From: andrey.konovalov@linux.dev
To: Marco Elver <elver@google.com>,
Alexander Potapenko <glider@google.com>,
Vincenzo Frascino <vincenzo.frascino@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Peter Collingbourne <pcc@google.com>
Cc: Andrey Konovalov <andreyknvl@gmail.com>,
Dmitry Vyukov <dvyukov@google.com>,
Andrey Ryabinin <ryabinin.a.a@gmail.com>,
kasan-dev@googlegroups.com,
Andrew Morton <akpm@linux-foundation.org>,
linux-mm@kvack.org, Will Deacon <will@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
linux-arm-kernel@lists.infradead.org,
Evgenii Stepanov <eugenis@google.com>,
linux-kernel@vger.kernel.org,
Andrey Konovalov <andreyknvl@google.com>
Subject: [PATCH v2 23/34] kasan, vmalloc: add vmalloc support to SW_TAGS
Date: Mon, 6 Dec 2021 22:44:00 +0100 [thread overview]
Message-ID: <666b9e932dde24df6e1b02493a04530b99ace697.1638825394.git.andreyknvl@google.com> (raw)
In-Reply-To: <cover.1638825394.git.andreyknvl@google.com>
From: Andrey Konovalov <andreyknvl@google.com>
This patch adds vmalloc tagging support to SW_TAGS KASAN.
The changes include:
- __kasan_unpoison_vmalloc() now assigns a random pointer tag, poisons
the virtual mapping accordingly, and embeds the tag into the returned
pointer.
- __get_vm_area_node() (used by vmalloc() and vmap()) and
pcpu_get_vm_areas() save the tagged pointer into vm_struct->addr
(note: not into vmap_area->addr). This requires putting
kasan_unpoison_vmalloc() after setup_vmalloc_vm[_locked]();
otherwise the latter will overwrite the tagged pointer.
The tagged pointer then is naturally propagateed to vmalloc()
and vmap().
- vm_map_ram() returns the tagged pointer directly.
- Allow enabling KASAN_VMALLOC with SW_TAGS.
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
---
Changes v1->v2:
- Allow enabling KASAN_VMALLOC with SW_TAGS in this patch.
---
include/linux/kasan.h | 17 +++++++++++------
lib/Kconfig.kasan | 2 +-
mm/kasan/shadow.c | 6 ++++--
mm/vmalloc.c | 14 ++++++++------
4 files changed, 24 insertions(+), 15 deletions(-)
diff --git a/include/linux/kasan.h b/include/linux/kasan.h
index ad4798e77f60..6a2619759e93 100644
--- a/include/linux/kasan.h
+++ b/include/linux/kasan.h
@@ -423,12 +423,14 @@ void kasan_release_vmalloc(unsigned long start, unsigned long end,
unsigned long free_region_start,
unsigned long free_region_end);
-void __kasan_unpoison_vmalloc(const void *start, unsigned long size);
-static __always_inline void kasan_unpoison_vmalloc(const void *start,
- unsigned long size)
+void * __must_check __kasan_unpoison_vmalloc(const void *start,
+ unsigned long size);
+static __always_inline void * __must_check kasan_unpoison_vmalloc(
+ const void *start, unsigned long size)
{
if (kasan_enabled())
- __kasan_unpoison_vmalloc(start, size);
+ return __kasan_unpoison_vmalloc(start, size);
+ return (void *)start;
}
void __kasan_poison_vmalloc(const void *start, unsigned long size);
@@ -453,8 +455,11 @@ static inline void kasan_release_vmalloc(unsigned long start,
unsigned long free_region_start,
unsigned long free_region_end) { }
-static inline void kasan_unpoison_vmalloc(const void *start, unsigned long size)
-{ }
+static inline void *kasan_unpoison_vmalloc(const void *start,
+ unsigned long size, bool unique)
+{
+ return (void *)start;
+}
static inline void kasan_poison_vmalloc(const void *start, unsigned long size)
{ }
diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan
index cdc842d090db..3f144a87f8a3 100644
--- a/lib/Kconfig.kasan
+++ b/lib/Kconfig.kasan
@@ -179,7 +179,7 @@ config KASAN_TAGS_IDENTIFY
config KASAN_VMALLOC
bool "Back mappings in vmalloc space with real shadow memory"
- depends on KASAN_GENERIC && HAVE_ARCH_KASAN_VMALLOC
+ depends on (KASAN_GENERIC || KASAN_SW_TAGS) && HAVE_ARCH_KASAN_VMALLOC
help
By default, the shadow region for vmalloc space is the read-only
zero page. This means that KASAN cannot detect errors involving
diff --git a/mm/kasan/shadow.c b/mm/kasan/shadow.c
index fa0c8a750d09..4ca280a96fbc 100644
--- a/mm/kasan/shadow.c
+++ b/mm/kasan/shadow.c
@@ -475,12 +475,14 @@ void kasan_release_vmalloc(unsigned long start, unsigned long end,
}
}
-void __kasan_unpoison_vmalloc(const void *start, unsigned long size)
+void *__kasan_unpoison_vmalloc(const void *start, unsigned long size)
{
if (!is_vmalloc_or_module_addr(start))
- return;
+ return (void *)start;
+ start = set_tag(start, kasan_random_tag());
kasan_unpoison(start, size, false);
+ return (void *)start;
}
/*
diff --git a/mm/vmalloc.c b/mm/vmalloc.c
index a059b3100c0a..7be18b292679 100644
--- a/mm/vmalloc.c
+++ b/mm/vmalloc.c
@@ -2208,7 +2208,7 @@ void *vm_map_ram(struct page **pages, unsigned int count, int node)
mem = (void *)addr;
}
- kasan_unpoison_vmalloc(mem, size);
+ mem = kasan_unpoison_vmalloc(mem, size);
if (vmap_pages_range(addr, addr + size, PAGE_KERNEL,
pages, PAGE_SHIFT) < 0) {
@@ -2441,10 +2441,10 @@ static struct vm_struct *__get_vm_area_node(unsigned long size,
return NULL;
}
- kasan_unpoison_vmalloc((void *)va->va_start, requested_size);
-
setup_vmalloc_vm(area, va, flags, caller);
+ area->addr = kasan_unpoison_vmalloc(area->addr, requested_size);
+
return area;
}
@@ -3752,9 +3752,6 @@ struct vm_struct **pcpu_get_vm_areas(const unsigned long *offsets,
for (area = 0; area < nr_vms; area++) {
if (kasan_populate_vmalloc(vas[area]->va_start, sizes[area]))
goto err_free_shadow;
-
- kasan_unpoison_vmalloc((void *)vas[area]->va_start,
- sizes[area]);
}
/* insert all vm's */
@@ -3767,6 +3764,11 @@ struct vm_struct **pcpu_get_vm_areas(const unsigned long *offsets,
}
spin_unlock(&vmap_area_lock);
+ /* mark allocated areas as accessible */
+ for (area = 0; area < nr_vms; area++)
+ vms[area]->addr = kasan_unpoison_vmalloc(vms[area]->addr,
+ vms[area]->size);
+
kfree(vas);
return vms;
--
2.25.1
WARNING: multiple messages have this Message-ID (diff)
From: andrey.konovalov@linux.dev
To: Marco Elver <elver@google.com>,
Alexander Potapenko <glider@google.com>,
Vincenzo Frascino <vincenzo.frascino@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Peter Collingbourne <pcc@google.com>
Cc: Andrey Konovalov <andreyknvl@gmail.com>,
Dmitry Vyukov <dvyukov@google.com>,
Andrey Ryabinin <ryabinin.a.a@gmail.com>,
kasan-dev@googlegroups.com,
Andrew Morton <akpm@linux-foundation.org>,
linux-mm@kvack.org, Will Deacon <will@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
linux-arm-kernel@lists.infradead.org,
Evgenii Stepanov <eugenis@google.com>,
linux-kernel@vger.kernel.org,
Andrey Konovalov <andreyknvl@google.com>
Subject: [PATCH v2 23/34] kasan, vmalloc: add vmalloc support to SW_TAGS
Date: Mon, 6 Dec 2021 22:44:00 +0100 [thread overview]
Message-ID: <666b9e932dde24df6e1b02493a04530b99ace697.1638825394.git.andreyknvl@google.com> (raw)
In-Reply-To: <cover.1638825394.git.andreyknvl@google.com>
From: Andrey Konovalov <andreyknvl@google.com>
This patch adds vmalloc tagging support to SW_TAGS KASAN.
The changes include:
- __kasan_unpoison_vmalloc() now assigns a random pointer tag, poisons
the virtual mapping accordingly, and embeds the tag into the returned
pointer.
- __get_vm_area_node() (used by vmalloc() and vmap()) and
pcpu_get_vm_areas() save the tagged pointer into vm_struct->addr
(note: not into vmap_area->addr). This requires putting
kasan_unpoison_vmalloc() after setup_vmalloc_vm[_locked]();
otherwise the latter will overwrite the tagged pointer.
The tagged pointer then is naturally propagateed to vmalloc()
and vmap().
- vm_map_ram() returns the tagged pointer directly.
- Allow enabling KASAN_VMALLOC with SW_TAGS.
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
---
Changes v1->v2:
- Allow enabling KASAN_VMALLOC with SW_TAGS in this patch.
---
include/linux/kasan.h | 17 +++++++++++------
lib/Kconfig.kasan | 2 +-
mm/kasan/shadow.c | 6 ++++--
mm/vmalloc.c | 14 ++++++++------
4 files changed, 24 insertions(+), 15 deletions(-)
diff --git a/include/linux/kasan.h b/include/linux/kasan.h
index ad4798e77f60..6a2619759e93 100644
--- a/include/linux/kasan.h
+++ b/include/linux/kasan.h
@@ -423,12 +423,14 @@ void kasan_release_vmalloc(unsigned long start, unsigned long end,
unsigned long free_region_start,
unsigned long free_region_end);
-void __kasan_unpoison_vmalloc(const void *start, unsigned long size);
-static __always_inline void kasan_unpoison_vmalloc(const void *start,
- unsigned long size)
+void * __must_check __kasan_unpoison_vmalloc(const void *start,
+ unsigned long size);
+static __always_inline void * __must_check kasan_unpoison_vmalloc(
+ const void *start, unsigned long size)
{
if (kasan_enabled())
- __kasan_unpoison_vmalloc(start, size);
+ return __kasan_unpoison_vmalloc(start, size);
+ return (void *)start;
}
void __kasan_poison_vmalloc(const void *start, unsigned long size);
@@ -453,8 +455,11 @@ static inline void kasan_release_vmalloc(unsigned long start,
unsigned long free_region_start,
unsigned long free_region_end) { }
-static inline void kasan_unpoison_vmalloc(const void *start, unsigned long size)
-{ }
+static inline void *kasan_unpoison_vmalloc(const void *start,
+ unsigned long size, bool unique)
+{
+ return (void *)start;
+}
static inline void kasan_poison_vmalloc(const void *start, unsigned long size)
{ }
diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan
index cdc842d090db..3f144a87f8a3 100644
--- a/lib/Kconfig.kasan
+++ b/lib/Kconfig.kasan
@@ -179,7 +179,7 @@ config KASAN_TAGS_IDENTIFY
config KASAN_VMALLOC
bool "Back mappings in vmalloc space with real shadow memory"
- depends on KASAN_GENERIC && HAVE_ARCH_KASAN_VMALLOC
+ depends on (KASAN_GENERIC || KASAN_SW_TAGS) && HAVE_ARCH_KASAN_VMALLOC
help
By default, the shadow region for vmalloc space is the read-only
zero page. This means that KASAN cannot detect errors involving
diff --git a/mm/kasan/shadow.c b/mm/kasan/shadow.c
index fa0c8a750d09..4ca280a96fbc 100644
--- a/mm/kasan/shadow.c
+++ b/mm/kasan/shadow.c
@@ -475,12 +475,14 @@ void kasan_release_vmalloc(unsigned long start, unsigned long end,
}
}
-void __kasan_unpoison_vmalloc(const void *start, unsigned long size)
+void *__kasan_unpoison_vmalloc(const void *start, unsigned long size)
{
if (!is_vmalloc_or_module_addr(start))
- return;
+ return (void *)start;
+ start = set_tag(start, kasan_random_tag());
kasan_unpoison(start, size, false);
+ return (void *)start;
}
/*
diff --git a/mm/vmalloc.c b/mm/vmalloc.c
index a059b3100c0a..7be18b292679 100644
--- a/mm/vmalloc.c
+++ b/mm/vmalloc.c
@@ -2208,7 +2208,7 @@ void *vm_map_ram(struct page **pages, unsigned int count, int node)
mem = (void *)addr;
}
- kasan_unpoison_vmalloc(mem, size);
+ mem = kasan_unpoison_vmalloc(mem, size);
if (vmap_pages_range(addr, addr + size, PAGE_KERNEL,
pages, PAGE_SHIFT) < 0) {
@@ -2441,10 +2441,10 @@ static struct vm_struct *__get_vm_area_node(unsigned long size,
return NULL;
}
- kasan_unpoison_vmalloc((void *)va->va_start, requested_size);
-
setup_vmalloc_vm(area, va, flags, caller);
+ area->addr = kasan_unpoison_vmalloc(area->addr, requested_size);
+
return area;
}
@@ -3752,9 +3752,6 @@ struct vm_struct **pcpu_get_vm_areas(const unsigned long *offsets,
for (area = 0; area < nr_vms; area++) {
if (kasan_populate_vmalloc(vas[area]->va_start, sizes[area]))
goto err_free_shadow;
-
- kasan_unpoison_vmalloc((void *)vas[area]->va_start,
- sizes[area]);
}
/* insert all vm's */
@@ -3767,6 +3764,11 @@ struct vm_struct **pcpu_get_vm_areas(const unsigned long *offsets,
}
spin_unlock(&vmap_area_lock);
+ /* mark allocated areas as accessible */
+ for (area = 0; area < nr_vms; area++)
+ vms[area]->addr = kasan_unpoison_vmalloc(vms[area]->addr,
+ vms[area]->size);
+
kfree(vas);
return vms;
--
2.25.1
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-12-06 21:46 UTC|newest]
Thread overview: 94+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-06 21:22 [PATCH v2 00/34] kasan, vmalloc, arm64: add vmalloc tagging support for SW/HW_TAGS andrey.konovalov
2021-12-06 21:22 ` andrey.konovalov
2021-12-06 21:22 ` [PATCH v2 01/34] kasan, page_alloc: deduplicate should_skip_kasan_poison andrey.konovalov
2021-12-06 21:22 ` andrey.konovalov
2021-12-06 21:31 ` [PATCH v2 02/34] kasan, page_alloc: move tag_clear_highpage out of kernel_init_free_pages andrey.konovalov
2021-12-06 21:31 ` andrey.konovalov
2021-12-06 21:31 ` [PATCH v2 03/34] kasan, page_alloc: merge kasan_free_pages into free_pages_prepare andrey.konovalov
2021-12-06 21:31 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 04/34] kasan, page_alloc: simplify kasan_poison_pages call site andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 05/34] kasan, page_alloc: init memory of skipped pages on free andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 06/34] kasan: drop skip_kasan_poison variable in free_pages_prepare andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 07/34] mm: clarify __GFP_ZEROTAGS comment andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-07 17:33 ` Andrey Konovalov
2021-12-07 17:33 ` Andrey Konovalov
2021-12-06 21:43 ` [PATCH v2 08/34] kasan: only apply __GFP_ZEROTAGS when memory is zeroed andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-10 17:48 ` Catalin Marinas
2021-12-10 17:48 ` Catalin Marinas
2021-12-13 21:57 ` Andrey Konovalov
2021-12-13 21:57 ` Andrey Konovalov
2021-12-06 21:43 ` [PATCH v2 09/34] kasan, page_alloc: refactor init checks in post_alloc_hook andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 10/34] kasan, page_alloc: merge kasan_alloc_pages into post_alloc_hook andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 11/34] kasan, page_alloc: combine tag_clear_highpage calls in post_alloc_hook andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 12/34] kasan, page_alloc: move SetPageSkipKASanPoison " andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 13/34] kasan, page_alloc: move kernel_init_free_pages " andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 14/34] kasan, page_alloc: simplify kasan_unpoison_pages call site andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 15/34] kasan: clean up metadata byte definitions andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 16/34] kasan: define KASAN_VMALLOC_INVALID for SW_TAGS andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 17/34] kasan, x86, arm64, s390: rename functions for modules shadow andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-10 17:55 ` Catalin Marinas
2021-12-10 17:55 ` Catalin Marinas
2021-12-06 21:43 ` [PATCH v2 18/34] kasan, vmalloc: drop outdated VM_KASAN comment andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 19/34] kasan: reorder vmalloc hooks andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 20/34] kasan: add wrappers for " andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 21/34] kasan, vmalloc: reset tags in vmalloc functions andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:43 ` [PATCH v2 22/34] kasan, fork: don't tag stacks allocated with vmalloc andrey.konovalov
2021-12-06 21:43 ` andrey.konovalov
2021-12-06 21:44 ` andrey.konovalov [this message]
2021-12-06 21:44 ` [PATCH v2 23/34] kasan, vmalloc: add vmalloc support to SW_TAGS andrey.konovalov
2021-12-06 21:44 ` [PATCH v2 24/34] kasan, vmalloc, arm64: mark vmalloc mappings as pgprot_tagged andrey.konovalov
2021-12-06 21:44 ` andrey.konovalov
2021-12-06 21:48 ` Andrey Konovalov
2021-12-06 21:48 ` Andrey Konovalov
2021-12-13 15:17 ` Vincenzo Frascino
2021-12-13 15:17 ` Vincenzo Frascino
2021-12-13 21:57 ` Andrey Konovalov
2021-12-13 21:57 ` Andrey Konovalov
2021-12-06 21:44 ` [PATCH v2 25/34] kasan, vmalloc: don't unpoison VM_ALLOC pages before mapping andrey.konovalov
2021-12-06 21:44 ` andrey.konovalov
2021-12-06 21:44 ` [PATCH v2 26/34] kasan, page_alloc: allow skipping unpoisoning for HW_TAGS andrey.konovalov
2021-12-06 21:44 ` andrey.konovalov
2021-12-06 21:44 ` [PATCH v2 27/34] kasan, page_alloc: allow skipping memory init " andrey.konovalov
2021-12-06 21:44 ` andrey.konovalov
2021-12-06 21:44 ` [PATCH v2 28/34] kasan, vmalloc: add vmalloc support to HW_TAGS andrey.konovalov
2021-12-06 21:44 ` andrey.konovalov
2021-12-06 21:49 ` Andrey Konovalov
2021-12-06 21:49 ` Andrey Konovalov
2021-12-13 15:34 ` Vincenzo Frascino
2021-12-13 15:34 ` Vincenzo Frascino
2021-12-13 21:57 ` Andrey Konovalov
2021-12-13 21:57 ` Andrey Konovalov
2021-12-06 21:44 ` [PATCH v2 29/34] kasan: mark kasan_arg_stacktrace as __initdata andrey.konovalov
2021-12-06 21:44 ` andrey.konovalov
2021-12-06 21:44 ` [PATCH v2 30/34] kasan: simplify kasan_init_hw_tags andrey.konovalov
2021-12-06 21:44 ` andrey.konovalov
2021-12-06 21:44 ` [PATCH v2 31/34] kasan: add kasan.vmalloc command line flag andrey.konovalov
2021-12-06 21:44 ` andrey.konovalov
2021-12-06 21:44 ` [PATCH v2 32/34] arm64: select KASAN_VMALLOC for SW/HW_TAGS modes andrey.konovalov
2021-12-06 21:44 ` andrey.konovalov
2021-12-10 18:04 ` Catalin Marinas
2021-12-10 18:04 ` Catalin Marinas
2021-12-06 21:44 ` [PATCH v2 33/34] kasan: documentation updates andrey.konovalov
2021-12-06 21:44 ` andrey.konovalov
2021-12-06 21:44 ` [PATCH v2 34/34] kasan: improve vmalloc tests andrey.konovalov
2021-12-06 21:44 ` andrey.konovalov
2021-12-07 19:46 ` [PATCH v2 00/34] kasan, vmalloc, arm64: add vmalloc tagging support for SW/HW_TAGS Andrey Konovalov
2021-12-07 19:46 ` Andrey Konovalov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=666b9e932dde24df6e1b02493a04530b99ace697.1638825394.git.andreyknvl@google.com \
--to=andrey.konovalov@linux.dev \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@gmail.com \
--cc=andreyknvl@google.com \
--cc=catalin.marinas@arm.com \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=eugenis@google.com \
--cc=glider@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mark.rutland@arm.com \
--cc=pcc@google.com \
--cc=ryabinin.a.a@gmail.com \
--cc=vincenzo.frascino@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.