From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-14.4 required=3.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E8FACC43603 for ; Thu, 5 Dec 2019 15:46:28 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 88D36206DB for ; Thu, 5 Dec 2019 15:46:28 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="FakNDZ83" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 88D36206DB Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 234A16B10ED; Thu, 5 Dec 2019 10:46:28 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 1E5F56B10EE; Thu, 5 Dec 2019 10:46:28 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0D5366B10EF; Thu, 5 Dec 2019 10:46:28 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0222.hostedemail.com [216.40.44.222]) by kanga.kvack.org (Postfix) with ESMTP id E7D3F6B10ED for ; Thu, 5 Dec 2019 10:46:27 -0500 (EST) Received: from smtpin01.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with SMTP id A144952BC for ; Thu, 5 Dec 2019 15:46:27 +0000 (UTC) X-FDA: 76231514814.01.egg15_7282baf5e0f1d X-HE-Tag: egg15_7282baf5e0f1d X-Filterd-Recvd-Size: 10044 Received: from mail-wr1-f67.google.com (mail-wr1-f67.google.com [209.85.221.67]) by imf09.hostedemail.com (Postfix) with ESMTP for ; Thu, 5 Dec 2019 15:46:26 +0000 (UTC) Received: by mail-wr1-f67.google.com with SMTP id y17so4201389wrh.5 for ; Thu, 05 Dec 2019 07:46:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=TZOs5+xu1q2cYIC3vmKxWSQgNWo/JzmNbYhfhcx7zyw=; b=FakNDZ833MhnPwC7nXCvBJSJqjR5BSVcUjpHgm98XR1fLG+XYwUjFSYqBHjgP8teVy iWVk6Uvwh+HMe+eATteJk8GGuweYxEjW6pnWmUq9zVqKgO6dHjT9W+Wgbsp8Q0K65g3M EQsLDLh/O+6LWPP/J0gM8aWyImMS1+wzyxF7YvsXm4uYKV3B/eXmyftwTx4slARrSbWU BhE21gButqseF+gxqiu0dpeE1HtWQ2Hk8Z2D9lSWbGnsjxzsAisRMNN7F7W49Kpqq0TC /uqRNNILnPbck93Z5+Ppzpd8D+8UgUJ8cxngNNBc1/P5TSeOEHqft2FsnPJbSMMcPR/K YN3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=TZOs5+xu1q2cYIC3vmKxWSQgNWo/JzmNbYhfhcx7zyw=; b=A/pcjpwHOVjYpezjBZmA5GC2kAcJzngxQ0VQecTh2hRsL1YGSy+6Fk0QbAPDr0BHFp Er8wWEl1aBwjKwwv678dr0xMChs7h8YOPdhns4eIbGB6Uh8i+1f7AGHrv/wfkyVGtV7O DztEXvSWdNcqp1WOktiAOCw8zmIX1sBisk4mC7jjy2P36DcRhSgyjnJJe0Pev7Zsvabq RUqbniAM6ohSq73155vEO2VVjc9fL4zhJIQsQ2v/juqQ0c2O22jfW5xF6rVT7i1GULFs E8OjFoQ7c9VQqRcAzXMgYkl5AYyefo30QcKVcWOWkvKjC+iQueo3OrZM5b9Ezp69CHfN 5/cA== X-Gm-Message-State: APjAAAWQKLiQXR36cOZz3Ay/9imYx+OHSpqOo6MLW0Dni3ZSiAFVhqvh /oCzvU8PJVi+GPUmYGbu4VZsnk/ULfRWMskc2lj31g== X-Google-Smtp-Source: APXvYqyYc8lDyb0RhScIh3UErvv3Fdu6TWf4KYKKuyD4tV7fHlOPS3KXW2UxALFZ1WcYfWaCAcMPzRGvsVhVp18/qek= X-Received: by 2002:a5d:6886:: with SMTP id h6mr10780179wru.154.1575560785163; Thu, 05 Dec 2019 07:46:25 -0800 (PST) MIME-Version: 1.0 References: <20191122112621.204798-1-glider@google.com> <20191122112621.204798-27-glider@google.com> In-Reply-To: From: Alexander Potapenko Date: Thu, 5 Dec 2019 16:46:13 +0100 Message-ID: Subject: Re: [PATCH RFC v3 26/36] kmsan: use __msan_memcpy() where possible. To: Andrey Konovalov Cc: Vegard Nossum , Dmitry Vyukov , Linux Memory Management List , Alexander Viro , Andreas Dilger , Andrew Morton , Andrey Ryabinin , Andy Lutomirski , Ard Biesheuvel , Arnd Bergmann , Christoph Hellwig , Christoph Hellwig , "Darrick J. Wong" , "David S. Miller" , Dmitry Torokhov , Eric Biggers , Eric Dumazet , Eric Van Hensbergen , Greg Kroah-Hartman , Harry Wentland , Herbert Xu , Ilya Leoshkevich , Ingo Molnar , Jason Wang , Jens Axboe , Marek Szyprowski , Marco Elver , Mark Rutland , "Martin K. Petersen" , Martin Schwidefsky , Matthew Wilcox , "Michael S . Tsirkin" , Michal Simek , Petr Mladek , Qian Cai , Randy Dunlap , Robin Murphy , Sergey Senozhatsky , Steven Rostedt , Takashi Iwai , "Theodore Ts'o" , Thomas Gleixner , Vasily Gorbik , Wolfram Sang Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, Nov 29, 2019 at 4:13 PM Andrey Konovalov wr= ote: > > On Fri, Nov 22, 2019 at 12:27 PM wrote: > > > > Unless stated otherwise (by explicitly calling __memcpy()) we want all > > memcpy() calls to call __msan_memcpy() so that shadow and origin values > > are updated accordingly. > > Why do we only do this for memcpy() but not for memove() and others? Hm, interesting. Looks like I simply forgot to add memset() and memmove(). Could have costed us some false negatives. > > > > Bootloader must still the default string functions to avoid crashes. > > must still use Ack > > > > > Signed-off-by: Alexander Potapenko > > To: Alexander Potapenko > > Cc: Vegard Nossum > > Cc: Dmitry Vyukov > > Cc: linux-mm@kvack.org > > --- > > v3: > > - use default string functions in the bootloader > > > > Change-Id: Ib2512ce5aa8d457453dd38caa12f58f002166813 > > --- > > arch/x86/boot/compressed/misc.h | 1 + > > arch/x86/include/asm/string_64.h | 9 ++++++++- > > include/linux/compiler.h | 9 ++++++++- > > include/linux/string.h | 2 ++ > > 4 files changed, 19 insertions(+), 2 deletions(-) > > > > diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed= /misc.h > > index c8181392f70d..dd4bd8c5d97a 100644 > > --- a/arch/x86/boot/compressed/misc.h > > +++ b/arch/x86/boot/compressed/misc.h > > @@ -12,6 +12,7 @@ > > #undef CONFIG_PARAVIRT_XXL > > #undef CONFIG_PARAVIRT_SPINLOCKS > > #undef CONFIG_KASAN > > +#undef CONFIG_KMSAN > > > > /* cpu_feature_enabled() cannot be used this early */ > > #define USE_EARLY_PGTABLE_L5 > > diff --git a/arch/x86/include/asm/string_64.h b/arch/x86/include/asm/st= ring_64.h > > index 75314c3dbe47..d3c76d910c23 100644 > > --- a/arch/x86/include/asm/string_64.h > > +++ b/arch/x86/include/asm/string_64.h > > @@ -11,7 +11,13 @@ > > function. */ > > > > #define __HAVE_ARCH_MEMCPY 1 > > +#if defined(CONFIG_KMSAN) > > +#undef memcpy > > +/* __msan_memcpy() is defined in compiler.h */ > > +#define memcpy(dst, src, len) __msan_memcpy(dst, src, len) > > +#else > > extern void *memcpy(void *to, const void *from, size_t len); > > +#endif > > extern void *__memcpy(void *to, const void *from, size_t len); > > > > #define __HAVE_ARCH_MEMSET > > @@ -64,7 +70,8 @@ char *strcpy(char *dest, const char *src); > > char *strcat(char *dest, const char *src); > > int strcmp(const char *cs, const char *ct); > > > > -#if defined(CONFIG_KASAN) && !defined(__SANITIZE_ADDRESS__) > > +#if (defined(CONFIG_KASAN) && !defined(__SANITIZE_ADDRESS__)) || \ > > + (defined(CONFIG_KMSAN) && !defined(__SANITIZE_MEMORY__)) > > > > /* > > * For files that not instrumented (e.g. mm/slub.c) we > > diff --git a/include/linux/compiler.h b/include/linux/compiler.h > > index 99d40f31a2c3..9ce11f4f4cb2 100644 > > --- a/include/linux/compiler.h > > +++ b/include/linux/compiler.h > > @@ -179,6 +179,13 @@ void ftrace_likely_update(struct ftrace_likely_dat= a *f, int val, > > > > #include > > > > +#ifdef CONFIG_KMSAN > > +void *__msan_memcpy(void *dst, const void *src, u64 size); > > +#define __DO_MEMCPY(res, p, size) __msan_memcpy(res, p, size) > > +#else > > +#define __DO_MEMCPY(res, p, size) __builtin_memcpy(res, p, size) > > +#endif > > + > > #define __READ_ONCE_SIZE = \ > > ({ = \ > > switch (size) { = \ > > @@ -188,7 +195,7 @@ void ftrace_likely_update(struct ftrace_likely_data= *f, int val, > > case 8: *(__u64 *)res =3D *(volatile __u64 *)p; break; = \ > > default: = \ > > barrier(); = \ > > - __builtin_memcpy((void *)res, (const void *)p, size); = \ > > + __DO_MEMCPY((void *)res, (const void *)p, size); = \ > > barrier(); = \ > > } = \ > > }) > > diff --git a/include/linux/string.h b/include/linux/string.h > > index b6ccdc2c7f02..5d8ce09cba2e 100644 > > --- a/include/linux/string.h > > +++ b/include/linux/string.h > > @@ -363,6 +363,7 @@ __FORTIFY_INLINE void *memset(void *p, int c, __ker= nel_size_t size) > > return __builtin_memset(p, c, size); > > } > > > > +#ifndef CONFIG_KMSAN > > __FORTIFY_INLINE void *memcpy(void *p, const void *q, __kernel_size_t = size) > > { > > size_t p_size =3D __builtin_object_size(p, 0); > > @@ -377,6 +378,7 @@ __FORTIFY_INLINE void *memcpy(void *p, const void *= q, __kernel_size_t size) > > fortify_panic(__func__); > > return __builtin_memcpy(p, q, size); > > } > > +#endif > > > > __FORTIFY_INLINE void *memmove(void *p, const void *q, __kernel_size_t= size) > > { > > -- > > 2.24.0.432.g9d3f5f5b63-goog > > --=20 Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Stra=C3=9Fe, 33 80636 M=C3=BCnchen Gesch=C3=A4ftsf=C3=BChrer: Paul Manicle, Halimah DeLaine Prado Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg