From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-17.4 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 22356C55ABD for ; Wed, 11 Nov 2020 14:23:48 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 8D95E207BB for ; Wed, 11 Nov 2020 14:23:47 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Y3VD18rW" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8D95E207BB Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id AEA0E6B006E; Wed, 11 Nov 2020 09:23:46 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id A9B036B0072; Wed, 11 Nov 2020 09:23:46 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9612A6B0074; Wed, 11 Nov 2020 09:23:46 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0140.hostedemail.com [216.40.44.140]) by kanga.kvack.org (Postfix) with ESMTP id 66CC76B006E for ; Wed, 11 Nov 2020 09:23:46 -0500 (EST) Received: from smtpin06.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay03.hostedemail.com (Postfix) with ESMTP id 024BD8249980 for ; Wed, 11 Nov 2020 14:23:46 +0000 (UTC) X-FDA: 77472356052.06.smell97_0112a3c272fe Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin06.hostedemail.com (Postfix) with ESMTP id CEDFE10040F02 for ; Wed, 11 Nov 2020 14:23:45 +0000 (UTC) X-HE-Tag: smell97_0112a3c272fe X-Filterd-Recvd-Size: 8230 Received: from mail-qt1-f195.google.com (mail-qt1-f195.google.com [209.85.160.195]) by imf07.hostedemail.com (Postfix) with ESMTP for ; Wed, 11 Nov 2020 14:23:45 +0000 (UTC) Received: by mail-qt1-f195.google.com with SMTP id h12so1347346qtc.9 for ; Wed, 11 Nov 2020 06:23:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=UloFlAe4eE6dBOKuaOljn+MXY+P4+o9Y9O9NjdtVr4Y=; b=Y3VD18rW6Mkcyy+sI26KIOCxIFEy130EdiK3BKfRiqpWvWkxQ+oyq/DcuRswHRSiCC jnsNcRgemJcQiD/n4CbRSAa3fKkMAm33WDdGeJ1QozG1HDoOq7jVTf/Q8a3fe+exSvPO rwFQ0256H+E+/F0z3H9AOTkuzG031CtXVUdW3BhaexPH4SAvULaSvzR6v6hAgaHNoOVF T0UBcgSUuJ5np7vNU5V8FS8JD0uooL2elfMlubLa4H4cCCE4fR7h8ajCarV7VBbQA8o3 93NtWwulPvOpJDmCCGsvY6GIL+Xa1FVRFRBdfZ2QIZCRCPNO/tBJ+OTKlzfCvE1wEv2o MrHg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=UloFlAe4eE6dBOKuaOljn+MXY+P4+o9Y9O9NjdtVr4Y=; b=RZy3Z/AJalPjvLw6VEYxT+drh3nyMgeJeolMwfAsPh0Ad4R3yYCJ3TutqaCShy4psg wvCaQMK41SZgA48leiBgmKPoNojN0IBnNoQk2olkAe6QspNXvSoQpj7eI4/7GfLuCEBL 59DCJRq6rCDhggMKuTCF/SMS9EZNzUf7RpR7RquJxr/Kw8pWibez8U5Qqn9txutiYUir wUBPewcWSBCNW/Sle07AwkWksrmyDoLy7BSnbqvhcX/iMe3/FD+9pk1VjU7RFTT7FQed NXNb5DVNLqonxBToXfDOVrMi4i5erzSbrRjAGAg6iaFd0rKJiMfzEmNxLfUk7pkvqn6F WOeA== X-Gm-Message-State: AOAM5337hvNBn0Q+9mL9+A/gnnTX6iiI26Nd5yIzstvbyLTAaSBH3Rw8 uNfFRPBhEyKYSWZQvSVdRIP8F3oEB2ThkqLxsqgj0A== X-Google-Smtp-Source: ABdhPJzHUAKQWPGbmybh6ShDMZd1OwaBAGmCgdaIFdpQpb4uWrpuYS+v5Cs2ngVicNeakb1vFxozgDI96Cs/DC5/IJM= X-Received: by 2002:ac8:5c85:: with SMTP id r5mr18898460qta.8.1605104624442; Wed, 11 Nov 2020 06:23:44 -0800 (PST) MIME-Version: 1.0 References: <427d46e86c81f3ec77147b0ade4bd551d878cf7a.1605046192.git.andreyknvl@google.com> In-Reply-To: <427d46e86c81f3ec77147b0ade4bd551d878cf7a.1605046192.git.andreyknvl@google.com> From: Alexander Potapenko Date: Wed, 11 Nov 2020 15:23:33 +0100 Message-ID: Subject: Re: [PATCH v9 13/44] kasan: hide invalid free check implementation To: Andrey Konovalov Cc: Catalin Marinas , Will Deacon , Vincenzo Frascino , Dmitry Vyukov , Andrey Ryabinin , Marco Elver , Evgenii Stepanov , Branislav Rankov , Kevin Brodsky , Andrew Morton , kasan-dev , Linux ARM , Linux Memory Management List , LKML Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bogosity: Ham, tests=bogofilter, spamicity=0.000140, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, Nov 10, 2020 at 11:11 PM Andrey Konovalov w= rote: > > This is a preparatory commit for the upcoming addition of a new hardware > tag-based (MTE-based) KASAN mode. > > For software KASAN modes the check is based on the value in the shadow > memory. Hardware tag-based KASAN won't be using shadow, so hide the > implementation of the check in check_invalid_free(). > > Also simplify the code for software tag-based mode. > > No functional changes for software modes. > > Signed-off-by: Andrey Konovalov > Signed-off-by: Vincenzo Frascino > Reviewed-by: Marco Elver Reviewed-by: Alexander Potapenko > --- > Change-Id: I5fae9531c9fc948eb4d4e0c589744032fc5a0789 > --- > mm/kasan/common.c | 19 +------------------ > mm/kasan/generic.c | 7 +++++++ > mm/kasan/kasan.h | 2 ++ > mm/kasan/sw_tags.c | 9 +++++++++ > 4 files changed, 19 insertions(+), 18 deletions(-) > > diff --git a/mm/kasan/common.c b/mm/kasan/common.c > index 123abfb760d4..543e6bf2168f 100644 > --- a/mm/kasan/common.c > +++ b/mm/kasan/common.c > @@ -272,25 +272,9 @@ void * __must_check kasan_init_slab_obj(struct kmem_= cache *cache, > return (void *)object; > } > > -static inline bool shadow_invalid(u8 tag, s8 shadow_byte) > -{ > - if (IS_ENABLED(CONFIG_KASAN_GENERIC)) > - return shadow_byte < 0 || > - shadow_byte >=3D KASAN_GRANULE_SIZE; > - > - /* else CONFIG_KASAN_SW_TAGS: */ > - if ((u8)shadow_byte =3D=3D KASAN_TAG_INVALID) > - return true; > - if ((tag !=3D KASAN_TAG_KERNEL) && (tag !=3D (u8)shadow_byte)) > - return true; > - > - return false; > -} > - > static bool __kasan_slab_free(struct kmem_cache *cache, void *object, > unsigned long ip, bool quarantine) > { > - s8 shadow_byte; > u8 tag; > void *tagged_object; > unsigned long rounded_up_size; > @@ -309,8 +293,7 @@ static bool __kasan_slab_free(struct kmem_cache *cach= e, void *object, > if (unlikely(cache->flags & SLAB_TYPESAFE_BY_RCU)) > return false; > > - shadow_byte =3D READ_ONCE(*(s8 *)kasan_mem_to_shadow(object)); > - if (shadow_invalid(tag, shadow_byte)) { > + if (check_invalid_free(tagged_object)) { > kasan_report_invalid_free(tagged_object, ip); > return true; > } > diff --git a/mm/kasan/generic.c b/mm/kasan/generic.c > index ec4417156943..e1af3b6c53b8 100644 > --- a/mm/kasan/generic.c > +++ b/mm/kasan/generic.c > @@ -187,6 +187,13 @@ bool check_memory_region(unsigned long addr, size_t = size, bool write, > return check_memory_region_inline(addr, size, write, ret_ip); > } > > +bool check_invalid_free(void *addr) > +{ > + s8 shadow_byte =3D READ_ONCE(*(s8 *)kasan_mem_to_shadow(addr)); > + > + return shadow_byte < 0 || shadow_byte >=3D KASAN_GRANULE_SIZE; > +} > + > void kasan_cache_shrink(struct kmem_cache *cache) > { > quarantine_remove_cache(cache); > diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h > index 1865bb92d47a..3eff57e71ff5 100644 > --- a/mm/kasan/kasan.h > +++ b/mm/kasan/kasan.h > @@ -164,6 +164,8 @@ void kasan_poison_memory(const void *address, size_t = size, u8 value); > bool check_memory_region(unsigned long addr, size_t size, bool write, > unsigned long ret_ip); > > +bool check_invalid_free(void *addr); > + > void *find_first_bad_addr(void *addr, size_t size); > const char *get_bug_type(struct kasan_access_info *info); > > diff --git a/mm/kasan/sw_tags.c b/mm/kasan/sw_tags.c > index 4bdd7dbd6647..b2638c2cd58a 100644 > --- a/mm/kasan/sw_tags.c > +++ b/mm/kasan/sw_tags.c > @@ -121,6 +121,15 @@ bool check_memory_region(unsigned long addr, size_t = size, bool write, > return true; > } > > +bool check_invalid_free(void *addr) > +{ > + u8 tag =3D get_tag(addr); > + u8 shadow_byte =3D READ_ONCE(*(u8 *)kasan_mem_to_shadow(reset_tag= (addr))); > + > + return (shadow_byte =3D=3D KASAN_TAG_INVALID) || > + (tag !=3D KASAN_TAG_KERNEL && tag !=3D shadow_byte); > +} > + > #define DEFINE_HWASAN_LOAD_STORE(size) \ > void __hwasan_load##size##_noabort(unsigned long addr) \ > { \ > -- > 2.29.2.222.g5d2a92d10f8-goog > --=20 Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Stra=C3=9Fe, 33 80636 M=C3=BCnchen Gesch=C3=A4ftsf=C3=BChrer: Paul Manicle, Halimah DeLaine Prado Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg