From: Haibo Li <haibo.li@mediatek.com>
To: <jannh@google.com>
Cc: <akpm@linux-foundation.org>, <andreyknvl@gmail.com>,
<angelogioacchino.delregno@collabora.com>, <dvyukov@google.com>,
<glider@google.com>, <haibo.li@mediatek.com>,
<kasan-dev@googlegroups.com>,
<linux-arm-kernel@lists.infradead.org>,
<linux-kernel@vger.kernel.org>,
<linux-mediatek@lists.infradead.org>, <linux-mm@kvack.org>,
<mark.rutland@arm.com>, <matthias.bgg@gmail.com>,
<ryabinin.a.a@gmail.com>, <vincenzo.frascino@arm.com>,
<xiaoming.yu@mediatek.com>
Subject: Re: [PATCH] kasan:fix access invalid shadow address when input is illegal
Date: Mon, 18 Sep 2023 16:12:50 +0800 [thread overview]
Message-ID: <20230918081250.143237-1-haibo.li@mediatek.com> (raw)
In-Reply-To: <CAG48ez3GSubTFA8+hw=YDZoVHC79JVwNi+xFTQt9ssy_+O1aaw@mail.gmail.com>
> On Fri, Sep 15, 2023 at 6:51 PM Andrey Konovalov <andreyknvl@gmail.com> wrote:
> > On Fri, Sep 15, 2023 at 4:46 AM 'Haibo Li' via kasan-dev
> > <kasan-dev@googlegroups.com> wrote:
> > >
> > > The patch checks each shadow address,so it introduces extra overhead.
> >
> > Ack. Could still be fine, depends on the overhead.
> >
> > But if the message printed by kasan_non_canonical_hook is good enough
> > for your use case, I would rather stick to that.
If we check shadow address before invalid access,
we get below message before oops:
"
BUG: KASAN: invalid-access in do_ib_ob+0xf4/0x110
Read of size 8 at addr caffff80aaaaaaaa by task sh/100
"
We get below message while using kasan_non_canonical_hook:
"
Unable to handle kernel paging request at virtual address ffffff80aaaaaaaa
KASAN: maybe wild-memory-access in range [0xfffffc0aaaaaaaa0-0xfffffc0aaaaaaaaf]
"
Both indicate the original accessed address which causes oops.
> >
> > > Now kasan_non_canonical_hook only works for CONFIG_KASAN_INLINE.
> > >
> > > And CONFIG_KASAN_OUTLINE is set in my case.
> > >
> > > Is it possible to make kasan_non_canonical_hook works for both
> > > INLINE and OUTLINE by simply remove the "#ifdef CONFIG_KASAN_INLINE"?
> >
> > Yes, it should just work if you remove the ifdefs in mm/kasan/report.c
> > and in include/linux/kasan.h.
> >
> > Jann, do you have any objections to enabling kasan_non_canonical_hook
> > for the outline mode too?
>
> No objections from me.
Thanks.
Shall I send a new patch to fix this problem by using kasan_non_canonical_hook
WARNING: multiple messages have this Message-ID (diff)
From: Haibo Li <haibo.li@mediatek.com>
To: <jannh@google.com>
Cc: <akpm@linux-foundation.org>, <andreyknvl@gmail.com>,
<angelogioacchino.delregno@collabora.com>, <dvyukov@google.com>,
<glider@google.com>, <haibo.li@mediatek.com>,
<kasan-dev@googlegroups.com>,
<linux-arm-kernel@lists.infradead.org>,
<linux-kernel@vger.kernel.org>,
<linux-mediatek@lists.infradead.org>, <linux-mm@kvack.org>,
<mark.rutland@arm.com>, <matthias.bgg@gmail.com>,
<ryabinin.a.a@gmail.com>, <vincenzo.frascino@arm.com>,
<xiaoming.yu@mediatek.com>
Subject: Re: [PATCH] kasan:fix access invalid shadow address when input is illegal
Date: Mon, 18 Sep 2023 16:12:50 +0800 [thread overview]
Message-ID: <20230918081250.143237-1-haibo.li@mediatek.com> (raw)
In-Reply-To: <CAG48ez3GSubTFA8+hw=YDZoVHC79JVwNi+xFTQt9ssy_+O1aaw@mail.gmail.com>
> On Fri, Sep 15, 2023 at 6:51 PM Andrey Konovalov <andreyknvl@gmail.com> wrote:
> > On Fri, Sep 15, 2023 at 4:46 AM 'Haibo Li' via kasan-dev
> > <kasan-dev@googlegroups.com> wrote:
> > >
> > > The patch checks each shadow address,so it introduces extra overhead.
> >
> > Ack. Could still be fine, depends on the overhead.
> >
> > But if the message printed by kasan_non_canonical_hook is good enough
> > for your use case, I would rather stick to that.
If we check shadow address before invalid access,
we get below message before oops:
"
BUG: KASAN: invalid-access in do_ib_ob+0xf4/0x110
Read of size 8 at addr caffff80aaaaaaaa by task sh/100
"
We get below message while using kasan_non_canonical_hook:
"
Unable to handle kernel paging request at virtual address ffffff80aaaaaaaa
KASAN: maybe wild-memory-access in range [0xfffffc0aaaaaaaa0-0xfffffc0aaaaaaaaf]
"
Both indicate the original accessed address which causes oops.
> >
> > > Now kasan_non_canonical_hook only works for CONFIG_KASAN_INLINE.
> > >
> > > And CONFIG_KASAN_OUTLINE is set in my case.
> > >
> > > Is it possible to make kasan_non_canonical_hook works for both
> > > INLINE and OUTLINE by simply remove the "#ifdef CONFIG_KASAN_INLINE"?
> >
> > Yes, it should just work if you remove the ifdefs in mm/kasan/report.c
> > and in include/linux/kasan.h.
> >
> > Jann, do you have any objections to enabling kasan_non_canonical_hook
> > for the outline mode too?
>
> No objections from me.
Thanks.
Shall I send a new patch to fix this problem by using kasan_non_canonical_hook
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2023-09-18 8:14 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-14 8:08 [PATCH] kasan:fix access invalid shadow address when input is illegal Haibo Li
2023-09-14 8:08 ` Haibo Li
2023-09-14 17:46 ` Andrey Konovalov
2023-09-14 17:46 ` Andrey Konovalov
2023-09-14 18:29 ` Andrew Morton
2023-09-14 18:29 ` Andrew Morton
2023-09-14 20:34 ` Andrey Konovalov
2023-09-14 20:34 ` Andrey Konovalov
2023-09-14 20:40 ` Jann Horn
2023-09-14 20:40 ` Jann Horn
2023-09-15 1:51 ` Andrey Konovalov
2023-09-15 1:51 ` Andrey Konovalov
2023-09-15 2:45 ` Haibo Li
2023-09-15 2:45 ` Haibo Li
2023-09-15 9:40 ` Haibo Li
2023-09-15 9:40 ` Haibo Li
2023-09-15 16:53 ` Andrey Konovalov
2023-09-15 16:53 ` Andrey Konovalov
2023-09-15 16:50 ` Andrey Konovalov
2023-09-15 16:50 ` Andrey Konovalov
2023-09-15 17:04 ` Jann Horn
2023-09-15 17:04 ` Jann Horn
2023-09-18 8:12 ` Haibo Li [this message]
2023-09-18 8:12 ` Haibo Li
2023-09-18 7:25 ` Haibo Li
2023-09-18 7:25 ` Haibo Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230918081250.143237-1-haibo.li@mediatek.com \
--to=haibo.li@mediatek.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@gmail.com \
--cc=angelogioacchino.delregno@collabora.com \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=jannh@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mediatek@lists.infradead.org \
--cc=linux-mm@kvack.org \
--cc=mark.rutland@arm.com \
--cc=matthias.bgg@gmail.com \
--cc=ryabinin.a.a@gmail.com \
--cc=vincenzo.frascino@arm.com \
--cc=xiaoming.yu@mediatek.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.