKEoGyd6HYbL+wCw74yd46MPTVE02c9IMhI662naHKlXk0h1RQjz2yS0t/kw 2RBNca6MDxwhwj6XbS1LN9qSX4cP/EtCvQnaVFw94G/o9t9HW9323Rhl2rpvtkmZcWJ0 59sPLyVuIbfVWQ5l6R3RkyXtYLd84aCG0pNwEp/G3m7iDOyPm7HKNWqlLB2VuphDVPuo newuhSo4ylUpa+Vq7Y9WybnQDdhltDRg/V5Fxq5Wxm0YI/h129zzSQmwKlYW1ZDCiGEE 9IgZc5t3eJ48DvmMDULrN24Mz9PRh6P6fA1wMY8Lvz8tpZ3usXY2hnTl3VizP8iZx8xQ C4UQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=udLfAObm; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id n2-v6sor1699874wma.14.2018.11.06.09.31.00 for (Google Transport Security); Tue, 06 Nov 2018 09:31:00 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=udLfAObm; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=rI9jB7TmpIHEDx4oMZya4ulbXmsHhxN+ATa3+HN3hoo=; b=udLfAObmnevegDvmjvehrjJ6fumrvuolhCuOXNHOAd13A3IJR05UKexovQypoDryBl xLOfxlCW403tvGmJitkdVnWP7/inh2psYBnbktlBrzAK8mjKmw6moztKW1XJ6QYWQM1F 3PRa4CiYmZw0K3YGr1xsblXGBg4vv7sPsZssjowCWXs25jv1SARq4KappkjxjvWnJsDF 1tuvR5qdMddlKt/5Yj0fwcYGGAnCShDN/OSzNjeL+0o2oVf1rTI++h3oVLiW2rGdCUd2 hw2TBR1eOAjs9cRRTBWTQw9tCVAM1ZZAc8GBO34Bg7TV9cfuAYpgnPpRsVM/RsfLCtNr i8kQ== X-Google-Smtp-Source: AJdET5cXF3fWWc+IszXIBT7xTDA/coT3Nkazw/U/NtSkMe85oUqeoQTw9O2ShjMSgQDgFzZmWWgchA== X-Received: by 2002:a1c:1c0c:: with SMTP id c12-v6mr2675547wmc.18.1541525459907; Tue, 06 Nov 2018 09:30:59 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.30.58 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:30:58 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 11/22] mm: move obj_to_index to include/linux/slab_def.h Date: Tue, 6 Nov 2018 18:30:26 +0100 Message-Id: X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP While with SLUB we can actually preassign tags for caches with contructors and store them in pointers in the freelist, SLAB doesn't allow that since the freelist is stored as an array of indexes, so there are no pointers to store the tags. Instead we compute the tag twice, once when a slab is created before calling the constructor and then again each time when an object is allocated with kmalloc. Tag is computed simply by taking the lowest byte of the index that corresponds to the object. However in kasan_kmalloc we only have access to the objects pointer, so we need a way to find out which index this object corresponds to. This patch moves obj_to_index from slab.c to include/linux/slab_def.h to be reused by KASAN. Acked-by: Christoph Lameter Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- include/linux/slab_def.h | 13 +++++++++++++ mm/slab.c | 13 ------------- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/include/linux/slab_def.h b/include/linux/slab_def.h index 3485c58cfd1c..9a5eafb7145b 100644 --- a/include/linux/slab_def.h +++ b/include/linux/slab_def.h @@ -104,4 +104,17 @@ static inline void *nearest_obj(struct kmem_cache *cache, struct page *page, return object; } +/* + * We want to avoid an expensive divide : (offset / cache->size) + * Using the fact that size is a constant for a particular cache, + * we can replace (offset / cache->size) by + * reciprocal_divide(offset, cache->reciprocal_buffer_size) + */ +static inline unsigned int obj_to_index(const struct kmem_cache *cache, + const struct page *page, void *obj) +{ + u32 offset = (obj - page->s_mem); + return reciprocal_divide(offset, cache->reciprocal_buffer_size); +} + #endif /* _LINUX_SLAB_DEF_H */ diff --git a/mm/slab.c b/mm/slab.c index 27859fb39889..d2f827316dfc 100644 --- a/mm/slab.c +++ b/mm/slab.c @@ -406,19 +406,6 @@ static inline void *index_to_obj(struct kmem_cache *cache, struct page *page, return page->s_mem + cache->size * idx; } -/* - * We want to avoid an expensive divide : (offset / cache->size) - * Using the fact that size is a constant for a particular cache, - * we can replace (offset / cache->size) by - * reciprocal_divide(offset, cache->reciprocal_buffer_size) - */ -static inline unsigned int obj_to_index(const struct kmem_cache *cache, - const struct page *page, void *obj) -{ - u32 offset = (obj - page->s_mem); - return reciprocal_divide(offset, cache->reciprocal_buffer_size); -} - #define BOOT_CPUCACHE_ENTRIES 1 /* internal cache of cache description objs */ static struct kmem_cache kmem_cache_boot = { From patchwork Tue Nov 6 17:30:27 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670953 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3BB1915E9 for ; Tue, 6 Nov 2018 17:31:30 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 25F752AB30 for ; Tue, 6 Nov 2018 17:31:30 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2339E2ABCA; Tue, 6 Nov 2018 17:31:30 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A62392ABBF for ; Tue, 6 Nov 2018 17:31:29 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B49886B0366; Tue, 6 Nov 2018 12:31:03 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id B20EC6B0368; Tue, 6 Nov 2018 12:31:03 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9C3156B0369; Tue, 6 Nov 2018 12:31:03 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com [209.85.221.71]) by kanga.kvack.org (Postfix) with ESMTP id 468896B0366 for ; Tue, 6 Nov 2018 12:31:03 -0500 (EST) Received: by mail-wr1-f71.google.com with SMTP id a8-v6so12189207wrr.16 for ; Tue, 06 Nov 2018 09:31:03 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=gQItUgY2gYwGKzTfMCUdpYoluo1ZEefUN3xekUmwX5I=; b=FrNjrYit7z1o26c9Tcya2NVXYKOzUXAgJ81oKVAxySs2vfswVkDWdGGtQSTc2b09Pz ZYUf+oUn2+A4vvzmwVBhqLCBkNeOLBe+u2zBKEmhisjOqmjuRSOKGPmSzIgTfRnlWMev /qqUFd0H72WSZ5nzMLLgh3z7KGsN58ynM1dhCE9uPq0af6X2aOT+TXdQCw8DuavOq1U5 f3l3AxCDK63JHGtNql6jpDZQq7Gk6vgsNxHWpPJQ9fv33H29l1/DqW8jEsUPAtZM6Ghb N0vvv0bcyHu+AuuMpR0zAsB1eCpl0Q4kaLJzfME2g9B1fqpKIQJat10H26T9wh6fM8JQ K2Zg== X-Gm-Message-State: AGRZ1gKWgkKlU7rHk4tOMHW4bt+V/t1H8BTIMFoZOGB//8daJ9Ds/ZMX ff03L999I+hFTdYv1Ks0h/oTS9hDoa0qokG7ihzybGBQG9faqjnkq0Us3MZh/b8+u+N48NLwvFH ygTmJ7L3ZvNAbUkBKuYLXXwc9vwGk+1d4QKTyI2aoOb3anvl7hYKaY5slPX+yFumjYycF5Sl/wc 7kIlzjQo74leKshcbwrZvzSrCLQce8ZUewaf69EiigBi1WkL7+oqiOur2NQZ7xlP19q0HIAXSOV TiiklAeQa7o+DXobabs2HzVT0sxAu6rvgnM8QQUz4FuKTlI8V+m2lNNZDrCUreRdTUUcBQW7dZX W2arVyPqoEfVc2ORLhA7pYrYo/pl1vQiKWWtqOO2BdU+SL98LoauX98tlsZhVdFSDOpXhxV0WYI v X-Received: by 2002:a1c:7dd7:: with SMTP id y206-v6mr2933273wmc.78.1541525462717; Tue, 06 Nov 2018 09:31:02 -0800 (PST) X-Received: by 2002:a1c:7dd7:: with SMTP id y206-v6mr2933227wmc.78.1541525461858; Tue, 06 Nov 2018 09:31:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525461; cv=none; d=google.com; s=arc-20160816; b=AvDvDir0k+2Pf9rDnuqru8RDn6tfkSMUqOUHJnaJpH1pXHimpMqA0XGt3ZIZkNDoEk Rk/FBiwgsLjTpor6jcFCbCCzQHBuizbLUsYLQNeJiKF06uzer//OdA/F1uwzoeBtkDAn r6Dc7kva0ORiqZYp/ZZeCyXz/0CmYRvFff9UouTQqVH6qmP6VLzEXKydzJ8HlYmlSBhg xjG0a4RcYofPr8yotQSrs5LKC3KhuVkQLBvu7+a5oAJ6+6i3xyqIjwHSvkPRiv09Zwgi IPPZbiWz1X8+/0B3rQfDlgzWVO+wS/DC4kKvwXPo2DqXGRNUpHSKFVMQt4/f7lq6E1G8 UzuA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=gQItUgY2gYwGKzTfMCUdpYoluo1ZEefUN3xekUmwX5I=; b=X0Ee957VJQ+8ps6pSCHXGxa/mjw4bwGwTwAbvvE6FwiHu33XnMZ1UOke1hR3NS4Z74 LOs0VKgwNVCeDhXLoMRuDrI4+eb2PHKKAtoK5cysj8toZ8TIQUEwdRo5MuASBvSM2isK izfk2W8bxjxWCcdlWPRP7Qt1b6PcLbxsjz8fjfoo6Wh2Z2qGbbyoUDbiZdbj3lkuLeEU c1ZF+fvWzrt4R9SF0+5rnG7/RE71OyBcoQ14yVl06uN2wIOdLI2PmjrkvBL8N4vGJhXl UFBPk3lqSbEG5mJuphaRPZ+q959t1im0HQGg8LcucJL1U6ibLXVJZXXYIKt3gQva3oF7 yWkA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=NCUfaaky; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id 3-v6sor1645702wmd.3.2018.11.06.09.31.01 for (Google Transport Security); Tue, 06 Nov 2018 09:31:01 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=NCUfaaky; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=gQItUgY2gYwGKzTfMCUdpYoluo1ZEefUN3xekUmwX5I=; b=NCUfaakydyP1mEvjAcq8JqZWWvdcWMF4TaNfXTuOsryR1QLHPetRjJptGyLqia1LZ+ Ez1ekzw0lIFJ5zjJ3XMv0NGNc/pM04k26s037zRcMLaiQu2rwvOojgssKOv9bj3TUkKH j4LlZXbpr2MmixQik019u26VRZ068PYuvDqTRX00emE+RaLbDhlG9S3rqgy+rfR84VN8 vHzyWrq2sL6WmXv0GqN3HiTlTzotv9mWtuiirsp2rfxQyxAocP1ytm9By7vHNEzCp7pn UCA1eM2qOccn1KI00dbkHUrGtgR+uj1A6jGQc30kzEZb/2SowEoFdUPv7lcsBaxlqWRD 26Uw== X-Google-Smtp-Source: AJdET5ewibFtIOBChjomp4ASbXPo7qin6bueX7L2jOoKAZ7ADOmOLeDKrR8tezhA6WYSL8tTi7qH3A== X-Received: by 2002:a1c:b8d:: with SMTP id 135-v6mr2659929wml.128.1541525461350; Tue, 06 Nov 2018 09:31:01 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.31.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:31:00 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 12/22] kasan, arm64: fix up fault handling logic Date: Tue, 6 Nov 2018 18:30:27 +0100 Message-Id: <4891a504adf61c0daf1e83642b6f7519328dfd5f.1541525354.git.andreyknvl@google.com> X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP show_pte in arm64 fault handling relies on the fact that the top byte of a kernel pointer is 0xff, which isn't always the case with tag-based KASAN. This patch resets the top byte in show_pte. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- arch/arm64/mm/fault.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c index 7d9571f4ae3d..d9a84d6f3343 100644 --- a/arch/arm64/mm/fault.c +++ b/arch/arm64/mm/fault.c @@ -32,6 +32,7 @@ #include #include #include +#include #include #include @@ -141,6 +142,8 @@ void show_pte(unsigned long addr) pgd_t *pgdp; pgd_t pgd; + addr = (unsigned long)kasan_reset_tag((void *)addr); + if (addr < TASK_SIZE) { /* TTBR0 */ mm = current->active_mm; From patchwork Tue Nov 6 17:30:28 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670955 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1CBDF15E9 for ; Tue, 6 Nov 2018 17:31:34 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 078932ABD3 for ; Tue, 6 Nov 2018 17:31:34 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id EFC9D2ABB2; Tue, 6 Nov 2018 17:31:33 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 701922ABCA for ; Tue, 6 Nov 2018 17:31:33 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1B0046B0368; Tue, 6 Nov 2018 12:31:05 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 110566B036B; Tue, 6 Nov 2018 12:31:05 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id F17956B036C; Tue, 6 Nov 2018 12:31:04 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) by kanga.kvack.org (Postfix) with ESMTP id 9C4D16B0368 for ; Tue, 6 Nov 2018 12:31:04 -0500 (EST) Received: by mail-wr1-f69.google.com with SMTP id v2-v6so12354153wrn.0 for ; Tue, 06 Nov 2018 09:31:04 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=sOnyIwb2g3YxDULpafZlyhPhyp1dzLGOVnhzsxDldCc=; b=E2zlVGL4nvIzsyGCoPW/K41Nm6dqKNbvT4rpGNIIcD63x20Dd1CnnLblN7BGiIce98 9ATU1LQPvwpg6ngysgkGwvpHoYV2UZV6BGg36Zdh42STY5OQg5kw9pvYn1hSp6tL+iLQ dH7WDg4JAbW4JjfUX4aI78HPp13+y/H6NHKeVbTv42lajMgdZmeAOSLBEUBiHaP8uAej xMMt/B4zUAY2dM2Unz8UQwp79QDmM4xpdd3W7LsozK14cj9+iDuNaDPA5u0um/kF+jlq 0bw3pQTP95rqbVFSCT/FzoJPska/f9U7w/Ng2gCa5aPP3BC5Eyksg3RUBFKSgDV4UoYY C1Lg== X-Gm-Message-State: AGRZ1gJWJBKejHmCcqAfsXYy5eMS7V20okJgSITsMBWWOtI4cGI05bdK hfWCU/nY2nWxSsQz+PcCkKjuG/Qq3WwN5QxGs9qRIHr9r8YzQtkYpYOw1ZSaY+7wISQ+5P0DOuN 1tDcFJdPRgrKkdSPRLgOP2379frOezTBZXkywFRFHT0mgJFNeLHhcHiKjJEJsaDVgD9aVgIObIA F2n+L7A0Tf2eCKCuWL1i13CAHa9F9OJsfERAyXRcKd5bLH6CmwHW8Xrepc0o0LSHnIHwRPq71Y+ g9+K0ZhhEByvVwci42pQASXe06hcJ3w13eY3Lw/EQoixULElH6zXA8qwnyCjP7pug86uAJq76GM U2OnHIkOfKSsxuvLaUSactzgyX0v/ZPsPWecepO+9hCNEofDKTnNj4y/QnzSZGtFFO2UX5DfjmB i X-Received: by 2002:adf:8281:: with SMTP id 1-v6mr25098927wrc.252.1541525464151; Tue, 06 Nov 2018 09:31:04 -0800 (PST) X-Received: by 2002:adf:8281:: with SMTP id 1-v6mr25098867wrc.252.1541525463431; Tue, 06 Nov 2018 09:31:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525463; cv=none; d=google.com; s=arc-20160816; b=wko9u+smofue7rgAqCSVhyZMWXD8+Jz/qSqC9mKe5qfer1hR3jqB+L7zGIx87RsSK5 ACQ8AMDN56NFi8hrVSXpMNLvMtjYLYXXf/7LWl4wieEFhWeSPvQRQmz0AjYlXjWDfwAg JvlLRfB262JVuDkV/V1y8/y5Pi+vKmpuKVqcx1zzrM3sToQNTUVdDv4LGSWiGW6qsu5o 2/1gCq3zeT9njwYbLE2PelRj+katmfH7G70VVyCcyCGktM1zZ9Echxnqt+UgHH2n1vld HPxwfnFmGWZ7ewSqhxE1R7xkexATWF6imM02gFDZp8rL334gMvxRvtbBD0xDvii69bxu M8mw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=sOnyIwb2g3YxDULpafZlyhPhyp1dzLGOVnhzsxDldCc=; b=tu/60ujxYCCYzmdOpqs+D2rR9pQZhifRe4FGOiaCTWWk3KNXwqdZLl/BV55ZO3JANT bqODoKsI7n0IPYKfI+dd/QhOCUjmbNRVWOdgejFbBa/8FlKcIqvCRnaZoC1KJLojQOXS 5j9LkSw3J7vUjQBNxjbRUTZ8tgPFq+kiPc20iol++rbIAVe7vtzYljidAmBxa1sEIHX4 Ogn1a2PWZou6eK3bCeR5hoYoWjI1kaXEMk7Ikyn82jLLYqeT69w1Zjet33UzJUSxmMP3 df7Z/Dz+52qP5Bug9zh6BGSlBr8CX8p/9eG3zjKVudldNRWUxqA5d+TkJaDPC64T02w2 GcJw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=ieZmaKlh; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id p8-v6sor28092928wru.4.2018.11.06.09.31.03 for (Google Transport Security); Tue, 06 Nov 2018 09:31:03 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=ieZmaKlh; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=sOnyIwb2g3YxDULpafZlyhPhyp1dzLGOVnhzsxDldCc=; b=ieZmaKlhZlcp0nmdwsRMlwjHIcMezXernL9yhKeVBPEgaZe62JZ+moMlMYHN6OWt/y rf3+57+dn6ZDMstn+SzB67CvHJUI6P1QFkf4QdNTBVtEydktJ54bZbtWTGYOUNkhq/Ck uCam1MXgX6T3RjfXcTQv1WaOPZOyzeBgZVRItFC8NeBOdIrskJv/VP7FwaJ/31al//4P p85j+2gjRtMwM4y0Ln2ytkDjR4ZA85EkPv/Bprts1gXeW33iSn8U1iW44Mj3hUgIorF7 vVFMmVbUbb99FfgXclwNO7mI/BTGpp1mHauUX+/h0ACe7g1L6GxcEbPe98hwyCWx6KGV m9Kw== X-Google-Smtp-Source: AJdET5e46JoBZfK+Mq6DCn35SKPr5NomvZUUHR+HaT+Vry+XqsfzQeNViUT2xlwDScnnnVPOhrepFw== X-Received: by 2002:adf:9589:: with SMTP id p9-v6mr24794980wrp.270.1541525462952; Tue, 06 Nov 2018 09:31:02 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.31.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:31:02 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 13/22] kasan, arm64: enable top byte ignore for the kernel Date: Tue, 6 Nov 2018 18:30:28 +0100 Message-Id: X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Tag-based KASAN uses the Top Byte Ignore feature of arm64 CPUs to store a pointer tag in the top byte of each pointer. This commit enables the TCR_TBI1 bit, which enables Top Byte Ignore for the kernel, when tag-based KASAN is used. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- arch/arm64/include/asm/pgtable-hwdef.h | 1 + arch/arm64/mm/proc.S | 8 +++++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/arm64/include/asm/pgtable-hwdef.h b/arch/arm64/include/asm/pgtable-hwdef.h index 1d7d8da2ef9b..d43b870c39b3 100644 --- a/arch/arm64/include/asm/pgtable-hwdef.h +++ b/arch/arm64/include/asm/pgtable-hwdef.h @@ -291,6 +291,7 @@ #define TCR_A1 (UL(1) << 22) #define TCR_ASID16 (UL(1) << 36) #define TCR_TBI0 (UL(1) << 37) +#define TCR_TBI1 (UL(1) << 38) #define TCR_HA (UL(1) << 39) #define TCR_HD (UL(1) << 40) #define TCR_NFD1 (UL(1) << 54) diff --git a/arch/arm64/mm/proc.S b/arch/arm64/mm/proc.S index 2c75b0b903ae..d861f208eeb1 100644 --- a/arch/arm64/mm/proc.S +++ b/arch/arm64/mm/proc.S @@ -47,6 +47,12 @@ /* PTWs cacheable, inner/outer WBWA */ #define TCR_CACHE_FLAGS TCR_IRGN_WBWA | TCR_ORGN_WBWA +#ifdef CONFIG_KASAN_SW_TAGS +#define TCR_KASAN_FLAGS TCR_TBI1 +#else +#define TCR_KASAN_FLAGS 0 +#endif + #define MAIR(attr, mt) ((attr) << ((mt) * 8)) /* @@ -445,7 +451,7 @@ ENTRY(__cpu_setup) */ ldr x10, =TCR_TxSZ(VA_BITS) | TCR_CACHE_FLAGS | TCR_SMP_FLAGS | \ TCR_TG_FLAGS | TCR_KASLR_FLAGS | TCR_ASID16 | \ - TCR_TBI0 | TCR_A1 + TCR_TBI0 | TCR_A1 | TCR_KASAN_FLAGS tcr_set_idmap_t0sz x10, x9 /* From patchwork Tue Nov 6 17:30:29 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670959 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8827615E9 for ; Tue, 6 Nov 2018 17:31:37 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 71E852ABBC for ; Tue, 6 Nov 2018 17:31:37 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6FC912ABCC; Tue, 6 Nov 2018 17:31:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EA4E92ABD4 for ; Tue, 6 Nov 2018 17:31:36 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2BD966B036B; Tue, 6 Nov 2018 12:31:07 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 26D406B036D; Tue, 6 Nov 2018 12:31:07 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 099BC6B036E; Tue, 6 Nov 2018 12:31:07 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com [209.85.221.71]) by kanga.kvack.org (Postfix) with ESMTP id AA52E6B036B for ; Tue, 6 Nov 2018 12:31:06 -0500 (EST) Received: by mail-wr1-f71.google.com with SMTP id v6-v6so11863912wri.23 for ; Tue, 06 Nov 2018 09:31:06 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=wyLKUPGn9jgKs5kyhcnEkFlESwFUwxhfNlag9MpDnKY=; b=s4aZPay+E6+uGdxO+wGYvtFaufgD7Z5MqbC3f45GUq75taGgzBL78jEpeshOhKofCi 6V4sTYbchHpbHSMp6bqYb0yBPuCigzjvuUojPQ4Qylc8aHYeFJWOTc/ID0lUVUexGXbL B2w/IFnS+hu1ACtmtMbc7LT2Wa2cAYeWdrLugd9mmnPCtFlj8sR/Bolsf7hBhhEjqTt3 4AR3Fs3j3HGGhTuIoOHLPaoPtueL/FvTn+UCS5e5QuNpQH5csSauD3IRc41xV96lufXc gXpgn7v4oH/Jaw/Hk3tGZ26HcXZI6r+5ZspJVoheOMXe5Ll8IU5YF7GCs4hkZvHzPNAi bSkA== X-Gm-Message-State: AGRZ1gJ6jt/PlR8RfB3wfp0PaNZIt+wlHiIpA1sNv5wroNOTdeUV2ceq Os9SRBMHWT21ByS78IgXafJBHf5KFrsKhV9dAltKFjDx6cmIgE9whnF9E/Lm2hjFp2nTv5PTDRn SZ4V1hCs1jtEvLbA45Jafo18gXz97oqpZFUOR4oFb1n3GmC1BGedFRTCdBP8z4ip8H+593iIEwl 3l/FIyCq3B8lxMoGsxbuelKJQpT06MdF1eRfbZG+hMi7cCnFuHfJajJY7NKk0fPn8PsxjBFGKkN SR+QSwWH75dAulUddC+1oWHuYOIgMVI4aAZy27QvReh7FqM4cmCfHPGeclVXPw4ifNKwFKf8viX YlIkx5qkKoqHRpi838CAgtMaXVzDTW2PAOS1I5XAwEhxF9iojK2xr/UnJvzd99XPfO9E0RSB1F0 W X-Received: by 2002:adf:c189:: with SMTP id x9-v6mr23755588wre.233.1541525465953; Tue, 06 Nov 2018 09:31:05 -0800 (PST) X-Received: by 2002:adf:c189:: with SMTP id x9-v6mr23755542wre.233.1541525465092; Tue, 06 Nov 2018 09:31:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525465; cv=none; d=google.com; s=arc-20160816; b=EcFVi19syRpzx9QnwVmC9C7AUqZ80ioURuXdMs1bHd0AaRcfISvwU/M7SH5+JJNxlv bCkTZ/NumqIbVwcwsqWPXM5AkDfxwSgKvtnN6/tkBVCsMJV/lniQ6lF50W3yRvBxkIVU JiJK5IsIvujsLM+FjfxSAemersjvILbrHQIR4m+tEmTZcwbdj6luKgYSmEiy5ZJ7MAbO zTuSfIO6h7jaRW/X2JQtrOMbj8JIsusotJ3/RYAbNaWpDwQhQ4dxumN9UMpRPMKmrPEL lRkzT0f57t7VgqVk962aqJ0pOIV6S4L6XpVedba34ydw633EX3DsBb2lgEsTx45RB8VV oQOA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=wyLKUPGn9jgKs5kyhcnEkFlESwFUwxhfNlag9MpDnKY=; b=XdHjl3tDADvoLC+64HanuWAs9IDb76lzQTjGu+d4XVXMZtst82YwUBU0ul191eGkdr H3p1O4XbXSmhhu1CK03jSf1v7jDUu9HEp9ucFbEj919dsjhj+5c57BtX7gozHIFhJEjz +4I5Bt+Somzf+4kVpjDWr5ZZ800iF8GcYQzKF7eYyNblGGc1EbjxcjN4nwvsZiTB7T1B zd0KaR0YFFU+NOdqX5OSKa51lUla5cGOIzFgb1Z/sjEi5oLuX4Kzkjgr9KvPKKLZX7wR RPmFZnw/xj+zUZEDiFitQts2djJxd/WCFTAxkYyYkyItVKfLE0cxVm10uv8x9TmQ6w75 vQuQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=NdZcOdV+; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id 62-v6sor8805677wra.51.2018.11.06.09.31.04 for (Google Transport Security); Tue, 06 Nov 2018 09:31:05 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=NdZcOdV+; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=wyLKUPGn9jgKs5kyhcnEkFlESwFUwxhfNlag9MpDnKY=; b=NdZcOdV+SeQJsPz94m7H4XbZIwYUVU7yfboopa1Zjkyz1uIe2LlTLBqR71KPODjk4w w2i8lDUlVZAZkkOc9R+Q3ZJezDsbmPNngjH5GGihgainLZsCuwZov11A/67GWeqlJcfq +nbTxxtex/VSTC6mj0qA21CD7O1h+ebTAPCJNL2lovRDEHcZNUuJySqcFbS+ZbxwDr/E K2ifbpcrlmfB0NCeAVLhsJelIHCbITz8Q/LhoU36zDmoN+csn7I9AlcesdomO9yOLYsd khQiU+Km8JaWBY1mrboUqf+Qb5s/GZ9L6HQqsuN/RYVQLW821T971uEQ1HkkHYY5Jlsp V76w== X-Google-Smtp-Source: AJdET5d8EgWArhBW85rMDSm87h+TZuEVQo4IoirzvQvLb/UzVNBtYXRv1TEEXHRWUFUXNfkKIR1brQ== X-Received: by 2002:a5d:6551:: with SMTP id z17-v6mr20589467wrv.231.1541525464645; Tue, 06 Nov 2018 09:31:04 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.31.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:31:03 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 14/22] kasan, mm: perform untagged pointers comparison in krealloc Date: Tue, 6 Nov 2018 18:30:29 +0100 Message-Id: <1d9612a508dd95248cc1cd3b4a4b332b4a198212.1541525354.git.andreyknvl@google.com> X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The krealloc function checks where the same buffer was reused or a new one allocated by comparing kernel pointers. Tag-based KASAN changes memory tag on the krealloc'ed chunk of memory and therefore also changes the pointer tag of the returned pointer. Therefore we need to perform comparison on untagged (with tags reset) pointers to check whether it's the same memory region or not. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- mm/slab_common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/slab_common.c b/mm/slab_common.c index 5f3504e26d4c..5aabcbd32d82 100644 --- a/mm/slab_common.c +++ b/mm/slab_common.c @@ -1534,7 +1534,7 @@ void *krealloc(const void *p, size_t new_size, gfp_t flags) } ret = __do_krealloc(p, new_size, flags); - if (ret && p != ret) + if (ret && kasan_reset_tag(p) != kasan_reset_tag(ret)) kfree(p); return ret; From patchwork Tue Nov 6 17:30:30 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670963 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0E4F213BF for ; Tue, 6 Nov 2018 17:31:42 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EAED72ABB2 for ; Tue, 6 Nov 2018 17:31:41 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E86882ABD3; Tue, 6 Nov 2018 17:31:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A59692ABB2 for ; Tue, 6 Nov 2018 17:31:40 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C3A1E6B036D; Tue, 6 Nov 2018 12:31:09 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id B958C6B036F; Tue, 6 Nov 2018 12:31:09 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9EA0F6B0370; Tue, 6 Nov 2018 12:31:09 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) by kanga.kvack.org (Postfix) with ESMTP id 34BE36B036D for ; Tue, 6 Nov 2018 12:31:09 -0500 (EST) Received: by mail-wr1-f72.google.com with SMTP id 88-v6so12193750wrp.21 for ; Tue, 06 Nov 2018 09:31:09 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=jAwjDIRn7Us3zZz3x5IGU3hkM6NFKGUzRQ1Tk/Sfn5A=; b=ibNv6JGiX50o5VMf1z9M+Jy+bqECv1hE2x5PwXyhJNEjOj832gxDdIzTPXoIfg7z9A W1kMM11HfmqxH0522yntdAa8EuCFHD76pRZLEGpv2W98ibnw3f39P2ZxbroI4DlKimGN oBdnjC14Axcv/UajiM/PgCR34cw5kKCsCWS0iRlOs8cNT1nboRhBLnkP7Mi01aDivEZn kHBPGlgK6r6OIC1skaefTinm8EkKBscFGc1sj+m5Uyo/gTOOHSQmh2WGrMtrghE8ExoA ByFRLdDkps71K6aQ61F3KkHnuPUyXlbSfQSd5u+wOhCHmds6w5AFY3xNsrl5FwTSdJSD 7CUg== X-Gm-Message-State: AGRZ1gLOpj9wKDcNlIy/8mYg6zRoXGVGMyQp1zR192kzF4KpPC4TOYat 6x3Vyp2UeYTGrDyrvHz9+ieqQn5PTjPNCvmt0KOSIuSIwuj8GEEdLMAYH3bfLk1bT/jIXp/uWGL WzvgJ3V9NB7CI2Z5AZO/xszB6CfPaviIaWEslZbdqUaUSBx/vfyb+hyQ+nvKn9+tIg2mJpmQSz1 S8WQERMgBA2ZS7YNzQTJS70eR+mngjgxpQ+Qxt1YbqEk9T5s6lFwTyLCpCc4UuOIJOaCSCQ3e8w pVvAV2L/H9VCkkyhHnzclaguVdIoxlf83mA8i9sTWYmVStJ1FYUXSx7E9Vj3KPLmTcAMBGIps8I b/2CmEnQfoynJgcvG54YkctLdRPiVPP2657Dhr5SETh2tGPKY1Aw8gDzXaDS7COIEOqg3fAEES7 n X-Received: by 2002:a1c:ee0c:: with SMTP id m12-v6mr2862446wmh.75.1541525468680; Tue, 06 Nov 2018 09:31:08 -0800 (PST) X-Received: by 2002:a1c:ee0c:: with SMTP id m12-v6mr2862366wmh.75.1541525467192; Tue, 06 Nov 2018 09:31:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525467; cv=none; d=google.com; s=arc-20160816; b=a7nrSWNbUQxQ57t+L2SoIUehgKD6DkodcAvqdO4YIMUjOSVYxZPcKu1d4go+W/be07 yAtaQTJFogiCfax2l6MHb7VO2V3QRcqkpxE+UNAzr1gF14yCA2CV576wkMEX9zbQwZ3z XknpCu4cZ3oNWOZz8jkdJIhFby2JzLMKsFItB1hYXG7FgcoDR5SsKQHR8eS06PRRqUZm h/Rqqd1MO2J0CX8Lu6lTkxDEbvGEq2gpGlnkJt+9zfy4wOQXCYzNkEzObcivKqK2cOHx 5K+50WGgQVj7o41kGrInBMZEuYjy76OONVMJDGnbckNi9F5lL0WPuZoqNrxrNpx2Xi2K lMnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=jAwjDIRn7Us3zZz3x5IGU3hkM6NFKGUzRQ1Tk/Sfn5A=; b=h34G1eizYoWhneExbPuYPmMR9wCjD9QZ9xhhsMPyX+5DALQg7KJ3ZdgSTVNGEY3KnA itutJ1s5q+1revgJ9g1q/ifCcr3xkepq1eA4RU0QDNfMlLeJq7YfLMrsLmp2iOoGBDSi aXIj+dgXMFvDA/6N4N1YXIvsdZX/VGKRXIP2ZWz6xuAsyrUa2HqwjgHHgwVVOoUWaWOe crHD+tBOO4qafUpYXAZIEA4IcJnvsKGlhjPxrKwtfm8r2BCIB8yiQfkoo0WZUHtEMBJc 4TUUBBYmb2jp34LNYloZqtK+fzkgR8IQfOD8U9QyYf3BJ4YjwqZAN38kPSMo+lY4i1Ub KW0Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Fs0Zd39B; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id q10-v6sor1721809wmf.12.2018.11.06.09.31.07 for (Google Transport Security); Tue, 06 Nov 2018 09:31:07 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Fs0Zd39B; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=jAwjDIRn7Us3zZz3x5IGU3hkM6NFKGUzRQ1Tk/Sfn5A=; b=Fs0Zd39BxUCsTukrWZFlWeajIUYwNVjfQ8l2hrm5s8gKleH0ah7C47pwqgwCe9ZhmF H4/BdJjAlZdEZl6nxVNICIkl+HipOUY3Twtj7Kr8voUshGtQHeWpHrcsSbDM03BDUV0N qqhkiVGd0RFQx/zMoqsMXPrYa326W1zoMrGbT2oSA0qOaKcwhqd2LyraDwpNKzURwR/W NvgjJ4Qqfat2k13vGsFPhtsCRLBy8SoJK+YjeWDM2+hMKktkhldkJliqWHVOrUFXWe7a DY48ukDd3sdyxj36X1pK5BSzNt7WVyLDTYh8B3gjXuFGcMo0qDDG5DFN5kktdRb6tWKl MTGg== X-Google-Smtp-Source: AJdET5e1WqvG4WJasoYHB7nsAaPoDHQTM/Nr7bJBkmEVRi41WwirACl63HjkXv/pR+hpCyu+/HXDmA== X-Received: by 2002:a1c:aacf:: with SMTP id t198-v6mr2903770wme.108.1541525466332; Tue, 06 Nov 2018 09:31:06 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.31.04 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:31:05 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 15/22] kasan: split out generic_report.c from report.c Date: Tue, 6 Nov 2018 18:30:30 +0100 Message-Id: <049a986e7a9c95f7acf4466bb87c32b920bfb88c.1541525354.git.andreyknvl@google.com> X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP This patch moves generic KASAN specific error reporting routines to generic_report.c without any functional changes, leaving common error reporting code in report.c to be later reused by tag-based KASAN. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- mm/kasan/Makefile | 4 +- mm/kasan/generic_report.c | 158 +++++++++++++++++++++++++ mm/kasan/kasan.h | 7 ++ mm/kasan/report.c | 234 +++++++++----------------------------- mm/kasan/tags_report.c | 39 +++++++ 5 files changed, 257 insertions(+), 185 deletions(-) create mode 100644 mm/kasan/generic_report.c create mode 100644 mm/kasan/tags_report.c diff --git a/mm/kasan/Makefile b/mm/kasan/Makefile index 68ba1822f003..0a14fcff70ed 100644 --- a/mm/kasan/Makefile +++ b/mm/kasan/Makefile @@ -14,5 +14,5 @@ CFLAGS_generic.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector) CFLAGS_tags.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector) obj-$(CONFIG_KASAN) := common.o init.o report.o -obj-$(CONFIG_KASAN_GENERIC) += generic.o quarantine.o -obj-$(CONFIG_KASAN_SW_TAGS) += tags.o +obj-$(CONFIG_KASAN_GENERIC) += generic.o generic_report.o quarantine.o +obj-$(CONFIG_KASAN_SW_TAGS) += tags.o tags_report.o diff --git a/mm/kasan/generic_report.c b/mm/kasan/generic_report.c new file mode 100644 index 000000000000..5201d1770700 --- /dev/null +++ b/mm/kasan/generic_report.c @@ -0,0 +1,158 @@ +/* + * This file contains generic KASAN specific error reporting code. + * + * Copyright (c) 2014 Samsung Electronics Co., Ltd. + * Author: Andrey Ryabinin + * + * Some code borrowed from https://github.com/xairy/kasan-prototype by + * Andrey Konovalov + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include "kasan.h" +#include "../slab.h" + +static const void *find_first_bad_addr(const void *addr, size_t size) +{ + u8 shadow_val = *(u8 *)kasan_mem_to_shadow(addr); + const void *first_bad_addr = addr; + + while (!shadow_val && first_bad_addr < addr + size) { + first_bad_addr += KASAN_SHADOW_SCALE_SIZE; + shadow_val = *(u8 *)kasan_mem_to_shadow(first_bad_addr); + } + return first_bad_addr; +} + +static const char *get_shadow_bug_type(struct kasan_access_info *info) +{ + const char *bug_type = "unknown-crash"; + u8 *shadow_addr; + + info->first_bad_addr = find_first_bad_addr(info->access_addr, + info->access_size); + + shadow_addr = (u8 *)kasan_mem_to_shadow(info->first_bad_addr); + + /* + * If shadow byte value is in [0, KASAN_SHADOW_SCALE_SIZE) we can look + * at the next shadow byte to determine the type of the bad access. + */ + if (*shadow_addr > 0 && *shadow_addr <= KASAN_SHADOW_SCALE_SIZE - 1) + shadow_addr++; + + switch (*shadow_addr) { + case 0 ... KASAN_SHADOW_SCALE_SIZE - 1: + /* + * In theory it's still possible to see these shadow values + * due to a data race in the kernel code. + */ + bug_type = "out-of-bounds"; + break; + case KASAN_PAGE_REDZONE: + case KASAN_KMALLOC_REDZONE: + bug_type = "slab-out-of-bounds"; + break; + case KASAN_GLOBAL_REDZONE: + bug_type = "global-out-of-bounds"; + break; + case KASAN_STACK_LEFT: + case KASAN_STACK_MID: + case KASAN_STACK_RIGHT: + case KASAN_STACK_PARTIAL: + bug_type = "stack-out-of-bounds"; + break; + case KASAN_FREE_PAGE: + case KASAN_KMALLOC_FREE: + bug_type = "use-after-free"; + break; + case KASAN_USE_AFTER_SCOPE: + bug_type = "use-after-scope"; + break; + case KASAN_ALLOCA_LEFT: + case KASAN_ALLOCA_RIGHT: + bug_type = "alloca-out-of-bounds"; + break; + } + + return bug_type; +} + +static const char *get_wild_bug_type(struct kasan_access_info *info) +{ + const char *bug_type = "unknown-crash"; + + if ((unsigned long)info->access_addr < PAGE_SIZE) + bug_type = "null-ptr-deref"; + else if ((unsigned long)info->access_addr < TASK_SIZE) + bug_type = "user-memory-access"; + else + bug_type = "wild-memory-access"; + + return bug_type; +} + +const char *get_bug_type(struct kasan_access_info *info) +{ + if (addr_has_shadow(info->access_addr)) + return get_shadow_bug_type(info); + return get_wild_bug_type(info); +} + +#define DEFINE_ASAN_REPORT_LOAD(size) \ +void __asan_report_load##size##_noabort(unsigned long addr) \ +{ \ + kasan_report(addr, size, false, _RET_IP_); \ +} \ +EXPORT_SYMBOL(__asan_report_load##size##_noabort) + +#define DEFINE_ASAN_REPORT_STORE(size) \ +void __asan_report_store##size##_noabort(unsigned long addr) \ +{ \ + kasan_report(addr, size, true, _RET_IP_); \ +} \ +EXPORT_SYMBOL(__asan_report_store##size##_noabort) + +DEFINE_ASAN_REPORT_LOAD(1); +DEFINE_ASAN_REPORT_LOAD(2); +DEFINE_ASAN_REPORT_LOAD(4); +DEFINE_ASAN_REPORT_LOAD(8); +DEFINE_ASAN_REPORT_LOAD(16); +DEFINE_ASAN_REPORT_STORE(1); +DEFINE_ASAN_REPORT_STORE(2); +DEFINE_ASAN_REPORT_STORE(4); +DEFINE_ASAN_REPORT_STORE(8); +DEFINE_ASAN_REPORT_STORE(16); + +void __asan_report_load_n_noabort(unsigned long addr, size_t size) +{ + kasan_report(addr, size, false, _RET_IP_); +} +EXPORT_SYMBOL(__asan_report_load_n_noabort); + +void __asan_report_store_n_noabort(unsigned long addr, size_t size) +{ + kasan_report(addr, size, true, _RET_IP_); +} +EXPORT_SYMBOL(__asan_report_store_n_noabort); diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index f16bee55b610..50adcab463f2 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -109,11 +109,18 @@ static inline const void *kasan_shadow_to_mem(const void *shadow_addr) << KASAN_SHADOW_SCALE_SHIFT); } +static inline bool addr_has_shadow(const void *addr) +{ + return (addr >= kasan_shadow_to_mem((void *)KASAN_SHADOW_START)); +} + void kasan_poison_shadow(const void *address, size_t size, u8 value); void check_memory_region(unsigned long addr, size_t size, bool write, unsigned long ret_ip); +const char *get_bug_type(struct kasan_access_info *info); + void kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip); void kasan_report_invalid_free(void *object, unsigned long ip); diff --git a/mm/kasan/report.c b/mm/kasan/report.c index 5c169aa688fd..64a74f334c45 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -1,5 +1,5 @@ /* - * This file contains error reporting code. + * This file contains common generic and tag-based KASAN error reporting code. * * Copyright (c) 2014 Samsung Electronics Co., Ltd. * Author: Andrey Ryabinin @@ -39,103 +39,34 @@ #define SHADOW_BYTES_PER_ROW (SHADOW_BLOCKS_PER_ROW * SHADOW_BYTES_PER_BLOCK) #define SHADOW_ROWS_AROUND_ADDR 2 -static const void *find_first_bad_addr(const void *addr, size_t size) -{ - u8 shadow_val = *(u8 *)kasan_mem_to_shadow(addr); - const void *first_bad_addr = addr; - - while (!shadow_val && first_bad_addr < addr + size) { - first_bad_addr += KASAN_SHADOW_SCALE_SIZE; - shadow_val = *(u8 *)kasan_mem_to_shadow(first_bad_addr); - } - return first_bad_addr; -} +static unsigned long kasan_flags; -static bool addr_has_shadow(struct kasan_access_info *info) -{ - return (info->access_addr >= - kasan_shadow_to_mem((void *)KASAN_SHADOW_START)); -} +#define KASAN_BIT_REPORTED 0 +#define KASAN_BIT_MULTI_SHOT 1 -static const char *get_shadow_bug_type(struct kasan_access_info *info) +bool kasan_save_enable_multi_shot(void) { - const char *bug_type = "unknown-crash"; - u8 *shadow_addr; - - info->first_bad_addr = find_first_bad_addr(info->access_addr, - info->access_size); - - shadow_addr = (u8 *)kasan_mem_to_shadow(info->first_bad_addr); - - /* - * If shadow byte value is in [0, KASAN_SHADOW_SCALE_SIZE) we can look - * at the next shadow byte to determine the type of the bad access. - */ - if (*shadow_addr > 0 && *shadow_addr <= KASAN_SHADOW_SCALE_SIZE - 1) - shadow_addr++; - - switch (*shadow_addr) { - case 0 ... KASAN_SHADOW_SCALE_SIZE - 1: - /* - * In theory it's still possible to see these shadow values - * due to a data race in the kernel code. - */ - bug_type = "out-of-bounds"; - break; - case KASAN_PAGE_REDZONE: - case KASAN_KMALLOC_REDZONE: - bug_type = "slab-out-of-bounds"; - break; - case KASAN_GLOBAL_REDZONE: - bug_type = "global-out-of-bounds"; - break; - case KASAN_STACK_LEFT: - case KASAN_STACK_MID: - case KASAN_STACK_RIGHT: - case KASAN_STACK_PARTIAL: - bug_type = "stack-out-of-bounds"; - break; - case KASAN_FREE_PAGE: - case KASAN_KMALLOC_FREE: - bug_type = "use-after-free"; - break; - case KASAN_USE_AFTER_SCOPE: - bug_type = "use-after-scope"; - break; - case KASAN_ALLOCA_LEFT: - case KASAN_ALLOCA_RIGHT: - bug_type = "alloca-out-of-bounds"; - break; - } - - return bug_type; + return test_and_set_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags); } +EXPORT_SYMBOL_GPL(kasan_save_enable_multi_shot); -static const char *get_wild_bug_type(struct kasan_access_info *info) +void kasan_restore_multi_shot(bool enabled) { - const char *bug_type = "unknown-crash"; - - if ((unsigned long)info->access_addr < PAGE_SIZE) - bug_type = "null-ptr-deref"; - else if ((unsigned long)info->access_addr < TASK_SIZE) - bug_type = "user-memory-access"; - else - bug_type = "wild-memory-access"; - - return bug_type; + if (!enabled) + clear_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags); } +EXPORT_SYMBOL_GPL(kasan_restore_multi_shot); -static const char *get_bug_type(struct kasan_access_info *info) +static int __init kasan_set_multi_shot(char *str) { - if (addr_has_shadow(info)) - return get_shadow_bug_type(info); - return get_wild_bug_type(info); + set_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags); + return 1; } +__setup("kasan_multi_shot", kasan_set_multi_shot); -static void print_error_description(struct kasan_access_info *info) +static void print_error_description(struct kasan_access_info *info, + const char *bug_type) { - const char *bug_type = get_bug_type(info); - pr_err("BUG: KASAN: %s in %pS\n", bug_type, (void *)info->ip); pr_err("%s of size %zu at addr %px by task %s/%d\n", @@ -143,25 +74,9 @@ static void print_error_description(struct kasan_access_info *info) info->access_addr, current->comm, task_pid_nr(current)); } -static inline bool kernel_or_module_addr(const void *addr) -{ - if (addr >= (void *)_stext && addr < (void *)_end) - return true; - if (is_module_address((unsigned long)addr)) - return true; - return false; -} - -static inline bool init_task_stack_addr(const void *addr) -{ - return addr >= (void *)&init_thread_union.stack && - (addr <= (void *)&init_thread_union.stack + - sizeof(init_thread_union.stack)); -} - static DEFINE_SPINLOCK(report_lock); -static void kasan_start_report(unsigned long *flags) +static void start_report(unsigned long *flags) { /* * Make sure we don't end up in loop. @@ -171,7 +86,7 @@ static void kasan_start_report(unsigned long *flags) pr_err("==================================================================\n"); } -static void kasan_end_report(unsigned long *flags) +static void end_report(unsigned long *flags) { pr_err("==================================================================\n"); add_taint(TAINT_BAD_PAGE, LOCKDEP_NOW_UNRELIABLE); @@ -249,6 +164,22 @@ static void describe_object(struct kmem_cache *cache, void *object, describe_object_addr(cache, object, addr); } +static inline bool kernel_or_module_addr(const void *addr) +{ + if (addr >= (void *)_stext && addr < (void *)_end) + return true; + if (is_module_address((unsigned long)addr)) + return true; + return false; +} + +static inline bool init_task_stack_addr(const void *addr) +{ + return addr >= (void *)&init_thread_union.stack && + (addr <= (void *)&init_thread_union.stack + + sizeof(init_thread_union.stack)); +} + static void print_address_description(void *addr) { struct page *page = addr_to_page(addr); @@ -326,29 +257,38 @@ static void print_shadow_for_address(const void *addr) } } +static bool report_enabled(void) +{ + if (current->kasan_depth) + return false; + if (test_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags)) + return true; + return !test_and_set_bit(KASAN_BIT_REPORTED, &kasan_flags); +} + void kasan_report_invalid_free(void *object, unsigned long ip) { unsigned long flags; - kasan_start_report(&flags); + start_report(&flags); pr_err("BUG: KASAN: double-free or invalid-free in %pS\n", (void *)ip); pr_err("\n"); print_address_description(object); pr_err("\n"); print_shadow_for_address(object); - kasan_end_report(&flags); + end_report(&flags); } static void kasan_report_error(struct kasan_access_info *info) { unsigned long flags; - kasan_start_report(&flags); + start_report(&flags); - print_error_description(info); + print_error_description(info, get_bug_type(info)); pr_err("\n"); - if (!addr_has_shadow(info)) { + if (!addr_has_shadow(info->access_addr)) { dump_stack(); } else { print_address_description((void *)info->access_addr); @@ -356,41 +296,7 @@ static void kasan_report_error(struct kasan_access_info *info) print_shadow_for_address(info->first_bad_addr); } - kasan_end_report(&flags); -} - -static unsigned long kasan_flags; - -#define KASAN_BIT_REPORTED 0 -#define KASAN_BIT_MULTI_SHOT 1 - -bool kasan_save_enable_multi_shot(void) -{ - return test_and_set_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags); -} -EXPORT_SYMBOL_GPL(kasan_save_enable_multi_shot); - -void kasan_restore_multi_shot(bool enabled) -{ - if (!enabled) - clear_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags); -} -EXPORT_SYMBOL_GPL(kasan_restore_multi_shot); - -static int __init kasan_set_multi_shot(char *str) -{ - set_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags); - return 1; -} -__setup("kasan_multi_shot", kasan_set_multi_shot); - -static inline bool kasan_report_enabled(void) -{ - if (current->kasan_depth) - return false; - if (test_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags)) - return true; - return !test_and_set_bit(KASAN_BIT_REPORTED, &kasan_flags); + end_report(&flags); } void kasan_report(unsigned long addr, size_t size, @@ -398,7 +304,7 @@ void kasan_report(unsigned long addr, size_t size, { struct kasan_access_info info; - if (likely(!kasan_report_enabled())) + if (likely(!report_enabled())) return; disable_trace_on_warning(); @@ -411,41 +317,3 @@ void kasan_report(unsigned long addr, size_t size, kasan_report_error(&info); } - - -#define DEFINE_ASAN_REPORT_LOAD(size) \ -void __asan_report_load##size##_noabort(unsigned long addr) \ -{ \ - kasan_report(addr, size, false, _RET_IP_); \ -} \ -EXPORT_SYMBOL(__asan_report_load##size##_noabort) - -#define DEFINE_ASAN_REPORT_STORE(size) \ -void __asan_report_store##size##_noabort(unsigned long addr) \ -{ \ - kasan_report(addr, size, true, _RET_IP_); \ -} \ -EXPORT_SYMBOL(__asan_report_store##size##_noabort) - -DEFINE_ASAN_REPORT_LOAD(1); -DEFINE_ASAN_REPORT_LOAD(2); -DEFINE_ASAN_REPORT_LOAD(4); -DEFINE_ASAN_REPORT_LOAD(8); -DEFINE_ASAN_REPORT_LOAD(16); -DEFINE_ASAN_REPORT_STORE(1); -DEFINE_ASAN_REPORT_STORE(2); -DEFINE_ASAN_REPORT_STORE(4); -DEFINE_ASAN_REPORT_STORE(8); -DEFINE_ASAN_REPORT_STORE(16); - -void __asan_report_load_n_noabort(unsigned long addr, size_t size) -{ - kasan_report(addr, size, false, _RET_IP_); -} -EXPORT_SYMBOL(__asan_report_load_n_noabort); - -void __asan_report_store_n_noabort(unsigned long addr, size_t size) -{ - kasan_report(addr, size, true, _RET_IP_); -} -EXPORT_SYMBOL(__asan_report_store_n_noabort); diff --git a/mm/kasan/tags_report.c b/mm/kasan/tags_report.c new file mode 100644 index 000000000000..8af15e87d3bc --- /dev/null +++ b/mm/kasan/tags_report.c @@ -0,0 +1,39 @@ +/* + * This file contains tag-based KASAN specific error reporting code. + * + * Copyright (c) 2014 Samsung Electronics Co., Ltd. + * Author: Andrey Ryabinin + * + * Some code borrowed from https://github.com/xairy/kasan-prototype by + * Andrey Konovalov + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include "kasan.h" +#include "../slab.h" + +const char *get_bug_type(struct kasan_access_info *info) +{ + return "invalid-access"; +} From patchwork Tue Nov 6 17:30:31 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670965 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3A1C313BF for ; Tue, 6 Nov 2018 17:31:45 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 215442ABA2 for ; Tue, 6 Nov 2018 17:31:45 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1432E2ABDD; Tue, 6 Nov 2018 17:31:45 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 576DF2ABDC for ; Tue, 6 Nov 2018 17:31:44 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C35856B036F; Tue, 6 Nov 2018 12:31:10 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id BBD856B0371; Tue, 6 Nov 2018 12:31:10 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A852D6B0373; Tue, 6 Nov 2018 12:31:10 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by kanga.kvack.org (Postfix) with ESMTP id 520A96B036F for ; Tue, 6 Nov 2018 12:31:10 -0500 (EST) Received: by mail-wr1-f70.google.com with SMTP id u8-v6so11935252wrn.17 for ; Tue, 06 Nov 2018 09:31:10 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=PqZ4W4abhuiWrYBf7dbVlb6J0CRQ5VwTcMgO0APUlT4=; b=BCXzeVVt6F6tVLmDRzD+t89gVroya0MRIRkbehDpUUhhqOthrDc9Sg0Mw867HDSINZ rC4psmunxZxDfZg/lkuO17nJFfD+kpfM6pKMzw6+qxrrsRECsAENdN5L/NzW+1/5OtaO uLjmuTIQCtVSvsgMUTjyo+R/vGTI08zuVyzAc/KIPy+NSvXZUVNJMmhqfhitXyKUKKLm r0Pf02BMaolS8TBskPddJ9+SmGU5fcf/to73jyCXtqOglwGD6FikSmIvDK3tdbCvZCFQ FnUR9MD5eyRZ2s9u+Dn/XdUk4FfQXohtG3prN7MJ7PO0dSR8aVSSzXzvKhjUaAmzEw+c kcMg== X-Gm-Message-State: AGRZ1gLf7+zy+L5q+s4/fxprldBCdEKFjSCCvxC/Xtipwb4l0CVEhVSo 9Pm6sXzqhFlgRda6pqDVA9QjNpff6+hLhmeuXCmxc5F++eWyaXbYchsuxYAbxhaeT7pHgq/np0d 4z0Hz7w2tCNYpUVm6xK6g1FsX0+kG0JnduKfRV7Z/CdIACPjzhCnSzQaBwM1JRUsFyc6aOw/FJX 0QyOQ4zikuisKd9YoE6PqDDjgd6kxR2vAR2PoSvThj/Jz9CvAoD9EtHf+vq6lgH+dpdCbThvl2N ZyokElGnk54MmaxKV7JSona59/d2dvbwldAFia+7g36CFfQ8PiNCcw09BDwccoFBNTlU4MxHAKm HT3x2KgmjP/fmU2zmOx47NEPmzDI/RAgnmgTuHQ9Z11EF619ZrZqJXLfyF2aTt28qkZAWqIZOCk g X-Received: by 2002:adf:fd49:: with SMTP id h9-v6mr25104869wrs.280.1541525469841; Tue, 06 Nov 2018 09:31:09 -0800 (PST) X-Received: by 2002:adf:fd49:: with SMTP id h9-v6mr25104791wrs.280.1541525468711; Tue, 06 Nov 2018 09:31:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525468; cv=none; d=google.com; s=arc-20160816; b=kPBuobr77twcieT5FaxsrE9c6IOxGus8c2zvy65bUdgm7f0QAAVQZ638+mPy4cbmGY A3ToGdHLvp2mPmx+7jk2Cp6LV4uiSQxeL4jGRjAFnmzWqfWZPbMV9WSH+qm10qieeU7w L7NY1xx4ysVgD0724I1FMaxH/wYd/52YVTCTzU8Ib2goQ053lq+ZCxe5g9eBjLlRxR/C Hlx9/aednE1+qu5sGy6Kdnd+7b7xwBzKAQJ6vzwOGjo4WJ4YDLcKBJT/nQWCl4z8803c YO31D2s5st7ZUNM3Z3XAB/MAjB1XSd6LtieCMA/U0QHsybiNDE9bMmEemMOv/Jv+y1SG Xcuw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=PqZ4W4abhuiWrYBf7dbVlb6J0CRQ5VwTcMgO0APUlT4=; b=tqTR/yJaQDVkzTcy2Q3tO2K1GpLHiJXdPITGRqW8tWNndY9gUHp8AGXB56T+WwNQNs 5bsYeFB/X37MWwfByp/tuuKoFDTw6WvHo8PP0YAht44HL0AMOQ2HkQbff2tvAQivyNZf tFfys/Lvgdg0efavirOdTuxFlDGY2DwPZRwPJZVzXaQo3BE710jrRVI4/lB0+DWxaImj SMzaw+QgM6PIJj1PUoD38im/G1fb64OUAYBeK9shJo4sRAkbg0ZxS0Q51MzSsl3nwMHu JdqpnpBxxlt+AY0xFQ3A0N+6pX7icBMOvfzqEIunsyrfjFL2JiHe6f283SijpFyoAicy XxxQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=e9NIR9oz; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id j10sor13552220wrx.1.2018.11.06.09.31.08 for (Google Transport Security); Tue, 06 Nov 2018 09:31:08 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=e9NIR9oz; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=PqZ4W4abhuiWrYBf7dbVlb6J0CRQ5VwTcMgO0APUlT4=; b=e9NIR9ozLa1hZiKs+YKqZ6JfopiH2CQLRj0DtzXk9rGh9eC5tEoHQMpt6odCi502Cb yJa7wWAhVx1XTUQNl2jST/MXE7EQSq9OggekRcJAaTxYKxCZI6Ql89+UTOOMBoWh9q47 +3vL/lw05/Hnw80UmllX6OFiVE/hWaB4257zLGTAO7by+xk3wEze8BLJF+9ZUEH4ooRY u6Qd6mPCbR2mrFto/v9H8OLXtsga5a6tDNO9fO0ZXQYVV84jGfMELJmtNL35eIwsoIfK 6scEgS18N4s195E1kRfIb+N5FpQnr1wRyXZujecm1KRELMwzNuIgG9YTdLBIxZp+Sh2T qQ8w== X-Google-Smtp-Source: AJdET5fvwZJYEj2YXgKRWAOEHHdvBWsS4JO9Y0Zaa7TtohiWchaSF3ehPThS3UYqVY/8GH0sO1tDVQ== X-Received: by 2002:adf:f542:: with SMTP id j2-v6mr15247056wrp.70.1541525468219; Tue, 06 Nov 2018 09:31:08 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.31.06 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:31:07 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 16/22] kasan: add bug reporting routines for tag-based mode Date: Tue, 6 Nov 2018 18:30:31 +0100 Message-Id: X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP This commit adds rountines, that print tag-based KASAN error reports. Those are quite similar to generic KASAN, the difference is: 1. The way tag-based KASAN finds the first bad shadow cell (with a mismatching tag). Tag-based KASAN compares memory tags from the shadow memory to the pointer tag. 2. Tag-based KASAN reports all bugs with the "KASAN: invalid-access" header. Also simplify generic KASAN find_first_bad_addr. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- mm/kasan/generic_report.c | 16 ++++------- mm/kasan/kasan.h | 5 ++++ mm/kasan/report.c | 57 +++++++++++++++++++++------------------ mm/kasan/tags_report.c | 18 +++++++++++++ 4 files changed, 59 insertions(+), 37 deletions(-) diff --git a/mm/kasan/generic_report.c b/mm/kasan/generic_report.c index 5201d1770700..a4604cceae59 100644 --- a/mm/kasan/generic_report.c +++ b/mm/kasan/generic_report.c @@ -33,16 +33,13 @@ #include "kasan.h" #include "../slab.h" -static const void *find_first_bad_addr(const void *addr, size_t size) +void *find_first_bad_addr(void *addr, size_t size) { - u8 shadow_val = *(u8 *)kasan_mem_to_shadow(addr); - const void *first_bad_addr = addr; + void *p = addr; - while (!shadow_val && first_bad_addr < addr + size) { - first_bad_addr += KASAN_SHADOW_SCALE_SIZE; - shadow_val = *(u8 *)kasan_mem_to_shadow(first_bad_addr); - } - return first_bad_addr; + while (p < addr + size && !