Linux-mm Archive on
 help / color / Atom feed
* [patch 095/158] fork: support VMAP_STACK with KASAN_VMALLOC
@ 2019-12-01  1:54 akpm
  0 siblings, 0 replies; only message in thread
From: akpm @ 2019-12-01  1:54 UTC (permalink / raw)
  To: akpm, aryabinin, christophe.leroy, dja, dvyukov, glider, gor,
	linux-mm, mark.rutland, mm-commits, torvalds

From: Daniel Axtens <>
Subject: fork: support VMAP_STACK with KASAN_VMALLOC

Supporting VMAP_STACK with KASAN_VMALLOC is straightforward:

 - clear the shadow region of vmapped stacks when swapping them in
 - tweak Kconfig to allow VMAP_STACK to be turned on with KASAN

Signed-off-by: Daniel Axtens <>
Reviewed-by: Dmitry Vyukov <>
Reviewed-by: Andrey Ryabinin <>
Cc: Alexander Potapenko <>
Cc: Christophe Leroy <>
Cc: Mark Rutland <>
Cc: Vasily Gorbik <>
Signed-off-by: Andrew Morton <>

 arch/Kconfig  |    9 +++++----
 kernel/fork.c |    4 ++++
 2 files changed, 9 insertions(+), 4 deletions(-)

--- a/arch/Kconfig~fork-support-vmap_stack-with-kasan_vmalloc
+++ a/arch/Kconfig
@@ -843,16 +843,17 @@ config HAVE_ARCH_VMAP_STACK
 config VMAP_STACK
 	default y
 	bool "Use a virtually-mapped stack"
+	depends on !KASAN || KASAN_VMALLOC
 	  Enable this if you want the use virtually-mapped kernel stacks
 	  with guard pages.  This causes kernel stack overflows to be
 	  caught immediately rather than causing difficult-to-diagnose
-	  This is presently incompatible with KASAN because KASAN expects
-	  the stack to map directly to the KASAN shadow map using a formula
-	  that is incorrect if the stack is in vmalloc space.
+	  To use this with KASAN, the architecture must support backing
+	  virtual mappings with real shadow memory, and KASAN_VMALLOC must
+	  be enabled.
 	def_bool n
--- a/kernel/fork.c~fork-support-vmap_stack-with-kasan_vmalloc
+++ a/kernel/fork.c
@@ -93,6 +93,7 @@
 #include <linux/livepatch.h>
 #include <linux/thread_info.h>
 #include <linux/stackleak.h>
+#include <linux/kasan.h>
 #include <asm/pgtable.h>
 #include <asm/pgalloc.h>
@@ -223,6 +224,9 @@ static unsigned long *alloc_thread_stack
 		if (!s)
+		/* Clear the KASAN shadow of the stack. */
+		kasan_unpoison_shadow(s->addr, THREAD_SIZE);
 		/* Clear stale pointers from reused stack. */
 		memset(s->addr, 0, THREAD_SIZE);

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, back to index

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-12-01  1:54 [patch 095/158] fork: support VMAP_STACK with KASAN_VMALLOC akpm

Linux-mm Archive on

Archives are clonable:
	git clone --mirror linux-mm/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-mm linux-mm/ \
	public-inbox-index linux-mm

Example config snippet for mirrors

Newsgroup available over NNTP:

AGPL code for this site: git clone