From: Marco Elver <elver@google.com>
To: elver@google.com
Cc: akiyks@gmail.com, stern@rowland.harvard.edu, glider@google.com,
parri.andrea@gmail.com, andreyknvl@google.com, luto@kernel.org,
ard.biesheuvel@linaro.org, arnd@arndb.de, boqun.feng@gmail.com,
bp@alien8.de, dja@axtens.net, dlustig@nvidia.com,
dave.hansen@linux.intel.com, dhowells@redhat.com,
dvyukov@google.com, hpa@zytor.com, mingo@redhat.com,
j.alglave@ucl.ac.uk, joel@joelfernandes.org, corbet@lwn.net,
jpoimboe@redhat.com, luc.maranget@inria.fr, mark.rutland@arm.com,
npiggin@gmail.com, paulmck@kernel.org, peterz@infradead.org,
tglx@linutronix.de, will@kernel.org, kasan-dev@googlegroups.com,
linux-arch@vger.kernel.org, linux-doc@vger.kernel.org,
linux-efi@vger.kernel.org, linux-kbuild@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-mm@kvack.org, x86@kernel.org
Subject: [PATCH v3 9/9] x86, kcsan: Enable KCSAN for x86
Date: Mon, 4 Nov 2019 15:27:45 +0100 [thread overview]
Message-ID: <20191104142745.14722-10-elver@google.com> (raw)
In-Reply-To: <20191104142745.14722-1-elver@google.com>
This patch enables KCSAN for x86, with updates to build rules to not use
KCSAN for several incompatible compilation units.
Signed-off-by: Marco Elver <elver@google.com>
---
v3:
* Moved EFI stub build exception hunk to generic build exception patch,
since it's not x86-specific.
v2:
* Document build exceptions where no previous above comment explained
why we cannot instrument.
---
arch/x86/Kconfig | 1 +
arch/x86/boot/Makefile | 2 ++
arch/x86/boot/compressed/Makefile | 2 ++
arch/x86/entry/vdso/Makefile | 3 +++
arch/x86/include/asm/bitops.h | 6 +++++-
arch/x86/kernel/Makefile | 7 +++++++
arch/x86/kernel/cpu/Makefile | 3 +++
arch/x86/lib/Makefile | 4 ++++
arch/x86/mm/Makefile | 3 +++
arch/x86/purgatory/Makefile | 2 ++
arch/x86/realmode/Makefile | 3 +++
arch/x86/realmode/rm/Makefile | 3 +++
12 files changed, 38 insertions(+), 1 deletion(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index d6e1faa28c58..81859be4a005 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -226,6 +226,7 @@ config X86
select VIRT_TO_BUS
select X86_FEATURE_NAMES if PROC_FS
select PROC_PID_ARCH_STATUS if PROC_FS
+ select HAVE_ARCH_KCSAN if X86_64
config INSTRUCTION_DECODER
def_bool y
diff --git a/arch/x86/boot/Makefile b/arch/x86/boot/Makefile
index e2839b5c246c..9c7942794164 100644
--- a/arch/x86/boot/Makefile
+++ b/arch/x86/boot/Makefile
@@ -9,7 +9,9 @@
# Changed by many, many contributors over the years.
#
+# Sanitizer runtimes are unavailable and cannot be linked for early boot code.
KASAN_SANITIZE := n
+KCSAN_SANITIZE := n
OBJECT_FILES_NON_STANDARD := y
# Kernel does not boot with kcov instrumentation here.
diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile
index 6b84afdd7538..a1c248b8439f 100644
--- a/arch/x86/boot/compressed/Makefile
+++ b/arch/x86/boot/compressed/Makefile
@@ -17,7 +17,9 @@
# (see scripts/Makefile.lib size_append)
# compressed vmlinux.bin.all + u32 size of vmlinux.bin.all
+# Sanitizer runtimes are unavailable and cannot be linked for early boot code.
KASAN_SANITIZE := n
+KCSAN_SANITIZE := n
OBJECT_FILES_NON_STANDARD := y
# Prevents link failures: __sanitizer_cov_trace_pc() is not linked in.
diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile
index 0f2154106d01..a23debaad5b9 100644
--- a/arch/x86/entry/vdso/Makefile
+++ b/arch/x86/entry/vdso/Makefile
@@ -10,8 +10,11 @@ ARCH_REL_TYPE_ABS += R_386_GLOB_DAT|R_386_JMP_SLOT|R_386_RELATIVE
include $(srctree)/lib/vdso/Makefile
KBUILD_CFLAGS += $(DISABLE_LTO)
+
+# Sanitizer runtimes are unavailable and cannot be linked here.
KASAN_SANITIZE := n
UBSAN_SANITIZE := n
+KCSAN_SANITIZE := n
OBJECT_FILES_NON_STANDARD := y
# Prevents link failures: __sanitizer_cov_trace_pc() is not linked in.
diff --git a/arch/x86/include/asm/bitops.h b/arch/x86/include/asm/bitops.h
index 7d1f6a49bfae..ee08917d3d92 100644
--- a/arch/x86/include/asm/bitops.h
+++ b/arch/x86/include/asm/bitops.h
@@ -201,8 +201,12 @@ arch_test_and_change_bit(long nr, volatile unsigned long *addr)
return GEN_BINARY_RMWcc(LOCK_PREFIX __ASM_SIZE(btc), *addr, c, "Ir", nr);
}
-static __always_inline bool constant_test_bit(long nr, const volatile unsigned long *addr)
+static __no_kcsan_or_inline bool constant_test_bit(long nr, const volatile unsigned long *addr)
{
+ /*
+ * Because this is a plain access, we need to disable KCSAN here to
+ * avoid double instrumentation via bitops-instrumented.h.
+ */
return ((1UL << (nr & (BITS_PER_LONG-1))) &
(addr[nr >> _BITOPS_LONG_SHIFT])) != 0;
}
diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile
index 3578ad248bc9..2aa122d94956 100644
--- a/arch/x86/kernel/Makefile
+++ b/arch/x86/kernel/Makefile
@@ -28,6 +28,13 @@ KASAN_SANITIZE_dumpstack_$(BITS).o := n
KASAN_SANITIZE_stacktrace.o := n
KASAN_SANITIZE_paravirt.o := n
+# Do not instrument early boot code.
+KCSAN_SANITIZE_head$(BITS).o := n
+# Do not instrument debug code to avoid corrupting bug reporting.
+KCSAN_SANITIZE_dumpstack.o := n
+KCSAN_SANITIZE_dumpstack_$(BITS).o := n
+KCSAN_SANITIZE_stacktrace.o := n
+
OBJECT_FILES_NON_STANDARD_relocate_kernel_$(BITS).o := y
OBJECT_FILES_NON_STANDARD_test_nx.o := y
OBJECT_FILES_NON_STANDARD_paravirt_patch.o := y
diff --git a/arch/x86/kernel/cpu/Makefile b/arch/x86/kernel/cpu/Makefile
index d7a1e5a9331c..1f1b0edc0187 100644
--- a/arch/x86/kernel/cpu/Makefile
+++ b/arch/x86/kernel/cpu/Makefile
@@ -13,6 +13,9 @@ endif
KCOV_INSTRUMENT_common.o := n
KCOV_INSTRUMENT_perf_event.o := n
+# As above, instrumenting secondary CPU boot code causes boot hangs.
+KCSAN_SANITIZE_common.o := n
+
# Make sure load_percpu_segment has no stackprotector
nostackp := $(call cc-option, -fno-stack-protector)
CFLAGS_common.o := $(nostackp)
diff --git a/arch/x86/lib/Makefile b/arch/x86/lib/Makefile
index 5246db42de45..432a07705677 100644
--- a/arch/x86/lib/Makefile
+++ b/arch/x86/lib/Makefile
@@ -6,10 +6,14 @@
# Produces uninteresting flaky coverage.
KCOV_INSTRUMENT_delay.o := n
+# KCSAN uses udelay for introducing watchpoint delay; avoid recursion.
+KCSAN_SANITIZE_delay.o := n
+
# Early boot use of cmdline; don't instrument it
ifdef CONFIG_AMD_MEM_ENCRYPT
KCOV_INSTRUMENT_cmdline.o := n
KASAN_SANITIZE_cmdline.o := n
+KCSAN_SANITIZE_cmdline.o := n
ifdef CONFIG_FUNCTION_TRACER
CFLAGS_REMOVE_cmdline.o = -pg
diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile
index 84373dc9b341..ee871602f96a 100644
--- a/arch/x86/mm/Makefile
+++ b/arch/x86/mm/Makefile
@@ -7,6 +7,9 @@ KCOV_INSTRUMENT_mem_encrypt_identity.o := n
KASAN_SANITIZE_mem_encrypt.o := n
KASAN_SANITIZE_mem_encrypt_identity.o := n
+KCSAN_SANITIZE_mem_encrypt.o := n
+KCSAN_SANITIZE_mem_encrypt_identity.o := n
+
ifdef CONFIG_FUNCTION_TRACER
CFLAGS_REMOVE_mem_encrypt.o = -pg
CFLAGS_REMOVE_mem_encrypt_identity.o = -pg
diff --git a/arch/x86/purgatory/Makefile b/arch/x86/purgatory/Makefile
index fb4ee5444379..69379bce9574 100644
--- a/arch/x86/purgatory/Makefile
+++ b/arch/x86/purgatory/Makefile
@@ -17,7 +17,9 @@ CFLAGS_sha256.o := -D__DISABLE_EXPORTS
LDFLAGS_purgatory.ro := -e purgatory_start -r --no-undefined -nostdlib -z nodefaultlib
targets += purgatory.ro
+# Sanitizer runtimes are unavailable and cannot be linked here.
KASAN_SANITIZE := n
+KCSAN_SANITIZE := n
KCOV_INSTRUMENT := n
# These are adjustments to the compiler flags used for objects that
diff --git a/arch/x86/realmode/Makefile b/arch/x86/realmode/Makefile
index 682c895753d9..6b1f3a4eeb44 100644
--- a/arch/x86/realmode/Makefile
+++ b/arch/x86/realmode/Makefile
@@ -6,7 +6,10 @@
# for more details.
#
#
+
+# Sanitizer runtimes are unavailable and cannot be linked here.
KASAN_SANITIZE := n
+KCSAN_SANITIZE := n
OBJECT_FILES_NON_STANDARD := y
subdir- := rm
diff --git a/arch/x86/realmode/rm/Makefile b/arch/x86/realmode/rm/Makefile
index f60501a384f9..fdbbb945c216 100644
--- a/arch/x86/realmode/rm/Makefile
+++ b/arch/x86/realmode/rm/Makefile
@@ -6,7 +6,10 @@
# for more details.
#
#
+
+# Sanitizer runtimes are unavailable and cannot be linked here.
KASAN_SANITIZE := n
+KCSAN_SANITIZE := n
OBJECT_FILES_NON_STANDARD := y
# Prevents link failures: __sanitizer_cov_trace_pc() is not linked in.
--
2.24.0.rc1.363.gb1bccd3e3d-goog
next prev parent reply other threads:[~2019-11-04 14:29 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-04 14:27 [PATCH v3 0/9] Add Kernel Concurrency Sanitizer (KCSAN) Marco Elver
2019-11-04 14:27 ` Marco Elver
2019-11-04 14:27 ` [PATCH v3 1/9] kcsan: Add Kernel Concurrency Sanitizer infrastructure Marco Elver
2019-11-04 14:27 ` Marco Elver
2019-11-06 9:38 ` Dmitry Vyukov
2019-11-06 9:38 ` Dmitry Vyukov
2019-11-06 9:38 ` Dmitry Vyukov
2019-11-06 10:03 ` Marco Elver
2019-11-06 10:03 ` Marco Elver
2019-11-06 10:03 ` Marco Elver
2019-11-06 19:11 ` Marco Elver
2019-11-06 19:11 ` Marco Elver
2019-11-06 19:59 ` kbuild test robot
2019-11-06 19:59 ` kbuild test robot
2019-11-06 19:59 ` kbuild test robot
2019-11-06 19:59 ` kbuild test robot
2019-11-06 20:34 ` kbuild test robot
2019-11-06 20:34 ` kbuild test robot
2019-11-06 20:34 ` kbuild test robot
2019-11-06 20:34 ` kbuild test robot
2019-11-07 18:43 ` Marco Elver
2019-11-07 18:43 ` Marco Elver
2019-11-07 18:43 ` Marco Elver
2019-11-07 18:43 ` Marco Elver
2019-11-07 21:08 ` Bhupesh Sharma
2019-11-07 21:08 ` Bhupesh Sharma
2019-11-07 21:08 ` Bhupesh Sharma
2019-11-08 14:23 ` Marco Elver
2019-11-08 14:23 ` Marco Elver
2019-11-04 14:27 ` [PATCH v3 2/9] kcsan: Add Documentation entry in dev-tools Marco Elver
2019-11-04 14:27 ` Marco Elver
2019-11-04 14:27 ` [PATCH v3 3/9] objtool, kcsan: Add KCSAN runtime functions to whitelist Marco Elver
2019-11-04 14:27 ` Marco Elver
2019-11-04 14:27 ` [PATCH v3 4/9] build, kcsan: Add KCSAN build exceptions Marco Elver
2019-11-04 14:27 ` Marco Elver
2019-11-04 14:27 ` [PATCH v3 5/9] seqlock, kcsan: Add annotations for KCSAN Marco Elver
2019-11-04 14:27 ` Marco Elver
2019-11-05 11:35 ` kbuild test robot
2019-11-05 11:35 ` kbuild test robot
2019-11-05 11:35 ` kbuild test robot
2019-11-05 11:35 ` kbuild test robot
2019-11-05 15:22 ` Marco Elver
2019-11-05 15:22 ` Marco Elver
2019-11-05 15:22 ` Marco Elver
2019-11-05 15:22 ` Marco Elver
2019-11-04 14:27 ` [PATCH v3 6/9] seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier Marco Elver
2019-11-04 14:27 ` Marco Elver
2019-11-04 14:27 ` [PATCH v3 7/9] asm-generic, kcsan: Add KCSAN instrumentation for bitops Marco Elver
2019-11-04 14:27 ` Marco Elver
2019-11-04 14:27 ` [PATCH v3 8/9] locking/atomics, kcsan: Add KCSAN instrumentation Marco Elver
2019-11-04 14:27 ` Marco Elver
2019-11-04 14:27 ` Marco Elver [this message]
2019-11-04 14:27 ` [PATCH v3 9/9] x86, kcsan: Enable KCSAN for x86 Marco Elver
2019-11-04 16:47 ` [PATCH v3 0/9] Add Kernel Concurrency Sanitizer (KCSAN) Paul E. McKenney
2019-11-04 18:41 ` Marco Elver
2019-11-04 18:41 ` Marco Elver
2019-11-04 18:41 ` Marco Elver
2019-11-04 19:46 ` Paul E. McKenney
2019-11-04 19:46 ` Paul E. McKenney
2019-11-05 11:10 ` Marco Elver
2019-11-05 11:10 ` Marco Elver
2019-11-05 11:10 ` Marco Elver
2019-11-05 14:20 ` Paul E. McKenney
2019-11-05 14:20 ` Paul E. McKenney
2019-11-05 15:25 ` Marco Elver
2019-11-05 15:25 ` Marco Elver
2019-11-05 15:25 ` Marco Elver
2019-11-14 18:05 ` Marco Elver
2019-11-14 18:05 ` Marco Elver
2019-11-14 18:05 ` Marco Elver
2019-11-14 19:48 ` Paul E. McKenney
2019-11-14 19:48 ` Paul E. McKenney
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191104142745.14722-10-elver@google.com \
--to=elver@google.com \
--cc=akiyks@gmail.com \
--cc=andreyknvl@google.com \
--cc=ard.biesheuvel@linaro.org \
--cc=arnd@arndb.de \
--cc=boqun.feng@gmail.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=dhowells@redhat.com \
--cc=dja@axtens.net \
--cc=dlustig@nvidia.com \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=hpa@zytor.com \
--cc=j.alglave@ucl.ac.uk \
--cc=joel@joelfernandes.org \
--cc=jpoimboe@redhat.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luc.maranget@inria.fr \
--cc=luto@kernel.org \
--cc=mark.rutland@arm.com \
--cc=mingo@redhat.com \
--cc=npiggin@gmail.com \
--cc=parri.andrea@gmail.com \
--cc=paulmck@kernel.org \
--cc=peterz@infradead.org \
--cc=stern@rowland.harvard.edu \
--cc=tglx@linutronix.de \
--cc=will@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.