From: Elena Petrova <lenaptr@google.com>
To: kvmarm@lists.cs.columbia.edu
Cc: Elena Petrova <lenaptr@google.com>,
linux-arm-kernel@lists.infradead.org,
open list <linux-kernel@vger.kernel.org>,
Marc Zyngier <maz@kernel.org>, James Morse <james.morse@arm.com>,
Julien Thierry <julien.thierry.kdev@gmail.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
George Popescu <george.apopescu97@gmail.com>,
George-Aurelian Popescu <georgepope@google.com>
Subject: [PATCH v2 9/9] KVM: arm64: Add UBSan tests for PKVM.
Date: Thu, 14 Jan 2021 17:23:39 +0000 [thread overview]
Message-ID: <20210114172338.2798389-10-lenaptr@google.com> (raw)
In-Reply-To: <20210114172338.2798389-1-lenaptr@google.com>
From: George-Aurelian Popescu <georgepope@google.com>
Test the UBsan functionality inside hyp/nVHE.
Because modules are not supported inside of hyp/nVHE code, the default
testing module for UBSan can not be used.
New functions have to be defined inside of hyp/nVHE.
They are called in kvm_get_mdcr_el2, to test UBSAN whenever a VM starts.
Change-Id: Icf998da0af023c74d45be90788ac9f694e61c97c
Signed-off-by: Elena Petrova <lenaptr@google.com>
---
arch/arm64/include/asm/assembler.h | 17 ++-
arch/arm64/include/asm/kvm_debug_buffer.h | 10 +-
arch/arm64/include/asm/kvm_ubsan.h | 2 +-
arch/arm64/kvm/hyp/include/hyp/test_ubsan.h | 112 ++++++++++++++++++++
arch/arm64/kvm/hyp/nvhe/hyp-main.c | 3 +
arch/arm64/kvm/kvm_ubsan_buffer.c | 1 -
6 files changed, 128 insertions(+), 17 deletions(-)
create mode 100644 arch/arm64/kvm/hyp/include/hyp/test_ubsan.h
diff --git a/arch/arm64/include/asm/assembler.h b/arch/arm64/include/asm/assembler.h
index ebc18a8a0e1f..8422b0d925e8 100644
--- a/arch/arm64/include/asm/assembler.h
+++ b/arch/arm64/include/asm/assembler.h
@@ -259,16 +259,15 @@ alternative_endif
.endm
/*
- * @sym: The name of the per-cpu variable
- * @reg: value to store
- * @tmp1: scratch register
- * @tmp2: scratch register
- */
- .macro str_this_cpu sym, reg, tmp1, tmp2
- adr_this_cpu \tmp1, \sym, \tmp2
+ * @sym: The name of the per-cpu variable
+ * @reg: value to store
+ * @tmp1: scratch register
+ * @tmp2: scratch register
+ */
+ .macro str_this_cpu sym, reg, tmp1, tmp2
+ adr_this_cpu \tmp1, \sym, \tmp2
str \reg, [\tmp1]
- .endm
-
+ .endm
/*
* vma_vm_mm - get mm pointer from vma pointer (vma->vm_mm)
*/
diff --git a/arch/arm64/include/asm/kvm_debug_buffer.h b/arch/arm64/include/asm/kvm_debug_buffer.h
index e5375c2cff1a..361b473bb004 100644
--- a/arch/arm64/include/asm/kvm_debug_buffer.h
+++ b/arch/arm64/include/asm/kvm_debug_buffer.h
@@ -3,10 +3,8 @@
* Copyright 2020 Google LLC
* Author: George Popescu <georgepope@google.com>
*/
-
#include <linux/percpu-defs.h>
-
#define KVM_DEBUG_BUFFER_SIZE 1000
#ifdef __KVM_NVHE_HYPERVISOR__
