* [PATCH 1/2] kasan: Improve and simplify Kconfig.kasan
@ 2020-06-29 10:41 Marco Elver
2020-06-29 10:41 ` [PATCH 2/2] kasan: Update required compiler versions in documentation Marco Elver
2020-06-29 13:34 ` [PATCH 1/2] kasan: Improve and simplify Kconfig.kasan Andrey Konovalov
0 siblings, 2 replies; 4+ messages in thread
From: Marco Elver @ 2020-06-29 10:41 UTC (permalink / raw)
To: elver, akpm
Cc: dvyukov, glider, andreyknvl, linux-kernel, kasan-dev, aryabinin,
ndesaulniers, walter-zh.wu, arnd, dja, linux-doc,
clang-built-linux
Turn 'KASAN' into a menuconfig, to avoid cluttering its parent menu with
the suboptions if enabled. Use 'if KASAN ... endif' instead of having
to 'depend on KASAN' for each entry.
Signed-off-by: Marco Elver <elver@google.com>
---
lib/Kconfig.kasan | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan
index 34b84bcbd3d9..89053defc0d9 100644
--- a/lib/Kconfig.kasan
+++ b/lib/Kconfig.kasan
@@ -18,7 +18,7 @@ config CC_HAS_KASAN_SW_TAGS
config CC_HAS_WORKING_NOSANITIZE_ADDRESS
def_bool !CC_IS_GCC || GCC_VERSION >= 80300
-config KASAN
+menuconfig KASAN
bool "KASAN: runtime memory debugger"
depends on (HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC) || \
(HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS)
@@ -29,9 +29,10 @@ config KASAN
designed to find out-of-bounds accesses and use-after-free bugs.
See Documentation/dev-tools/kasan.rst for details.
+if KASAN
+
choice
prompt "KASAN mode"
- depends on KASAN
default KASAN_GENERIC
help
KASAN has two modes: generic KASAN (similar to userspace ASan,
@@ -88,7 +89,6 @@ endchoice
choice
prompt "Instrumentation type"
- depends on KASAN
default KASAN_OUTLINE
config KASAN_OUTLINE
@@ -113,7 +113,6 @@ endchoice
config KASAN_STACK_ENABLE
bool "Enable stack instrumentation (unsafe)" if CC_IS_CLANG && !COMPILE_TEST
- depends on KASAN
help
The LLVM stack address sanitizer has a know problem that
causes excessive stack usage in a lot of functions, see
@@ -134,7 +133,7 @@ config KASAN_STACK
config KASAN_S390_4_LEVEL_PAGING
bool "KASan: use 4-level paging"
- depends on KASAN && S390
+ depends on S390
help
Compiling the kernel with KASan disables automatic 3-level vs
4-level paging selection. 3-level paging is used by default (up
@@ -151,7 +150,7 @@ config KASAN_SW_TAGS_IDENTIFY
config KASAN_VMALLOC
bool "Back mappings in vmalloc space with real shadow memory"
- depends on KASAN && HAVE_ARCH_KASAN_VMALLOC
+ depends on HAVE_ARCH_KASAN_VMALLOC
help
By default, the shadow region for vmalloc space is the read-only
zero page. This means that KASAN cannot detect errors involving
@@ -164,8 +163,10 @@ config KASAN_VMALLOC
config TEST_KASAN
tristate "Module for testing KASAN for bug detection"
- depends on m && KASAN
+ depends on m
help
This is a test module doing various nasty things like
out of bounds accesses, use after free. It is useful for testing
kernel debugging features like KASAN.
+
+endif # KASAN
--
2.27.0.212.ge8ba1cc988-goog
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH 2/2] kasan: Update required compiler versions in documentation
2020-06-29 10:41 [PATCH 1/2] kasan: Improve and simplify Kconfig.kasan Marco Elver
@ 2020-06-29 10:41 ` Marco Elver
2020-06-29 13:36 ` Andrey Konovalov
2020-06-29 13:34 ` [PATCH 1/2] kasan: Improve and simplify Kconfig.kasan Andrey Konovalov
1 sibling, 1 reply; 4+ messages in thread
From: Marco Elver @ 2020-06-29 10:41 UTC (permalink / raw)
To: elver, akpm
Cc: dvyukov, glider, andreyknvl, linux-kernel, kasan-dev, aryabinin,
ndesaulniers, walter-zh.wu, arnd, dja, linux-doc,
clang-built-linux
Updates the recently changed compiler requirements for KASAN. In
particular, we require GCC >= 8.3.0, and add a note that Clang 11
supports OOB detection of globals.
