LKML Archive on lore.kernel.org
 help / color / Atom feed
From: Andy Lutomirski <luto@kernel.org>
To: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: Andy Lutomirski <luto@kernel.org>, X86 ML <x86@kernel.org>,
	Borislav Petkov <bpetkov@suse.de>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	Brian Gerst <brgerst@gmail.com>,
	Dave Hansen <dave.hansen@intel.com>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Josh Poimboeuf <jpoimboe@redhat.com>,
	Alexander Potapenko <glider@google.com>,
	Dmitry Vyukov <dvyukov@google.com>,
	kasan-dev <kasan-dev@googlegroups.com>
Subject: Re: [PATCH v3 05/19] x86/kasan/64: Teach KASAN about the cpu_entry_area
Date: Fri, 24 Nov 2017 08:27:09 -0800
Message-ID: <CALCETrW7=WDxt_ZiXKBez9mTGz92qeVxWJp3BJauEtAs3r4cTg@mail.gmail.com> (raw)
In-Reply-To: <527f205f-0e2f-36c4-25a1-f9d5c55260bc@virtuozzo.com>

On Fri, Nov 24, 2017 at 5:16 AM, Andrey Ryabinin
<aryabinin@virtuozzo.com> wrote:
>
>
> On 11/24/2017 07:32 AM, Andy Lutomirski wrote:
>> The cpu_entry_area will contain stacks.  Make sure that KASAN has
>> appropriate shadow mappings for them.
>>
>> Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
>> Cc: Alexander Potapenko <glider@google.com>
>> Cc: Dmitry Vyukov <dvyukov@google.com>
>> Cc: kasan-dev@googlegroups.com
>> Signed-off-by: Andy Lutomirski <luto@kernel.org>
>> ---
>>  arch/x86/mm/kasan_init_64.c | 13 ++++++++++++-
>>  1 file changed, 12 insertions(+), 1 deletion(-)
>>
>> diff --git a/arch/x86/mm/kasan_init_64.c b/arch/x86/mm/kasan_init_64.c
>> index 99dfed6dfef8..54561dce742e 100644
>> --- a/arch/x86/mm/kasan_init_64.c
>> +++ b/arch/x86/mm/kasan_init_64.c
>> @@ -277,6 +277,7 @@ void __init kasan_early_init(void)
>>  void __init kasan_init(void)
>>  {
>>       int i;
>> +     void *cpu_entry_area_begin, *cpu_entry_area_end;
>>
>>  #ifdef CONFIG_KASAN_INLINE
>>       register_die_notifier(&kasan_die_notifier);
>> @@ -329,8 +330,18 @@ void __init kasan_init(void)
>>                             (unsigned long)kasan_mem_to_shadow(_end),
>>                             early_pfn_to_nid(__pa(_stext)));
>>
>> +     cpu_entry_area_begin = (void *)(__fix_to_virt(FIX_CPU_ENTRY_AREA_BOTTOM));
>> +     cpu_entry_area_end = (void *)(__fix_to_virt(FIX_CPU_ENTRY_AREA_TOP) + PAGE_SIZE);
>> +
>>       kasan_populate_zero_shadow(kasan_mem_to_shadow((void *)MODULES_END),
>> -                     (void *)KASAN_SHADOW_END);
>> +                                kasan_mem_to_shadow(cpu_entry_area_begin));
>> +
>> +     kasan_populate_shadow((unsigned long)kasan_mem_to_shadow(cpu_entry_area_begin),
>> +                           (unsigned long)kasan_mem_to_shadow(cpu_entry_area_end),
>> +             0);
>> +
>> +     kasan_populate_zero_shadow(kasan_mem_to_shadow(cpu_entry_area_end),
>
> Seems we need to round_up kasan_mem_to_shadow(cpu_entry_area_end) to the next page
> (or alternatively - round_up(cpu_entry_area_end, KASAN_SHADOW_SCALE_SIZE*PAGE_SIZE)).
> Otherwise, kasan_populate_zero_shadow() will overpopulate the last shadow page of cpu_entry area with kasan_zero_page.
>
> We don't necessarily need to round_down(kasan_mem_to_shadow(cpu_entry_area_begin), PAGE_SIZE) because
> kasan_populate_zero_shadow() will not populate the last 'incomplete' page and kasan_populate_shadow()
> does round_down() internally, which is exactly what we want here. But it might be better to round_down()
> explicitly anyway, to avoid relying on such subtle implementation details.

Any chance you could send a fixup patch or a replacement patch?  You
obviously understand this code *way* better than I do.

Or you could do my table-based approach and fix it permanently... :)

>
>> +                                (void *)KASAN_SHADOW_END);
>>
>>       load_cr3(init_top_pgt);
>>       __flush_tlb_all();
>>

  reply index

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-11-24  4:32 [PATCH v3 00/19] Entry stack switching Andy Lutomirski
2017-11-24  4:32 ` [PATCH v3 01/19] x86/asm/64: Allocate and enable the SYSENTER stack Andy Lutomirski
2017-11-24  4:32 ` [PATCH v3 02/19] x86/dumpstack: Add get_stack_info() support for " Andy Lutomirski
2017-11-24  4:32 ` [PATCH v3 03/19] x86/gdt: Put per-cpu GDT remaps in ascending order Andy Lutomirski
2017-11-24  4:32 ` [PATCH v3 04/19] x86/fixmap: Generalize the GDT fixmap mechanism Andy Lutomirski
2017-11-24  4:32 ` [PATCH v3 05/19] x86/kasan/64: Teach KASAN about the cpu_entry_area Andy Lutomirski
2017-11-24 13:16   ` Andrey Ryabinin
2017-11-24 16:27     ` Andy Lutomirski [this message]
2017-11-24 17:21       ` [PATCH v4] x86/mm/kasan: " Andrey Ryabinin
2017-11-24 19:26         ` Andy Lutomirski
2017-11-24 17:26       ` [PATCH v3 05/19] x86/kasan/64: " Andrey Ryabinin
2017-11-24  4:32 ` [PATCH v3 06/19] x86/asm: Fix assumptions that the HW TSS is at the beginning of cpu_tss Andy Lutomirski
2017-11-24  4:32 ` [PATCH v3 07/19] x86/dumpstack: Handle stack overflow on all stacks Andy Lutomirski
2017-11-24  4:32 ` [PATCH v3 08/19] x86/asm: Move SYSENTER_stack to the beginning of struct tss_struct Andy Lutomirski
2017-11-24  4:32 ` [PATCH v3 09/19] x86/asm: Remap the TSS into the cpu entry area Andy Lutomirski
2017-11-24  4:32 ` [PATCH v3 10/19] x86/asm/64: Separate cpu_current_top_of_stack from TSS.sp0 Andy Lutomirski
2017-11-24  4:32 ` [PATCH v3 11/19] x86/espfix/64: Stop assuming that pt_regs is on the entry stack Andy Lutomirski
2017-11-24  4:32 ` [PATCH v3 12/19] x86/asm/64: Use a percpu trampoline stack for IDT entries Andy Lutomirski
2017-11-24  4:32 ` [PATCH v3 13/19] x86/asm/64: Return to userspace from the trampoline stack Andy Lutomirski
2017-11-24  4:33 ` [PATCH v3 14/19] x86/entry/64: Create a percpu SYSCALL entry trampoline Andy Lutomirski
2017-11-24 11:39   ` David Laight
2017-12-01  5:56     ` Andy Lutomirski
2017-11-24  4:33 ` [PATCH v3 15/19] x86/irq: Remove an old outdated comment about context tracking races Andy Lutomirski
2017-11-24  4:33 ` [PATCH v3 16/19] x86/irq/64: In the stack overflow warning, print the offending IP Andy Lutomirski
2017-11-24  4:33 ` [PATCH v3 17/19] x86/entry/64: Move the IST stacks into cpu_entry_area Andy Lutomirski
2017-11-24  4:33 ` [PATCH v3 18/19] x86/entry/64: Remove the SYSENTER stack canary Andy Lutomirski
2017-11-24  4:33 ` [PATCH v3 19/19] x86/entry: Clean up SYSENTER_stack code Andy Lutomirski

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CALCETrW7=WDxt_ZiXKBez9mTGz92qeVxWJp3BJauEtAs3r4cTg@mail.gmail.com' \
    --to=luto@kernel.org \
    --cc=aryabinin@virtuozzo.com \
    --cc=bpetkov@suse.de \
    --cc=brgerst@gmail.com \
    --cc=dave.hansen@intel.com \
    --cc=dvyukov@google.com \
    --cc=glider@google.com \
    --cc=jpoimboe@redhat.com \
    --cc=kasan-dev@googlegroups.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=torvalds@linux-foundation.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

LKML Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/lkml/0 lkml/git/0.git
	git clone --mirror https://lore.kernel.org/lkml/1 lkml/git/1.git
	git clone --mirror https://lore.kernel.org/lkml/2 lkml/git/2.git
	git clone --mirror https://lore.kernel.org/lkml/3 lkml/git/3.git
	git clone --mirror https://lore.kernel.org/lkml/4 lkml/git/4.git
	git clone --mirror https://lore.kernel.org/lkml/5 lkml/git/5.git
	git clone --mirror https://lore.kernel.org/lkml/6 lkml/git/6.git
	git clone --mirror https://lore.kernel.org/lkml/7 lkml/git/7.git
	git clone --mirror https://lore.kernel.org/lkml/8 lkml/git/8.git
	git clone --mirror https://lore.kernel.org/lkml/9 lkml/git/9.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 lkml lkml/ https://lore.kernel.org/lkml \
		linux-kernel@vger.kernel.org
	public-inbox-index lkml

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git