@@ -20,17 +18,17 @@
#else
#define DECLARE_KVM_DEBUG_BUFFER(type_name, buffer_name, write_ind, size)\
DECLARE_KVM_NVHE_PER_CPU(type_name, buffer_name)[size]; \
- DECLARE_KVM_NVHE_PER_CPU(unsigned long, write_ind);
+ DECLARE_KVM_NVHE_PER_CPU(unsigned long, write_ind);
#endif //__KVM_NVHE_HYPERVISOR__
#ifdef __ASSEMBLY__
#include <asm/assembler.h>
.macro clear_buffer tmp1, tmp2, tmp3
- mov \tmp1, 0
+ mov \tmp1, 0
#ifdef CONFIG_UBSAN
- str_this_cpu kvm_ubsan_buff_wr_ind, \tmp1, \tmp2, \tmp3
+ str_this_cpu kvm_ubsan_buff_wr_ind, \tmp1, \tmp2, \tmp3
#endif //CONFIG_UBSAN
.endm
-#endif
\ No newline at end of file
+#endif
diff --git a/arch/arm64/include/asm/kvm_ubsan.h b/arch/arm64/include/asm/kvm_ubsan.h
index da4a3b4e28e0..0b8bed08d48e 100644
--- a/arch/arm64/include/asm/kvm_ubsan.h
+++ b/arch/arm64/include/asm/kvm_ubsan.h
@@ -9,7 +9,6 @@
#define UBSAN_MAX_TYPE 6
#define KVM_UBSAN_BUFFER_SIZE 1000
-
struct ubsan_values {
void *lval;
void *rval;
@@ -18,6 +17,7 @@ struct ubsan_values {
struct kvm_ubsan_info {
enum {
+ UBSAN_NONE,
UBSAN_OUT_OF_BOUNDS,
UBSAN_UNREACHABLE_DATA,
UBSAN_SHIFT_OUT_OF_BOUNDS,
diff --git a/arch/arm64/kvm/hyp/include/hyp/test_ubsan.h b/arch/arm64/kvm/hyp/include/hyp/test_ubsan.h
new file mode 100644
index 000000000000..07759c0d1e0e
--- /dev/null
+++ b/arch/arm64/kvm/hyp/include/hyp/test_ubsan.h
@@ -0,0 +1,112 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+
+#include <linux/ctype.h>
+
+typedef void(*test_ubsan_fp)(void);
+
+static void test_ubsan_add_overflow(void)
+{
+ volatile int val = INT_MAX;
+
+ val += 2;
+}
+
+static void test_ubsan_sub_overflow(void)
+{
+ volatile int val = INT_MIN;
+ volatile int val2 = 2;
+
+ val -= val2;
+}
+
+static void test_ubsan_mul_overflow(void)
+{
+ volatile int val = INT_MAX / 2;
+
+ val *= 3;
+}
+
+static void test_ubsan_negate_overflow(void)
+{
+ volatile int val = INT_MIN;
+
+ val = -val;
+}
+
+static void test_ubsan_divrem_overflow(void)
+{
+ volatile int val = 16;
+ volatile int val2 = 0;
+
+ val /= val2;
+}
+
+static void test_ubsan_shift_out_of_bounds(void)
+{
+ volatile int val = -1;
+ int val2 = 10;
+
+ val2 <<= val;
+}
+
+static void test_ubsan_out_of_bounds(void)
+{
+ volatile int i = 4, j = 5;
+ volatile int arr[4];
+
+ arr[j] = i;
+}
+
+static void test_ubsan_load_invalid_value(void)
+{
+ volatile char *dst, *src;
+ bool val, val2, *ptr;
+ char c = 4;
+
+ dst = (char *)&val;
+ src = &c;
+ *dst = *src;
+
+ ptr = &val2;
+ val2 = val;
+}
+
+static void test_ubsan_misaligned_access(void)
+{
+ volatile char arr[5] __aligned(4) = {1, 2, 3, 4, 5};
+ volatile int *ptr, val = 6;
+
+ ptr = (int *)(arr + 1);
+ *ptr = val;
+}
+
+static void test_ubsan_object_size_mismatch(void)
+{
+ /* "((aligned(8)))" helps this not into be misaligned for ptr-access. */
+ volatile int val __aligned(8) = 4;
+ volatile long long *ptr, val2;
+
+ ptr = (long long *)&val;
+ val2 = *ptr;
+}
+
+static const test_ubsan_fp test_ubsan_array[] = {
+ test_ubsan_out_of_bounds,
+ test_ubsan_add_overflow,
+ test_ubsan_sub_overflow,
+ test_ubsan_mul_overflow,
+ test_ubsan_negate_overflow,
+ test_ubsan_divrem_overflow,
+ test_ubsan_shift_out_of_bounds,
+ test_ubsan_load_invalid_value,
+ test_ubsan_misaligned_access,
+ test_ubsan_object_size_mismatch,
+};
+
+static void test_ubsan(void)
+{
+ unsigned int i;
+
+ for (i = 0; i < ARRAY_SIZE(test_ubsan_array); i++)
+ test_ubsan_array[i]();
+}
diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
index bde658d51404..459f5ebe5e18 100644
--- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c
+++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
@@ -13,6 +13,7 @@
#include <asm/kvm_mmu.h>
#include <nvhe/trap_handler.h>
+#include <hyp/test_ubsan.h>
DEFINE_PER_CPU(struct kvm_nvhe_init_params, kvm_init_params);
@@ -90,6 +91,8 @@ static void handle___vgic_v3_init_lrs(struct kvm_cpu_context *host_ctxt)
static void handle___kvm_get_mdcr_el2(struct kvm_cpu_context *host_ctxt)
{
cpu_reg(host_ctxt, 1) = __kvm_get_mdcr_el2();
+ if (IS_ENABLED(CONFIG_TEST_UBSAN))
+ test_ubsan();
}
static void handle___vgic_v3_save_aprs(struct kvm_cpu_context *host_ctxt)
diff --git a/arch/arm64/kvm/kvm_ubsan_buffer.c b/arch/arm64/kvm/kvm_ubsan_buffer.c
index 2c7060cbb48b..49bedc9de139 100644
--- a/arch/arm64/kvm/kvm_ubsan_buffer.c
+++ b/arch/arm64/kvm/kvm_ubsan_buffer.c
@@ -11,7 +11,6 @@
#include <asm/kvm_asm.h>
#include <kvm/arm_pmu.h>
-#include <ubsan.h>
#include <asm/kvm_ubsan.h>
DECLARE_KVM_DEBUG_BUFFER(struct kvm_ubsan_info, kvm_ubsan_buffer,
--
2.30.0.284.gd98b1dd5eaa7-goog
WARNING: multiple messages have this Message-ID (diff)
From: Elena Petrova <lenaptr@google.com>
To: kvmarm@lists.cs.columbia.edu
Cc: George-Aurelian Popescu <georgepope@google.com>,
Elena Petrova <lenaptr@google.com>, Marc Zyngier <maz@kernel.org>,
open list <linux-kernel@vger.kernel.org>,
linux-arm-kernel@lists.infradead.org,
George Popescu <george.apopescu97@gmail.com>
Subject: [PATCH v2 9/9] KVM: arm64: Add UBSan tests for PKVM.
Date: Thu, 14 Jan 2021 17:23:39 +0000 [thread overview]
Message-ID: <20210114172338.2798389-10-lenaptr@google.com> (raw)
In-Reply-To: <20210114172338.2798389-1-lenaptr@google.com>
From: George-Aurelian Popescu <georgepope@google.com>
Test the UBsan functionality inside hyp/nVHE.
Because modules are not supported inside of hyp/nVHE code, the default
testing module for UBSan can not be used.
New functions have to be defined inside of hyp/nVHE.
They are called in kvm_get_mdcr_el2, to test UBSAN whenever a VM starts.
Change-Id: Icf998da0af023c74d45be90788ac9f694e61c97c
Signed-off-by: Elena Petrova <lenaptr@google.com>
---
arch/arm64/include/asm/assembler.h | 17 ++-
arch/arm64/include/asm/kvm_debug_buffer.h | 10 +-
arch/arm64/include/asm/kvm_ubsan.h | 2 +-
arch/arm64/kvm/hyp/include/hyp/test_ubsan.h | 112 ++++++++++++++++++++
arch/arm64/kvm/hyp/nvhe/hyp-main.c | 3 +
arch/arm64/kvm/kvm_ubsan_buffer.c | 1 -
6 files changed, 128 insertions(+), 17 deletions(-)
create mode 100644 arch/arm64/kvm/hyp/include/hyp/test_ubsan.h
diff --git a/arch/arm64/include/asm/assembler.h b/arch/arm64/include/asm/assembler.h
index ebc18a8a0e1f..8422b0d925e8 100644
--- a/arch/arm64/include/asm/assembler.h
+++ b/arch/arm64/include/asm/assembler.h
@@ -259,16 +259,15 @@ alternative_endif
.endm
/*
- * @sym: The name of the per-cpu variable
- * @reg: value to store
- * @tmp1: scratch register
- * @tmp2: scratch register
- */
- .macro str_this_cpu sym, reg, tmp1, tmp2
- adr_this_cpu \tmp1, \sym, \tmp2
+ * @sym: The name of the per-cpu variable
+ * @reg: value to store
+ * @tmp1: scratch register
+ * @tmp2: scratch register
+ */
+ .macro str_this_cpu sym, reg, tmp1, tmp2
+ adr_this_cpu \tmp1, \sym, \tmp2
str \reg, [\tmp1]
- .endm
-
+ .endm
/*
* vma_vm_mm - get mm pointer from vma pointer (vma->vm_mm)
*/
diff --git a/arch/arm64/include/asm/kvm_debug_buffer.h b/arch/arm64/include/asm/kvm_debug_buffer.h
index e5375c2cff1a..361b473bb004 100644
--- a/arch/arm64/include/asm/kvm_debug_buffer.h
+++ b/arch/arm64/include/asm/kvm_debug_buffer.h
@@ -3,10 +3,8 @@
* Copyright 2020 Google LLC
* Author: George Popescu <georgepope@google.com>
*/
-
#include <linux/percpu-defs.h>
-
#define KVM_DEBUG_BUFFER_SIZE 1000
#ifdef __KVM_NVHE_HYPERVISOR__
@@ -20,17 +18,17 @@
#else
#define DECLARE_KVM_DEBUG_BUFFER(type_name, buffer_name, write_ind, size)\
DECLARE_KVM_NVHE_PER_CPU(type_name, buffer_name)[size]; \
- DECLARE_KVM_NVHE_PER_CPU(unsigned long, write_ind);
+ DECLARE_KVM_NVHE_PER_CPU(unsigned long, write_ind);
#endif //__KVM_NVHE_HYPERVISOR__
#ifdef __ASSEMBLY__
#include <asm/assembler.h>
.macro clear_buffer tmp1, tmp2, tmp3
- mov \tmp1, 0
+ mov \tmp1, 0
#ifdef CONFIG_UBSAN
- str_this_cpu kvm_ubsan_buff_wr_ind, \tmp1, \tmp2, \tmp3
+ str_this_cpu kvm_ubsan_buff_wr_ind, \tmp1, \tmp2, \tmp3
#endif //CONFIG_UBSAN
.endm
-#endif
\ No newline at end of file
+#endif
diff --git a/arch/arm64/include/asm/kvm_ubsan.h b/arch/arm64/include/asm/kvm_ubsan.h
index da4a3b4e28e0..0b8bed08d48e 100644
--- a/arch/arm64/include/asm/kvm_ubsan.h
+++ b/arch/arm64/include/asm/kvm_ubsan.h
@@ -9,7 +9,6 @@
#define UBSAN_MAX_TYPE 6
#define KVM_UBSAN_BUFFER_SIZE 1000
-
struct ubsan_values {
void *lval;
void *rval;
@@ -18,6 +17,7 @@ struct ubsan_values {
struct kvm_ubsan_info {
enum {
+ UBSAN_NONE,
UBSAN_OUT_OF_BOUNDS,
UBSAN_UNREACHABLE_DATA,
UBSAN_SHIFT_OUT_OF_BOUNDS,
diff --git a/arch/arm64/kvm/hyp/include/hyp/test_ubsan.h b/arch/arm64/kvm/hyp/include/hyp/test_ubsan.h
new file mode 100644
index 000000000000..07759c0d1e0e
--- /dev/null
+++ b/arch/arm64/kvm/hyp/include/hyp/test_ubsan.h
@@ -0,0 +1,112 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+
+#include <linux/ctype.h>
+
+typedef void(*test_ubsan_fp)(void);
+
+static void test_ubsan_add_overflow(void)
+{
+ volatile int val = INT_MAX;
+
+ val += 2;
+}
+
+static void test_ubsan_sub_overflow(void)
+{
+ volatile int val = INT_MIN;
+ volatile int val2 = 2;
+
+ val -= val2;
+}
+
+static void test_ubsan_mul_overflow(void)
+{
+ volatile int val = INT_MAX / 2;
+
+ val *= 3;
+}
+
+static void test_ubsan_negate_overflow(void)
+{
+ volatile int val = INT_MIN;
+
+ val = -val;
+}
+
+static void test_ubsan_divrem_overflow(void)
+{
+ volatile int val = 16;
+ volatile int val2 = 0;
+
+ val /= val2;
+}
+
+static void test_ubsan_shift_out_of_bounds(void)
+{
+ volatile int val = -1;
+ int val2 = 10;
+
+ val2 <<= val;
+}
+
+static void test_ubsan_out_of_bounds(void)
+{
+ volatile int i = 4, j = 5;
+ volatile int arr[4];
+
+ arr[j] = i;
+}
+
+static void test_ubsan_load_invalid_value(void)
+{
+ volatile char *dst, *src;
+ bool val, val2, *ptr;
+ char c = 4;
+
+ dst = (char *)&val;
+ src = &c;
+ *dst = *src;
+
+ ptr = &val2;
+ val2 = val;
+}
+
+static void test_ubsan_misaligned_access(void)
+{
+ volatile char arr[5] __aligned(4) = {1, 2, 3, 4, 5};
+ volatile int *ptr, val = 6;
+
+ ptr = (int *)(arr + 1);
+ *ptr = val;
+}
+
+static void test_ubsan_object_size_mismatch(void)
+{
+ /* "((aligned(8)))" helps this not into be misaligned for ptr-access. */
+ volatile int val __aligned(8) = 4;
+ volatile long long *ptr, val2;
+
+ ptr = (long long *)&val;
+ val2 = *ptr;
+}
+
+static const test_ubsan_fp test_ubsan_array[] = {
+ test_ubsan_out_of_bounds,
+ test_ubsan_add_overflow,
+ test_ubsan_sub_overflow,
+ test_ubsan_mul_overflow,
+ test_ubsan_negate_overflow,
+ test_ubsan_divrem_overflow,
+ test_ubsan_shift_out_of_bounds,
+ test_ubsan_load_invalid_value,
+ test_ubsan_misaligned_access,
+ test_ubsan_object_size_mismatch,
+};
+
+static void test_ubsan(void)
+{
+ unsigned int i;
+
+ for (i = 0; i < ARRAY_SIZE(test_ubsan_array); i++)
+ test_ubsan_array[i]();
+}
diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
index bde658d51404..459f5ebe5e18 100644
--- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c
+++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
@@ -13,6 +13,7 @@
#include <asm/kvm_mmu.h>
#include <nvhe/trap_handler.h>
+#include <hyp/test_ubsan.h>
DEFINE_PER_CPU(struct kvm_nvhe_init_params, kvm_init_params);
@@ -90,6 +91,8 @@ static void handle___vgic_v3_init_lrs(struct kvm_cpu_context *host_ctxt)
static void handle___kvm_get_mdcr_el2(struct kvm_cpu_context *host_ctxt)
{
cpu_reg(host_ctxt, 1) = __kvm_get_mdcr_el2();
+ if (IS_ENABLED(CONFIG_TEST_UBSAN))
+ test_ubsan();
}
static void handle___vgic_v3_save_aprs(struct kvm_cpu_context *host_ctxt)
diff --git a/arch/arm64/kvm/kvm_ubsan_buffer.c b/arch/arm64/kvm/kvm_ubsan_buffer.c
index 2c7060cbb48b..49bedc9de139 100644
--- a/arch/arm64/kvm/kvm_ubsan_buffer.c
+++ b/arch/arm64/kvm/kvm_ubsan_buffer.c
@@ -11,7 +11,6 @@
#include <asm/kvm_asm.h>
#include <kvm/arm_pmu.h>
-#include <ubsan.h>
#include <asm/kvm_ubsan.h>
DECLARE_KVM_DEBUG_BUFFER(struct kvm_ubsan_info, kvm_ubsan_buffer,
--
2.30.0.284.gd98b1dd5eaa7-goog
_______________________________________________
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
WARNING: multiple messages have this Message-ID (diff)
From: Elena Petrova <lenaptr@google.com>
To: kvmarm@lists.cs.columbia.edu
Cc: George-Aurelian Popescu <georgepope@google.com>,
Elena Petrova <lenaptr@google.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Marc Zyngier <maz@kernel.org>,
open list <linux-kernel@vger.kernel.org>,
James Morse <james.morse@arm.com>,
linux-arm-kernel@lists.infradead.org,
George Popescu <george.apopescu97@gmail.com>,
Julien Thierry <julien.thierry.kdev@gmail.com>
Subject: [PATCH v2 9/9] KVM: arm64: Add UBSan tests for PKVM.
Date: Thu, 14 Jan 2021 17:23:39 +0000 [thread overview]
Message-ID: <20210114172338.2798389-10-lenaptr@google.com> (raw)
In-Reply-To: <20210114172338.2798389-1-lenaptr@google.com>
From: George-Aurelian Popescu <georgepope@google.com>
Test the UBsan functionality inside hyp/nVHE.
Because modules are not supported inside of hyp/nVHE code, the default
testing module for UBSan can not be used.
New functions have to be defined inside of hyp/nVHE.
They are called in kvm_get_mdcr_el2, to test UBSAN whenever a VM starts.
Change-Id: Icf998da0af023c74d45be90788ac9f694e61c97c
Signed-off-by: Elena Petrova <lenaptr@google.com>
---
arch/arm64/include/asm/assembler.h | 17 ++-
arch/arm64/include/asm/kvm_debug_buffer.h | 10 +-
arch/arm64/include/asm/kvm_ubsan.h | 2 +-
arch/arm64/kvm/hyp/include/hyp/test_ubsan.h | 112 ++++++++++++++++++++
arch/arm64/kvm/hyp/nvhe/hyp-main.c | 3 +
arch/arm64/kvm/kvm_ubsan_buffer.c | 1 -
6 files changed, 128 insertions(+), 17 deletions(-)
create mode 100644 arch/arm64/kvm/hyp/include/hyp/test_ubsan.h
diff --git a/arch/arm64/include/asm/assembler.h b/arch/arm64/include/asm/assembler.h
index ebc18a8a0e1f..8422b0d925e8 100644
--- a/arch/arm64/include/asm/assembler.h
+++ b/arch/arm64/include/asm/assembler.h
@@ -259,16 +259,15 @@ alternative_endif
.endm
/*
- * @sym: The name of the per-cpu variable
- * @reg: value to store
- * @tmp1: scratch register
- * @tmp2: scratch register
- */
- .macro str_this_cpu sym, reg, tmp1, tmp2
- adr_this_cpu \tmp1, \sym, \tmp2
+ * @sym: The name of the per-cpu variable
+ * @reg: value to store
+ * @tmp1: scratch register
+ * @tmp2: scratch register
+ */
+ .macro str_this_cpu sym, reg, tmp1, tmp2
+ adr_this_cpu \tmp1, \sym, \tmp2
str \reg, [\tmp1]
- .endm
-
+ .endm
/*
* vma_vm_mm - get mm pointer from vma pointer (vma->vm_mm)
*/
diff --git a/arch/arm64/include/asm/kvm_debug_buffer.h b/arch/arm64/include/asm/kvm_debug_buffer.h
index e5375c2cff1a..361b473bb004 100644
--- a/arch/arm64/include/asm/kvm_debug_buffer.h
+++ b/arch/arm64/include/asm/kvm_debug_buffer.h
@@ -3,10 +3,8 @@
* Copyright 2020 Google LLC
* Author: George Popescu <georgepope@google.com>
*/
-
#include <linux/percpu-defs.h>
-
#define KVM_DEBUG_BUFFER_SIZE 1000
#ifdef __KVM_NVHE_HYPERVISOR__
@@ -20,17 +18,17 @@
#else
#define DECLARE_KVM_DEBUG_BUFFER(type_name, buffer_name, write_ind, size)\
DECLARE_KVM_NVHE_PER_CPU(type_name, buffer_name)[size]; \
- DECLARE_KVM_NVHE_PER_CPU(unsigned long, write_ind);
+ DECLARE_KVM_NVHE_PER_CPU(unsigned long, write_ind);
#endif //__KVM_NVHE_HYPERVISOR__
#ifdef __ASSEMBLY__
#include <asm/assembler.h>
.macro clear_buffer tmp1, tmp2, tmp3
- mov \tmp1, 0
+ mov \tmp1, 0
#ifdef CONFIG_UBSAN
- str_this_cpu kvm_ubsan_buff_wr_ind, \tmp1, \tmp2, \tmp3
+ str_this_cpu kvm_ubsan_buff_wr_ind, \tmp1, \tmp2, \tmp3
#endif //CONFIG_UBSAN
.endm
-#endif
\ No newline at end of file
+#endif
diff --git a/arch/arm64/include/asm/kvm_ubsan.h b/arch/arm64/include/asm/kvm_ubsan.h
index da4a3b4e28e0..0b8bed08d48e 100644
--- a/arch/arm64/include/asm/kvm_ubsan.h
+++ b/arch/arm64/include/asm/kvm_ubsan.h
