Re: [PATCH V5 03/12] arm64: kasan: Switch to using KASAN_SHADOW_OFFSET

From: Catalin Marinas <catalin.marinas@arm.com>
To: Steve Capper <steve.capper@arm.com>
Cc: crecklin@redhat.com, ard.biesheuvel@linaro.org, maz@kernel.org,
	bhsharma@redhat.com, will@kernel.org,
	linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH V5 03/12] arm64: kasan: Switch to using KASAN_SHADOW_OFFSET
Date: Wed, 7 Aug 2019 17:12:39 +0100	[thread overview]
Message-ID: <20190807161239.GB1766@arrakis.emea.arm.com> (raw)
In-Reply-To: <20190807155524.5112-4-steve.capper@arm.com>

On Wed, Aug 07, 2019 at 04:55:15PM +0100, Steve Capper wrote:
> KASAN_SHADOW_OFFSET is a constant that is supplied to gcc as a command
> line argument and affects the codegen of the inline address sanetiser.
> 
> Essentially, for an example memory access:
>     *ptr1 = val;
> The compiler will insert logic similar to the below:
>     shadowValue = *(ptr1 >> KASAN_SHADOW_SCALE_SHIFT + KASAN_SHADOW_OFFSET)
>     if (somethingWrong(shadowValue))
>         flagAnError();
> 
> This code sequence is inserted into many places, thus
> KASAN_SHADOW_OFFSET is essentially baked into many places in the kernel
> text.
> 
> If we want to run a single kernel binary with multiple address spaces,
> then we need to do this with KASAN_SHADOW_OFFSET fixed.
> 
> Thankfully, due to the way the KASAN_SHADOW_OFFSET is used to provide
> shadow addresses we know that the end of the shadow region is constant
> w.r.t. VA space size:
>     KASAN_SHADOW_END = ~0 >> KASAN_SHADOW_SCALE_SHIFT + KASAN_SHADOW_OFFSET
> 
> This means that if we increase the size of the VA space, the start of
> the KASAN region expands into lower addresses whilst the end of the
> KASAN region is fixed.
> 
> Currently the arm64 code computes KASAN_SHADOW_OFFSET at build time via
> build scripts with the VA size used as a parameter. (There are build
> time checks in the C code too to ensure that expected values are being
> derived). It is sufficient, and indeed is a simplification, to remove
> the build scripts (and build time checks) entirely and instead provide
> KASAN_SHADOW_OFFSET values.
> 
> This patch removes the logic to compute the KASAN_SHADOW_OFFSET in the
> arm64 Makefile, and instead we adopt the approach used by x86 to supply
> offset values in kConfig. To help debug/develop future VA space changes,
> the Makefile logic has been preserved in a script file in the arm64
> Documentation folder.
> 
> Signed-off-by: Steve Capper <steve.capper@arm.com>

Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel