From: Marco Elver <elver@google.com>
To: Mark Rutland <mark.rutland@arm.com>
Cc: LKMM Maintainers -- Akira Yokosawa <akiyks@gmail.com>,
Alan Stern <stern@rowland.harvard.edu>,
Alexander Potapenko <glider@google.com>,
Andrea Parri <parri.andrea@gmail.com>,
Andrey Konovalov <andreyknvl@google.com>,
Andy Lutomirski <luto@kernel.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Arnd Bergmann <arnd@arndb.de>, Boqun Feng <boqun.feng@gmail.com>,
Borislav Petkov <bp@alien8.de>, Daniel Axtens <dja@axtens.net>,
Daniel Lustig <dlustig@nvidia.com>,
dave.hansen@linux.intel.com, dhowells@redhat.com,
Dmitry Vyukov <dvyukov@google.com>,
"H. Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
Jade Alglave <j.alglave@ucl.ac.uk>,
Joel Fernandes <joel@joelfernandes.org>,
Jonathan Corbet <corbet@lwn.net>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Luc Maranget <luc.maranget@inria.fr>,
Nicholas Piggin <npiggin@gmail.com>,
"Paul E. McKenney" <paulmck@linux.ibm.com>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
Will Deacon <will@kernel.org>,
kasan-dev <kasan-dev@googlegroups.com>,
linux-arch <linux-arch@vger.kernel.org>,
"open list:DOCUMENTATION" <linux-doc@vger.kernel.org>,
linux-efi@vger.kernel.org, linux-kbuild@vger.kernel.org,
LKML <linux-kernel@vger.kernel.org>,
Linux Memory Management List <linux-mm@kvack.org>,
"the arch/x86 maintainers" <x86@kernel.org>
Subject: Re: [PATCH 7/8] locking/atomics, kcsan: Add KCSAN instrumentation
Date: Wed, 16 Oct 2019 13:47:30 +0200 [thread overview]
Message-ID: <CANpmjNMww9EX_WqAfWbQk8VG=DghLL7f=Otsx2=bs5sLh-VERQ@mail.gmail.com> (raw)
In-Reply-To: <20191016111847.GB44246@lakrids.cambridge.arm.com>
On Wed, 16 Oct 2019 at 13:18, Mark Rutland <mark.rutland@arm.com> wrote:
>
> Hi Marco,
>
> On Wed, Oct 16, 2019 at 10:39:58AM +0200, Marco Elver wrote:
> > This adds KCSAN instrumentation to atomic-instrumented.h.
> >
> > Signed-off-by: Marco Elver <elver@google.com>
> > ---
> > include/asm-generic/atomic-instrumented.h | 192 +++++++++++++++++++++-
> > scripts/atomic/gen-atomic-instrumented.sh | 9 +-
> > 2 files changed, 199 insertions(+), 2 deletions(-)
> >
> > diff --git a/include/asm-generic/atomic-instrumented.h b/include/asm-generic/atomic-instrumented.h
> > index e8730c6b9fe2..9e487febc610 100644
> > --- a/include/asm-generic/atomic-instrumented.h
> > +++ b/include/asm-generic/atomic-instrumented.h
> > @@ -19,11 +19,13 @@
> >
> > #include <linux/build_bug.h>
> > #include <linux/kasan-checks.h>
> > +#include <linux/kcsan-checks.h>
> >
> > static inline int
> > atomic_read(const atomic_t *v)
> > {
> > kasan_check_read(v, sizeof(*v));
> > + kcsan_check_atomic(v, sizeof(*v), false);
>
> For legibility and consistency with kasan, it would be nicer to avoid
> the bool argument here and have kcsan_check_atomic_{read,write}()
> helpers...
>
> > diff --git a/scripts/atomic/gen-atomic-instrumented.sh b/scripts/atomic/gen-atomic-instrumented.sh
> > index e09812372b17..c0553743a6f4 100755
> > --- a/scripts/atomic/gen-atomic-instrumented.sh
> > +++ b/scripts/atomic/gen-atomic-instrumented.sh
> > @@ -12,15 +12,20 @@ gen_param_check()
> > local type="${arg%%:*}"
> > local name="$(gen_param_name "${arg}")"
> > local rw="write"
> > + local is_write="true"
> >
> > case "${type#c}" in
> > i) return;;
> > esac
> >
> > # We don't write to constant parameters
> > - [ ${type#c} != ${type} ] && rw="read"
> > + if [ ${type#c} != ${type} ]; then
> > + rw="read"
> > + is_write="false"
> > + fi
> >
> > printf "\tkasan_check_${rw}(${name}, sizeof(*${name}));\n"
> > + printf "\tkcsan_check_atomic(${name}, sizeof(*${name}), ${is_write});\n"
>
> ... which would also simplify this.
>
> Though as below, we might want to wrap both in a helper local to
> atomic-instrumented.h.
>
> > }
> >
> > #gen_param_check(arg...)
> > @@ -108,6 +113,7 @@ cat <<EOF
> > ({ \\
> > typeof(ptr) __ai_ptr = (ptr); \\
> > kasan_check_write(__ai_ptr, ${mult}sizeof(*__ai_ptr)); \\
> > + kcsan_check_atomic(__ai_ptr, ${mult}sizeof(*__ai_ptr), true); \\
> > arch_${xchg}(__ai_ptr, __VA_ARGS__); \\
> > })
> > EOF
> > @@ -148,6 +154,7 @@ cat << EOF
> >
> > #include <linux/build_bug.h>
> > #include <linux/kasan-checks.h>
> > +#include <linux/kcsan-checks.h>
>
> We could add the following to this preamble:
>
> static inline void __atomic_check_read(const volatile void *v, size_t size)
> {
> kasan_check_read(v, sizeof(*v));
> kcsan_check_atomic(v, sizeof(*v), false);
> }
>
> static inline void __atomic_check_write(const volatile void *v, size_t size)
> {
> kasan_check_write(v, sizeof(*v));
> kcsan_check_atomic(v, sizeof(*v), true);
> }
>
> ... and only have the one call in each atomic wrapper.
>
> Otherwise, this looks good to me.
Thanks, incorporated suggestions for v2: for readability rename
kcsan_check_access -> kcsan_check_{read,write}, and for
atomic-instrumented.h, adding the suggested preamble.
Thanks,
-- Marco
WARNING: multiple messages have this Message-ID (diff)
From: Marco Elver <elver@google.com>
To: Mark Rutland <mark.rutland@arm.com>
Cc: LKMM Maintainers -- Akira Yokosawa <akiyks@gmail.com>,
Alan Stern <stern@rowland.harvard.edu>,
Alexander Potapenko <glider@google.com>,
Andrea Parri <parri.andrea@gmail.com>,
Andrey Konovalov <andreyknvl@google.com>,
Andy Lutomirski <luto@kernel.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Arnd Bergmann <arnd@arndb.de>, Boqun Feng <boqun.feng@gmail.com>,
Borislav Petkov <bp@alien8.de>, Daniel Axtens <dja@axtens.net>,
Daniel Lustig <dlustig@nvidia.com>,
dave.hansen@linux.intel.com, dhowells@redhat.com,
Dmitry Vyukov <dvyukov@google.com>,
"H. Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
Jade Alglave <j.alglave@ucl.ac.uk>,
Joel Fernandes <joel@joelfernandes.org>,
Jonathan Corbet <corbet@lwn.net>,
Josh Poimboeuf <jpoimboe@redhat.com>
Subject: Re: [PATCH 7/8] locking/atomics, kcsan: Add KCSAN instrumentation
Date: Wed, 16 Oct 2019 13:47:30 +0200 [thread overview]
Message-ID: <CANpmjNMww9EX_WqAfWbQk8VG=DghLL7f=Otsx2=bs5sLh-VERQ@mail.gmail.com> (raw)
In-Reply-To: <20191016111847.GB44246@lakrids.cambridge.arm.com>
On Wed, 16 Oct 2019 at 13:18, Mark Rutland <mark.rutland@arm.com> wrote:
>
> Hi Marco,
>
> On Wed, Oct 16, 2019 at 10:39:58AM +0200, Marco Elver wrote:
> > This adds KCSAN instrumentation to atomic-instrumented.h.
> >
> > Signed-off-by: Marco Elver <elver@google.com>
> > ---
> > include/asm-generic/atomic-instrumented.h | 192 +++++++++++++++++++++-
> > scripts/atomic/gen-atomic-instrumented.sh | 9 +-
> > 2 files changed, 199 insertions(+), 2 deletions(-)
> >
> > diff --git a/include/asm-generic/atomic-instrumented.h b/include/asm-generic/atomic-instrumented.h
> > index e8730c6b9fe2..9e487febc610 100644
> > --- a/include/asm-generic/atomic-instrumented.h
> > +++ b/include/asm-generic/atomic-instrumented.h
> > @@ -19,11 +19,13 @@
> >
> > #include <linux/build_bug.h>
> > #include <linux/kasan-checks.h>
> > +#include <linux/kcsan-checks.h>
> >
> > static inline int
> > atomic_read(const atomic_t *v)
> > {
> > kasan_check_read(v, sizeof(*v));
> > + kcsan_check_atomic(v, sizeof(*v), false);
>
> For legibility and consistency with kasan, it would be nicer to avoid
> the bool argument here and have kcsan_check_atomic_{read,write}()
> helpers...
>
> > diff --git a/scripts/atomic/gen-atomic-instrumented.sh b/scripts/atomic/gen-atomic-instrumented.sh
> > index e09812372b17..c0553743a6f4 100755
> > --- a/scripts/atomic/gen-atomic-instrumented.sh
> > +++ b/scripts/atomic/gen-atomic-instrumented.sh
> > @@ -12,15 +12,20 @@ gen_param_check()
> > local type="${arg%%:*}"
> > local name="$(gen_param_name "${arg}")"
> > local rw="write"
> > + local is_write="true"
> >
> > case "${type#c}" in
> > i) return;;
> > esac
> >
> > # We don't write to constant parameters
> > - [ ${type#c} != ${type} ] && rw="read"
> > + if [ ${type#c} != ${type} ]; then
> > + rw="read"
> > + is_write="false"
> > + fi
> >
> > printf "\tkasan_check_${rw}(${name}, sizeof(*${name}));\n"
> > + printf "\tkcsan_check_atomic(${name}, sizeof(*${name}), ${is_write});\n"
>
> ... which would also simplify this.
>
> Though as below, we might want to wrap both in a helper local to
> atomic-instrumented.h.
>
> > }
> >
> > #gen_param_check(arg...)
> > @@ -108,6 +113,7 @@ cat <<EOF
> > ({ \\
> > typeof(ptr) __ai_ptr = (ptr); \\
> > kasan_check_write(__ai_ptr, ${mult}sizeof(*__ai_ptr)); \\
> > + kcsan_check_atomic(__ai_ptr, ${mult}sizeof(*__ai_ptr), true); \\
> > arch_${xchg}(__ai_ptr, __VA_ARGS__); \\
> > })
> > EOF
> > @@ -148,6 +154,7 @@ cat << EOF
> >
> > #include <linux/build_bug.h>
> > #include <linux/kasan-checks.h>
> > +#include <linux/kcsan-checks.h>
>
> We could add the following to this preamble:
>
> static inline void __atomic_check_read(const volatile void *v, size_t size)
> {
> kasan_check_read(v, sizeof(*v));
> kcsan_check_atomic(v, sizeof(*v), false);
> }
>
> static inline void __atomic_check_write(const volatile void *v, size_t size)
> {
> kasan_check_write(v, sizeof(*v));
> kcsan_check_atomic(v, sizeof(*v), true);
> }
>
> ... and only have the one call in each atomic wrapper.
>
> Otherwise, this looks good to me.
Thanks, incorporated suggestions for v2: for readability rename
kcsan_check_access -> kcsan_check_{read,write}, and for
atomic-instrumented.h, adding the suggested preamble.
Thanks,
-- Marco
next prev parent reply other threads:[~2019-10-16 11:47 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-16 8:39 [PATCH 0/8] Add Kernel Concurrency Sanitizer (KCSAN) Marco Elver
2019-10-16 8:39 ` Marco Elver
2019-10-16 8:39 ` [PATCH 1/8] kcsan: Add Kernel Concurrency Sanitizer infrastructure Marco Elver
2019-10-16 8:39 ` Marco Elver
2019-10-16 9:42 ` Boqun Feng
2019-10-16 10:06 ` Marco Elver
2019-10-16 10:06 ` Marco Elver
2019-10-16 10:06 ` Marco Elver
2019-10-17 0:25 ` Boqun Feng
2019-10-17 0:25 ` Boqun Feng
2019-10-17 0:25 ` Boqun Feng
2019-10-16 11:49 ` Andrey Konovalov
2019-10-16 11:49 ` Andrey Konovalov
2019-10-16 11:49 ` Andrey Konovalov
2019-10-16 13:52 ` Marco Elver
2019-10-16 13:52 ` Marco Elver
2019-10-16 13:52 ` Marco Elver
2019-10-16 15:16 ` Mark Rutland
2019-10-16 15:53 ` Marco Elver
2019-10-16 15:53 ` Marco Elver
2019-10-16 15:53 ` Marco Elver
2019-10-16 18:43 ` Peter Zijlstra
2019-10-16 19:34 ` Marco Elver
2019-10-16 19:34 ` Marco Elver
2019-10-16 19:34 ` Marco Elver
2019-10-17 7:47 ` Peter Zijlstra
2019-10-17 7:47 ` Peter Zijlstra
2019-10-17 7:49 ` Marco Elver
2019-10-17 7:49 ` Marco Elver
2019-10-17 7:49 ` Marco Elver
2019-10-16 8:39 ` [PATCH 2/8] objtool, kcsan: Add KCSAN runtime functions to whitelist Marco Elver
2019-10-16 8:39 ` Marco Elver
2019-10-16 8:39 ` [PATCH 3/8] build, kcsan: Add KCSAN build exceptions Marco Elver
2019-10-16 8:39 ` Marco Elver
2019-10-16 8:39 ` [PATCH 4/8] seqlock, kcsan: Add annotations for KCSAN Marco Elver
2019-10-16 8:39 ` Marco Elver
2019-10-16 8:39 ` [PATCH 5/8] seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier Marco Elver
2019-10-16 8:39 ` Marco Elver
2019-10-16 8:39 ` [PATCH 6/8] asm-generic, kcsan: Add KCSAN instrumentation for bitops Marco Elver
2019-10-16 8:39 ` Marco Elver
2019-10-16 8:39 ` [PATCH 7/8] locking/atomics, kcsan: Add KCSAN instrumentation Marco Elver
2019-10-16 8:39 ` Marco Elver
2019-10-16 11:18 ` Mark Rutland
2019-10-16 11:47 ` Marco Elver [this message]
2019-10-16 11:47 ` Marco Elver
2019-10-16 11:47 ` Marco Elver
2019-10-16 8:39 ` [PATCH 8/8] x86, kcsan: Enable KCSAN for x86 Marco Elver
2019-10-16 8:39 ` Marco Elver
2019-10-16 16:14 ` Dave Hansen
2019-10-16 17:04 ` Marco Elver
2019-10-16 17:04 ` Marco Elver
2019-10-16 17:04 ` Marco Elver
2019-10-17 14:15 ` [PATCH 0/8] Add Kernel Concurrency Sanitizer (KCSAN) Marco Elver
2019-10-17 14:15 ` Marco Elver
2019-10-17 14:15 ` Marco Elver
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CANpmjNMww9EX_WqAfWbQk8VG=DghLL7f=Otsx2=bs5sLh-VERQ@mail.gmail.com' \
--to=elver@google.com \
--cc=akiyks@gmail.com \
--cc=andreyknvl@google.com \
--cc=ard.biesheuvel@linaro.org \
--cc=arnd@arndb.de \
--cc=boqun.feng@gmail.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=dhowells@redhat.com \
--cc=dja@axtens.net \
--cc=dlustig@nvidia.com \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=hpa@zytor.com \
--cc=j.alglave@ucl.ac.uk \
--cc=joel@joelfernandes.org \
--cc=jpoimboe@redhat.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luc.maranget@inria.fr \
--cc=luto@kernel.org \
--cc=mark.rutland@arm.com \
--cc=mingo@redhat.com \
--cc=npiggin@gmail.com \
--cc=parri.andrea@gmail.com \
--cc=paulmck@linux.ibm.com \
--cc=peterz@infradead.org \
--cc=stern@rowland.harvard.edu \
--cc=tglx@linutronix.de \
--cc=will@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.