From: Dmitry Vyukov <dvyukov@google.com>
To: Andrey Konovalov <andreyknvl@google.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will.deacon@arm.com>,
Vincenzo Frascino <vincenzo.frascino@arm.com>,
Andrey Ryabinin <aryabinin@virtuozzo.com>,
Alexander Potapenko <glider@google.com>,
Marco Elver <elver@google.com>,
Evgenii Stepanov <eugenis@google.com>,
Branislav Rankov <Branislav.Rankov@arm.com>,
Kevin Brodsky <kevin.brodsky@arm.com>,
kasan-dev <kasan-dev@googlegroups.com>,
Linux ARM <linux-arm-kernel@lists.infradead.org>,
Linux-MM <linux-mm@kvack.org>,
LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH mm v3 04/19] kasan, arm64: unpoison stack only with CONFIG_KASAN_STACK
Date: Mon, 16 Nov 2020 12:00:30 +0100 [thread overview]
Message-ID: <CACT4Y+a4ZoBm3jC308kradyeYcXKMMux4uTSgs4cWkby5Th+bw@mail.gmail.com> (raw)
In-Reply-To: <d65e2fc1d7fc03b7ced67e401ff1ea9143b3382d.1605305978.git.andreyknvl@google.com>
On Fri, Nov 13, 2020 at 11:20 PM Andrey Konovalov <andreyknvl@google.com> wrote:
>
> There's a config option CONFIG_KASAN_STACK that has to be enabled for
> KASAN to use stack instrumentation and perform validity checks for
> stack variables.
>
> There's no need to unpoison stack when CONFIG_KASAN_STACK is not enabled.
> Only call kasan_unpoison_task_stack[_below]() when CONFIG_KASAN_STACK is
> enabled.
>
> Note, that CONFIG_KASAN_STACK is an option that is currently always
> defined when CONFIG_KASAN is enabled, and therefore has to be tested
> with #if instead of #ifdef.
>
> Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
> Reviewed-by: Marco Elver <elver@google.com>
Reviewed-by: Dmitry Vyukov <dvyukov@google.com>
> Acked-by: Catalin Marinas <catalin.marinas@arm.com>
> Link: https://linux-review.googlesource.com/id/If8a891e9fe01ea543e00b576852685afec0887e3
> ---
> arch/arm64/kernel/sleep.S | 2 +-
> arch/x86/kernel/acpi/wakeup_64.S | 2 +-
> include/linux/kasan.h | 10 ++++++----
> mm/kasan/common.c | 2 ++
> 4 files changed, 10 insertions(+), 6 deletions(-)
>
> diff --git a/arch/arm64/kernel/sleep.S b/arch/arm64/kernel/sleep.S
> index ba40d57757d6..bdadfa56b40e 100644
> --- a/arch/arm64/kernel/sleep.S
> +++ b/arch/arm64/kernel/sleep.S
> @@ -133,7 +133,7 @@ SYM_FUNC_START(_cpu_resume)
> */
> bl cpu_do_resume
>
> -#ifdef CONFIG_KASAN
> +#if defined(CONFIG_KASAN) && CONFIG_KASAN_STACK
> mov x0, sp
> bl kasan_unpoison_task_stack_below
> #endif
> diff --git a/arch/x86/kernel/acpi/wakeup_64.S b/arch/x86/kernel/acpi/wakeup_64.S
> index c8daa92f38dc..5d3a0b8fd379 100644
> --- a/arch/x86/kernel/acpi/wakeup_64.S
> +++ b/arch/x86/kernel/acpi/wakeup_64.S
> @@ -112,7 +112,7 @@ SYM_FUNC_START(do_suspend_lowlevel)
> movq pt_regs_r14(%rax), %r14
> movq pt_regs_r15(%rax), %r15
>
> -#ifdef CONFIG_KASAN
> +#if defined(CONFIG_KASAN) && CONFIG_KASAN_STACK
> /*
> * The suspend path may have poisoned some areas deeper in the stack,
> * which we now need to unpoison.
