From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-14.4 required=3.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1B491C2BA19 for ; Tue, 14 Apr 2020 17:56:15 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id B6E922074D for ; Tue, 14 Apr 2020 17:56:14 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="sS537qbf" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B6E922074D Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 647A98E003A; Tue, 14 Apr 2020 13:56:14 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 5D0A98E0001; Tue, 14 Apr 2020 13:56:14 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 498BD8E003A; Tue, 14 Apr 2020 13:56:14 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0171.hostedemail.com [216.40.44.171]) by kanga.kvack.org (Postfix) with ESMTP id 2C9298E0001 for ; Tue, 14 Apr 2020 13:56:14 -0400 (EDT) Received: from smtpin24.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id EA59D52C7 for ; Tue, 14 Apr 2020 17:56:13 +0000 (UTC) X-FDA: 76707214626.24.quilt99_8daa8d9d63047 X-HE-Tag: quilt99_8daa8d9d63047 X-Filterd-Recvd-Size: 12291 Received: from mail-pf1-f194.google.com (mail-pf1-f194.google.com [209.85.210.194]) by imf03.hostedemail.com (Postfix) with ESMTP for ; Tue, 14 Apr 2020 17:56:13 +0000 (UTC) Received: by mail-pf1-f194.google.com with SMTP id y25so278834pfn.5 for ; Tue, 14 Apr 2020 10:56:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=259n1DbYn6I12xyHyt5UfFG5wILaX592ze3Kjzh0vm0=; b=sS537qbffy2FcMwRvbxPxm/aRGPYNn08O7HW+q2OMFYdxzwkHDw5n57TnxF5mS2nBn AWWoo0ZLwEUdQCFIJRodDCLVcGfQvjEKDw1wTDd09TldTVvUMTY+OhN9wKk0a+LTA5/c JTiqmKJGqDp9iuGKegH5iSApyI9wzgwFMD+ho7FTNepat3l7MJQZbHaMsZidd+11UCDs /J1+Ae+lh9z82MVwcqsAkC5/Zhijs4lwIs2QNlvxYfd5lI7wYr/H9zy7wXjKmUfA0iod 5J+K8G7Lbx1FGABK+GJyKapytq8TN0tdz2Wo35LSrnS2XznSYjkbZxb2jYJyqPBAwhfi 3sBg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=259n1DbYn6I12xyHyt5UfFG5wILaX592ze3Kjzh0vm0=; b=A1iMz9HFeWVnES7q5Wao3KdVudMNY1wf9uSH1jpA5Z0hg8JTc+pEGfmv5QL5lQ7Qvc KaC26Z44i9m5I84xvHGYRqRI/jF0cQQo2tKBcJjHhiLuTOiWezS+iV767DJHegJn31dj Z/x6u19NTD9sTVosa0+ljiywQ1bstKn4UcPVAkTk5+DO1fc929vlWHK6samfkfd6xH8j 6W1QWAz/ddif7IV8Q74sRtzQvqSnscpPdS/MSdCZGBoOCqjTdp01/E+iQY6fsxCyS8eJ HA1ZvJHVO/NaUNjRdqdl8E4RAlswPvy4GUSNJZ+uvO3aA41dMfyl0+oVwBTzz12mpuW4 u8ig== X-Gm-Message-State: AGi0PubXhBdH6iRAse6cta40AB4HdIdanfy917pPMOtOLEW2HTWVMSD+ OK6c+7tdKjX/iLE68ZT6hbs6FZ6rhLoTxK6a+at3Ag== X-Google-Smtp-Source: APiQypIbxanYU3lsKdyJMKJRL0aAe+w6WpPi6fDhaxiptGNW2VZuNJfCzMqiLFwu1DM4ap4s78QvwgQeCeFcckor+wY= X-Received: by 2002:a63:f411:: with SMTP id g17mr22655742pgi.440.1586886972201; Tue, 14 Apr 2020 10:56:12 -0700 (PDT) MIME-Version: 1.0 References: <20200325161249.55095-1-glider@google.com> <20200325161249.55095-18-glider@google.com> In-Reply-To: <20200325161249.55095-18-glider@google.com> From: Andrey Konovalov Date: Tue, 14 Apr 2020 19:56:01 +0200 Message-ID: Subject: Re: [PATCH v5 17/38] kmsan: disable KMSAN instrumentation for certain kernel parts To: Alexander Potapenko Cc: Ard Biesheuvel , Thomas Gleixner , Vegard Nossum , Dmitry Vyukov , Marco Elver , Linux Memory Management List , Alexander Viro , Andreas Dilger , Andrew Morton , Andrey Ryabinin , Andy Lutomirski , Arnd Bergmann , Christoph Hellwig , Christoph Hellwig , "Darrick J. Wong" , "David S. Miller" , Dmitry Torokhov , Eric Biggers , Eric Dumazet , Eric Van Hensbergen , Greg Kroah-Hartman , Harry Wentland , Herbert Xu , Ilya Leoshkevich , Ingo Molnar , Jason Wang , Jens Axboe , Marek Szyprowski , Mark Rutland , "Martin K. Petersen" , Martin Schwidefsky , Matthew Wilcox , "Michael S . Tsirkin" , Michal Hocko , Michal Simek , Petr Mladek , Qian Cai , Randy Dunlap , Robin Murphy , Sergey Senozhatsky , Steven Rostedt , Takashi Iwai , "Theodore Ts'o" , Vasily Gorbik , Wolfram Sang Content-Type: text/plain; charset="UTF-8" X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, Mar 25, 2020 at 5:13 PM wrote: > > Instrumenting some files with KMSAN will result in kernel being unable > to link, boot or crashing at runtime for various reasons (e.g. infinite > recursion caused by instrumentation hooks calling instrumented code again). > > Disable KMSAN in the following places: > - arch/x86/boot and arch/x86/realmode/rm, as KMSAN doesn't work for i386; > - arch/x86/entry/vdso, which isn't linked with KMSAN runtime; > - three files in arch/x86/kernel - boot problems; > - arch/x86/mm/cpu_entry_area.c - recursion; > - EFI stub - build failures; > - kcov, stackdepot, lockdep - recursion. > > Signed-off-by: Alexander Potapenko > To: Alexander Potapenko > Cc: Ard Biesheuvel > Cc: Thomas Gleixner > Cc: Vegard Nossum > Cc: Dmitry Vyukov > Cc: Marco Elver > Cc: Andrey Konovalov > Cc: linux-mm@kvack.org Reviewed-by: Andrey Konovalov > > --- > > v4: > - fix lockdep support by not instrumenting lockdep.c > - unified comments with KCSAN > > Change-Id: I90961eabf2dcb9ae992aed259088953bad5e4d6d > --- > arch/x86/boot/Makefile | 1 + > arch/x86/boot/compressed/Makefile | 2 ++ > arch/x86/entry/vdso/Makefile | 3 +++ > arch/x86/kernel/Makefile | 4 ++++ > arch/x86/kernel/cpu/Makefile | 1 + > arch/x86/mm/Makefile | 3 +++ > arch/x86/realmode/rm/Makefile | 1 + > drivers/firmware/efi/libstub/Makefile | 1 + > kernel/Makefile | 1 + > kernel/locking/Makefile | 4 ++++ > lib/Makefile | 1 + > 11 files changed, 22 insertions(+) > > diff --git a/arch/x86/boot/Makefile b/arch/x86/boot/Makefile > index d7aa1c3a6b25a..2ca8b9b478f3a 100644 > --- a/arch/x86/boot/Makefile > +++ b/arch/x86/boot/Makefile > @@ -12,6 +12,7 @@ > # Sanitizer runtimes are unavailable and cannot be linked for early boot code. > KASAN_SANITIZE := n > KCSAN_SANITIZE := n > +KMSAN_SANITIZE := n > OBJECT_FILES_NON_STANDARD := y > > # Kernel does not boot with kcov instrumentation here. > diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile > index 7619742f91c9a..2af62067a90ec 100644 > --- a/arch/x86/boot/compressed/Makefile > +++ b/arch/x86/boot/compressed/Makefile > @@ -20,6 +20,8 @@ > # Sanitizer runtimes are unavailable and cannot be linked for early boot code. > KASAN_SANITIZE := n > KCSAN_SANITIZE := n > +# KMSAN doesn't work for i386 > +KMSAN_SANITIZE := n > OBJECT_FILES_NON_STANDARD := y > > # Prevents link failures: __sanitizer_cov_trace_pc() is not linked in. > diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile > index ecf6128c95516..e2b1b9be89ab7 100644 > --- a/arch/x86/entry/vdso/Makefile > +++ b/arch/x86/entry/vdso/Makefile > @@ -13,6 +13,9 @@ KBUILD_CFLAGS += $(DISABLE_LTO) > > # Sanitizer runtimes are unavailable and cannot be linked here. > KASAN_SANITIZE := n > +KMSAN_SANITIZE_vclock_gettime.o := n > +KMSAN_SANITIZE_vgetcpu.o := n > + > UBSAN_SANITIZE := n > KCSAN_SANITIZE := n > OBJECT_FILES_NON_STANDARD := y > diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile > index 1ee83df407e3b..a3b7b0452c817 100644 > --- a/arch/x86/kernel/Makefile > +++ b/arch/x86/kernel/Makefile > @@ -32,6 +32,10 @@ KASAN_SANITIZE_paravirt.o := n > # by several compilation units. To be safe, disable all instrumentation. > KCSAN_SANITIZE := n > > +# Work around reboot loop. > +KMSAN_SANITIZE_head$(BITS).o := n > +KMSAN_SANITIZE_nmi.o := n > + > OBJECT_FILES_NON_STANDARD_relocate_kernel_$(BITS).o := y > OBJECT_FILES_NON_STANDARD_test_nx.o := y > OBJECT_FILES_NON_STANDARD_paravirt_patch.o := y > diff --git a/arch/x86/kernel/cpu/Makefile b/arch/x86/kernel/cpu/Makefile > index dba6a83bc3493..0e299ba013868 100644 > --- a/arch/x86/kernel/cpu/Makefile > +++ b/arch/x86/kernel/cpu/Makefile > @@ -12,6 +12,7 @@ endif > # If these files are instrumented, boot hangs during the first second. > KCOV_INSTRUMENT_common.o := n > KCOV_INSTRUMENT_perf_event.o := n > +KMSAN_SANITIZE_common.o := n > > # As above, instrumenting secondary CPU boot code causes boot hangs. > KCSAN_SANITIZE_common.o := n > diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile > index f7fd0e868c9c8..f11848633cf5b 100644 > --- a/arch/x86/mm/Makefile > +++ b/arch/x86/mm/Makefile > @@ -11,6 +11,9 @@ KASAN_SANITIZE_mem_encrypt_identity.o := n > # reference __initdata sections. > KCSAN_SANITIZE := n > > +# Avoid recursion by not calling KMSAN hooks for CEA code. > +KMSAN_SANITIZE_cpu_entry_area.o := n > + > ifdef CONFIG_FUNCTION_TRACER > CFLAGS_REMOVE_mem_encrypt.o = -pg > CFLAGS_REMOVE_mem_encrypt_identity.o = -pg > diff --git a/arch/x86/realmode/rm/Makefile b/arch/x86/realmode/rm/Makefile > index 83f1b6a56449f..f614009d3e4e2 100644 > --- a/arch/x86/realmode/rm/Makefile > +++ b/arch/x86/realmode/rm/Makefile > @@ -10,6 +10,7 @@ > # Sanitizer runtimes are unavailable and cannot be linked here. > KASAN_SANITIZE := n > KCSAN_SANITIZE := n > +KMSAN_SANITIZE := n > OBJECT_FILES_NON_STANDARD := y > > # Prevents link failures: __sanitizer_cov_trace_pc() is not linked in. > diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile > index dd31237fba2e9..2cf047a0d2e06 100644 > --- a/drivers/firmware/efi/libstub/Makefile > +++ b/drivers/firmware/efi/libstub/Makefile > @@ -36,6 +36,7 @@ GCOV_PROFILE := n > # Sanitizer runtimes are unavailable and cannot be linked here. > KASAN_SANITIZE := n > KCSAN_SANITIZE := n > +KMSAN_SANITIZE := n > UBSAN_SANITIZE := n > OBJECT_FILES_NON_STANDARD := y > > diff --git a/kernel/Makefile b/kernel/Makefile > index 6ac453daf500e..e9093daf41056 100644 > --- a/kernel/Makefile > +++ b/kernel/Makefile > @@ -35,6 +35,7 @@ KCOV_INSTRUMENT_stacktrace.o := n > KCOV_INSTRUMENT_kcov.o := n > KASAN_SANITIZE_kcov.o := n > KCSAN_SANITIZE_kcov.o := n > +KMSAN_SANITIZE_kcov.o := n > CFLAGS_kcov.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector) > > # cond_syscall is currently not LTO compatible > diff --git a/kernel/locking/Makefile b/kernel/locking/Makefile > index 6d11cfb9b41f2..1dd1f7d81e691 100644 > --- a/kernel/locking/Makefile > +++ b/kernel/locking/Makefile > @@ -3,6 +3,10 @@ > # and is generally not a function of system call inputs. > KCOV_INSTRUMENT := n > > +# Instrumenting lockdep.c with KMSAN may cause deadlocks because of > +# recursive KMSAN runtime calls. > +KMSAN_SANITIZE_lockdep.o := n > + > obj-y += mutex.o semaphore.o rwsem.o percpu-rwsem.o > > # Avoid recursion lockdep -> KCSAN -> ... -> lockdep. > diff --git a/lib/Makefile b/lib/Makefile > index d8058c5c05826..6ec959b62a55f 100644 > --- a/lib/Makefile > +++ b/lib/Makefile > @@ -234,6 +234,7 @@ obj-$(CONFIG_IRQ_POLL) += irq_poll.o > CFLAGS_stackdepot.o += -fno-builtin > obj-$(CONFIG_STACKDEPOT) += stackdepot.o > KASAN_SANITIZE_stackdepot.o := n > +KMSAN_SANITIZE_stackdepot.o := n > KCOV_INSTRUMENT_stackdepot.o := n > > libfdt_files = fdt.o fdt_ro.o fdt_wip.o fdt_rw.o fdt_sw.o fdt_strerror.o \ > -- > 2.25.1.696.g5e7596f4ac-goog >