@@ -9,7 +9,6 @@
#define UBSAN_MAX_TYPE 6
#define KVM_UBSAN_BUFFER_SIZE 1000
-
struct ubsan_values {
void *lval;
void *rval;
@@ -18,6 +17,7 @@ struct ubsan_values {
struct kvm_ubsan_info {
enum {
+ UBSAN_NONE,
UBSAN_OUT_OF_BOUNDS,
UBSAN_UNREACHABLE_DATA,
UBSAN_SHIFT_OUT_OF_BOUNDS,
diff --git a/arch/arm64/kvm/hyp/include/hyp/test_ubsan.h b/arch/arm64/kvm/hyp/include/hyp/test_ubsan.h
new file mode 100644
index 000000000000..07759c0d1e0e
--- /dev/null
+++ b/arch/arm64/kvm/hyp/include/hyp/test_ubsan.h
@@ -0,0 +1,112 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+
+#include <linux/ctype.h>
+
+typedef void(*test_ubsan_fp)(void);
+
+static void test_ubsan_add_overflow(void)
+{
+ volatile int val = INT_MAX;
+
+ val += 2;
+}
+
+static void test_ubsan_sub_overflow(void)
+{
+ volatile int val = INT_MIN;
+ volatile int val2 = 2;
+
+ val -= val2;
+}
+
+static void test_ubsan_mul_overflow(void)
+{
+ volatile int val = INT_MAX / 2;
+
+ val *= 3;
+}
+
+static void test_ubsan_negate_overflow(void)
+{
+ volatile int val = INT_MIN;
+
+ val = -val;
+}
+
+static void test_ubsan_divrem_overflow(void)
+{
+ volatile int val = 16;
+ volatile int val2 = 0;
+
+ val /= val2;
+}
+
+static void test_ubsan_shift_out_of_bounds(void)
+{
+ volatile int val = -1;
+ int val2 = 10;
+
+ val2 <<= val;
+}
+
+static void test_ubsan_out_of_bounds(void)
+{
+ volatile int i = 4, j = 5;
+ volatile int arr[4];
+
+ arr[j] = i;
+}
+
+static void test_ubsan_load_invalid_value(void)
+{
+ volatile char *dst, *src;
+ bool val, val2, *ptr;
+ char c = 4;
+
+ dst = (char *)&val;
+ src = &c;
+ *dst = *src;
+
+ ptr = &val2;
+ val2 = val;
+}
+
+static void test_ubsan_misaligned_access(void)
+{
+ volatile char arr[5] __aligned(4) = {1, 2, 3, 4, 5};
+ volatile int *ptr, val = 6;
+
+ ptr = (int *)(arr + 1);
+ *ptr = val;
+}
+
+static void test_ubsan_object_size_mismatch(void)
+{
+ /* "((aligned(8)))" helps this not into be misaligned for ptr-access. */
+ volatile int val __aligned(8) = 4;
+ volatile long long *ptr, val2;
+
+ ptr = (long long *)&val;
+ val2 = *ptr;
+}
+
+static const test_ubsan_fp test_ubsan_array[] = {
+ test_ubsan_out_of_bounds,
+ test_ubsan_add_overflow,
+ test_ubsan_sub_overflow,
+ test_ubsan_mul_overflow,
+ test_ubsan_negate_overflow,
+ test_ubsan_divrem_overflow,
+ test_ubsan_shift_out_of_bounds,
+ test_ubsan_load_invalid_value,
+ test_ubsan_misaligned_access,
+ test_ubsan_object_size_mismatch,
+};
+
+static void test_ubsan(void)
+{
+ unsigned int i;
+
+ for (i = 0; i < ARRAY_SIZE(test_ubsan_array); i++)
+ test_ubsan_array[i]();
+}
diff --git a/arch/arm64/kvm/hyp/nvhe/hyp-main.c b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
index bde658d51404..459f5ebe5e18 100644
--- a/arch/arm64/kvm/hyp/nvhe/hyp-main.c
+++ b/arch/arm64/kvm/hyp/nvhe/hyp-main.c
@@ -13,6 +13,7 @@
#include <asm/kvm_mmu.h>
#include <nvhe/trap_handler.h>
+#include <hyp/test_ubsan.h>
DEFINE_PER_CPU(struct kvm_nvhe_init_params, kvm_init_params);
@@ -90,6 +91,8 @@ static void handle___vgic_v3_init_lrs(struct kvm_cpu_context *host_ctxt)
static void handle___kvm_get_mdcr_el2(struct kvm_cpu_context *host_ctxt)
{
cpu_reg(host_ctxt, 1) = __kvm_get_mdcr_el2();
+ if (IS_ENABLED(CONFIG_TEST_UBSAN))
+ test_ubsan();
}
static void handle___vgic_v3_save_aprs(struct kvm_cpu_context *host_ctxt)
diff --git a/arch/arm64/kvm/kvm_ubsan_buffer.c b/arch/arm64/kvm/kvm_ubsan_buffer.c
index 2c7060cbb48b..49bedc9de139 100644
--- a/arch/arm64/kvm/kvm_ubsan_buffer.c
+++ b/arch/arm64/kvm/kvm_ubsan_buffer.c
@@ -11,7 +11,6 @@
#include <asm/kvm_asm.h>
#include <kvm/arm_pmu.h>
-#include <ubsan.h>
#include <asm/kvm_ubsan.h>
DECLARE_KVM_DEBUG_BUFFER(struct kvm_ubsan_info, kvm_ubsan_buffer,
--
2.30.0.284.gd98b1dd5eaa7-goog
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-01-14 17:26 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-14 17:23 [PATCH v2 0/9] UBSan Enablement for hyp/nVHE code Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` [PATCH v2 1/9] KVM: arm64: Enable UBSan instrumentation in nVHE hyp code Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-15 8:53 ` kernel test robot
2021-01-15 8:53 ` kernel test robot
2021-01-15 8:53 ` kernel test robot
2021-01-14 17:23 ` [PATCH v2 2/9] KVM: arm64: Add a buffer that can pass UBSan data from hyp/nVHE to kernel Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-15 9:54 ` kernel test robot
2021-01-15 9:54 ` kernel test robot
2021-01-15 9:54 ` kernel test robot
2021-01-15 12:35 ` kernel test robot
2021-01-15 12:35 ` kernel test robot
2021-01-15 12:35 ` kernel test robot
2021-01-14 17:23 ` [PATCH v2 3/9] KVM: arm64: Enable UBSAN_BOUNDS for the both the kernel and hyp/nVHE Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-15 13:37 ` kernel test robot
2021-01-15 13:37 ` kernel test robot
2021-01-15 13:37 ` kernel test robot
2021-01-14 17:23 ` [PATCH v2 4/9] KVM: arm64: Enable UBsan check for unreachable code inside hyp/nVHE code Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` [PATCH v2 5/9] KVM: arm64: Enable shift out of bounds undefined behaviour check for hyp/nVHE Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` [PATCH v2 6/9] KVM: arm64: __ubsan_handle_load_invalid_value EL2 implementation Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` [PATCH v2 7/9] KVM: arm64: Detect type mismatch undefined behaviour from hyp/nVHE code Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` [PATCH v2 8/9] KVM: arm64: Detect arithmetic overflow is inside hyp/nVHE Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-14 17:23 ` Elena Petrova [this message]
2021-01-14 17:23 ` [PATCH v2 9/9] KVM: arm64: Add UBSan tests for PKVM Elena Petrova
2021-01-14 17:23 ` Elena Petrova
2021-01-15 14:30 ` kernel test robot
2021-01-15 14:30 ` kernel test robot
2021-01-15 14:30 ` kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210114172338.2798389-10-lenaptr@google.com \
--to=lenaptr@google.com \
--cc=george.apopescu97@gmail.com \
--cc=georgepope@google.com \
--cc=james.morse@arm.com \
--cc=julien.thierry.kdev@gmail.com \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=suzuki.poulose@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.