(*(u8 *)kasan_mem_to_shadow(p))) + p += KASAN_SHADOW_SCALE_SIZE; + return p; } static const char *get_shadow_bug_type(struct kasan_access_info *info) @@ -50,9 +47,6 @@ static const char *get_shadow_bug_type(struct kasan_access_info *info) const char *bug_type = "unknown-crash"; u8 *shadow_addr; - info->first_bad_addr = find_first_bad_addr(info->access_addr, - info->access_size); - shadow_addr = (u8 *)kasan_mem_to_shadow(info->first_bad_addr); /* diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index 50adcab463f2..9b567f742539 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -119,6 +119,7 @@ void kasan_poison_shadow(const void *address, size_t size, u8 value); void check_memory_region(unsigned long addr, size_t size, bool write, unsigned long ret_ip); +void *find_first_bad_addr(void *addr, size_t size); const char *get_bug_type(struct kasan_access_info *info); void kasan_report(unsigned long addr, size_t size, @@ -139,6 +140,8 @@ static inline void quarantine_remove_cache(struct kmem_cache *cache) { } #ifdef CONFIG_KASAN_SW_TAGS +void print_tags(u8 addr_tag, const void *addr); + #define KASAN_PTR_TAG_SHIFT 56 #define KASAN_PTR_TAG_MASK (0xFFUL << KASAN_PTR_TAG_SHIFT) @@ -166,6 +169,8 @@ static inline void *reset_tag(const void *addr) #else /* CONFIG_KASAN_SW_TAGS */ +static inline void print_tags(u8 addr_tag, const void *addr) { } + static inline u8 random_tag(void) { return 0; diff --git a/mm/kasan/report.c b/mm/kasan/report.c index 64a74f334c45..214d85035f99 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -64,11 +64,10 @@ static int __init kasan_set_multi_shot(char *str) } __setup("kasan_multi_shot", kasan_set_multi_shot); -static void print_error_description(struct kasan_access_info *info, - const char *bug_type) +static void print_error_description(struct kasan_access_info *info) { pr_err("BUG: KASAN: %s in %pS\n", - bug_type, (void *)info->ip); + get_bug_type(info), (void *)info->ip); pr_err("%s of size %zu at addr %px by task %s/%d\n", info->is_write ? "Write" : "Read", info->access_size, info->access_addr, current->comm, task_pid_nr(current)); @@ -272,6 +271,8 @@ void kasan_report_invalid_free(void *object, unsigned long ip) start_report(&flags); pr_err("BUG: KASAN: double-free or invalid-free in %pS\n", (void *)ip); + print_tags(get_tag(object), reset_tag(object)); + object = reset_tag(object); pr_err("\n"); print_address_description(object); pr_err("\n"); @@ -279,41 +280,45 @@ void kasan_report_invalid_free(void *object, unsigned long ip) end_report(&flags); } -static void kasan_report_error(struct kasan_access_info *info) -{ - unsigned long flags; - - start_report(&flags); - - print_error_description(info, get_bug_type(info)); - pr_err("\n"); - - if (!addr_has_shadow(info->access_addr)) { - dump_stack(); - } else { - print_address_description((void *)info->access_addr); - pr_err("\n"); - print_shadow_for_address(info->first_bad_addr); - } - - end_report(&flags); -} - void kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip) { struct kasan_access_info info; + void *tagged_addr; + void *untagged_addr; + unsigned long flags; if (likely(!report_enabled())) return; disable_trace_on_warning(); - info.access_addr = (void *)addr; - info.first_bad_addr = (void *)addr; + tagged_addr = (void *)addr; + untagged_addr = reset_tag(tagged_addr); + + info.access_addr = tagged_addr; + if (addr_has_shadow(untagged_addr)) + info.first_bad_addr = find_first_bad_addr(tagged_addr, size); + else + info.first_bad_addr = untagged_addr; info.access_size = size; info.is_write = is_write; info.ip = ip; - kasan_report_error(&info); + start_report(&flags); + + print_error_description(&info); + if (addr_has_shadow(untagged_addr)) + print_tags(get_tag(tagged_addr), info.first_bad_addr); + pr_err("\n"); + + if (addr_has_shadow(untagged_addr)) { + print_address_description(untagged_addr); + pr_err("\n"); + print_shadow_for_address(info.first_bad_addr); + } else { + dump_stack(); + } + + end_report(&flags); } diff --git a/mm/kasan/tags_report.c b/mm/kasan/tags_report.c index 8af15e87d3bc..573c51d20d09 100644 --- a/mm/kasan/tags_report.c +++ b/mm/kasan/tags_report.c @@ -37,3 +37,21 @@ const char *get_bug_type(struct kasan_access_info *info) { return "invalid-access"; } + +void *find_first_bad_addr(void *addr, size_t size) +{ + u8 tag = get_tag(addr); + void *p = reset_tag(addr); + void *end = p + size; + + while (p < end && tag == *(u8 *)kasan_mem_to_shadow(p)) + p += KASAN_SHADOW_SCALE_SIZE; + return p; +} + +void print_tags(u8 addr_tag, const void *addr) +{ + u8 *shadow = (u8 *)kasan_mem_to_shadow(addr); + + pr_err("Pointer tag: [%02x], memory tag: [%02x]\n", addr_tag, *shadow); +} From patchwork Tue Nov 6 17:30:32 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670971 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 95C6D13BF for ; Tue, 6 Nov 2018 17:31:49 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7FD742ABDF for ; Tue, 6 Nov 2018 17:31:49 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 741422ABDD; Tue, 6 Nov 2018 17:31:49 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3A84D2ABE4 for ; Tue, 6 Nov 2018 17:31:48 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3A8586B0371; Tue, 6 Nov 2018 12:31:13 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 359E46B0375; Tue, 6 Nov 2018 12:31:13 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1FE436B0376; Tue, 6 Nov 2018 12:31:13 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by kanga.kvack.org (Postfix) with ESMTP id 9F6046B0371 for ; Tue, 6 Nov 2018 12:31:12 -0500 (EST) Received: by mail-wr1-f70.google.com with SMTP id v2-v6so12354543wrn.0 for ; Tue, 06 Nov 2018 09:31:12 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=Di17VK6p35lLM3LfNwWt+ZsDEBbkt8fZAAtrh44IcZA=; b=qTPFgTGStrrAtIAKdTyWhtx4DgH4PpSiwW29eTQ5qItQwaZaOPxlCarQa9YIqChqBP 40i7Wr/NPvgP9Jmx+3gctIs/pdAw93FOcdYWFvXIoTZ8JCFeF/In/qFvFstYW920mx7Q fCLAveg6YtBxwoUg5KFlhJl0UeWfL0j30oILRqMN41X8dAAGHQPynQIDOC5xjEpwMN8y q7WaNB2jzsiGvUhjaFLm8a00SXqg/85JA6Ixp3hV2LPtnJMFPGOOzlr5yH33XhDsoDzJ j7qXbr8XIhHTFjjJ1ZjR/vKVKWTuD0dYAF4LarhE34OCzePi/0BAwDRxpEXtNToMa2Yd lTtw== X-Gm-Message-State: AGRZ1gL8a2WXE/mgo5cTXjSKVppWi0JUWYHvffJSqwjY2VVYQUh+nZ6g pxYxvk5fLgQ2J3i0YH2QwaxgyTTTcSOj8Rt52IKabOGobf6Nf7PdNBqM8D4OG+k8t/LoqfxU9FM zminUg+w7ptN2EwaBEr8AlJPY2EPmuv2yq/yAkmXLELiiZYEUBzBThged7rqQ3yPdq+oR3mDEht mRwo5WPoeZFR/ChwfmEMl43Wt4PADe+wzuRsKRoZt10NGiqHL2hrCgYEYyCg4+YRawlbl2PqvHs RX54bkETUrr/YcSgLuQ6Eit7lAdMGX6c/BrrKUOL82gmXDAKPOJLPdZzoIs5Z2H95AKmwqAane/ vxSgndVcxoWKCcB2cTn7U+MTQWcbxvFGk5RGZxaK6kio6gr4zvQgV4jOb5iBIeB8OO6SfVViCZX j X-Received: by 2002:a1c:7c17:: with SMTP id x23-v6mr2594648wmc.23.1541525472102; Tue, 06 Nov 2018 09:31:12 -0800 (PST) X-Received: by 2002:a1c:7c17:: with SMTP id x23-v6mr2594566wmc.23.1541525470454; Tue, 06 Nov 2018 09:31:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525470; cv=none; d=google.com; s=arc-20160816; b=WgRXoSpybiDGW4L1ds4qqCynmzKWqta56/m7828ZqZSvOWd5NC9p8DTvG25JSg3nUd b5FBG+FLUHoNDHZaWl2VOVIiKhQhmibwg8Atu4wBDo01OwdehW23atUOISaRyqN7W9Ga WogyHLbNozGodglDBY3Tcu2/bfKRuyiGWELeuF16su3dfLi1sw/oWLbprZNk1MjLaMVF 9TEo4LBnE6K2X62SYPb4afNfidcfL/txcU2OsRwtZZkVLciVuLCvdjX/0YbQNvVjlH4C ue48bEOOWkASI2Lqpq60eiMTJZEXvSLQ+oE6LecdhVllJcE1F6XFwQHUGtI/dAHD4GnL 7CLg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=Di17VK6p35lLM3LfNwWt+ZsDEBbkt8fZAAtrh44IcZA=; b=Tf+VHr0NNAJxnCXtNWDMrwIK7uko+xr5XpSKNY14A0jv4RHr2PKTCsRWbEXgtIbTY7 OHKJyq4PgmJJZh2adI5VKrGhc6OXbpKjotn72w7O15X3T9ji0/4T9wcG7EAnrZ2Aydpy +fWf03gACkFgMuqMc2T+4OU9I3bXkJAh3ObXy3Y7LmVq8mbCDelcs0me+yC7QkB6Ukd0 uqOeTghA/aW8fQTvg2BvoPZedo7jtPW/Eg7v+FzOvJhtWm6vbQ893rpYN/uLxVyc1edJ mnKc2fhGJN4f9GGzhS+VrFRJMiOZiNyTbaVmUO8Wd93ucP7W8Sh+7AnzxYZ8RiiigRW5 mbsA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=hjXxyXWE; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id c12-v6sor19094597wrs.36.2018.11.06.09.31.10 for (Google Transport Security); Tue, 06 Nov 2018 09:31:10 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=hjXxyXWE; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Di17VK6p35lLM3LfNwWt+ZsDEBbkt8fZAAtrh44IcZA=; b=hjXxyXWE5ZpQo0AlZLOJIKyx+yKsUYv+EmJLMEZkC0bTQt1+seghByY8+1Iuz8vpAf rPt1+9Zt8SWj6Ms/oI7R38N1lkMWLNCFzAnLQPMkVHWa17qZdcm12dwRtxr44/CrIIPq Kj9LBOAUzjQRg1w4K10r5ykhk530KlNrjeXbB0dUZKR+GVhJm/E8y16ZCpz2OaSpoIPc HXJFpcMICnoQKAQ8tmA9iNLLeyCMAQrC5HLl7jqTcI65I9s0XP/zp5K7pnFOhuFE1TTv wtPbDEixgg0DfNoTcprBa7S2LzTAer7uNBlk9Ya7CMsMrS+Rvkek14uhZJQUTNckvrwc Risg== X-Google-Smtp-Source: AJdET5coJF0SArdUkBX2uzcVEAh/7jLAylWG698YIZUKILiuVsKGBzGnWYRxpkmoLBap66D1wkB0yQ== X-Received: by 2002:adf:eb8e:: with SMTP id t14-v6mr24865679wrn.109.1541525469811; Tue, 06 Nov 2018 09:31:09 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.31.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:31:09 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 17/22] kasan: add hooks implementation for tag-based mode Date: Tue, 6 Nov 2018 18:30:32 +0100 Message-Id: <5dd9582d3e4c6a8b144aea3913659c5a1befa0ac.1541525354.git.andreyknvl@google.com> X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP This commit adds tag-based KASAN specific hooks implementation and adjusts common generic and tag-based KASAN ones. 1. When a new slab cache is created, tag-based KASAN rounds up the size of the objects in this cache to KASAN_SHADOW_SCALE_SIZE (== 16). 2. On each kmalloc tag-based KASAN generates a random tag, sets the shadow memory, that corresponds to this object to this tag, and embeds this tag value into the top byte of the returned pointer. 3. On each kfree tag-based KASAN poisons the shadow memory with a random tag to allow detection of use-after-free bugs. The rest of the logic of the hook implementation is very much similar to the one provided by generic KASAN. Tag-based KASAN saves allocation and free stack metadata to the slab object the same way generic KASAN does. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- mm/kasan/common.c | 116 ++++++++++++++++++++++++++++++++++++++-------- mm/kasan/kasan.h | 8 ++++ mm/kasan/tags.c | 48 +++++++++++++++++++ 3 files changed, 153 insertions(+), 19 deletions(-) diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 7134e75447ff..27f0cae336c9 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -140,6 +140,13 @@ void kasan_poison_shadow(const void *address, size_t size, u8 value) { void *shadow_start, *shadow_end; + /* + * Perform shadow offset calculation based on untagged address, as + * some of the callers (e.g. kasan_poison_object_data) pass tagged + * addresses to this function. + */ + address = reset_tag(address); + shadow_start = kasan_mem_to_shadow(address); shadow_end = kasan_mem_to_shadow(address + size); @@ -148,11 +155,24 @@ void kasan_poison_shadow(const void *address, size_t size, u8 value) void kasan_unpoison_shadow(const void *address, size_t size) { - kasan_poison_shadow(address, size, 0); + u8 tag = get_tag(address); + + /* + * Perform shadow offset calculation based on untagged address, as + * some of the callers (e.g. kasan_unpoison_object_data) pass tagged + * addresses to this function. + */ + address = reset_tag(address); + + kasan_poison_shadow(address, size, tag); if (size & KASAN_SHADOW_MASK) { u8 *shadow = (u8 *)kasan_mem_to_shadow(address + size); - *shadow = size & KASAN_SHADOW_MASK; + + if (IS_ENABLED(CONFIG_KASAN_SW_TAGS)) + *shadow = tag; + else + *shadow = size & KASAN_SHADOW_MASK; } } @@ -200,8 +220,9 @@ void kasan_unpoison_stack_above_sp_to(const void *watermark) void kasan_alloc_pages(struct page *page, unsigned int order) { - if (likely(!PageHighMem(page))) - kasan_unpoison_shadow(page_address(page), PAGE_SIZE << order); + if (unlikely(PageHighMem(page))) + return; + kasan_unpoison_shadow(page_address(page), PAGE_SIZE << order); } void kasan_free_pages(struct page *page, unsigned int order) @@ -218,6 +239,9 @@ void kasan_free_pages(struct page *page, unsigned int order) */ static inline unsigned int optimal_redzone(unsigned int object_size) { + if (IS_ENABLED(CONFIG_KASAN_SW_TAGS)) + return 0; + return object_size <= 64 - 16 ? 16 : object_size <= 128 - 32 ? 32 : @@ -232,6 +256,7 @@ void kasan_cache_create(struct kmem_cache *cache, unsigned int *size, slab_flags_t *flags) { unsigned int orig_size = *size; + unsigned int redzone_size; int redzone_adjust; /* Add alloc meta. */ @@ -239,20 +264,20 @@ void kasan_cache_create(struct kmem_cache *cache, unsigned int *size, *size += sizeof(struct kasan_alloc_meta); /* Add free meta. */ - if (cache->flags & SLAB_TYPESAFE_BY_RCU || cache->ctor || - cache->object_size < sizeof(struct kasan_free_meta)) { + if (IS_ENABLED(CONFIG_KASAN_GENERIC) && + (cache->flags & SLAB_TYPESAFE_BY_RCU || cache->ctor || + cache->object_size < sizeof(struct kasan_free_meta))) { cache->kasan_info.free_meta_offset = *size; *size += sizeof(struct kasan_free_meta); } - redzone_adjust = optimal_redzone(cache->object_size) - - (*size - cache->object_size); + redzone_size = optimal_redzone(cache->object_size); + redzone_adjust = redzone_size - (*size - cache->object_size); if (redzone_adjust > 0) *size += redzone_adjust; *size = min_t(unsigned int, KMALLOC_MAX_SIZE, - max(*size, cache->object_size + - optimal_redzone(cache->object_size))); + max(*size, cache->object_size + redzone_size)); /* * If the metadata doesn't fit, don't enable KASAN at all. @@ -265,6 +290,8 @@ void kasan_cache_create(struct kmem_cache *cache, unsigned int *size, return; } + cache->align = round_up(cache->align, KASAN_SHADOW_SCALE_SIZE); + *flags |= SLAB_KASAN; } @@ -309,6 +336,32 @@ void kasan_poison_object_data(struct kmem_cache *cache, void *object) KASAN_KMALLOC_REDZONE); } +/* + * Since it's desirable to only call object contructors once during slab + * allocation, we preassign tags to all such objects. Also preassign tags for + * SLAB_TYPESAFE_BY_RCU slabs to avoid use-after-free reports. + * For SLAB allocator we can't preassign tags randomly since the freelist is + * stored as an array of indexes instead of a linked list. Assign tags based + * on objects indexes, so that objects that are next to each other get + * different tags. + * After a tag is assigned, the object always gets allocated with the same tag. + * The reason is that we can't change tags for objects with constructors on + * reallocation (even for non-SLAB_TYPESAFE_BY_RCU), because the constructor + * code can save the pointer to the object somewhere (e.g. in the object + * itself). Then if we retag it, the old saved pointer will become invalid. + */ +static u8 assign_tag(struct kmem_cache *cache, const void *object, bool new) +{ + if (!cache->ctor && !(cache->flags & SLAB_TYPESAFE_BY_RCU)) + return new ? KASAN_TAG_KERNEL : random_tag(); + +#ifdef CONFIG_SLAB + return (u8)obj_to_index(cache, virt_to_page(object), (void *)object); +#else + return new ? random_tag() : get_tag(object); +#endif +} + void *kasan_init_slab_obj(struct kmem_cache *cache, const void *object) { struct kasan_alloc_meta *alloc_info; @@ -319,6 +372,9 @@ void *kasan_init_slab_obj(struct kmem_cache *cache, const void *object) alloc_info = get_alloc_info(cache, object); __memset(alloc_info, 0, sizeof(*alloc_info)); + if (IS_ENABLED(CONFIG_KASAN_SW_TAGS)) + object = set_tag(object, assign_tag(cache, object, true)); + return (void *)object; } @@ -327,15 +383,30 @@ void *kasan_slab_alloc(struct kmem_cache *cache, void *object, gfp_t flags) return kasan_kmalloc(cache, object, cache->object_size, flags); } +static inline bool shadow_invalid(u8 tag, s8 shadow_byte) +{ + if (IS_ENABLED(CONFIG_KASAN_GENERIC)) + return shadow_byte < 0 || + shadow_byte >= KASAN_SHADOW_SCALE_SIZE; + else + return tag != (u8)shadow_byte; +} + static bool __kasan_slab_free(struct kmem_cache *cache, void *object, unsigned long ip, bool quarantine) { s8 shadow_byte; + u8 tag; + void *tagged_object; unsigned long rounded_up_size; + tag = get_tag(object); + tagged_object = object; + object = reset_tag(object); + if (unlikely(nearest_obj(cache, virt_to_head_page(object), object) != object)) { - kasan_report_invalid_free(object, ip); + kasan_report_invalid_free(tagged_object, ip); return true; } @@ -344,20 +415,22 @@ static bool __kasan_slab_free(struct kmem_cache *cache, void *object, return false; shadow_byte = READ_ONCE(*(s8 *)kasan_mem_to_shadow(object)); - if (shadow_byte < 0 || shadow_byte >= KASAN_SHADOW_SCALE_SIZE) { - kasan_report_invalid_free(object, ip); + if (shadow_invalid(tag, shadow_byte)) { + kasan_report_invalid_free(tagged_object, ip); return true; } rounded_up_size = round_up(cache->object_size, KASAN_SHADOW_SCALE_SIZE); kasan_poison_shadow(object, rounded_up_size, KASAN_KMALLOC_FREE); - if (!quarantine || unlikely(!(cache->flags & SLAB_KASAN))) + if ((IS_ENABLED(CONFIG_KASAN_GENERIC) && !quarantine) || + unlikely(!(cache->flags & SLAB_KASAN))) return false; set_track(&get_alloc_info(cache, object)->free_track, GFP_NOWAIT); quarantine_put(get_free_info(cache, object), cache); - return true; + + return IS_ENABLED(CONFIG_KASAN_GENERIC); } bool kasan_slab_free(struct kmem_cache *cache, void *object, unsigned long ip) @@ -370,6 +443,7 @@ void *kasan_kmalloc(struct kmem_cache *cache, const void *object, size_t size, { unsigned long redzone_start; unsigned long redzone_end; + u8 tag; if (gfpflags_allow_blocking(flags)) quarantine_reduce(); @@ -382,14 +456,18 @@ void *kasan_kmalloc(struct kmem_cache *cache, const void *object, size_t size, redzone_end = round_up((unsigned long)object + cache->object_size, KASAN_SHADOW_SCALE_SIZE); - kasan_unpoison_shadow(object, size); + if (IS_ENABLED(CONFIG_KASAN_SW_TAGS)) + tag = assign_tag(cache, object, false); + + /* Tag is ignored in set_tag without CONFIG_KASAN_SW_TAGS */ + kasan_unpoison_shadow(set_tag(object, tag), size); kasan_poison_shadow((void *)redzone_start, redzone_end - redzone_start, KASAN_KMALLOC_REDZONE); if (cache->flags & SLAB_KASAN) set_track(&get_alloc_info(cache, object)->alloc_track, flags); - return (void *)object; + return set_tag(object, tag); } EXPORT_SYMBOL(kasan_kmalloc); @@ -439,7 +517,7 @@ void kasan_poison_kfree(void *ptr, unsigned long ip) page = virt_to_head_page(ptr); if (unlikely(!PageSlab(page))) { - if (ptr != page_address(page)) { + if (reset_tag(ptr) != page_address(page)) { kasan_report_invalid_free(ptr, ip); return; } @@ -452,7 +530,7 @@ void kasan_poison_kfree(void *ptr, unsigned long ip) void kasan_kfree_large(void *ptr, unsigned long ip) { - if (ptr != page_address(virt_to_head_page(ptr))) + if (reset_tag(ptr) != page_address(virt_to_head_page(ptr))) kasan_report_invalid_free(ptr, ip); /* The object will be poisoned by page_alloc. */ } diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index 9b567f742539..0b27ec036e79 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -12,10 +12,18 @@ #define KASAN_TAG_INVALID 0xFE /* inaccessible memory tag */ #define KASAN_TAG_MAX 0xFD /* maximum value for random tags */ +#ifdef CONFIG_KASAN_GENERIC #define KASAN_FREE_PAGE 0xFF /* page was freed */ #define KASAN_PAGE_REDZONE 0xFE /* redzone for kmalloc_large allocations */ #define KASAN_KMALLOC_REDZONE 0xFC /* redzone inside slub object */ #define KASAN_KMALLOC_FREE 0xFB /* object was freed (kmem_cache_free/kfree) */ +#else +#define KASAN_FREE_PAGE KASAN_TAG_INVALID +#define KASAN_PAGE_REDZONE KASAN_TAG_INVALID +#define KASAN_KMALLOC_REDZONE KASAN_TAG_INVALID +#define KASAN_KMALLOC_FREE KASAN_TAG_INVALID +#endif + #define KASAN_GLOBAL_REDZONE 0xFA /* redzone for global variable */ /* diff --git a/mm/kasan/tags.c b/mm/kasan/tags.c index 700323946867..a3cca11e4fed 100644 --- a/mm/kasan/tags.c +++ b/mm/kasan/tags.c @@ -78,15 +78,60 @@ void *kasan_reset_tag(const void *addr) void check_memory_region(unsigned long addr, size_t size, bool write, unsigned long ret_ip) { + u8 tag; + u8 *shadow_first, *shadow_last, *shadow; + void *untagged_addr; + + if (unlikely(size == 0)) + return; + + tag = get_tag((const void *)addr); + + /* + * Ignore accesses for pointers tagged with 0xff (native kernel + * pointer tag) to suppress false positives caused by kmap. + * + * Some kernel code was written to account for archs that don't keep + * high memory mapped all the time, but rather map and unmap particular + * pages when needed. Instead of storing a pointer to the kernel memory, + * this code saves the address of the page structure and offset within + * that page for later use. Those pages are then mapped and unmapped + * with kmap/kunmap when necessary and virt_to_page is used to get the + * virtual address of the page. For arm64 (that keeps the high memory + * mapped all the time), kmap is turned into a page_address call. + + * The issue is that with use of the page_address + virt_to_page + * sequence the top byte value of the original pointer gets lost (gets + * set to KASAN_TAG_KERNEL (0xFF)). + */ + if (tag == KASAN_TAG_KERNEL) + return; + + untagged_addr = reset_tag((const void *)addr); + if (unlikely(untagged_addr < + kasan_shadow_to_mem((void *)KASAN_SHADOW_START))) { + kasan_report(addr, size, write, ret_ip); + return; + } + shadow_first = kasan_mem_to_shadow(untagged_addr); + shadow_last = kasan_mem_to_shadow(untagged_addr + size - 1); + for (shadow = shadow_first; shadow <= shadow_last; shadow++) { + if (*shadow != tag) { + kasan_report(addr, size, write, ret_ip); + return; + } + } } #define DEFINE_HWASAN_LOAD_STORE(size) \ void __hwasan_load##size##_noabort(unsigned long addr) \ { \ + check_memory_region(addr, size, false, _RET_IP_); \ } \ EXPORT_SYMBOL(__hwasan_load##size##_noabort); \ void __hwasan_store##size##_noabort(unsigned long addr) \ { \ + check_memory_region(addr, size, true, _RET_IP_); \ } \ EXPORT_SYMBOL(__hwasan_store##size##_noabort) @@ -98,15 +143,18 @@ DEFINE_HWASAN_LOAD_STORE(16); void __hwasan_loadN_noabort(unsigned long addr, unsigned long size) { + check_memory_region(addr, size, false, _RET_IP_); } EXPORT_SYMBOL(__hwasan_loadN_noabort); void __hwasan_storeN_noabort(unsigned long addr, unsigned long size) { + check_memory_region(addr, size, true, _RET_IP_); } EXPORT_SYMBOL(__hwasan_storeN_noabort); void __hwasan_tag_memory(unsigned long addr, u8 tag, unsigned long size) { + kasan_poison_shadow((void *)addr, size, tag); } EXPORT_SYMBOL(__hwasan_tag_memory); From patchwork Tue Nov 6 17:30:33 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670977 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0B59A13BF for ; Tue, 6 Nov 2018 17:31:53 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E9DBF2ABF5 for ; Tue, 6 Nov 2018 17:31:52 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E71582ABF9; Tue, 6 Nov 2018 17:31:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 581DD2ABE9 for ; Tue, 6 Nov 2018 17:31:52 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 270906B0375; Tue, 6 Nov 2018 12:31:14 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 220D86B0377; Tue, 6 Nov 2018 12:31:14 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0C15B6B0378; Tue, 6 Nov 2018 12:31:14 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by kanga.kvack.org (Postfix) with ESMTP id A88326B0375 for ; Tue, 6 Nov 2018 12:31:13 -0500 (EST) Received: by mail-wm1-f71.google.com with SMTP id c13-v6so11429304wmb.8 for ; Tue, 06 Nov 2018 09:31:13 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=qG7GGQswG6z6qbF8z455/sUNiXtUU10lOp1Oj7JJWlA=; b=nrE/rTWBdheGZqDS/o/eR7CuiHVuCnfJ1y5hMP6BZiaXhofdMzyoUNvVShbInLfg46 0Oc/nOkkt4WWs0e4qFzu07AhG6seuWUg8dYyydN8Ju5/Z8q+CuYarKI6/bVeE2ovm8tz 0p/iD8x69iyBWP2EdjhvIfcXJALNikPNN7uIsHRl/YdGTej43F7FTKDYMpX1x4H1u6hA xCJYR9isWxvzpzTY1aD6oTCo0e23xiyW3p6eWHRHDl8psOWoCwYTIqvhr+svtMVHrX6l 1QXdRjSE7QcoCXhuJjM/VPY2pvARJKgyCKcpvXwsXjb7orv70AiBaIW1xkL2BX8KCAMs ScnQ== X-Gm-Message-State: AGRZ1gJi0Xcs6dqybbyDFLsbPgMGWV3ta1dt1ZVOPRxBwR6TjI04wzpy kAw2clj7jnakwUxIgonIJJT9PpKoe83xydQwDC5MP8yxuzcNI5JwdX8H8tpfPh7nzzuJ84/MkFJ xwpwYHaQ7DObB2LNGd184iuDdQ0dFmKNGcAAqAsklVHFJVtywPRHN4D6Ta5MdkM3LY+jthmXFcT QE+YMeBLS4QRunICD+cHc904fQXh8hJ8M4YFKsqRxSxW7gx817KH2G24rnPlq7OyeiVitAIpIRC p5En/lPsVioEUoKNYYhX2KeGv6pAU7S/iHg93o7SOyt3lIhO90+aEp/gZq0CnfiXid3GDrhQKpi YtGj/B+XvXt4Y07Xvx63XroGkaFh+MKldtA0VyjgBb8ykeO86wjvD1R3yW9SkXHn2G7FnyvVn6f u X-Received: by 2002:a5d:680c:: with SMTP id w12-v6mr22943537wru.248.1541525473125; Tue, 06 Nov 2018 09:31:13 -0800 (PST) X-Received: by 2002:a5d:680c:: with SMTP id w12-v6mr22943457wru.248.1541525472072; Tue, 06 Nov 2018 09:31:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525472; cv=none; d=google.com; s=arc-20160816; b=DwjW+4iw8nal57iC2712L6EKphI6EtopAZ79ZoYPoSW9nTsuuYUKxYodlQH6irn6S4 XWBgf36DvuoMv2QP7VOaivq3xppPQc5Pug9BLUXmTroWeOdiQ5RsADqGDZYrhAM+I2U8 56dn6cVtb7m3y5JTK3zWwSDGC3CnQqJPpoaD/yN+fH19xxZYcg0li7xXvBU7iVlu8SHl 37fXIuePstACV2ZualYrOvv1E5zvavVnD0Rn+AbRBQrDUsh6h5s4pGpgfOSfmSAfI2LL TTH9DGMkgalf6axGN/9QQkZkOCinUFQZQc+Bn33/ya8unBSJQzc26hD7cUDGNYOtSlPG gyOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=qG7GGQswG6z6qbF8z455/sUNiXtUU10lOp1Oj7JJWlA=; b=mKTlEBED11SOGeWVeDra1H27F3nyjMht/7OPwZum/EDxm/EyyGODHr51FWw9dkyDld t3HpN0FdIz4awrgZDHEWVMOuKZgtbhnEfOHB/imYDqWwpJWNN7XFyjYATVNKvfqgjqLO eheS+2pcdp8Bmr7DfZMirGJr7Zf9Cs5+lVw3DyCWn4yDPt7E+qPmrdEGK4ZQYot92ksM 6thnV2R/SxyZDGvtYQ8YMyVN6uR4c/mVkuO9j20NzDI+1ryDAE6s13t7m8fre1xADSPp 7j6KTFO90ZR4cxanfsnXr22wML3khpaxSUar7Vln4UtaFlaPHBXx+Y1soFtgH5sOL3wY 9CSw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=usrC+MmM; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id r23-v6sor1711074wmh.19.2018.11.06.09.31.11 for (Google Transport Security); Tue, 06 Nov 2018 09:31:12 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=usrC+MmM; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=qG7GGQswG6z6qbF8z455/sUNiXtUU10lOp1Oj7JJWlA=; b=usrC+MmM1aDZFeALAY/qucJYeM4DBspv73RKgp/1or3/pITpA9tPm07GhuzXp4K/qJ NnundVooazUik2QJ9SkARp1FgSFa4am9Bx7wzJf5fUmyTdq83QfnHlZIk1Ck2yg1XoRt 89ehgwWlydiqqniexC0JAVha4GEz1HJ8sVb0k7qPLQWbzm/KfQhzI73ZABvu6g79Rvtb JpcFj8ttwmrcGpijLGtYLl4vOUEFHDLJxMAvCsfsXf0p8MM9X8+NDsjYzRmljOBKMbB5 BE2quiA40/7eoG51sKOUETR5fhtyj66KeEoDmG0+yxrD3y9mvPBBEyBO/dYCigFCFC/D v+Tw== X-Google-Smtp-Source: AJdET5d3fUoOAj9jJzdwBL4RII3aygkS9jrUMcIOVUis2WZl2TDUzOuau/0A2MWlKD+3Rw/caxIKfA== X-Received: by 2002:a1c:6c09:: with SMTP id h9-v6mr2715568wmc.131.1541525471472; Tue, 06 Nov 2018 09:31:11 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.31.09 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:31:10 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 18/22] kasan, arm64: add brk handler for inline instrumentation Date: Tue, 6 Nov 2018 18:30:33 +0100 Message-Id: X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Tag-based KASAN inline instrumentation mode (which embeds checks of shadow memory into the generated code, instead of inserting a callback) generates a brk instruction when a tag mismatch is detected. This commit adds a tag-based KASAN specific brk handler, that decodes the immediate value passed to the brk instructions (to extract information about the memory access that triggered the mismatch), reads the register values (x0 contains the guilty address) and reports the bug. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- arch/arm64/include/asm/brk-imm.h | 2 + arch/arm64/kernel/traps.c | 68 +++++++++++++++++++++++++++++++- include/linux/kasan.h | 3 ++ 3 files changed, 71 insertions(+), 2 deletions(-) diff --git a/arch/arm64/include/asm/brk-imm.h b/arch/arm64/include/asm/brk-imm.h index ed693c5bcec0..2945fe6cd863 100644 --- a/arch/arm64/include/asm/brk-imm.h +++ b/arch/arm64/include/asm/brk-imm.h @@ -16,10 +16,12 @@ * 0x400: for dynamic BRK instruction * 0x401: for compile time BRK instruction * 0x800: kernel-mode BUG() and WARN() traps + * 0x9xx: tag-based KASAN trap (allowed values 0x900 - 0x9ff) */ #define FAULT_BRK_IMM 0x100 #define KGDB_DYN_DBG_BRK_IMM 0x400 #define KGDB_COMPILED_DBG_BRK_IMM 0x401 #define BUG_BRK_IMM 0x800 +#define KASAN_BRK_IMM 0x900 #endif diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c index 5f4d9acb32f5..04bdc53716ef 100644 --- a/arch/arm64/kernel/traps.c +++ b/arch/arm64/kernel/traps.c @@ -35,6 +35,7 @@ #include #include #include +#include #include #include @@ -284,10 +285,14 @@ void arm64_notify_die(const char *str, struct pt_regs *regs, } } -void arm64_skip_faulting_instruction(struct pt_regs *regs, unsigned long size) +void __arm64_skip_faulting_instruction(struct pt_regs *regs, unsigned long size) { regs->pc += size; +} +void arm64_skip_faulting_instruction(struct pt_regs *regs, unsigned long size) +{ + __arm64_skip_faulting_instruction(regs, size); /* * If we were single stepping, we want to get the step exception after * we return from the trap. @@ -959,7 +964,7 @@ static int bug_handler(struct pt_regs *regs, unsigned int esr) } /* If thread survives, skip over the BUG instruction and continue: */ - arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); + __arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); return DBG_HOOK_HANDLED; } @@ -969,6 +974,58 @@ static struct break_hook bug_break_hook = { .fn = bug_handler, }; +#ifdef CONFIG_KASAN_SW_TAGS + +#define KASAN_ESR_RECOVER 0x20 +#define KASAN_ESR_WRITE 0x10 +#define KASAN_ESR_SIZE_MASK 0x0f +#define KASAN_ESR_SIZE(esr) (1 << ((esr) & KASAN_ESR_SIZE_MASK)) + +static int kasan_handler(struct pt_regs *regs, unsigned int esr) +{ + bool recover = esr & KASAN_ESR_RECOVER; + bool write = esr & KASAN_ESR_WRITE; + size_t size = KASAN_ESR_SIZE(esr); + u64 addr = regs->regs[0]; + u64 pc = regs->pc; + + if (user_mode(regs)) + return DBG_HOOK_ERROR; + + kasan_report(addr, size, write, pc); + + /* + * The instrumentation allows to control whether we can proceed after + * a crash was detected. This is done by passing the -recover flag to + * the compiler. Disabling recovery allows to generate more compact + * code. + * + * Unfortunately disabling recovery doesn't work for the kernel right + * now. KASAN reporting is disabled in some contexts (for example when + * the allocator accesses slab object metadata; this is controlled by + * current->kasan_depth). All these accesses are detected by the tool, + * even though the reports for them are not printed. + * + * This is something that might be fixed at some point in the future. + */ + if (!recover) + die("Oops - KASAN", regs, 0); + + /* If thread survives, skip over the brk instruction and continue: */ + __arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); + return DBG_HOOK_HANDLED; +} + +#define KASAN_ESR_VAL (0xf2000000 | KASAN_BRK_IMM) +#define KASAN_ESR_MASK 0xffffff00 + +static struct break_hook kasan_break_hook = { + .esr_val = KASAN_ESR_VAL, + .esr_mask = KASAN_ESR_MASK, + .fn = kasan_handler, +}; +#endif + /* * Initial handler for AArch64 BRK exceptions * This handler only used until debug_traps_init(). @@ -976,6 +1033,10 @@ static struct break_hook bug_break_hook = { int __init early_brk64(unsigned long addr, unsigned int esr, struct pt_regs *regs) { +#ifdef CONFIG_KASAN_SW_TAGS + if ((esr & KASAN_ESR_MASK) == KASAN_ESR_VAL) + return kasan_handler(regs, esr) != DBG_HOOK_HANDLED; +#endif return bug_handler(regs, esr) != DBG_HOOK_HANDLED; } @@ -983,4 +1044,7 @@ int __init early_brk64(unsigned long addr, unsigned int esr, void __init trap_init(void) { register_break_hook(&bug_break_hook); +#ifdef CONFIG_KASAN_SW_TAGS + register_break_hook(&kasan_break_hook); +#endif } diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 4c9d6f9029f2..d5a2a7f1f72c 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -173,6 +173,9 @@ void kasan_init_tags(void); void *kasan_reset_tag(const void *addr); +void kasan_report(unsigned long addr, size_t size, + bool is_write, unsigned long ip); + #else /* CONFIG_KASAN_SW_TAGS */ static inline void kasan_init_tags(void) { } From patchwork Tue Nov 6 17:30:34 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670983 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6ECA415E9 for ; Tue, 6 Nov 2018 17:31:58 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 58E3B2AC0E for ; Tue, 6 Nov 2018 17:31:58 