Fixes: 7b861a53e46b ("kasan: Bump required compiler version")
Fixes: acf7b0bf7dcf ("kasan: Fix required compiler version")
Signed-off-by: Marco Elver <elver@google.com>
---
Documentation/dev-tools/kasan.rst | 7 ++-----
lib/Kconfig.kasan | 24 +++++++++++++++---------
2 files changed, 17 insertions(+), 14 deletions(-)
diff --git a/Documentation/dev-tools/kasan.rst b/Documentation/dev-tools/kasan.rst
index c652d740735d..15a2a53e77b0 100644
--- a/Documentation/dev-tools/kasan.rst
+++ b/Documentation/dev-tools/kasan.rst
@@ -13,11 +13,8 @@ KASAN uses compile-time instrumentation to insert validity checks before every
memory access, and therefore requires a compiler version that supports that.
Generic KASAN is supported in both GCC and Clang. With GCC it requires version
-4.9.2 or later for basic support and version 5.0 or later for detection of
-out-of-bounds accesses for stack and global variables and for inline
-instrumentation mode (see the Usage section). With Clang it requires version
-7.0.0 or later and it doesn't support detection of out-of-bounds accesses for
-global variables yet.
+8.3.0 or later. With Clang it requires version 7.0.0 or later, but detection of
+out-of-bounds accesses for global variables is only supported since Clang 11.
Tag-based KASAN is only supported in Clang and requires version 7.0.0 or later.
diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan
index 89053defc0d9..047b53dbfd58 100644
--- a/lib/Kconfig.kasan
+++ b/lib/Kconfig.kasan
@@ -40,6 +40,7 @@ choice
software tag-based KASAN (a version based on software memory
tagging, arm64 only, similar to userspace HWASan, enabled with
CONFIG_KASAN_SW_TAGS).
+
Both generic and tag-based KASAN are strictly debugging features.
config KASAN_GENERIC
@@ -51,16 +52,18 @@ config KASAN_GENERIC
select STACKDEPOT
help
Enables generic KASAN mode.
- Supported in both GCC and Clang. With GCC it requires version 4.9.2
- or later for basic support and version 5.0 or later for detection of
- out-of-bounds accesses for stack and global variables and for inline
- instrumentation mode (CONFIG_KASAN_INLINE). With Clang it requires
- version 3.7.0 or later and it doesn't support detection of
- out-of-bounds accesses for global variables yet.
+
+ This mode is supported in both GCC and Clang. With GCC it requires
+ version 8.3.0 or later. With Clang it requires version 7.0.0 or
+ later, but detection of out-of-bounds accesses for global variables
+ is supported only since Clang 11.
+
This mode consumes about 1/8th of available memory at kernel start
and introduces an overhead of ~x1.5 for the rest of the allocations.
The performance slowdown is ~x3.
+
For better error detection enable CONFIG_STACKTRACE.
+
Currently CONFIG_KASAN_GENERIC doesn't work with CONFIG_DEBUG_SLAB
(the resulting kernel does not boot).
@@ -73,15 +76,19 @@ config KASAN_SW_TAGS
select STACKDEPOT
help
Enables software tag-based KASAN mode.
+
This mode requires Top Byte Ignore support by the CPU and therefore
- is only supported for arm64.
- This mode requires Clang version 7.0.0 or later.
+ is only supported for arm64. This mode requires Clang version 7.0.0
+ or later.
+
This mode consumes about 1/16th of available memory at kernel start
and introduces an overhead of ~20% for the rest of the allocations.
This mode may potentially introduce problems relating to pointer
casting and comparison, as it embeds tags into the top byte of each
pointer.
+
For better error detection enable CONFIG_STACKTRACE.
+
Currently CONFIG_KASAN_SW_TAGS doesn't work with CONFIG_DEBUG_SLAB
(the resulting kernel does not boot).
@@ -107,7 +114,6 @@ config KASAN_INLINE
memory accesses. This is faster than outline (in some workloads
it gives about x2 boost over outline instrumentation), but
make kernel's .text size much bigger.
- For CONFIG_KASAN_GENERIC this requires GCC 5.0 or later.
endchoice
--
2.27.0.212.ge8ba1cc988-goog
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 1/2] kasan: Improve and simplify Kconfig.kasan
2020-06-29 10:41 [PATCH 1/2] kasan: Improve and simplify Kconfig.kasan Marco Elver
2020-06-29 10:41 ` [PATCH 2/2] kasan: Update required compiler versions in documentation Marco Elver
@ 2020-06-29 13:34 ` Andrey Konovalov
1 sibling, 0 replies; 4+ messages in thread
From: Andrey Konovalov @ 2020-06-29 13:34 UTC (permalink / raw)
To: Marco Elver
Cc: Andrew Morton, Dmitry Vyukov, Alexander Potapenko, LKML,
kasan-dev, Andrey Ryabinin, Nick Desaulniers, Walter Wu,
Arnd Bergmann, Daniel Axtens, open list:DOCUMENTATION,
clang-built-linux
On Mon, Jun 29, 2020 at 12:42 PM Marco Elver <elver@google.com> wrote:
>
> Turn 'KASAN' into a menuconfig, to avoid cluttering its parent menu with
> the suboptions if enabled. Use 'if KASAN ... endif' instead of having
> to 'depend on KASAN' for each entry.
>
> Signed-off-by: Marco Elver <elver@google.com>
> ---
> lib/Kconfig.kasan | 15 ++++++++-------
> 1 file changed, 8 insertions(+), 7 deletions(-)
>
> diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan
> index 34b84bcbd3d9..89053defc0d9 100644
> --- a/lib/Kconfig.kasan
> +++ b/lib/Kconfig.kasan
> @@ -18,7 +18,7 @@ config CC_HAS_KASAN_SW_TAGS
> config CC_HAS_WORKING_NOSANITIZE_ADDRESS
> def_bool !CC_IS_GCC || GCC_VERSION >= 80300
>
> -config KASAN
> +menuconfig KASAN
> bool "KASAN: runtime memory debugger"
> depends on (HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC) || \
> (HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS)
> @@ -29,9 +29,10 @@ config KASAN
> designed to find out-of-bounds accesses and use-after-free bugs.
> See Documentation/dev-tools/kasan.rst for details.
>
> +if KASAN
> +
> choice
> prompt "KASAN mode"
> - depends on KASAN
> default KASAN_GENERIC
> help
> KASAN has two modes: generic KASAN (similar to userspace ASan,
> @@ -88,7 +89,6 @@ endchoice
>
> choice
> prompt "Instrumentation type"
> - depends on KASAN
> default KASAN_OUTLINE
>
> config KASAN_OUTLINE
> @@ -113,7 +113,6 @@ endchoice
>
> config KASAN_STACK_ENABLE
> bool "Enable stack instrumentation (unsafe)" if CC_IS_CLANG && !COMPILE_TEST
> - depends on KASAN
> help
> The LLVM stack address sanitizer has a know problem that
> causes excessive stack usage in a lot of functions, see
> @@ -134,7 +133,7 @@ config KASAN_STACK
>
> config KASAN_S390_4_LEVEL_PAGING
> bool "KASan: use 4-level paging"
> - depends on KASAN && S390
> + depends on S390
> help
> Compiling the kernel with KASan disables automatic 3-level vs
> 4-level paging selection. 3-level paging is used by default (up
> @@ -151,7 +150,7 @@ config KASAN_SW_TAGS_IDENTIFY
>
> config KASAN_VMALLOC
> bool "Back mappings in vmalloc space with real shadow memory"
> - depends on KASAN && HAVE_ARCH_KASAN_VMALLOC
> + depends on HAVE_ARCH_KASAN_VMALLOC
> help
> By default, the shadow region for vmalloc space is the read-only
> zero page. This means that KASAN cannot detect errors involving
> @@ -164,8 +163,10 @@ config KASAN_VMALLOC
>
> config TEST_KASAN
> tristate "Module for testing KASAN for bug detection"
> - depends on m && KASAN
> + depends on m
> help
> This is a test module doing various nasty things like
> out of bounds accesses, use after free. It is useful for testing
> kernel debugging features like KASAN.
> +
> +endif # KASAN
> --
> 2.27.0.212.ge8ba1cc988-goog
>
Reviewed-by: Andrey Konovalov <andreyknvl@google.com>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH 2/2] kasan: Update required compiler versions in documentation
2020-06-29 10:41 ` [PATCH 2/2] kasan: Update required compiler versions in documentation Marco Elver
@ 2020-06-29 13:36 ` Andrey Konovalov
0 siblings, 0 replies; 4+ messages in thread
From: Andrey Konovalov @ 2020-06-29 13:36 UTC (permalink / raw)
To: Marco Elver
Cc: Andrew Morton, Dmitry Vyukov, Alexander Potapenko, LKML,
kasan-dev, Andrey Ryabinin, Nick Desaulniers, Walter Wu,
Arnd Bergmann, Daniel Axtens, open list:DOCUMENTATION,
clang-built-linux
On Mon, Jun 29, 2020 at 12:42 PM Marco Elver <elver@google.com> wrote:
>
> Updates the recently changed compiler requirements for KASAN. In
> particular, we require GCC >= 8.3.0, and add a note that Clang 11
> supports OOB detection of globals.
