From: Andrey Konovalov <andreyknvl@google.com> To: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Linux ARM <linux-arm-kernel@lists.infradead.org>, LKML <linux-kernel@vger.kernel.org>, kasan-dev <kasan-dev@googlegroups.com>, Andrey Ryabinin <aryabinin@virtuozzo.com>, Alexander Potapenko <glider@google.com>, Dmitry Vyukov <dvyukov@google.com>, Leon Romanovsky <leonro@mellanox.com>, Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will@kernel.org>, Mark Rutland <mark.rutland@arm.com>, "Paul E . McKenney" <paulmck@kernel.org>, Naresh Kamboju <naresh.kamboju@linaro.org> Subject: Re: [PATCH v3 2/2] kasan: Add explicit preconditions to kasan_report() Date: Fri, 22 Jan 2021 15:46:37 +0100 [thread overview] Message-ID: <CAAeHK+yyJia6zOCMpy6ZJDX-Brvr_s88gZ6HwG2TxfLgtw=SSg@mail.gmail.com> (raw) In-Reply-To: <20210122143748.50089-3-vincenzo.frascino@arm.com> On Fri, Jan 22, 2021 at 3:38 PM Vincenzo Frascino <vincenzo.frascino@arm.com> wrote: > > With the introduction of KASAN_HW_TAGS, kasan_report() dereferences > the address passed as a parameter. It doesn't dereference the address, it accesses the metadata. And only when addr_has_metadata() succeeds. > > Add a comment to make sure that the preconditions to the function are > explicitly clarified. > > Note: An invalid address (e.g. NULL) passed to the function when, > KASAN_HW_TAGS is enabled, leads to a kernel panic. This is no longer true, right? Commit description needs to be updated. > > Cc: Andrey Ryabinin <aryabinin@virtuozzo.com> > Cc: Alexander Potapenko <glider@google.com> > Cc: Dmitry Vyukov <dvyukov@google.com> > Cc: Leon Romanovsky <leonro@mellanox.com> > Cc: Andrey Konovalov <andreyknvl@google.com> > Signed-off-by: Vincenzo Frascino <vincenzo.frascino@arm.com> > --- > include/linux/kasan.h | 7 +++++++ > mm/kasan/kasan.h | 2 +- > 2 files changed, 8 insertions(+), 1 deletion(-) > > diff --git a/include/linux/kasan.h b/include/linux/kasan.h > index fe1ae73ff8b5..0aea9e2a2a01 100644 > --- a/include/linux/kasan.h > +++ b/include/linux/kasan.h > @@ -333,6 +333,13 @@ static inline void *kasan_reset_tag(const void *addr) > return (void *)arch_kasan_reset_tag(addr); > } > > +/** > + * kasan_report - print a report about a bad memory access detected by KASAN > + * @addr: address of the bad access > + * @size: size of the bad access > + * @is_write: whether the bad access is a write or a read > + * @ip: instruction pointer for the accessibility check or the bad access itself > + */ Looks good, thanks! > bool kasan_report(unsigned long addr, size_t size, > bool is_write, unsigned long ip); > > diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h > index cc4d9e1d49b1..8c706e7652f2 100644 > --- a/mm/kasan/kasan.h > +++ b/mm/kasan/kasan.h > @@ -209,7 +209,7 @@ bool check_memory_region(unsigned long addr, size_t size, bool write, > > static inline bool addr_has_metadata(const void *addr) > { > - return true; > + return (is_vmalloc_addr(addr) || virt_addr_valid(addr)); > } Let's put this change into a separate patch. > > #endif /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS */ > -- > 2.30.0 >
WARNING: multiple messages have this Message-ID (diff)
From: Andrey Konovalov <andreyknvl@google.com> To: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Mark Rutland <mark.rutland@arm.com>, "Paul E . McKenney" <paulmck@kernel.org>, Catalin Marinas <catalin.marinas@arm.com>, Naresh Kamboju <naresh.kamboju@linaro.org>, LKML <linux-kernel@vger.kernel.org>, kasan-dev <kasan-dev@googlegroups.com>, Leon Romanovsky <leonro@mellanox.com>, Alexander Potapenko <glider@google.com>, Linux ARM <linux-arm-kernel@lists.infradead.org>, Andrey Ryabinin <aryabinin@virtuozzo.com>, Will Deacon <will@kernel.org>, Dmitry Vyukov <dvyukov@google.com> Subject: Re: [PATCH v3 2/2] kasan: Add explicit preconditions to kasan_report() Date: Fri, 22 Jan 2021 15:46:37 +0100 [thread overview] Message-ID: <CAAeHK+yyJia6zOCMpy6ZJDX-Brvr_s88gZ6HwG2TxfLgtw=SSg@mail.gmail.com> (raw) In-Reply-To: <20210122143748.50089-3-vincenzo.frascino@arm.com> On Fri, Jan 22, 2021 at 3:38 PM Vincenzo Frascino <vincenzo.frascino@arm.com> wrote: > > With the introduction of KASAN_HW_TAGS, kasan_report() dereferences > the address passed as a parameter. It doesn't dereference the address, it accesses the metadata. And only when addr_has_metadata() succeeds. > > Add a comment to make sure that the preconditions to the function are > explicitly clarified. > > Note: An invalid address (e.g. NULL) passed to the function when, > KASAN_HW_TAGS is enabled, leads to a kernel panic. This is no longer true, right? Commit description needs to be updated. > > Cc: Andrey Ryabinin <aryabinin@virtuozzo.com> > Cc: Alexander Potapenko <glider@google.com> > Cc: Dmitry Vyukov <dvyukov@google.com> > Cc: Leon Romanovsky <leonro@mellanox.com> > Cc: Andrey Konovalov <andreyknvl@google.com> > Signed-off-by: Vincenzo Frascino <vincenzo.frascino@arm.com> > --- > include/linux/kasan.h | 7 +++++++ > mm/kasan/kasan.h | 2 +- > 2 files changed, 8 insertions(+), 1 deletion(-) > > diff --git a/include/linux/kasan.h b/include/linux/kasan.h > index fe1ae73ff8b5..0aea9e2a2a01 100644 > --- a/include/linux/kasan.h > +++ b/include/linux/kasan.h > @@ -333,6 +333,13 @@ static inline void *kasan_reset_tag(const void *addr) > return (void *)arch_kasan_reset_tag(addr); > } > > +/** > + * kasan_report - print a report about a bad memory access detected by KASAN > + * @addr: address of the bad access > + * @size: size of the bad access > + * @is_write: whether the bad access is a write or a read > + * @ip: instruction pointer for the accessibility check or the bad access itself > + */ Looks good, thanks! > bool kasan_report(unsigned long addr, size_t size, > bool is_write, unsigned long ip); > > diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h > index cc4d9e1d49b1..8c706e7652f2 100644 > --- a/mm/kasan/kasan.h > +++ b/mm/kasan/kasan.h > @@ -209,7 +209,7 @@ bool check_memory_region(unsigned long addr, size_t size, bool write, > > static inline bool addr_has_metadata(const void *addr) > { > - return true; > + return (is_vmalloc_addr(addr) || virt_addr_valid(addr)); > } Let's put this change into a separate patch. > > #endif /* CONFIG_KASAN_GENERIC || CONFIG_KASAN_SW_TAGS */ > -- > 2.30.0 > _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-01-22 14:48 UTC|newest] Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-01-22 14:37 [PATCH v3 0/2] kasan: Fix metadata detection for KASAN_HW_TAGS Vincenzo Frascino 2021-01-22 14:37 ` Vincenzo Frascino 2021-01-22 14:37 ` [PATCH v3 1/2] arm64: Improve kernel address detection of __is_lm_address() Vincenzo Frascino 2021-01-22 14:37 ` Vincenzo Frascino 2021-01-22 14:49 ` Catalin Marinas 2021-01-22 14:49 ` Catalin Marinas 2021-01-22 14:37 ` [PATCH v3 2/2] kasan: Add explicit preconditions to kasan_report() Vincenzo Frascino 2021-01-22 14:37 ` Vincenzo Frascino 2021-01-22 14:46 ` Andrey Konovalov [this message] 2021-01-22 14:46 ` Andrey Konovalov 2021-01-22 14:58 ` Vincenzo Frascino 2021-01-22 14:58 ` Vincenzo Frascino
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to='CAAeHK+yyJia6zOCMpy6ZJDX-Brvr_s88gZ6HwG2TxfLgtw=SSg@mail.gmail.com' \ --to=andreyknvl@google.com \ --cc=aryabinin@virtuozzo.com \ --cc=catalin.marinas@arm.com \ --cc=dvyukov@google.com \ --cc=glider@google.com \ --cc=kasan-dev@googlegroups.com \ --cc=leonro@mellanox.com \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-kernel@vger.kernel.org \ --cc=mark.rutland@arm.com \ --cc=naresh.kamboju@linaro.org \ --cc=paulmck@kernel.org \ --cc=vincenzo.frascino@arm.com \ --cc=will@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.