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4B57A2AC09; Tue, 6 Nov 2018 17:31:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 602A52ABBC for ; Tue, 6 Nov 2018 17:31:57 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 277126B0379; Tue, 6 Nov 2018 12:31:17 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 1D3396B037B; Tue, 6 Nov 2018 12:31:17 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0000B6B037C; Tue, 6 Nov 2018 12:31:16 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by kanga.kvack.org (Postfix) with ESMTP id 915106B0379 for ; Tue, 6 Nov 2018 12:31:16 -0500 (EST) Received: by mail-wm1-f72.google.com with SMTP id h67-v6so11443805wmh.0 for ; Tue, 06 Nov 2018 09:31:16 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=DBi4b5mp1uQMIpBdyajagHQ1WOtpTOcwif2rDCgCV7o=; b=W5nS/eECDAosRt4tLt6Mk0nCjufrW6edgojhsxaSxk2b4C6mPlNFqIJ34//hyhoCqn hwrFm7IRYryJC+ZsDkglmX/zy/YjIEXGifa73YMVbnn8t7Sd9G2+bSpG8wHsPgyqnJ8S gnhA+wYIQgpz5wLXbbhVIa/GiOu8Js9+47FbrZuyuswFnCyCvpaeXbsvk45W8CytOgPD 8RUpoXmIa8ms3lX4IJT9N1+KU/HMl3oHReC5iASA+lYDeUIf5aLi1NVIsy3GL4v0AaFO JbxKQ70ddK7FhkINTCvtRNMp0yXE9weUx3VvZ57huosVGmm3PvAET8BspB6UXTNaUntQ axUA== X-Gm-Message-State: AGRZ1gJun2Whw3cDXYR1i0CJ+cEDPk3xf1IuxiLtId76ZybuTvsDgPPf TEnTKDyvLUymTbN/F3W8zk6xIiRZclLeoW3a6tK0vyra7qVKBzfv/7iFjY5jZJHndpmzQMT4Tci az9In/iz1+A8VP15MhSiB3HrFKtBVtYGTPpPEXJMjy5YRE6PTSbaDToEbD3A+MBc+DAWvq98STR U74LlxsbtLXTaeCidujbxRl8RYGV+50t0AnRp7n5ShNftGw3tiwlqkOF8iX6/lsGQHAMeCrI5Eo lLJmfRT/hsUFX0oB0u71gWvAiXstQ8IjeaSdg/zkZPehUt09hbPTeEBjiDeJ8EbNfGFUyRFzCOI iaMyuhG0csr7jDVhCkBgLdGIrTuxKUKG/UPykL4+NnPi2cOApFIZnUdsaGvXKDMVOcE6f9V0u+A R X-Received: by 2002:adf:d1c6:: with SMTP id m6-v6mr2668996wri.138.1541525475090; Tue, 06 Nov 2018 09:31:15 -0800 (PST) X-Received: by 2002:adf:d1c6:: with SMTP id m6-v6mr2668925wri.138.1541525473985; Tue, 06 Nov 2018 09:31:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525473; cv=none; d=google.com; s=arc-20160816; b=XgzIMw59hHqb9FPn2VdXh2fe4naoihNJ+RXIorKYNR8n716G2EdXhJbjkZlNnOVIyB vPzYfyRvCQuxksOLY4SpwjjyEhQ4kiuS9aCQZgfmLvW5ltELH6iLJE6qdjgmCQlSpj3M wiLYQIPUHDnIvHAqqOfu6K0xiQj8CFgHK5WHMqLeEnN2cyCqV2oEBqCltNjXABp9WDvC gGz3DQr5Wnm9y6r4L1nH7FU1FzmnyQOLTBCyYsRX1+rTzg7bULCrhZWIMWy8Snmr6pX5 mWbyKUmKQoCoXazU6BBGwNlW/zN3QsKBeTeJFz2DSoTi3h+DqdQu23o9XF4eII7Zf2CD 2AeA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=DBi4b5mp1uQMIpBdyajagHQ1WOtpTOcwif2rDCgCV7o=; b=YVrnfpXxiqI4rsNUfm1c8eDW7CGoPKIL58EpSNysBBDYNB/ybTMwenUx0AAsabDjY8 ZkogZCLprA3/crpSsQxn7XM+g8+yesB4PpO4n9civvn9IuQFCbUI0z/PDDK0+jeEvzbF 5shLbZnSiSgbZtIT/tLOZ7KRkzGpEIuIBVykOwlmMfDS7geCTZcVOspR7iyhbcDjLhGG AQugUUlZFS7tkoHFO4UgnNUf9h5PCiFMKioCJ03ty+YbE67sTEJF/g0g8CkWgsoNkAEy 4ZCn7eesKSoHuQNlpozDb6sqpq9Ac6nEFNyOHsYXsTkNqrbG+RfuYOeuv2vu9Ejx1ZzB tkLA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=r71XCKY5; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id y2-v6sor1724909wmg.16.2018.11.06.09.31.13 for (Google Transport Security); Tue, 06 Nov 2018 09:31:13 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=r71XCKY5; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=DBi4b5mp1uQMIpBdyajagHQ1WOtpTOcwif2rDCgCV7o=; b=r71XCKY5JOOhJklIvp8L6g7T6Eiq+KqLVewDKvtcuMcJn7F58q3B/1HqHW5s5zHnCf ahWNhVFjUWTqjyCFVWO7NST8b8ilf2mNr3EnsBfwnpzFOMPC8K/VsiuCA7mCKIVH6rZi Kv9jKkcNyY4dcCoyQeCXwZ0MTeWgFpGjR4vsNgw2tSW8/DwQpdB6dc3uEGfrp2RsyJ3V mbdkQLj9q8BUfDSkX8WB3YXl+ZaW7Ya4PUEcZnfDUg4lEPzVjW9/sUGCuhDOScgQhnkq BggKOtjBB+5pgCPcFlTfdfpcjAjLUsuOiTsX2NxiUY7mwGveBxKjwQIK7J5NyOVNi+9g Gi2w== X-Google-Smtp-Source: AJdET5cULYwcOHC8ORe5fmEH1QOsk6mtjsMrg71esstmiY2xGlxcGrQZRwBGvq0FAc6Vam1oXhmMCw== X-Received: by 2002:a7b:c10e:: with SMTP id w14-v6mr2775079wmi.20.1541525473251; Tue, 06 Nov 2018 09:31:13 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.31.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:31:12 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 19/22] kasan, mm, arm64: tag non slab memory allocated via pagealloc Date: Tue, 6 Nov 2018 18:30:34 +0100 Message-Id: <34f2d93fec145f7903944fca2e99c4a435eb1192.1541525354.git.andreyknvl@google.com> X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Tag-based KASAN doesn't check memory accesses through pointers tagged with 0xff. When page_address is used to get pointer to memory that corresponds to some page, the tag of the resulting pointer gets set to 0xff, even though the allocated memory might have been tagged differently. For slab pages it's impossible to recover the correct tag to return from page_address, since the page might contain multiple slab objects tagged with different values, and we can't know in advance which one of them is going to get accessed. For non slab pages however, we can recover the tag in page_address, since the whole page was marked with the same tag. This patch adds tagging to non slab memory allocated with pagealloc. To set the tag of the pointer returned from page_address, the tag gets stored to page->flags when the memory gets allocated. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- arch/arm64/include/asm/memory.h | 9 ++++++++- include/linux/mm.h | 29 +++++++++++++++++++++++++++++ include/linux/page-flags-layout.h | 10 ++++++++++ mm/cma.c | 11 +++++++++++ mm/kasan/common.c | 15 +++++++++++++-- mm/page_alloc.c | 1 + mm/slab.c | 2 +- 7 files changed, 73 insertions(+), 4 deletions(-) diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h index 3226a0218b0b..b7108161732e 100644 --- a/arch/arm64/include/asm/memory.h +++ b/arch/arm64/include/asm/memory.h @@ -98,6 +98,7 @@ KASAN_TAG_SHIFTED(tag)) #define KASAN_RESET_TAG(addr) KASAN_SET_TAG(addr, 0xff) #else +#define KASAN_SET_TAG(addr, tag) addr #define KASAN_RESET_TAG(addr) addr #endif @@ -309,7 +310,13 @@ static inline void *phys_to_virt(phys_addr_t x) #define __virt_to_pgoff(kaddr) (((u64)(kaddr) & ~PAGE_OFFSET) / PAGE_SIZE * sizeof(struct page)) #define __page_to_voff(kaddr) (((u64)(kaddr) & ~VMEMMAP_START) * PAGE_SIZE / sizeof(struct page)) -#define page_to_virt(page) ((void *)((__page_to_voff(page)) | PAGE_OFFSET)) +#define page_to_virt(page) ({ \ + unsigned long __addr = \ + ((__page_to_voff(page)) | PAGE_OFFSET); \ + __addr = KASAN_SET_TAG(__addr, page_kasan_tag(page)); \ + ((void *)__addr); \ +}) + #define virt_to_page(vaddr) ((struct page *)((__virt_to_pgoff(vaddr)) | VMEMMAP_START)) #define _virt_addr_valid(kaddr) pfn_valid((((u64)(kaddr) & ~PAGE_OFFSET) \ diff --git a/include/linux/mm.h b/include/linux/mm.h index fcf9cc9d535f..03c37e25ee10 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -804,6 +804,7 @@ vm_fault_t finish_mkwrite_fault(struct vm_fault *vmf); #define NODES_PGOFF (SECTIONS_PGOFF - NODES_WIDTH) #define ZONES_PGOFF (NODES_PGOFF - ZONES_WIDTH) #define LAST_CPUPID_PGOFF (ZONES_PGOFF - LAST_CPUPID_WIDTH) +#define KASAN_TAG_PGOFF (LAST_CPUPID_PGOFF - KASAN_TAG_WIDTH) /* * Define the bit shifts to access each section. For non-existent @@ -814,6 +815,7 @@ vm_fault_t finish_mkwrite_fault(struct vm_fault *vmf); #define NODES_PGSHIFT (NODES_PGOFF * (NODES_WIDTH != 0)) #define ZONES_PGSHIFT (ZONES_PGOFF * (ZONES_WIDTH != 0)) #define LAST_CPUPID_PGSHIFT (LAST_CPUPID_PGOFF * (LAST_CPUPID_WIDTH != 0)) +#define KASAN_TAG_PGSHIFT (KASAN_TAG_PGOFF * (KASAN_TAG_WIDTH != 0)) /* NODE:ZONE or SECTION:ZONE is used to ID a zone for the buddy allocator */ #ifdef NODE_NOT_IN_PAGE_FLAGS @@ -836,6 +838,7 @@ vm_fault_t finish_mkwrite_fault(struct vm_fault *vmf); #define NODES_MASK ((1UL << NODES_WIDTH) - 1) #define SECTIONS_MASK ((1UL << SECTIONS_WIDTH) - 1) #define LAST_CPUPID_MASK ((1UL << LAST_CPUPID_SHIFT) - 1) +#define KASAN_TAG_MASK ((1UL << KASAN_TAG_WIDTH) - 1) #define ZONEID_MASK ((1UL << ZONEID_SHIFT) - 1) static inline enum zone_type page_zonenum(const struct page *page) @@ -1101,6 +1104,32 @@ static inline bool cpupid_match_pid(struct task_struct *task, int cpupid) } #endif /* CONFIG_NUMA_BALANCING */ +#ifdef CONFIG_KASAN_SW_TAGS +static inline u8 page_kasan_tag(const struct page *page) +{ + return (page->flags >> KASAN_TAG_PGSHIFT) & KASAN_TAG_MASK; +} + +static inline void page_kasan_tag_set(struct page *page, u8 tag) +{ + page->flags &= ~(KASAN_TAG_MASK << KASAN_TAG_PGSHIFT); + page->flags |= (tag & KASAN_TAG_MASK) << KASAN_TAG_PGSHIFT; +} + +static inline void page_kasan_tag_reset(struct page *page) +{ + page_kasan_tag_set(page, 0xff); +} +#else +static inline u8 page_kasan_tag(const struct page *page) +{ + return 0xff; +} + +static inline void page_kasan_tag_set(struct page *page, u8 tag) { } +static inline void page_kasan_tag_reset(struct page *page) { } +#endif + static inline struct zone *page_zone(const struct page *page) { return &NODE_DATA(page_to_nid(page))->node_zones[page_zonenum(page)]; diff --git a/include/linux/page-flags-layout.h b/include/linux/page-flags-layout.h index 7ec86bf31ce4..1dda31825ec4 100644 --- a/include/linux/page-flags-layout.h +++ b/include/linux/page-flags-layout.h @@ -82,6 +82,16 @@ #define LAST_CPUPID_WIDTH 0 #endif +#ifdef CONFIG_KASAN_SW_TAGS +#define KASAN_TAG_WIDTH 8 +#if SECTIONS_WIDTH+NODES_WIDTH+ZONES_WIDTH+LAST_CPUPID_WIDTH+KASAN_TAG_WIDTH \ + > BITS_PER_LONG - NR_PAGEFLAGS +#error "KASAN: not enough bits in page flags for tag" +#endif +#else +#define KASAN_TAG_WIDTH 0 +#endif + /* * We are going to use the flags for the page to node mapping if its in * there. This includes the case where there is no node, so it is implicit. diff --git a/mm/cma.c b/mm/cma.c index 4cb76121a3ab..c7b39dd3b4f6 100644 --- a/mm/cma.c +++ b/mm/cma.c @@ -407,6 +407,7 @@ struct page *cma_alloc(struct cma *cma, size_t count, unsigned int align, unsigned long pfn = -1; unsigned long start = 0; unsigned long bitmap_maxno, bitmap_no, bitmap_count; + size_t i; struct page *page = NULL; int ret = -ENOMEM; @@ -466,6 +467,16 @@ struct page *cma_alloc(struct cma *cma, size_t count, unsigned int align, trace_cma_alloc(pfn, page, count, align); + /* + * CMA can allocate multiple page blocks, which results in different + * blocks being marked with different tags. Reset the tags to ignore + * those page blocks. + */ + if (page) { + for (i = 0; i < count; i++) + page_kasan_tag_reset(page + i); + } + if (ret && !no_warn) { pr_err("%s: alloc failed, req-size: %zu pages, ret: %d\n", __func__, count, ret); diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 27f0cae336c9..195ca385cf7a 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -220,8 +220,15 @@ void kasan_unpoison_stack_above_sp_to(const void *watermark) void kasan_alloc_pages(struct page *page, unsigned int order) { + u8 tag; + unsigned long i; + if (unlikely(PageHighMem(page))) return; + + tag = random_tag(); + for (i = 0; i < (1 << order); i++) + page_kasan_tag_set(page + i, tag); kasan_unpoison_shadow(page_address(page), PAGE_SIZE << order); } @@ -319,6 +326,10 @@ struct kasan_free_meta *get_free_info(struct kmem_cache *cache, void kasan_poison_slab(struct page *page) { + unsigned long i; + + for (i = 0; i < (1 << compound_order(page)); i++) + page_kasan_tag_reset(page + i); kasan_poison_shadow(page_address(page), PAGE_SIZE << compound_order(page), KASAN_KMALLOC_REDZONE); @@ -517,7 +528,7 @@ void kasan_poison_kfree(void *ptr, unsigned long ip) page = virt_to_head_page(ptr); if (unlikely(!PageSlab(page))) { - if (reset_tag(ptr) != page_address(page)) { + if (ptr != page_address(page)) { kasan_report_invalid_free(ptr, ip); return; } @@ -530,7 +541,7 @@ void kasan_poison_kfree(void *ptr, unsigned long ip) void kasan_kfree_large(void *ptr, unsigned long ip) { - if (reset_tag(ptr) != page_address(virt_to_head_page(ptr))) + if (ptr != page_address(virt_to_head_page(ptr))) kasan_report_invalid_free(ptr, ip); /* The object will be poisoned by page_alloc. */ } diff --git a/mm/page_alloc.c b/mm/page_alloc.c index a919ba5cb3c8..ed6dc8f18c01 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -1183,6 +1183,7 @@ static void __meminit __init_single_page(struct page *page, unsigned long pfn, init_page_count(page); page_mapcount_reset(page); page_cpupid_reset_last(page); + page_kasan_tag_reset(page); INIT_LIST_HEAD(&page->lru); #ifdef WANT_PAGE_VIRTUAL diff --git a/mm/slab.c b/mm/slab.c index d2f827316dfc..d747433ecdbb 100644 --- a/mm/slab.c +++ b/mm/slab.c @@ -2357,7 +2357,7 @@ static void *alloc_slabmgmt(struct kmem_cache *cachep, void *freelist; void *addr = page_address(page); - page->s_mem = addr + colour_off; + page->s_mem = kasan_reset_tag(addr) + colour_off; page->active = 0; if (OBJFREELIST_SLAB(cachep)) From patchwork Tue Nov 6 17:30:35 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10670993 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1879815E9 for ; Tue, 6 Nov 2018 17:32:03 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 030AB2AC02 for ; Tue, 6 Nov 2018 17:32:03 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 00ABE2ABF3; Tue, 6 Nov 2018 17:32:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7632D2AB30 for ; Tue, 6 Nov 2018 17:32:02 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 754CB6B037A; Tue, 6 Nov 2018 12:31:17 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 701AA6B037C; Tue, 6 Nov 2018 12:31:17 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5A5EB6B037D; Tue, 6 Nov 2018 12:31:17 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com [209.85.221.71]) by kanga.kvack.org (Postfix) with ESMTP id DEBB56B037A for ; Tue, 6 Nov 2018 12:31:16 -0500 (EST) Received: by mail-wr1-f71.google.com with SMTP id 37-v6so12407863wrb.15 for ; Tue, 06 Nov 2018 09:31:16 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=8r2DFMCmgv2dbc3cAFakXBt3nELpcd/DvTnHXWqU0so=; b=QSTQ0zNgaggJb2M+WpfKDxw6zwkj/uqpoTi+QthkkcuXI/mTfxkL12XfmEAPg5qtgq cTiPagnpQ7Qciq8gKVQbxD40FaHvI1UDRpqS/G+ewX2sZuaaXSwnwtag6e5wQrOIYg4V UcceZsAUbM817U8i3Hc1jTyeTkDeN3mD5MFanVh181O6TJYQf9FJy9ZorNRRfjc9E98l 2Pi+2VwFCKIA4u3aLFKlGuyl0/4B+AZYq2mV8YyJqCrqJMW0bzqKPKUhUCe1RcLw0BzZ odEgx21Pnw0FkFCDktg7eYTa2Xmpw/YqJrdwpxYlRzGLBTcbZLpchPSLWsAnkXuOjzkX lMZQ== X-Gm-Message-State: AGRZ1gIYvj4sJFmCSNVbScoTxkqIq34XpEnIIQxnWQxAL7znL78eixmS xh/RuNizvioUPzk7pl5vP8s7UGJZJ+KqA3atd6a9XdLa2WFnXV22JwEJ7Zzv/xAxU79yFTOIqZF gPaFE+Q35IkFopKvP7X41gN9GIZ6nvi+pI0jiGvvstPQkrlB03zrU9JyUlWtKr2RHgNbFurU6RN 1b3RfKwf0BG0pJ0+KufB9LTudCOsRatRAQVUQ31N3C4sTxd2bSrIO/GAvO4bJiM8yj3XsQ0EM5h YpoQEtNQZlYw0YtVHJEuNSfRs+odLPck8LUr2rpzVUepSb+kR7dNgFM1Tgp88PGByynNPbACg9k n+tlbubDGEAkjCbGUcsmGDB8mkpiPeQbBYlxW/Y5CIhHHxDxiE2LxpsH4p5AjNIqVlBcs96asOG 5 X-Received: by 2002:adf:e6c4:: with SMTP id y4-v6mr16092730wrm.101.1541525476448; Tue, 06 Nov 2018 09:31:16 -0800 (PST) X-Received: by 2002:adf:e6c4:: with SMTP id y4-v6mr16092657wrm.101.1541525475401; Tue, 06 Nov 2018 09:31:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525475; cv=none; d=google.com; s=arc-20160816; b=jEnWGE6Z+pdFJtviJEBOFBQjqyI2MEURP+AFBpMexGQ/O1hMvEUuk6NVETbZIDlrOq ofihlHQuFCAsWMrzheTfXgaEfHuHsCe1lv00J8MJjGUBn/ARrwVGTjE6aL0OiTKemkgu +f+K4s6mbgG2gN3PvaCKuangyIhAKzCn4RJNIJzGmMk7FhtQG3HpH7teNTELDvwMdkQ9 LJeeG0lPQPWq3vE/cE3//nlfPDKQbLPsuAJJS5rA8qaL4FlqIsBkQFrYaA62EUURDNE3 zNR2Z/APdvJk+u2UDWZIpY8L67DYKmcr//MIjtVFIMQoq9eqn3/21ci0/vkERrRB1XUo nOXg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=8r2DFMCmgv2dbc3cAFakXBt3nELpcd/DvTnHXWqU0so=; b=Z4XhwHzyZwpcJ4LFyKzKKgUW+OSbvPbOn09s/6OdS38dKbn8Yd5o6rARWwriAy8Xr2 h0oRWVMFhJaCQcqDcmh95JapYWSy4R1id4Us9BTB5m06AlmYHa0mPr+ngYM+qWbeqVBF nXyxDCjU5WwXkx+Qx4risgo7Pda/EYuCz+TzO0p3qjF8iLB1NQE/z/+TH8e67l9e40hg nzlh6+tS6y5UAMQG1nfnwRqQR8iTkkyP/Lgxn2pC+GuDnfJwL9uSZT8oDEWpdvZL7krz oVE4PlAdGKtgG3b1VNhQQtlJn0MmRzXxDJROIy4LCSUpVcsD91vXuLy3EJrTNivWJOoE 3Sdg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=lvmCGUI+; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id 6-v6sor1685824wma.24.2018.11.06.09.31.15 for (Google Transport Security); Tue, 06 Nov 2018 09:31:15 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=lvmCGUI+; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=8r2DFMCmgv2dbc3cAFakXBt3nELpcd/DvTnHXWqU0so=; b=lvmCGUI+87O0ce35KSXHBahMKJ94XjvOa/lc1RzDbLGdAMVgMJf/dEKG+kDc4wjr/N SH5DgfCv1uex78tmHBn1CeQ5oQRZiRfXq/oKbb7MwNqgo7XFo3Ij8Xt2OkMIZcBGxroH Z/00EW3ffnxNitl5dpxL53MIFDWucsW4MYcyodfy1MDGc5Z22Ei6D6VBvF1sAl+/TYWN ijYS5Ns+oGXcEid8nTSC8bHf98JDq+0qw+Nb2NvtyLZwfcOpsuogr4u5sZiBj622KHoW uxrlLbnWhzVexMHZMYlJhh+n7eisaAq6BmCE62Q7AbeW/FS0QBTGrwU+FaWIrry5HC16 rLEg== X-Google-Smtp-Source: AJdET5esDe6ZtATwtaDTsbSQ9FhotCf4hRaEsVPOy3OZwBrbEtOas7y6YubwybzaHKnZJ0hspUDlEg== X-Received: by 2002:a1c:a141:: with SMTP id k62-v6mr2678368wme.68.1541525474870; Tue, 06 Nov 2018 09:31:14 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.31.