>
> Fixes: 7b861a53e46b ("kasan: Bump required compiler version")
> Fixes: acf7b0bf7dcf ("kasan: Fix required compiler version")
> Signed-off-by: Marco Elver <elver@google.com>
> ---
> Documentation/dev-tools/kasan.rst | 7 ++-----
> lib/Kconfig.kasan | 24 +++++++++++++++---------
> 2 files changed, 17 insertions(+), 14 deletions(-)
>
> diff --git a/Documentation/dev-tools/kasan.rst b/Documentation/dev-tools/kasan.rst
> index c652d740735d..15a2a53e77b0 100644
> --- a/Documentation/dev-tools/kasan.rst
> +++ b/Documentation/dev-tools/kasan.rst
> @@ -13,11 +13,8 @@ KASAN uses compile-time instrumentation to insert validity checks before every
> memory access, and therefore requires a compiler version that supports that.
>
> Generic KASAN is supported in both GCC and Clang. With GCC it requires version
> -4.9.2 or later for basic support and version 5.0 or later for detection of
> -out-of-bounds accesses for stack and global variables and for inline
> -instrumentation mode (see the Usage section). With Clang it requires version
> -7.0.0 or later and it doesn't support detection of out-of-bounds accesses for
> -global variables yet.
> +8.3.0 or later. With Clang it requires version 7.0.0 or later, but detection of
> +out-of-bounds accesses for global variables is only supported since Clang 11.
>
> Tag-based KASAN is only supported in Clang and requires version 7.0.0 or later.
>
> diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan
> index 89053defc0d9..047b53dbfd58 100644
> --- a/lib/Kconfig.kasan
> +++ b/lib/Kconfig.kasan
> @@ -40,6 +40,7 @@ choice
> software tag-based KASAN (a version based on software memory
> tagging, arm64 only, similar to userspace HWASan, enabled with
> CONFIG_KASAN_SW_TAGS).
> +
> Both generic and tag-based KASAN are strictly debugging features.
>
> config KASAN_GENERIC
> @@ -51,16 +52,18 @@ config KASAN_GENERIC
> select STACKDEPOT
> help
> Enables generic KASAN mode.
> - Supported in both GCC and Clang. With GCC it requires version 4.9.2
> - or later for basic support and version 5.0 or later for detection of
> - out-of-bounds accesses for stack and global variables and for inline
> - instrumentation mode (CONFIG_KASAN_INLINE). With Clang it requires
> - version 3.7.0 or later and it doesn't support detection of
> - out-of-bounds accesses for global variables yet.
> +
> + This mode is supported in both GCC and Clang. With GCC it requires
> + version 8.3.0 or later. With Clang it requires version 7.0.0 or
> + later, but detection of out-of-bounds accesses for global variables
> + is supported only since Clang 11.
> +
> This mode consumes about 1/8th of available memory at kernel start
> and introduces an overhead of ~x1.5 for the rest of the allocations.
> The performance slowdown is ~x3.
> +
> For better error detection enable CONFIG_STACKTRACE.
> +
> Currently CONFIG_KASAN_GENERIC doesn't work with CONFIG_DEBUG_SLAB
> (the resulting kernel does not boot).
>
> @@ -73,15 +76,19 @@ config KASAN_SW_TAGS
> select STACKDEPOT
> help
> Enables software tag-based KASAN mode.
> +
> This mode requires Top Byte Ignore support by the CPU and therefore
> - is only supported for arm64.
> - This mode requires Clang version 7.0.0 or later.
> + is only supported for arm64. This mode requires Clang version 7.0.0
> + or later.
> +
> This mode consumes about 1/16th of available memory at kernel start
> and introduces an overhead of ~20% for the rest of the allocations.
> This mode may potentially introduce problems relating to pointer
> casting and comparison, as it embeds tags into the top byte of each
> pointer.
> +
> For better error detection enable CONFIG_STACKTRACE.
> +
> Currently CONFIG_KASAN_SW_TAGS doesn't work with CONFIG_DEBUG_SLAB
> (the resulting kernel does not boot).
>
> @@ -107,7 +114,6 @@ config KASAN_INLINE
> memory accesses. This is faster than outline (in some workloads
> it gives about x2 boost over outline instrumentation), but
> make kernel's .text size much bigger.
> - For CONFIG_KASAN_GENERIC this requires GCC 5.0 or later.
>
> endchoice
>
> --
> 2.27.0.212.ge8ba1cc988-goog
>
Reviewed-by: Andrey Konovalov <andreyknvl@google.com>
Thanks!
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-06-29 20:57 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-06-29 10:41 [PATCH 1/2] kasan: Improve and simplify Kconfig.kasan Marco Elver
2020-06-29 10:41 ` [PATCH 2/2] kasan: Update required compiler versions in documentation Marco Elver
2020-06-29 13:36 ` Andrey Konovalov
2020-06-29 13:34 ` [PATCH 1/2] kasan: Improve and simplify Kconfig.kasan Andrey Konovalov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).