From: Mark Rutland <mark.rutland@arm.com>
To: Marco Elver <elver@google.com>
Cc: peterz@infradead.org, aryabinin@virtuozzo.com,
dvyukov@google.com, glider@google.com, andreyknvl@google.com,
corbet@lwn.net, tglx@linutronix.de, mingo@redhat.com,
bp@alien8.de, hpa@zytor.com, x86@kernel.org, arnd@arndb.de,
jpoimboe@redhat.com, linux-doc@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org,
kasan-dev@googlegroups.com
Subject: Re: [PATCH 3/3] asm-generic, x86: Add bitops instrumentation for KASAN
Date: Tue, 28 May 2019 17:50:36 +0100 [thread overview]
Message-ID: <20190528165036.GC28492@lakrids.cambridge.arm.com> (raw)
In-Reply-To: <20190528163258.260144-3-elver@google.com>
On Tue, May 28, 2019 at 06:32:58PM +0200, Marco Elver wrote:
> This adds a new header to asm-generic to allow optionally instrumenting
> architecture-specific asm implementations of bitops.
>
> This change includes the required change for x86 as reference and
> changes the kernel API doc to point to bitops-instrumented.h instead.
> Rationale: the functions in x86's bitops.h are no longer the kernel API
> functions, but instead the arch_ prefixed functions, which are then
> instrumented via bitops-instrumented.h.
>
> Other architectures can similarly add support for asm implementations of
> bitops.
>
> The documentation text has been copied/moved, and *no* changes to it
> have been made in this patch.
>
> Tested: using lib/test_kasan with bitops tests (pre-requisite patch).
>
> Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=198439
> Signed-off-by: Marco Elver <elver@google.com>
> ---
> Documentation/core-api/kernel-api.rst | 2 +-
> arch/x86/include/asm/bitops.h | 210 ++++----------
> include/asm-generic/bitops-instrumented.h | 327 ++++++++++++++++++++++
> 3 files changed, 380 insertions(+), 159 deletions(-)
> create mode 100644 include/asm-generic/bitops-instrumented.h
[...]
> +#if !defined(BITOPS_INSTRUMENT_RANGE)
> +/*
> + * This may be defined by an arch's bitops.h, in case bitops do not operate on
> + * single bytes only. The default version here is conservative and assumes that
> + * bitops operate only on the byte with the target bit.
> + */
> +#define BITOPS_INSTRUMENT_RANGE(addr, nr) \
> + (const volatile char *)(addr) + ((nr) / BITS_PER_BYTE), 1
> +#endif
I was under the impression that logically, all the bitops operated on
the entire long the bit happend to be contained in, so checking the
entire long would make more sense to me.
FWIW, arm64's atomic bit ops are all implemented atop of atomic_long_*
functions, which are instrumented, and always checks at the granularity
of a long. I haven't seen splats from that when fuzzing with Syzkaller.
Are you seeing bugs without this?
Thanks,
Mark.
next prev parent reply other threads:[~2019-05-28 16:50 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-28 16:32 [PATCH 1/3] lib/test_kasan: Add bitops tests Marco Elver
2019-05-28 16:32 ` [PATCH 2/3] tools/objtool: add kasan_check_* to uaccess whitelist Marco Elver
2019-05-28 17:19 ` Peter Zijlstra
2019-05-29 8:54 ` Dmitry Vyukov
2019-05-29 9:46 ` Marco Elver
2019-05-29 9:58 ` Peter Zijlstra
2019-05-28 16:32 ` [PATCH 3/3] asm-generic, x86: Add bitops instrumentation for KASAN Marco Elver
2019-05-28 16:50 ` Mark Rutland [this message]
2019-05-29 8:53 ` Dmitry Vyukov
2019-05-29 9:20 ` Marco Elver
2019-05-29 10:01 ` Peter Zijlstra
2019-05-29 10:16 ` Marco Elver
2019-05-29 10:30 ` Peter Zijlstra
2019-05-29 10:57 ` Dmitry Vyukov
2019-05-29 11:20 ` David Laight
2019-05-29 12:01 ` Peter Zijlstra
2019-05-29 11:23 ` Andrey Ryabinin
2019-05-29 11:29 ` Dmitry Vyukov
2019-05-29 12:01 ` Peter Zijlstra
2019-05-29 13:26 ` Mark Rutland
2019-05-28 16:50 ` [PATCH 1/3] lib/test_kasan: Add bitops tests Mark Rutland
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190528165036.GC28492@lakrids.cambridge.arm.com \
--to=mark.rutland@arm.com \
--cc=andreyknvl@google.com \
--cc=arnd@arndb.de \
--cc=aryabinin@virtuozzo.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=glider@google.com \
--cc=hpa@zytor.com \
--cc=jpoimboe@redhat.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.