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:31:14 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 20/22] kasan: add __must_check annotations to kasan hooks Date: Tue, 6 Nov 2018 18:30:35 +0100 Message-Id: X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP This patch adds __must_check annotations to kasan hooks that return a pointer to make sure that a tagged pointer always gets propagated. Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 16 ++++++++++------ mm/kasan/common.c | 14 ++++++++------ 2 files changed, 18 insertions(+), 12 deletions(-) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index d5a2a7f1f72c..a8ee04b3d1c1 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -49,16 +49,20 @@ void kasan_cache_create(struct kmem_cache *cache, unsigned int *size, void kasan_poison_slab(struct page *page); void kasan_unpoison_object_data(struct kmem_cache *cache, void *object); void kasan_poison_object_data(struct kmem_cache *cache, void *object); -void *kasan_init_slab_obj(struct kmem_cache *cache, const void *object); +void * __must_check kasan_init_slab_obj(struct kmem_cache *cache, + const void *object); -void *kasan_kmalloc_large(const void *ptr, size_t size, gfp_t flags); +void * __must_check kasan_kmalloc_large(const void *ptr, size_t size, + gfp_t flags); void kasan_kfree_large(void *ptr, unsigned long ip); void kasan_poison_kfree(void *ptr, unsigned long ip); -void *kasan_kmalloc(struct kmem_cache *s, const void *object, size_t size, - gfp_t flags); -void *kasan_krealloc(const void *object, size_t new_size, gfp_t flags); +void * __must_check kasan_kmalloc(struct kmem_cache *s, const void *object, + size_t size, gfp_t flags); +void * __must_check kasan_krealloc(const void *object, size_t new_size, + gfp_t flags); -void *kasan_slab_alloc(struct kmem_cache *s, void *object, gfp_t flags); +void * __must_check kasan_slab_alloc(struct kmem_cache *s, void *object, + gfp_t flags); bool kasan_slab_free(struct kmem_cache *s, void *object, unsigned long ip); struct kasan_cache { diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 195ca385cf7a..ba8e78eb0c67 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -373,7 +373,7 @@ static u8 assign_tag(struct kmem_cache *cache, const void *object, bool new) #endif } -void *kasan_init_slab_obj(struct kmem_cache *cache, const void *object) +void * __must_check kasan_init_slab_obj(struct kmem_cache *cache, const void *object) { struct kasan_alloc_meta *alloc_info; @@ -389,7 +389,8 @@ void *kasan_init_slab_obj(struct kmem_cache *cache, const void *object) return (void *)object; } -void *kasan_slab_alloc(struct kmem_cache *cache, void *object, gfp_t flags) +void * __must_check kasan_slab_alloc(struct kmem_cache *cache, void *object, + gfp_t flags) { return kasan_kmalloc(cache, object, cache->object_size, flags); } @@ -449,8 +450,8 @@ bool kasan_slab_free(struct kmem_cache *cache, void *object, unsigned long ip) return __kasan_slab_free(cache, object, ip, true); } -void *kasan_kmalloc(struct kmem_cache *cache, const void *object, size_t size, - gfp_t flags) +void * __must_check kasan_kmalloc(struct kmem_cache *cache, const void *object, + size_t size, gfp_t flags) { unsigned long redzone_start; unsigned long redzone_end; @@ -482,7 +483,8 @@ void *kasan_kmalloc(struct kmem_cache *cache, const void *object, size_t size, } EXPORT_SYMBOL(kasan_kmalloc); -void *kasan_kmalloc_large(const void *ptr, size_t size, gfp_t flags) +void * __must_check kasan_kmalloc_large(const void *ptr, size_t size, + gfp_t flags) { struct page *page; unsigned long redzone_start; @@ -506,7 +508,7 @@ void *kasan_kmalloc_large(const void *ptr, size_t size, gfp_t flags) return (void *)ptr; } -void *kasan_krealloc(const void *object, size_t size, gfp_t flags) +void * __must_check kasan_krealloc(const void *object, size_t size, gfp_t flags) { struct page *page; From patchwork Tue Nov 6 17:30:36 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10671003 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 15F6615E9 for ; Tue, 6 Nov 2018 17:32:10 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F27672ABF8 for ; Tue, 6 Nov 2018 17:32:09 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E473B2AC07; Tue, 6 Nov 2018 17:32:09 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BF7162ABFD for ; Tue, 6 Nov 2018 17:32:07 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 10EC96B037C; Tue, 6 Nov 2018 12:31:20 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 0C38B6B037F; Tue, 6 Nov 2018 12:31:20 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E7C216B0380; Tue, 6 Nov 2018 12:31:19 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) by kanga.kvack.org (Postfix) with ESMTP id 7D2AD6B037C for ; Tue, 6 Nov 2018 12:31:19 -0500 (EST) Received: by mail-wr1-f69.google.com with SMTP id h2-v6so12440251wrr.4 for ; Tue, 06 Nov 2018 09:31:19 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=Hwymx1eY66CSEa1IRo3idGCRJraHeTFvcCQT19yjRsI=; b=QHsrfRnUKXY2UyOtVLeSflF8Q6mBoa1KmFHXSNLwIty9zgn6yLbVWjfyoBe4msNpAw JlY+KlZ2REBWKNkf6POz2fEyh6FyrIJplFrRM9HkXM8TaMuuQ+xZGPE7lB647xrgi9nS 92kFL0H35mX7iDgEIWhJtUMlCC3wPRV7Sq9RPJ4xLs885FkZwfVy7xohiw20oEkd/Dcl Np0Kq6xtCv0MSoJ3GpQvqEMdTDdYRl5z17OJexTlq5yLlFcpyMMdTqNYI84XnLU7Sa3q HgsC+hkE+XOaXOaup55h0B/fOwreKlAXogtk9KxdpWjFuCa5JbVJW8hdDlftth2b+f9d gZjg== X-Gm-Message-State: AGRZ1gJrflgVmS2GH+/qGJelMqL/uzuZxrdoVNwdxL0ZjRJDOxcPIyAU T/T9spircxB+0hmNlHrYFKHIYEN/QXPPgsK/gs2rLCoi0kJbmat+oA7A6jNQGb1cEjiMRYsSyR0 WU4KEoW1MF99AQ+87kVzU9sAslPG89KW57yd97wFo+Y9JF9Ek+fpB9O/hDdTgipHjSJLaQXV+XH f4+OmuhkP86lHeuI6OcEM80Hes2z6w6RFt/VJTfuX6VBz9fpPO+P3DbUCAPZGgeoyyjIDOtx18f ifOrj2adTLyEs1VG27CzFgFT1QL3D1A2PxEFnzjB4Q0A7cQROBCzkQloSc5Re7yiJYxHdmAxT0I JNHMPC7VdPMqUJEiSMBhb+3kbbKQUyHroGttaizVHCCZbSUepkmfsS9OdYD97Y4MJy7XLgyOrDY n X-Received: by 2002:a1c:3954:: with SMTP id g81-v6mr2618911wma.139.1541525478957; Tue, 06 Nov 2018 09:31:18 -0800 (PST) X-Received: by 2002:a1c:3954:: with SMTP id g81-v6mr2618835wma.139.1541525477363; Tue, 06 Nov 2018 09:31:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525477; cv=none; d=google.com; s=arc-20160816; b=FmhlYQ2HR5+fiht6B1PxxWg39t/CyjmKx7B+4U1Bg3MfoZzDWZ92q66H6fhRn9D5TK y2ql9fVyNin/EPHWNcYCqyBVK1pVq5D8elCv6IEmsWVze2ZAnZfaAqzDSL5J6oZiG8Rr biKZBX1LvNRLPCSPOmXBbjyV1PlTrpsjwIyMgh5JxKlQnB8VjE5StncnVWvQbBiX4UXc ATYssIJfIYlXtmillc6KDN1ufxmGAJC+0+YIxqlwH7qnUo1q3geQaxHAJL/7gSBuep2F x3u/FPP1nugHUoN0OF8nItDNpG3Lqb5AfSbkvCi6uFCdn1a8ffs8eBM2FVpWHy+FHcQU mI4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=Hwymx1eY66CSEa1IRo3idGCRJraHeTFvcCQT19yjRsI=; b=jpBocbAg8jMUxqmtyjwQQXxrM9qp3AZcY2WSBgYH2UQEK40A+kO49pbfHedtjveVdD 27hgKCLLrCn76Uv6qMAw1ezD9Bs5kqW+BZh6q+bKztKwvf39L1IpwJKV3exc6fbo7cdo JNGMFW3MgzP2WSyTC+EQxrDEM0R9twlwYNngU+CDULCn0nH5UbWJXtlD+Nn/wpYXLrr7 g1M0RkTvE3DYLtwZYpjRGFLksRTFYhpy2J/zSUObuWmz6YO3HgW64OJZv0K7OQjCoBTK WukE8xyTcbboMPfTziFS1/kp7D+gcvrxWTizmisaia7O4COYnvuQupNHW67pFCK35zH5 uelg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="Ui/K++Kd"; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id v18-v6sor29953987wrt.49.2018.11.06.09.31.17 for (Google Transport Security); Tue, 06 Nov 2018 09:31:17 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="Ui/K++Kd"; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Hwymx1eY66CSEa1IRo3idGCRJraHeTFvcCQT19yjRsI=; b=Ui/K++Kd/6um/cgK/an5Gp4OdPgYdT3J5Bs8OAR2uHuSGrMyL0XeW+kODasC6CRS4B 41IyPMwkdMxtGd6bXCD+ejoeWNWS41Xb24MjBhaWm6Fz9J07+X+lMt7MWg50e+uSKZrN tZiWkKU9Ij+oP0yoqGfFCIgGT//MR0NwlxE+gNF6bTbwPybO39cm+jZh6gubgO7agsU6 hrO9n3tbs6Rnj606q/rybSBjxFKghBehPHFIJIGTOHJQ6fdvpVnNNFo4VxU570ljj9aB ueQV6q3fdxdFCFAK1RhY+rReXve0NhK5DsBUuaaPXmDlUtguL+1s1OYCjPoQOhFzmxSU OaQQ== X-Google-Smtp-Source: AJdET5eKrMDNQKavrE9GjLOkKpGsflW3P015WGYJa4zopxFK5MKjuPzC7YFr4fb7kEhzuUTU6Rg6Qg== X-Received: by 2002:adf:fb89:: with SMTP id a9-v6mr22849343wrr.219.1541525476510; Tue, 06 Nov 2018 09:31:16 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.31.14 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:31:15 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 21/22] kasan: update documentation Date: Tue, 6 Nov 2018 18:30:36 +0100 Message-Id: <30ab7eb70ec3ea58d060a950f9a0efc773b1ee7f.1541525354.git.andreyknvl@google.com> X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP This patch updates KASAN documentation to reflect the addition of the new tag-based mode. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- Documentation/dev-tools/kasan.rst | 232 ++++++++++++++++++------------ 1 file changed, 138 insertions(+), 94 deletions(-) diff --git a/Documentation/dev-tools/kasan.rst b/Documentation/dev-tools/kasan.rst index aabc8738b3d8..33ea45932786 100644 --- a/Documentation/dev-tools/kasan.rst +++ b/Documentation/dev-tools/kasan.rst @@ -4,15 +4,25 @@ The Kernel Address Sanitizer (KASAN) Overview -------- -KernelAddressSANitizer (KASAN) is a dynamic memory error detector. It provides -a fast and comprehensive solution for finding use-after-free and out-of-bounds -bugs. +KernelAddressSANitizer (KASAN) is a dynamic memory error detector designed to +find out-of-bound and use-after-free bugs. KASAN has two modes: generic KASAN +(similar to userspace ASan) and software tag-based KASAN (similar to userspace +HWASan). -KASAN uses compile-time instrumentation for checking every memory access, -therefore you will need a GCC version 4.9.2 or later. GCC 5.0 or later is -required for detection of out-of-bounds accesses to stack or global variables. +KASAN uses compile-time instrumentation to insert validity checks before every +memory access, and therefore requires a compiler version that supports that. -Currently KASAN is supported only for the x86_64 and arm64 architectures. +Generic KASAN is supported in both GCC and Clang. With GCC it requires version +4.9.2 or later for basic support and version 5.0 or later for detection of +out-of-bounds accesses for stack and global variables and for inline +instrumentation mode (see the Usage section). With Clang it requires version +7.0.0 or later and it doesn't support detection of out-of-bounds accesses for +global variables yet. + +Tag-based KASAN is only supported in Clang and requires version 7.0.0 or later. + +Currently generic KASAN is supported for the x86_64, arm64 and xtensa +architectures, and tag-based KASAN is supported only for arm64. Usage ----- @@ -21,12 +31,14 @@ To enable KASAN configure kernel with:: CONFIG_KASAN = y -and choose between CONFIG_KASAN_OUTLINE and CONFIG_KASAN_INLINE. Outline and -inline are compiler instrumentation types. The former produces smaller binary -the latter is 1.1 - 2 times faster. Inline instrumentation requires a GCC -version 5.0 or later. +and choose between CONFIG_KASAN_GENERIC (to enable generic KASAN) and +CONFIG_KASAN_SW_TAGS (to enable software tag-based KASAN). -KASAN works with both SLUB and SLAB memory allocators. +You also need to choose between CONFIG_KASAN_OUTLINE and CONFIG_KASAN_INLINE. +Outline and inline are compiler instrumentation types. The former produces +smaller binary while the latter is 1.1 - 2 times faster. + +Both KASAN modes work with both SLUB and SLAB memory allocators. For better bug detection and nicer reporting, enable CONFIG_STACKTRACE. To disable instrumentation for specific files or directories, add a line @@ -43,85 +55,85 @@ similar to the following to the respective kernel Makefile: Error reports ~~~~~~~~~~~~~ -A typical out of bounds access report looks like this:: +A typical out-of-bounds access generic KASAN report looks like this:: ================================================================== - BUG: AddressSanitizer: out of bounds access in kmalloc_oob_right+0x65/0x75 [test_kasan] at addr ffff8800693bc5d3 - Write of size 1 by task modprobe/1689 - ============================================================================= - BUG kmalloc-128 (Not tainted): kasan error - ----------------------------------------------------------------------------- - - Disabling lock debugging due to kernel taint - INFO: Allocated in kmalloc_oob_right+0x3d/0x75 [test_kasan] age=0 cpu=0 pid=1689 - __slab_alloc+0x4b4/0x4f0 - kmem_cache_alloc_trace+0x10b/0x190 - kmalloc_oob_right+0x3d/0x75 [test_kasan] - init_module+0x9/0x47 [test_kasan] - do_one_initcall+0x99/0x200 - load_module+0x2cb3/0x3b20 - SyS_finit_module+0x76/0x80 - system_call_fastpath+0x12/0x17 - INFO: Slab 0xffffea0001a4ef00 objects=17 used=7 fp=0xffff8800693bd728 flags=0x100000000004080 - INFO: Object 0xffff8800693bc558 @offset=1368 fp=0xffff8800693bc720 - - Bytes b4 ffff8800693bc548: 00 00 00 00 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ........ZZZZZZZZ - Object ffff8800693bc558: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk - Object ffff8800693bc568: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk - Object ffff8800693bc578: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk - Object ffff8800693bc588: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk - Object ffff8800693bc598: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk - Object ffff8800693bc5a8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk - Object ffff8800693bc5b8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk - Object ffff8800693bc5c8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b a5 kkkkkkkkkkkkkkk. - Redzone ffff8800693bc5d8: cc cc cc cc cc cc cc cc ........ - Padding ffff8800693bc718: 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZ - CPU: 0 PID: 1689 Comm: modprobe Tainted: G B 3.18.0-rc1-mm1+ #98 - Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014 - ffff8800693bc000 0000000000000000 ffff8800693bc558 ffff88006923bb78 - ffffffff81cc68ae 00000000000000f3 ffff88006d407600 ffff88006923bba8 - ffffffff811fd848 ffff88006d407600 ffffea0001a4ef00 ffff8800693bc558 + BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0xa8/0xbc [test_kasan] + Write of size 1 at addr ffff8801f44ec37b by task insmod/2760 + + CPU: 1 PID: 2760 Comm: insmod Not tainted 4.19.0-rc3+ #698 + Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014 Call Trace: - [] dump_stack+0x46/0x58 - [] print_trailer+0xf8/0x160 - [] ? kmem_cache_oob+0xc3/0xc3 [test_kasan] - [] object_err+0x35/0x40 - [] ? kmalloc_oob_right+0x65/0x75 [test_kasan] - [] kasan_report_error+0x38a/0x3f0 - [] ? kasan_poison_shadow+0x2f/0x40 - [] ? kasan_unpoison_shadow+0x14/0x40 - [] ? kasan_poison_shadow+0x2f/0x40 - [] ? kmem_cache_oob+0xc3/0xc3 [test_kasan] - [] __asan_store1+0x75/0xb0 - [] ? kmem_cache_oob+0x1d/0xc3 [test_kasan] - [] ? kmalloc_oob_right+0x65/0x75 [test_kasan] - [] kmalloc_oob_right+0x65/0x75 [test_kasan] - [] init_module+0x9/0x47 [test_kasan] - [] do_one_initcall+0x99/0x200 - [] ? __vunmap+0xec/0x160 - [] load_module+0x2cb3/0x3b20 - [] ? m_show+0x240/0x240 - [] SyS_finit_module+0x76/0x80 - [] system_call_fastpath+0x12/0x17 + dump_stack+0x94/0xd8 + print_address_description+0x73/0x280 + kasan_report+0x144/0x187 + __asan_report_store1_noabort+0x17/0x20 + kmalloc_oob_right+0xa8/0xbc [test_kasan] + kmalloc_tests_init+0x16/0x700 [test_kasan] + do_one_initcall+0xa5/0x3ae + do_init_module+0x1b6/0x547 + load_module+0x75df/0x8070 + __do_sys_init_module+0x1c6/0x200 + __x64_sys_init_module+0x6e/0xb0 + do_syscall_64+0x9f/0x2c0 + entry_SYSCALL_64_after_hwframe+0x44/0xa9 + RIP: 0033:0x7f96443109da + RSP: 002b:00007ffcf0b51b08 EFLAGS: 00000202 ORIG_RAX: 00000000000000af + RAX: ffffffffffffffda RBX: 000055dc3ee521a0 RCX: 00007f96443109da + RDX: 00007f96445cff88 RSI: 0000000000057a50 RDI: 00007f9644992000 + RBP: 000055dc3ee510b0 R08: 0000000000000003 R09: 0000000000000000 + R10: 00007f964430cd0a R11: 0000000000000202 R12: 00007f96445cff88 + R13: 000055dc3ee51090 R14: 0000000000000000 R15: 0000000000000000 + + Allocated by task 2760: + save_stack+0x43/0xd0 + kasan_kmalloc+0xa7/0xd0 + kmem_cache_alloc_trace+0xe1/0x1b0 + kmalloc_oob_right+0x56/0xbc [test_kasan] + kmalloc_tests_init+0x16/0x700 [test_kasan] + do_one_initcall+0xa5/0x3ae + do_init_module+0x1b6/0x547 + load_module+0x75df/0x8070 + __do_sys_init_module+0x1c6/0x200 + __x64_sys_init_module+0x6e/0xb0 + do_syscall_64+0x9f/0x2c0 + entry_SYSCALL_64_after_hwframe+0x44/0xa9 + + Freed by task 815: + save_stack+0x43/0xd0 + __kasan_slab_free+0x135/0x190 + kasan_slab_free+0xe/0x10 + kfree+0x93/0x1a0 + umh_complete+0x6a/0xa0 + call_usermodehelper_exec_async+0x4c3/0x640 + ret_from_fork+0x35/0x40 + + The buggy address belongs to the object at ffff8801f44ec300 + which belongs to the cache kmalloc-128 of size 128 + The buggy address is located 123 bytes inside of + 128-byte region [ffff8801f44ec300, ffff8801f44ec380) + The buggy address belongs to the page: + page:ffffea0007d13b00 count:1 mapcount:0 mapping:ffff8801f7001640 index:0x0 + flags: 0x200000000000100(slab) + raw: 0200000000000100 ffffea0007d11dc0 0000001a0000001a ffff8801f7001640 + raw: 0000000000000000 0000000080150015 00000001ffffffff 0000000000000000 + page dumped because: kasan: bad access detected + Memory state around the buggy address: - ffff8800693bc300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc - ffff8800693bc380: fc fc 00 00 00 00 00 00 00 00 00 00 00 00 00 fc - ffff8800693bc400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc - ffff8800693bc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc - ffff8800693bc500: fc fc fc fc fc fc fc fc fc fc fc 00 00 00 00 00 - >ffff8800693bc580: 00 00 00 00 00 00 00 00 00 00 03 fc fc fc fc fc - ^ - ffff8800693bc600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc - ffff8800693bc680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc - ffff8800693bc700: fc fc fc fc fb fb fb fb fb fb fb fb fb fb fb fb - ffff8800693bc780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb - ffff8800693bc800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb + ffff8801f44ec200: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb + ffff8801f44ec280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc + >ffff8801f44ec300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 + ^ + ffff8801f44ec380: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb + ffff8801f44ec400: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc ================================================================== -The header of the report discribe what kind of bug happened and what kind of -access caused it. It's followed by the description of the accessed slub object -(see 'SLUB Debug output' section in Documentation/vm/slub.rst for details) and -the description of the accessed memory page. +The header of the report provides a short summary of what kind of bug happened +and what kind of access caused it. It's followed by a stack trace of the bad +access, a stack trace of where the accessed memory was allocated (in case bad +access happens on a slab object), and a stack trace of where the object was +freed (in case of a use-after-free bug report). Next comes a description of +the accessed slab object and information about the accessed memory page. In the last section the report shows memory state around the accessed address. Reading this part requires some understanding of how KASAN works. @@ -138,18 +150,24 @@ inaccessible memory like redzones or freed memory (see mm/kasan/kasan.h). In the report above the arrows point to the shadow byte 03, which means that the accessed address is partially accessible. +For tag-based KASAN this last report section shows the memory tags around the +accessed address (see Implementation details section). + Implementation details ---------------------- +Generic KASAN +~~~~~~~~~~~~~ + From a high level, our approach to memory error detection is similar to that of kmemcheck: use shadow memory to record whether each byte of memory is safe -to access, and use compile-time instrumentation to check shadow memory on each -memory access. +to access, and use compile-time instrumentation to insert checks of shadow +memory on each memory access. -AddressSanitizer dedicates 1/8 of kernel memory to its shadow memory -(e.g. 16TB to cover 128TB on x86_64) and uses direct mapping with a scale and -offset to translate a memory address to its corresponding shadow address. +Generic KASAN dedicates 1/8th of kernel memory to its shadow memory (e.g. 16TB +to cover 128TB on x86_64) and uses direct mapping with a scale and offset to +translate a memory address to its corresponding shadow address. Here is the function which translates an address to its corresponding shadow address:: @@ -162,12 +180,38 @@ address:: where ``KASAN_SHADOW_SCALE_SHIFT = 3``. -Compile-time instrumentation used for checking memory accesses. Compiler inserts -function calls (__asan_load*(addr), __asan_store*(addr)) before each memory -access of size 1, 2, 4, 8 or 16. These functions check whether memory access is -valid or not by checking corresponding shadow memory. +Compile-time instrumentation is used to insert memory access checks. Compiler +inserts function calls (__asan_load*(addr), __asan_store*(addr)) before each +memory access of size 1, 2, 4, 8 or 16. These functions check whether memory +access is valid or not by checking corresponding shadow memory. GCC 5.0 has possibility to perform inline instrumentation. Instead of making function calls GCC directly inserts the code to check the shadow memory. This option significantly enlarges kernel but it gives x1.1-x2 performance boost over outline instrumented kernel. + +Software tag-based KASAN +~~~~~~~~~~~~~~~~~~~~~~~~ + +Tag-based KASAN uses the Top Byte Ignore (TBI) feature of modern arm64 CPUs to +store a pointer tag in the top byte of kernel pointers. Like generic KASAN it +uses shadow memory to store memory tags associated with each 16-byte memory +cell (therefore it dedicates 1/16th of the kernel memory for shadow memory). + +On each memory allocation tag-based KASAN generates a random tag, tags the +allocated memory with this tag, and embeds this tag into the returned pointer. +Software tag-based KASAN uses compile-time instrumentation to insert checks +before each memory access. These checks make sure that tag of the memory that +is being accessed is equal to tag of the pointer that is used to access this +memory. In case of a tag mismatch tag-based KASAN prints a bug report. + +Software tag-based KASAN also has two instrumentation modes (outline, that +emits callbacks to check memory accesses; and inline, that performs the shadow +memory checks inline). With outline instrumentation mode, a bug report is +simply printed from the function that performs the access check. With inline +instrumentation a brk instruction is emitted by the compiler, and a dedicated +brk handler is used to print bug reports. + +A potential expansion of this mode is a hardware tag-based mode, which would +use hardware memory tagging support instead of compiler instrumentation and +manual shadow memory manipulation. From patchwork Tue Nov 6 17:30:37 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Konovalov X-Patchwork-Id: 10671007 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0C97815E9 for ; Tue, 6 Nov 2018 17:32:14 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E722D2ABA2 for ; Tue, 6 Nov 2018 17:32:13 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id DA6722AC09; Tue, 6 Nov 2018 17:32:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, USER_IN_DEF_DKIM_WL autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C28202ABF3 for ; Tue, 6 Nov 2018 17:32:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E07DD6B037F; Tue, 6 Nov 2018 12:31:20 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id DB7EB6B0381; Tue, 6 Nov 2018 12:31:20 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C31266B0383; Tue, 6 Nov 2018 12:31:20 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by kanga.kvack.org (Postfix) with ESMTP id 6C4C96B037F for ; Tue, 6 Nov 2018 12:31:20 -0500 (EST) Received: by mail-wm1-f70.google.com with SMTP id y131-v6so11399874wmd.5 for ; Tue, 06 Nov 2018 09:31:20 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=q4o8exiQBKau6iooYTaDH8bmw+ZT5dGH7bl67H/BJS4=; b=S1s/JrNByaBk3Z/75iU7VJ4eSC71CflyLmqumROUcgQqZDsYLYj6XHtTjLPYrsotLc LXU6FUBh5S3jdrX8qYQDn19FWKBLRW5EZryO47Ej9Fa744IUVZcoL89J3O3hi2NDodjl IE4P1SRNJrNQgyOngj/yHiCvDexVuwpYzzuE8leZvGwnPa21QxNhhnquLtfxxmuPcLcl Tsk6sVBuMiBjj/hUv4dQ6nBfOdZ8vDO0bI7hNiuTOpoVT2mSLc7oxmyvlGTDdhTnELSY xJd/RU7t3F8gZt0SgSiDzuEnj+rcviThfJT8QAXZKiQPupCxDvM5DLmcMHwyFOsZVONu MTLg== X-Gm-Message-State: AGRZ1gK8XgXZr8omGCqr7s08Zw3kxwvZTy0XKaGZtS/RnIf5jlQs+W3C 9yeDkY29iqxuVjyoP+iL691e16epjMOrRF0mu0DAb96R1evEEED1wteyQ4QQMNhFdAIMOfXWeN3 yjUEPqs5dNS/rbiP1k63CLsbUrZr1YhIWXHUMXaRRSlZVSmY7h/mqdr8MF4rify6vMSoQx0PAgQ oDVbXQacLEcw+6pPHu5NezbpPTwer/nEIpwA7xPTbwoIDlfNhUybBPftTbCKxDkv+PN4NiuytKT NxJ/ar7Xqy3P8Oqye/brtDeS/2T6IMhHLz67pyMGf9h8Zi7G/ZHThMxfTzuJrnMBfdfxn9NLh9Y gAE9Yu5u8+GVa16FOYtBKnK4/3cTfVj0ySiT5yhDxIILe7Y2WeAtwqwXsPhmqtlj7JwEdllOfRZ T X-Received: by 2002:a1c:410a:: with SMTP id o10-v6mr2786127wma.19.1541525479940; Tue, 06 Nov 2018 09:31:19 -0800 (PST) X-Received: by 2002:a1c:410a:: with SMTP id o10-v6mr2786052wma.19.1541525478652; Tue, 06 Nov 2018 09:31:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541525478; cv=none; d=google.com; s=arc-20160816; b=k2KQWXvd/+I4ikb7ABSF/ZXeyrOzINH11OP8a6uspvov+mnmb8HZ9t3byepA2dj7Tc KqyCs2vWCn0bRRH1FmHJfOxnDHl57D1gKbdnVHmuG097ww4dvsI4e7tn8girojNKj6I1 cTDOeRxkWiOF9ryo3RKBNSn6Z/1vPndikNYHwvnqkT9ypLctZsBQc9/XyLcavuLpb6O9 Vu7hJl6KeD0qMQZ8dq2Daer3l6guS4Qi+ZhLiHwpIORiYsndAl2d4X6xdevMlpmSwJ0D S00MP9d6C3P4N3+azS2VZrxXsFaM7IWwITn8JHCmoqaizvrs3YHNz08++Yk/sx3ZCyLJ 50dA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=q4o8exiQBKau6iooYTaDH8bmw+ZT5dGH7bl67H/BJS4=; b=qpUUuzTGTSW2meix6bDKBQ/r3jda86sbWT0K+xNDETh09D0YDOT7Z9rGK/uFr1t2DN husn6G8INI3lWZRtovD5OrNrqhufyxJO5rzsOqU2j4z5E5JQ5hdhfuMSPoqArljtxVVY R2VjYAmHqOXbSJgj+jRNlX27ndl+AaxHGfXbg1qcakEgPIPjS7l4PFLGNh8ICfeBHjFy 7dkoQCeK6eKE4DP64OporTjr4nigYcve2RUQaPhku7IOjqYRV0bJWSvIoqDVVURxlbcD vXQS0YZKddKUU0X4/hb3YP78CNF95z9A47d9+SrMesjWOk/WWdJusNHnlMoszQVMWqk9 g+CQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=pjOlQGmn; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from mail-sor-f41.google.com (mail-sor-f41.google.com. [209.85.220.41]) by mx.google.com with SMTPS id h2-v6sor3576124wrs.25.2018.11.06.09.31.18 for (Google Transport Security); Tue, 06 Nov 2018 09:31:18 -0800 (PST) Received-SPF: pass (google.com: domain of andreyknvl@google.com designates 209.85.220.41 as permitted sender) client-ip=209.85.220.41; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=pjOlQGmn; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=q4o8exiQBKau6iooYTaDH8bmw+ZT5dGH7bl67H/BJS4=; b=pjOlQGmng5AQbgrOeljht9fKuS/AbgbuIwInct4XtwaX0FGrLIk4sdrp+l7h1BNiVP RGWfmuQzEL333kZYuqWJzM5wEnwTB759iTryVJZyniN8ICxMpR1XYbuhKv+dMeniF6Yu 2if5wtcz8Hb9Sq6QluaC/7Vhd6BzU3prP7tnCg41OXd3hjKeLBdA6AB+Ux08ARPTqU7N Lr8yc+HfGaOIYHHPryS0FFUt7IKOp7h9cncsSRhaJUYEna2SSfy8vGVMEyZnT6sM8rTz 8ZnfTURk1AZ2qMaI3+k5VjITniNz84omXFQHR2I1/W8vAIIG0Bbm7MnDs4iqnoWFk8sk MgCg== X-Google-Smtp-Source: AJdET5cnZGonXSXakMraBRh25GWAY9gmuWxZxFml17bUm5QcEtm0wa9s8t97xb/b3+ln2Z/mjVgYow== X-Received: by 2002:a5d:6489:: with SMTP id r9-v6mr22507193wru.92.1541525478192; Tue, 06 Nov 2018 09:31:18 -0800 (PST) Received: from andreyknvl0.muc.corp.google.com ([2a00:79e0:15:10:84be:a42a:826d:c530]) by smtp.gmail.com with ESMTPSA id z17-v6sm16328416wrm.65.2018.11.06.09.31.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Nov 2018 09:31:17 -0800 (PST) From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Will Deacon , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A . Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan , Andrey Konovalov Subject: [PATCH v10 22/22] kasan: add SPDX-License-Identifier mark to source files Date: Tue, 6 Nov 2018 18:30:37 +0100 Message-Id: X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog In-Reply-To: References: MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP This patch adds a "SPDX-License-Identifier: GPL-2.0" mark to all source files under mm/kasan. Reviewed-by: Andrey Ryabinin Reviewed-by: Dmitry Vyukov Signed-off-by: Andrey Konovalov --- mm/kasan/common.c | 1 + mm/kasan/generic.c | 1 + mm/kasan/generic_report.c | 1 + mm/kasan/init.c | 1 + mm/kasan/quarantine.c | 1 + mm/kasan/report.c | 1 + mm/kasan/tags.c | 1 + mm/kasan/tags_report.c | 1 + 8 files changed, 8 insertions(+) diff --git a/mm/kasan/common.c b/mm/kasan/common.c index ba8e78eb0c67..6628a9f0c03f 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -1,3 +1,4 @@ +// SPDX-License-Identifier: GPL-2.0 /* * This file contains common generic and tag-based KASAN code. * diff --git a/mm/kasan/generic.c b/mm/kasan/generic.c index b8de6d33c55c..ccb6207276e3 100644 --- a/mm/kasan/generic.c +++ b/mm/kasan/generic.c @@ -1,3 +1,4 @@ +// SPDX-License-Identifier: GPL-2.0 /* * This file contains core generic KASAN code. * diff --git a/mm/kasan/generic_report.c b/mm/kasan/generic_report.c index a4604cceae59..5e12035888f2 100644 --- a/mm/kasan/generic_report.c +++ b/mm/kasan/generic_report.c @@ -1,3 +1,4 @@ +// SPDX-License-Identifier: GPL-2.0 /* * This file contains generic KASAN specific error reporting code. * diff --git a/mm/kasan/init.c b/mm/kasan/init.c index c7550eb65922..3730a172946b 100644 --- a/mm/kasan/init.c +++ b/mm/kasan/init.c @@ -1,3 +1,4 @@ +// SPDX-License-Identifier: GPL-2.0 /* * This file contains some kasan initialization code. * diff --git a/mm/kasan/quarantine.c b/mm/kasan/quarantine.c index b209dbaefde8..57334ef2d7ef 100644 --- a/mm/kasan/quarantine.c +++ b/mm/kasan/quarantine.c @@ -1,3 +1,4 @@ +// SPDX-License-Identifier: GPL-2.0 /* * KASAN quarantine. * diff --git a/mm/kasan/report.c b/mm/kasan/report.c index 214d85035f99..ca9418fe9232 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -1,3 +1,4 @@ +// SPDX-License-Identifier: GPL-2.0 /* * This file contains common generic and tag-based KASAN error reporting code. * diff --git a/mm/kasan/tags.c b/mm/kasan/tags.c index a3cca11e4fed..7b7c21d40851 100644 --- a/mm/kasan/tags.c +++ b/mm/kasan/tags.c @@ -1,3 +1,4 @@ +// SPDX-License-Identifier: GPL-2.0 /* * This file contains core tag-based KASAN code. * diff --git a/mm/kasan/tags_report.c b/mm/kasan/tags_report.c index 573c51d20d09..8eaf5f722271 100644 --- a/mm/kasan/tags_report.c +++ b/mm/kasan/tags_report.c @@ -1,3 +1,4 @@ +// SPDX-License-Identifier: GPL-2.0 /* * This file contains tag-based KASAN specific error reporting code. *