> diff --git a/include/linux/kasan.h b/include/linux/kasan.h
> index 0c89e6fdd29e..f2109bf0c5f9 100644
> --- a/include/linux/kasan.h
> +++ b/include/linux/kasan.h
> @@ -76,8 +76,6 @@ static inline void kasan_disable_current(void) {}
>
> void kasan_unpoison_range(const void *address, size_t size);
>
> -void kasan_unpoison_task_stack(struct task_struct *task);
> -
> void kasan_alloc_pages(struct page *page, unsigned int order);
> void kasan_free_pages(struct page *page, unsigned int order);
>
> @@ -122,8 +120,6 @@ void kasan_restore_multi_shot(bool enabled);
>
> static inline void kasan_unpoison_range(const void *address, size_t size) {}
>
> -static inline void kasan_unpoison_task_stack(struct task_struct *task) {}
> -
> static inline void kasan_alloc_pages(struct page *page, unsigned int order) {}
> static inline void kasan_free_pages(struct page *page, unsigned int order) {}
>
> @@ -175,6 +171,12 @@ static inline size_t kasan_metadata_size(struct kmem_cache *cache) { return 0; }
>
> #endif /* CONFIG_KASAN */
>
> +#if defined(CONFIG_KASAN) && CONFIG_KASAN_STACK
> +void kasan_unpoison_task_stack(struct task_struct *task);
> +#else
> +static inline void kasan_unpoison_task_stack(struct task_struct *task) {}
> +#endif
> +
> #ifdef CONFIG_KASAN_GENERIC
>
> void kasan_cache_shrink(struct kmem_cache *cache);
> diff --git a/mm/kasan/common.c b/mm/kasan/common.c
> index 0a420f1dbc54..7648a2452a01 100644
> --- a/mm/kasan/common.c
> +++ b/mm/kasan/common.c
> @@ -64,6 +64,7 @@ void kasan_unpoison_range(const void *address, size_t size)
> unpoison_range(address, size);
> }
>
> +#if CONFIG_KASAN_STACK
> static void __kasan_unpoison_stack(struct task_struct *task, const void *sp)
> {
> void *base = task_stack_page(task);
> @@ -90,6 +91,7 @@ asmlinkage void kasan_unpoison_task_stack_below(const void *watermark)
>
> unpoison_range(base, watermark - base);
> }
> +#endif /* CONFIG_KASAN_STACK */
>
> void kasan_alloc_pages(struct page *page, unsigned int order)
> {
> --
> 2.29.2.299.gdc1121823c-goog
>
WARNING: multiple messages have this Message-ID (diff)
From: Dmitry Vyukov <dvyukov@google.com>
To: Andrey Konovalov <andreyknvl@google.com>
Cc: Marco Elver <elver@google.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Kevin Brodsky <kevin.brodsky@arm.com>,
Will Deacon <will.deacon@arm.com>,
Branislav Rankov <Branislav.Rankov@arm.com>,
kasan-dev <kasan-dev@googlegroups.com>,
LKML <linux-kernel@vger.kernel.org>,
Linux-MM <linux-mm@kvack.org>,
Alexander Potapenko <glider@google.com>,
Linux ARM <linux-arm-kernel@lists.infradead.org>,
Andrey Ryabinin <aryabinin@virtuozzo.com>,
Andrew Morton <akpm@linux-foundation.org>,
Vincenzo Frascino <vincenzo.frascino@arm.com>,
Evgenii Stepanov <eugenis@google.com>
Subject: Re: [PATCH mm v3 04/19] kasan, arm64: unpoison stack only with CONFIG_KASAN_STACK
Date: Mon, 16 Nov 2020 12:00:30 +0100 [thread overview]
Message-ID: <CACT4Y+a4ZoBm3jC308kradyeYcXKMMux4uTSgs4cWkby5Th+bw@mail.gmail.com> (raw)
In-Reply-To: <d65e2fc1d7fc03b7ced67e401ff1ea9143b3382d.1605305978.git.andreyknvl@google.com>
On Fri, Nov 13, 2020 at 11:20 PM Andrey Konovalov <andreyknvl@google.com> wrote:
>
> There's a config option CONFIG_KASAN_STACK that has to be enabled for
> KASAN to use stack instrumentation and perform validity checks for
> stack variables.
>
> There's no need to unpoison stack when CONFIG_KASAN_STACK is not enabled.
> Only call kasan_unpoison_task_stack[_below]() when CONFIG_KASAN_STACK is
> enabled.
>
> Note, that CONFIG_KASAN_STACK is an option that is currently always
> defined when CONFIG_KASAN is enabled, and therefore has to be tested
> with #if instead of #ifdef.
>
> Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
> Reviewed-by: Marco Elver <elver@google.com>
Reviewed-by: Dmitry Vyukov <dvyukov@google.com>
> Acked-by: Catalin Marinas <catalin.marinas@arm.com>
> Link: https://linux-review.googlesource.com/id/If8a891e9fe01ea543e00b576852685afec0887e3
> ---
> arch/arm64/kernel/sleep.S | 2 +-
> arch/x86/kernel/acpi/wakeup_64.S | 2 +-
> include/linux/kasan.h | 10 ++++++----
> mm/kasan/common.c | 2 ++
> 4 files changed, 10 insertions(+), 6 deletions(-)
>
> diff --git a/arch/arm64/kernel/sleep.S b/arch/arm64/kernel/sleep.S
> index ba40d57757d6..bdadfa56b40e 100644
> --- a/arch/arm64/kernel/sleep.S
> +++ b/arch/arm64/kernel/sleep.S
> @@ -133,7 +133,7 @@ SYM_FUNC_START(_cpu_resume)
> */
> bl cpu_do_resume
>
> -#ifdef CONFIG_KASAN
> +#if defined(CONFIG_KASAN) && CONFIG_KASAN_STACK
> mov x0, sp
> bl kasan_unpoison_task_stack_below
> #endif
> diff --git a/arch/x86/kernel/acpi/wakeup_64.S b/arch/x86/kernel/acpi/wakeup_64.S
> index c8daa92f38dc..5d3a0b8fd379 100644
> --- a/arch/x86/kernel/acpi/wakeup_64.S
> +++ b/arch/x86/kernel/acpi/wakeup_64.S
> @@ -112,7 +112,7 @@ SYM_FUNC_START(do_suspend_lowlevel)
> movq pt_regs_r14(%rax), %r14
> movq pt_regs_r15(%rax), %r15
>
> -#ifdef CONFIG_KASAN
> +#if defined(CONFIG_KASAN) && CONFIG_KASAN_STACK
> /*
> * The suspend path may have poisoned some areas deeper in the stack,
> * which we now need to unpoison.
> diff --git a/include/linux/kasan.h b/include/linux/kasan.h
> index 0c89e6fdd29e..f2109bf0c5f9 100644
> --- a/include/linux/kasan.h
> +++ b/include/linux/kasan.h
> @@ -76,8 +76,6 @@ static inline void kasan_disable_current(void) {}
>
> void kasan_unpoison_range(const void *address, size_t size);
>
> -void kasan_unpoison_task_stack(struct task_struct *task);
> -
> void kasan_alloc_pages(struct page *page, unsigned int order);
> void kasan_free_pages(struct page *page, unsigned int order);
>
> @@ -122,8 +120,6 @@ void kasan_restore_multi_shot(bool enabled);
>
> static inline void kasan_unpoison_range(const void *address, size_t size) {}
>
> -static inline void kasan_unpoison_task_stack(struct task_struct *task) {}
> -
> static inline void kasan_alloc_pages(struct page *page, unsigned int order) {}
> static inline void kasan_free_pages(struct page *page, unsigned int order) {}
>
> @@ -175,6 +171,12 @@ static inline size_t kasan_metadata_size(struct kmem_cache *cache) { return 0; }
>
> #endif /* CONFIG_KASAN */
>
> +#if defined(CONFIG_KASAN) && CONFIG_KASAN_STACK
> +void kasan_unpoison_task_stack(struct task_struct *task);
> +#else
> +static inline void kasan_unpoison_task_stack(struct task_struct *task) {}
> +#endif
> +
> #ifdef CONFIG_KASAN_GENERIC
>
> void kasan_cache_shrink(struct kmem_cache *cache);
> diff --git a/mm/kasan/common.c b/mm/kasan/common.c
> index 0a420f1dbc54..7648a2452a01 100644
> --- a/mm/kasan/common.c
> +++ b/mm/kasan/common.c
> @@ -64,6 +64,7 @@ void kasan_unpoison_range(const void *address, size_t size)
> unpoison_range(address, size);
> }
>
> +#if CONFIG_KASAN_STACK
> static void __kasan_unpoison_stack(struct task_struct *task, const void *sp)
> {
> void *base = task_stack_page(task);
> @@ -90,6 +91,7 @@ asmlinkage void kasan_unpoison_task_stack_below(const void *watermark)
>
> unpoison_range(base, watermark - base);
> }
> +#endif /* CONFIG_KASAN_STACK */
>
> void kasan_alloc_pages(struct page *page, unsigned int order)
> {
> --
> 2.29.2.299.gdc1121823c-goog
>
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2020-11-16 12:30 UTC|newest]
Thread overview: 120+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-13 22:19 [PATCH mm v3 00/19] kasan: boot parameters for hardware tag-based mode Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` [PATCH mm v3 01/19] kasan: simplify quarantine_put call site Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` [PATCH mm v3 02/19] kasan: rename get_alloc/free_info Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` [PATCH mm v3 03/19] kasan: introduce set_alloc_info Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` [PATCH mm v3 04/19] kasan, arm64: unpoison stack only with CONFIG_KASAN_STACK Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-16 11:00 ` Dmitry Vyukov [this message]
2020-11-16 11:00 ` Dmitry Vyukov
2020-11-16 11:00 ` Dmitry Vyukov
2020-11-13 22:19 ` [PATCH mm v3 05/19] kasan: allow VMAP_STACK for HW_TAGS mode Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-16 11:01 ` Dmitry Vyukov
2020-11-16 11:01 ` Dmitry Vyukov
2020-11-16 11:01 ` Dmitry Vyukov
2020-11-13 22:19 ` [PATCH mm v3 06/19] kasan: remove __kasan_unpoison_stack Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` [PATCH mm v3 07/19] kasan: inline kasan_reset_tag for tag-based modes Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-17 10:56 ` Dmitry Vyukov
2020-11-17 10:56 ` Dmitry Vyukov
2020-11-17 10:56 ` Dmitry Vyukov
2020-11-13 22:19 ` [PATCH mm v3 08/19] kasan: inline random_tag for HW_TAGS Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-17 10:58 ` Dmitry Vyukov
2020-11-17 10:58 ` Dmitry Vyukov
2020-11-17 10:58 ` Dmitry Vyukov
2020-11-13 22:19 ` [PATCH mm v3 09/19] kasan: open-code kasan_unpoison_slab Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-13 22:19 ` Andrey Konovalov
2020-11-16 15:06 ` Marco Elver
2020-11-16 15:06 ` Marco Elver
2020-11-13 22:20 ` [PATCH mm v3 10/19] kasan: inline (un)poison_range and check_invalid_free Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-16 15:11 ` Marco Elver
2020-11-16 15:11 ` Marco Elver
2020-11-13 22:20 ` [PATCH mm v3 11/19] kasan: add and integrate kasan boot parameters Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-16 15:15 ` Marco Elver
2020-11-16 15:15 ` Marco Elver
2020-11-17 11:09 ` Dmitry Vyukov
2020-11-17 11:09 ` Dmitry Vyukov
2020-11-17 11:09 ` Dmitry Vyukov
2020-11-13 22:20 ` [PATCH mm v3 12/19] kasan, mm: check kasan_enabled in annotations Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-16 15:26 ` Marco Elver
2020-11-16 15:26 ` Marco Elver
2020-11-17 11:12 ` Dmitry Vyukov
2020-11-17 11:12 ` Dmitry Vyukov
2020-11-17 11:12 ` Dmitry Vyukov
2020-11-13 22:20 ` [PATCH mm v3 13/19] kasan, mm: rename kasan_poison_kfree Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-16 15:43 ` Marco Elver
2020-11-16 15:43 ` Marco Elver
2020-11-13 22:20 ` [PATCH mm v3 14/19] kasan: don't round_up too much Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-13 22:20 ` [PATCH mm v3 15/19] kasan: simplify assign_tag and set_tag calls Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-13 22:20 ` [PATCH mm v3 16/19] kasan: clarify comment in __kasan_kfree_large Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-13 22:20 ` [PATCH mm v3 17/19] kasan: clean up metadata allocation and usage Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-16 15:46 ` Marco Elver
2020-11-16 15:46 ` Marco Elver
2020-11-17 13:12 ` Dmitry Vyukov
2020-11-17 13:12 ` Dmitry Vyukov
2020-11-17 13:12 ` Dmitry Vyukov
2020-11-17 13:18 ` Marco Elver
2020-11-17 13:18 ` Marco Elver
2020-11-17 13:18 ` Marco Elver
2020-11-17 13:27 ` Dmitry Vyukov
2020-11-17 13:27 ` Dmitry Vyukov
2020-11-17 13:27 ` Dmitry Vyukov
2020-11-23 18:54 ` Andrey Konovalov
2020-11-23 18:54 ` Andrey Konovalov
2020-11-23 18:54 ` Andrey Konovalov
2020-11-23 19:16 ` Andrey Konovalov
2020-11-23 19:16 ` Andrey Konovalov
2020-11-23 19:16 ` Andrey Konovalov
2020-11-13 22:20 ` [PATCH mm v3 18/19] kasan, mm: allow cache merging with no metadata Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-16 15:45 ` Marco Elver
2020-11-16 15:45 ` Marco Elver
2020-11-17 13:25 ` Dmitry Vyukov
2020-11-17 13:25 ` Dmitry Vyukov
2020-11-17 13:25 ` Dmitry Vyukov
2020-11-23 13:52 ` Andrey Konovalov
2020-11-23 13:52 ` Andrey Konovalov
2020-11-23 13:52 ` Andrey Konovalov
2020-11-13 22:20 ` [PATCH mm v3 19/19] kasan: update documentation Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-13 22:20 ` Andrey Konovalov
2020-11-16 15:47 ` Marco Elver
2020-11-16 15:47 ` Marco Elver
2020-11-17 13:28 ` Dmitry Vyukov
2020-11-17 13:28 ` Dmitry Vyukov
2020-11-17 13:28 ` Dmitry Vyukov
2020-11-16 14:48 ` [PATCH mm v3 00/19] kasan: boot parameters for hardware tag-based mode Vincenzo Frascino
2020-11-16 14:48 ` Vincenzo Frascino
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CACT4Y+a4ZoBm3jC308kradyeYcXKMMux4uTSgs4cWkby5Th+bw@mail.gmail.com \
--to=dvyukov@google.com \
--cc=Branislav.Rankov@arm.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@google.com \
--cc=aryabinin@virtuozzo.com \
--cc=catalin.marinas@arm.com \
--cc=elver@google.com \
--cc=eugenis@google.com \
--cc=glider@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=kevin.brodsky@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=vincenzo.frascino@arm.com \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.