From patchwork Tue Sep 17 20:18:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sabyrzhan Tasbolatov X-Patchwork-Id: 13806443 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6D0D3CAC59E for ; Tue, 17 Sep 2024 20:18:29 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A99E86B0082; Tue, 17 Sep 2024 16:18:28 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A4A276B0083; Tue, 17 Sep 2024 16:18:28 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8EA0B6B0085; Tue, 17 Sep 2024 16:18:28 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 70C7E6B0082 for ; Tue, 17 Sep 2024 16:18:28 -0400 (EDT) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 1B77AA0276 for ; Tue, 17 Sep 2024 20:18:28 +0000 (UTC) X-FDA: 82575342696.06.9C492B5 Received: from mail-lj1-f177.google.com (mail-lj1-f177.google.com [209.85.208.177]) by imf06.hostedemail.com (Postfix) with ESMTP id 3BD9D180006 for ; Tue, 17 Sep 2024 20:18:25 +0000 (UTC) Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=kaACgFel; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf06.hostedemail.com: domain of snovitoll@gmail.com designates 209.85.208.177 as permitted sender) smtp.mailfrom=snovitoll@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1726604216; a=rsa-sha256; cv=none; b=ioQc5eq4UEdL6xAgDVeaRXR+LxUgaROruLRBzfGIltxYOnVw3OpMQPCRtwfd/aMwVo4xC4 5AhaCqUGfLfR6vz4oQzn0nt4SuCqTomHSCgFSQth9pwiG93sAQ2WwhpqA+1Aadl4tICpWs AKXdLXgTjl7IMKrxYtwKB7KMug+BSl4= ARC-Authentication-Results: i=1; imf06.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=kaACgFel; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf06.hostedemail.com: domain of snovitoll@gmail.com designates 209.85.208.177 as permitted sender) smtp.mailfrom=snovitoll@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1726604216; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=1KPVK8WDP2lu8d6Rf2OpDhu2yQ4Y7AWH6O/hGAY3qvM=; b=He1y/GtwJTkN1Lmeo/iWasirLkNHSvVZN1CMEg5silZ5/IuHppT62C8hnonabQsoW10JEH FnpcW1X5gfQhGOPXTEYZNfaoqSME1LPFmjYIMV61AlwzRKq6Jj+OCXV8RwfYUQ6dh+Hwi0 djJtPS9keHgDwVdhVlpjfa1Ikn+WTxo= Received: by mail-lj1-f177.google.com with SMTP id 38308e7fff4ca-2f74e468aa8so63831891fa.1 for ; Tue, 17 Sep 2024 13:18:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1726604304; x=1727209104; darn=kvack.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=1KPVK8WDP2lu8d6Rf2OpDhu2yQ4Y7AWH6O/hGAY3qvM=; b=kaACgFel09DfI0RxnZvvVgYu9pwyBVSRQyI+cXlJPWi0Gy69elec4cBCmFHL0uHQpt T0+tu52uCtmYetSb9sKFBHvu1qH6Q80ZLupnnmQgdJPyhlLaF2B6p6FgUBfaWMXvN2Sv DwKAfM72AJ1mKkwS+xEdU6XBCqkXyeu4faArNU97V0stqyk7Mcc2Qhrrty5qPWYJyhvQ 5p5apzNUXYdR3/xXCUPuLFQ0Wdtn5y49Ku5TiH1cHoMHEu1oyvuCHsi1fftVbRzN0NZ3 S6wgUNuAe+ELi+IlbT/cZ08xEQYay+7F1RorhOTm7PB1rqT2U6ckL6T8/8KN0uAPZchl 1nfA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1726604304; x=1727209104; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=1KPVK8WDP2lu8d6Rf2OpDhu2yQ4Y7AWH6O/hGAY3qvM=; b=iiXw+17C36BvdMqohtZqv3nm3+gCPYzVFiNL3uybRlqlEMcwOGgjFHW55rnUdW46ba /AiH8blk43MzTFLwKizSDvf+dR+EKQhv6wsd0Pk+RPP9nD8IIsUNcsxEJcIsdQ8sNQ4h uk/16SRoXgsBSRZR3SG1PcL3EIBD7Nu1Xu9IbdRX0dzmcd6QCGXVIKyLFpg+6wDZSsOl 5KsDm2t0MZCAd8mEcd8uTWAbpiNP7m8fI8O5cLf4fzrfdp0bOy8c55I5geEYTqQbU5g6 TuQFT1ssZN0x4jjLXcoF24wxb/u6aVvaS7nx8SYDDki6vBiECWDl1awxgO0u2pG2p+db rhhw== X-Forwarded-Encrypted: i=1; AJvYcCUq2JIxUi/iOOltImmq1m3WT0wLCORbPQdOVK2mFP2KqbCH1u1GEe90+nylsH2p+HFDWxubCLC16w==@kvack.org X-Gm-Message-State: AOJu0YwD6je5Z3W58HN3wuNSnr+saVo2NxURTTrgoTvJZlASFCGrm212 HJOVhyBYoz5b2eZDchFljwPOuxk5KRa5EVvyO/ashstpdbvcgG/v X-Google-Smtp-Source: AGHT+IE/VaOX6ysUN/MJb+7iEx7h2yL96iWAaz8lQ1zGBWntmQNzrmXsLhnEwB1lXy+RwG+r2chGOw== X-Received: by 2002:a2e:611a:0:b0:2f7:4c31:acae with SMTP id 38308e7fff4ca-2f787da5004mr82814691fa.2.1726604304078; Tue, 17 Sep 2024 13:18:24 -0700 (PDT) Received: from work.. (2.133.25.254.dynamic.telecom.kz. [2.133.25.254]) by smtp.gmail.com with ESMTPSA id 38308e7fff4ca-2f79d59b99bsm11668051fa.130.2024.09.17.13.18.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Sep 2024 13:18:23 -0700 (PDT) From: Sabyrzhan Tasbolatov To: tglx@linutronix.de, bp@alien8.de, glider@google.com, andreyknvl@gmail.com, akpm@linux-foundation.org Cc: mingo@redhat.com, dave.hansen@linux.intel.com, ryabinin.a.a@gmail.com, x86@kernel.org, hpa@zytor.com, dvyukov@google.com, vincenzo.frascino@arm.com, brauner@kernel.org, dhowells@redhat.com, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org, snovitoll@gmail.com Subject: [PATCH] mm: x86: instrument __get/__put_kernel_nofault Date: Wed, 18 Sep 2024 01:18:17 +0500 Message-Id: <20240917201817.657490-1-snovitoll@gmail.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 3BD9D180006 X-Stat-Signature: hf3fcgfqhiuzgesx3oejco9egjfdwh8e X-Rspam-User: X-HE-Tag: 1726604305-56273 X-HE-Meta: U2FsdGVkX1+RcvXSJHgrXu9hLwkBW4UHw+2l65jknvXP3G5rMTe9x3uaxs0vOdpJ2IQZ7BaJ9pcJdvQkLaxYsArVX7ENqAU+st91Lb/2nnbLUDWcOJBW87w3oOGQrK5rVN3npxsY+oirJL0EFJg+zTYa86kWqlooEzpzlmGndmimU5GwTiR67NEKWobiDVXTH02nKw5uT45mhcHUVu3qDm+bCRH995hE5XVZEnx0yyEXUrk77dsXI8Z+dGNgyO7Q/f2HAl3uyy5bQVAoZHRPtIIGM/IG7tDNLMDmtLSsdi899E6EABqGKfZHRnAZCij0pcZsr4TSaWgirJwwAgwK98adGOG9g1KhhWu6Eqhl8fTJsMpm2pl3XjvGd+QLjVhNhP/ttM/bN2OlEHO2URbKaoTU3FsdLRwLJlDrh5K0bC8L2vhHcUUngmvprbwavvjEkWGIeLfItSjJLjl8NbDAyWtfD0M33DYC0z3uWKGfyjOtSnxcjQXh23/pe8bNmkG0DAhxsn3xuABtLd/wka5EWflB2XqMN9sMTvFj6gHbrL8RTYKHyCFBuzUvFVaiessJ5GlRs1c9QfPxIHN9NaRHiMC22DBfaeeA029ZErzgFsMYOi1YASEUnC0PrI9JgCEeI4GIT+EK+vloy9wMACZHWS6YOoE7g/hLd5+/xoDLaeXS3Sb3JhBb7mf6bkMziRN5eHFuxeKNsazWdwWmPgU3h4GAroI+Ql2KkwnwmYFLqyXQ689QjYhwVm9tznnNOWSnNNZKlWI+6W7Vs9DwijZHNzH5WQjZJk5RRqf7Bk1ZRnN9svk4MSQ9N9a7pCWzjEXo08twLEBnYHhv43+AsVnBdssBXoYilJPeIZBilkDHwHJ/+ZN3twSXorlmPjzs/rl+J1ZYA7HtjnZtSHGVP26e3xwdESVdvvlFvZ3oFIprE40xu/7CzifZXmhkbpVLFy4Zln9HgTbe1HjUegiElXu GO4ds9oP LFn1Zvgo5x2Urhk9BK/WVnkshFbjGrwt4lWNeRPVto4B7qZ7w1xB4ImE8s7B/FNzFPODla6+OY0fIt55yR6ZXtD6+7aKSib37mo3r4HvANLFW0MaiLgDySCai6l6VJcs7nUHc2JNd3vBHFocAeOF7hjR2kTs89wL+JisEKRmAl2xy3NpS5t8DIogYXgGUvEImDJbHMwgqiEfly+7ZosMoYQESPkHY8bSyU0qJrzALrM1Y4Ev45qkJXv86W5jAJS0oQqNhakax8Rv4mgg01q3CVrBGpa4luy7JtBZ5c+RJb2dlsGTFjFxuWVde/hUhVnX5fBYMxK8xMiYyId13UHemdfOLr7W2XpCHTtNEQoG+cCJQAYFLG5e7g6dSEBVdVI4W/rTaHCnkxqPzOJy6Lr6wzNNDF/Gn77LW5jvxm/RDd1cSYZ7DEWiRJEo9P/eEdjeCgnd9TILZCLDgAJoWOnIh+UztYW4go9NfhVvfOPF9kHohYdwAuB1Xx9fO7QkEfV8QKB6KhKd3mXmLKxP8OALdLvGWNA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Instrument copy_from_kernel_nofault(), copy_to_kernel_nofault(), strncpy_from_kernel_nofault() where __put_kernel_nofault, __get_kernel_nofault macros are used. Regular instrument_read() and instrument_write() handles KASAN, KCSAN checks for the access address, though instrument_memcpy_before() might be considered as well for both src and dst address validation. __get_user_size was appended with instrument_get_user() for KMSAN check in commit 888f84a6da4d("x86: asm: instrument usercopy in get_user() and put_user()") but only for CONFIG_CC_HAS_ASM_GOTO_OUTPUT. Reported-by: Andrey Konovalov Closes: https://bugzilla.kernel.org/show_bug.cgi?id=210505 Signed-off-by: Sabyrzhan Tasbolatov --- arch/x86/include/asm/uaccess.h | 4 ++++ mm/kasan/kasan_test.c | 17 +++++++++++++++++ 2 files changed, 21 insertions(+) diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h index 3a7755c1a441..bed84d3f7245 100644 --- a/arch/x86/include/asm/uaccess.h +++ b/arch/x86/include/asm/uaccess.h @@ -353,6 +353,7 @@ do { \ default: \ (x) = __get_user_bad(); \ } \ + instrument_get_user(x); \ } while (0) #define __get_user_asm(x, addr, err, itype) \ @@ -620,6 +621,7 @@ do { \ #ifdef CONFIG_CC_HAS_ASM_GOTO_OUTPUT #define __get_kernel_nofault(dst, src, type, err_label) \ + instrument_read(src, sizeof(type)); \ __get_user_size(*((type *)(dst)), (__force type __user *)(src), \ sizeof(type), err_label) #else // !CONFIG_CC_HAS_ASM_GOTO_OUTPUT @@ -627,6 +629,7 @@ do { \ do { \ int __kr_err; \ \ + instrument_read(src, sizeof(type)); \ __get_user_size(*((type *)(dst)), (__force type __user *)(src), \ sizeof(type), __kr_err); \ if (unlikely(__kr_err)) \ @@ -635,6 +638,7 @@ do { \ #endif // CONFIG_CC_HAS_ASM_GOTO_OUTPUT #define __put_kernel_nofault(dst, src, type, err_label) \ + instrument_write(dst, sizeof(type)); \ __put_user_size(*((type *)(src)), (__force type __user *)(dst), \ sizeof(type), err_label) diff --git a/mm/kasan/kasan_test.c b/mm/kasan/kasan_test.c index 7b32be2a3cf0..f5086c86e0bd 100644 --- a/mm/kasan/kasan_test.c +++ b/mm/kasan/kasan_test.c @@ -1899,6 +1899,22 @@ static void match_all_mem_tag(struct kunit *test) kfree(ptr); } +static void copy_from_to_kernel_nofault(struct kunit *test) +{ + char *ptr; + char buf[16]; + size_t size = sizeof(buf); + + ptr = kmalloc(size, GFP_KERNEL); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); + kfree(ptr); + + KUNIT_EXPECT_KASAN_FAIL(test, + copy_from_kernel_nofault(&buf[0], ptr, size)); + KUNIT_EXPECT_KASAN_FAIL(test, + copy_to_kernel_nofault(ptr, &buf[0], size)); +} + static struct kunit_case kasan_kunit_test_cases[] = { KUNIT_CASE(kmalloc_oob_right), KUNIT_CASE(kmalloc_oob_left), @@ -1971,6 +1987,7 @@ static struct kunit_case kasan_kunit_test_cases[] = { KUNIT_CASE(match_all_not_assigned), KUNIT_CASE(match_all_ptr_tag), KUNIT_CASE(match_all_mem_tag), + KUNIT_CASE(copy_from_to_kernel_nofault), {} };