From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5A49AC433DB for ; Fri, 12 Mar 2021 14:25:04 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 080AD64FDD for ; Fri, 12 Mar 2021 14:25:04 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 080AD64FDD Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id B4EFC8D0364; Fri, 12 Mar 2021 09:25:01 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id B23488D0361; Fri, 12 Mar 2021 09:25:01 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9C5118D0364; Fri, 12 Mar 2021 09:25:01 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0044.hostedemail.com [216.40.44.44]) by kanga.kvack.org (Postfix) with ESMTP id 79A998D0361 for ; Fri, 12 Mar 2021 09:25:01 -0500 (EST) Received: from smtpin07.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id 3207183FF for ; Fri, 12 Mar 2021 14:25:01 +0000 (UTC) X-FDA: 77911444002.07.4ACCF70 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) by imf25.hostedemail.com (Postfix) with ESMTP id D1C336000100 for ; Fri, 12 Mar 2021 14:24:58 +0000 (UTC) Received: by mail-wm1-f74.google.com with SMTP id s192so5408932wme.6 for ; Fri, 12 Mar 2021 06:25:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=Ygfy34R30Ir5P43bAuVWD7PsEpaVeYrJUsfKdxJOhKs=; b=rC5oeVOtwW4j37sI8e0pI6DstMXXrDhg66shdjo/HdwFQuJql7l9XihT1b74K7zfvu +LMZjin/QNQW1inNez0NvU7o976i056UEY83jBhxXulKZh6DQMsHam+O+rTQLzLGCzmr tN3mgw7nzkn9DE5HZ+CQpqrDn1rVhghN3essH34emvOhlYdE9vQ115ZaFgV0UC7h4urG 39CWaz23zdSYXKZZzs7gNqzSk1aKHKyw1XCLtRuu/NJeiNRw/SEJDhBh0MZ5Vxp+J0GM JZnpHWL8trHR2Z8bs3OeGJoXIJqxcVqem5ARckJOk1XY3jW1rOk0XuSPTY++Y+xTm5+P J3jw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=Ygfy34R30Ir5P43bAuVWD7PsEpaVeYrJUsfKdxJOhKs=; b=JaiJJ+1YGg/y7PomnBgQQ6RQ49yUEpBzYqouGzezPBjaPBEfDivJ9Gt3Mk7jH64AIx 9n+YpvrvG8r9Af7J6FYi8It9DYbqv4gzthUcGW4GRnRfNZ2w586DzOTa/mUiSItGqxyl pOcd/67MQXFAQNySsxFGY+V0R2d71Dmrk6EbmFexN4961B5men65ujfTYdhsPfE6xBAr s9YwRUM2S5ur+p/OFmW/Fr3T5gI1lN2WcccHr+6FZedlEKxcWQpYOmKqEoOa27Y22xia jPI/XxNScu0gp4w8WkWcfEc0a3nJXTRkUVJ6xfBM2q1sDjqcXb39QnhbQ9PkAXjMRP8i udmg== X-Gm-Message-State: AOAM531tItWPUqFnH5X7u/Z/1whdk+TSS0mq05nMBBlbt2hsxVZQ5lDv wLx4/B8Db4HRfiTm5oIOVuxtfxM8i1wkUbaO X-Google-Smtp-Source: ABdhPJzH5ceh4zLI0fc9g5fS021UsKjJ3ZXNJjpWRuf5c3Y6bxgUMjDEdZwoLCR2U8J2ymtATr4A6hag3hjCMNcT X-Received: from andreyknvl3.muc.corp.google.com ([2a00:79e0:15:13:95a:d8a8:4925:42be]) (user=andreyknvl job=sendgmr) by 2002:a1c:5416:: with SMTP id i22mr13379263wmb.146.1615559099696; Fri, 12 Mar 2021 06:24:59 -0800 (PST) Date: Fri, 12 Mar 2021 15:24:33 +0100 In-Reply-To: Message-Id: <4531ba5f3eca61f6aade863c136778cc8c807a64.1615559068.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.31.0.rc2.261.g7f71774620-goog Subject: [PATCH v2 10/11] kasan: docs: update ignoring accesses section From: Andrey Konovalov To: Andrew Morton , Alexander Potapenko , Marco Elver Cc: Andrey Ryabinin , Dmitry Vyukov , kasan-dev@googlegroups.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Content-Type: text/plain; charset="UTF-8" X-Stat-Signature: fchq76xecgqfr1p1u57g4sqz5wrej6ek X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: D1C336000100 Received-SPF: none (flex--andreyknvl.bounces.google.com>: No applicable sender policy available) receiver=imf25; identity=mailfrom; envelope-from="<3u3lLYAoKCOQGTJXKeQTbRMUUMRK.IUSROTad-SSQbGIQ.UXM@flex--andreyknvl.bounces.google.com>"; helo=mail-wm1-f74.google.com; client-ip=209.85.128.74 X-HE-DKIM-Result: pass/pass X-HE-Tag: 1615559098-106414 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Update the "Ignoring accesses" section in KASAN documentation: - Mention __no_sanitize_address/noinstr. - Mention kasan_disable/enable_current(). - Mention kasan_reset_tag()/page_kasan_tag_reset(). - Readability and punctuation clean-ups. Signed-off-by: Andrey Konovalov --- Changes in v1->v2: - Mention __no_sanitize_address/noinstr. - Reword the whole section to make it clear which method works for which mode. --- Documentation/dev-tools/kasan.rst | 34 +++++++++++++++++++++++++++---- 1 file changed, 30 insertions(+), 4 deletions(-) diff --git a/Documentation/dev-tools/kasan.rst b/Documentation/dev-tools/kasan.rst index d0c1796122df..5749c14b38d0 100644 --- a/Documentation/dev-tools/kasan.rst +++ b/Documentation/dev-tools/kasan.rst @@ -368,12 +368,18 @@ Ignoring accesses ~~~~~~~~~~~~~~~~~ Software KASAN modes use compiler instrumentation to insert validity checks. -Such instrumentation might be incompatible with some part of the kernel, and -therefore needs to be disabled. To disable instrumentation for specific files -or directories, add a line similar to the following to the respective kernel +Such instrumentation might be incompatible with some parts of the kernel, and +therefore needs to be disabled. + +Other parts of the kernel might access metadata for allocated objects. +Normally, KASAN detects and reports such accesses, but in some cases (e.g., +in memory allocators), these accesses are valid. + +For software KASAN modes, to disable instrumentation for a specific file or +directory, add a ``KASAN_SANITIZE`` annotation to the respective kernel Makefile: -- For a single file (e.g. main.o):: +- For a single file (e.g., main.o):: KASAN_SANITIZE_main.o := n @@ -381,6 +387,26 @@ Makefile: KASAN_SANITIZE := n +For software KASAN modes, to disable instrumentation on a per-function basis, +use the KASAN-specific ``__no_sanitize_address`` function attribute or the +generic ``noinstr`` one. + +Note that disabling compiler instrumentation (either on a per-file or a +per-function basis) makes KASAN ignore the accesses that happen directly in +that code for software KASAN modes. It does not help when the accesses happen +indirectly (through calls to instrumented functions) or with the hardware +tag-based mode that does not use compiler instrumentation. + +For software KASAN modes, to disable KASAN reports in a part of the kernel code +for the current task, annotate this part of the code with a +``kasan_disable_current()``/``kasan_enable_current()`` section. This also +disables the reports for indirect accesses that happen through function calls. + +For tag-based KASAN modes (include the hardware one), to disable access +checking, use ``kasan_reset_tag()`` or ``page_kasan_tag_reset()``. Note that +temporarily disabling access checking via ``page_kasan_tag_reset()`` requires +saving and restoring the per-page KASAN tag via +``page_kasan_tag``/``page_kasan_tag_set``. Tests ~~~~~ -- 2.31.0.rc2.261.g7f71774620-goog