linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH mm 0/2] kasan: a few HW_TAGS fixes
@ 2020-12-09 18:24 Andrey Konovalov
  2020-12-09 18:24 ` [PATCH mm 1/2] kasan: don't use read-only static keys Andrey Konovalov
  2020-12-09 18:24 ` [PATCH mm 2/2] Revert "kasan, arm64: don't allow SW_TAGS with ARM64_MTE" Andrey Konovalov
  0 siblings, 2 replies; 8+ messages in thread
From: Andrey Konovalov @ 2020-12-09 18:24 UTC (permalink / raw)
  To: Andrew Morton
  Cc: Catalin Marinas, Will Deacon, Vincenzo Frascino, Dmitry Vyukov,
	Andrey Ryabinin, Alexander Potapenko, Marco Elver,
	Evgenii Stepanov, Branislav Rankov, Kevin Brodsky, kasan-dev,
	linux-arm-kernel, linux-mm, linux-kernel, Andrey Konovalov

Hi Andrew,

Could you please squash the first one into
"kasan: add and integrate kasan boot parameters".

And instead of applying the second one, it's better to just drop
"kasan, arm64: don't allow SW_TAGS with ARM64_MTE".

Thanks!

Andrey Konovalov (2):
  kasan: don't use read-only static keys
  Revert "kasan, arm64: don't allow SW_TAGS with ARM64_MTE"

 arch/arm64/Kconfig | 2 +-
 mm/kasan/hw_tags.c | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

-- 
2.29.2.576.ga3fc446d84-goog


^ permalink raw reply	[flat|nested] 8+ messages in thread
* [PATCH mm 1/2] kasan: don't use read-only static keys
  2020-12-09 18:24 [PATCH mm 0/2] kasan: a few HW_TAGS fixes Andrey Konovalov
@ 2020-12-09 18:24 ` Andrey Konovalov
  2020-12-09 18:49   ` Marco Elver
  2020-12-09 18:24 ` [PATCH mm 2/2] Revert "kasan, arm64: don't allow SW_TAGS with ARM64_MTE" Andrey Konovalov
  1 sibling, 1 reply; 8+ messages in thread
From: Andrey Konovalov @ 2020-12-09 18:24 UTC (permalink / raw)
  To: Andrew Morton
  Cc: Catalin Marinas, Will Deacon, Vincenzo Frascino, Dmitry Vyukov,
	Andrey Ryabinin, Alexander Potapenko, Marco Elver,
	Evgenii Stepanov, Branislav Rankov, Kevin Brodsky, kasan-dev,
	linux-arm-kernel, linux-mm, linux-kernel, Andrey Konovalov

__ro_after_init static keys are incompatible with usage in loadable kernel
modules and cause crashes. Don't use those, use normal static keys.

Signed-off-by: Andrey Konovalov <andreyknvl@google.com>

---

This fix can be squashed into
"kasan: add and integrate kasan boot parameters".

---
 mm/kasan/hw_tags.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/mm/kasan/hw_tags.c b/mm/kasan/hw_tags.c
index c91f2c06ecb5..55bd6f09c70f 100644
--- a/mm/kasan/hw_tags.c
+++ b/mm/kasan/hw_tags.c
@@ -43,11 +43,11 @@ static enum kasan_arg_stacktrace kasan_arg_stacktrace __ro_after_init;
 static enum kasan_arg_fault kasan_arg_fault __ro_after_init;
 
 /* Whether KASAN is enabled at all. */
-DEFINE_STATIC_KEY_FALSE_RO(kasan_flag_enabled);
+DEFINE_STATIC_KEY_FALSE(kasan_flag_enabled);
 EXPORT_SYMBOL(kasan_flag_enabled);
 
 /* Whether to collect alloc/free stack traces. */
-DEFINE_STATIC_KEY_FALSE_RO(kasan_flag_stacktrace);
+DEFINE_STATIC_KEY_FALSE(kasan_flag_stacktrace);
 
 /* Whether panic or disable tag checking on fault. */
 bool kasan_flag_panic __ro_after_init;
-- 
2.29.2.576.ga3fc446d84-goog


^ permalink raw reply related	[flat|nested] 8+ messages in thread
* [PATCH mm 2/2] Revert "kasan, arm64: don't allow SW_TAGS with ARM64_MTE"
  2020-12-09 18:24 [PATCH mm 0/2] kasan: a few HW_TAGS fixes Andrey Konovalov
  2020-12-09 18:24 ` [PATCH mm 1/2] kasan: don't use read-only static keys Andrey Konovalov
@ 2020-12-09 18:24 ` Andrey Konovalov
  2020-12-09 18:51   ` Marco Elver
  1 sibling, 1 reply; 8+ messages in thread
From: Andrey Konovalov @ 2020-12-09 18:24 UTC (permalink / raw)
  To: Andrew Morton
  Cc: Catalin Marinas, Will Deacon, Vincenzo Frascino, Dmitry Vyukov,
	Andrey Ryabinin, Alexander Potapenko, Marco Elver,
	Evgenii Stepanov, Branislav Rankov, Kevin Brodsky, kasan-dev,
	linux-arm-kernel, linux-mm, linux-kernel, Andrey Konovalov

This reverts "kasan, arm64: don't allow SW_TAGS with ARM64_MTE".

In earlier versions on the hardware tag-based KASAN patchset in-kernel
MTE used to be always enabled when CONFIG_ARM64_MTE is on. This caused
conflicts with the software tag-based KASAN mode.

This is no logner the case: in-kernel MTE is never enabled unless the
CONFIG_KASAN_HW_TAGS is enabled, so there are no more conflicts with
CONFIG_KASAN_SW_TAGS.

Allow CONFIG_KASAN_SW_TAGS to be enabled even when CONFIG_ARM64_MTE is
enabled.

Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
---
 arch/arm64/Kconfig | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 6fefab9041d8..62a7668976a2 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -135,7 +135,7 @@ config ARM64
 	select HAVE_ARCH_JUMP_LABEL
 	select HAVE_ARCH_JUMP_LABEL_RELATIVE
 	select HAVE_ARCH_KASAN if !(ARM64_16K_PAGES && ARM64_VA_BITS_48)
-	select HAVE_ARCH_KASAN_SW_TAGS if (HAVE_ARCH_KASAN && !ARM64_MTE)
+	select HAVE_ARCH_KASAN_SW_TAGS if HAVE_ARCH_KASAN
 	select HAVE_ARCH_KASAN_HW_TAGS if (HAVE_ARCH_KASAN && ARM64_MTE)
 	select HAVE_ARCH_KFENCE
 	select HAVE_ARCH_KGDB
-- 
2.29.2.576.ga3fc446d84-goog


^ permalink raw reply related	[flat|nested] 8+ messages in thread
* Re: [PATCH mm 1/2] kasan: don't use read-only static keys
  2020-12-09 18:24 ` [PATCH mm 1/2] kasan: don't use read-only static keys Andrey Konovalov
@ 2020-12-09 18:49   ` Marco Elver
  2020-12-09 18:57     ` Kees Cook
  0 siblings, 1 reply; 8+ messages in thread
From: Marco Elver @ 2020-12-09 18:49 UTC (permalink / raw)
  To: Andrey Konovalov
  Cc: Andrew Morton, Catalin Marinas, Will Deacon, Vincenzo Frascino,
	Dmitry Vyukov, Andrey Ryabinin, Alexander Potapenko,
	Evgenii Stepanov, Branislav Rankov, Kevin Brodsky, kasan-dev,
	Linux ARM, Linux Memory Management List, LKML, Kees Cook

On Wed, 9 Dec 2020 at 19:24, Andrey Konovalov <andreyknvl@google.com> wrote:
> __ro_after_init static keys are incompatible with usage in loadable kernel
> modules and cause crashes. Don't use those, use normal static keys.
>
> Signed-off-by: Andrey Konovalov <andreyknvl@google.com>

Reviewed-by: Marco Elver <elver@google.com>

> ---
>
> This fix can be squashed into
> "kasan: add and integrate kasan boot parameters".
>
> ---
>  mm/kasan/hw_tags.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/mm/kasan/hw_tags.c b/mm/kasan/hw_tags.c
> index c91f2c06ecb5..55bd6f09c70f 100644
> --- a/mm/kasan/hw_tags.c
> +++ b/mm/kasan/hw_tags.c
> @@ -43,11 +43,11 @@ static enum kasan_arg_stacktrace kasan_arg_stacktrace __ro_after_init;
>  static enum kasan_arg_fault kasan_arg_fault __ro_after_init;
>
>  /* Whether KASAN is enabled at all. */
> -DEFINE_STATIC_KEY_FALSE_RO(kasan_flag_enabled);
> +DEFINE_STATIC_KEY_FALSE(kasan_flag_enabled);

Side-node: This appears to be just a bad interface; I think the macro
DEFINE_STATIC_KEY_FALSE_RO() is error-prone, if it can't be guaranteed
that this is always safe, since the presence of the macro encourages
its use and we'll inevitably run into this problem again.

>  EXPORT_SYMBOL(kasan_flag_enabled);

DEFINE_STATIC_KEY_FALSE_RO() + EXPORT_SYMBOL() is an immediate bug.
Given its use has not increased substantially since its introduction,
it may be safer to consider its removal.

Thanks,
-- Marco

^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [PATCH mm 2/2] Revert "kasan, arm64: don't allow SW_TAGS with ARM64_MTE"
  2020-12-09 18:24 ` [PATCH mm 2/2] Revert "kasan, arm64: don't allow SW_TAGS with ARM64_MTE" Andrey Konovalov
@ 2020-12-09 18:51   ` Marco Elver
  2020-12-09 23:22     ` Andrew Morton
  0 siblings, 1 reply; 8+ messages in thread
From: Marco Elver @ 2020-12-09 18:51 UTC (permalink / raw)
  To: Andrey Konovalov
  Cc: Andrew Morton, Catalin Marinas, Will Deacon, Vincenzo Frascino,
	Dmitry Vyukov, Andrey Ryabinin, Alexander Potapenko,
	Evgenii Stepanov, Branislav Rankov, Kevin Brodsky, kasan-dev,
	Linux ARM, Linux Memory Management List, LKML

On Wed, 9 Dec 2020 at 19:24, Andrey Konovalov <andreyknvl@google.com> wrote:
>
> This reverts "kasan, arm64: don't allow SW_TAGS with ARM64_MTE".
>
> In earlier versions on the hardware tag-based KASAN patchset in-kernel
> MTE used to be always enabled when CONFIG_ARM64_MTE is on. This caused
> conflicts with the software tag-based KASAN mode.
>
> This is no logner the case: in-kernel MTE is never enabled unless the
> CONFIG_KASAN_HW_TAGS is enabled, so there are no more conflicts with
> CONFIG_KASAN_SW_TAGS.
>
> Allow CONFIG_KASAN_SW_TAGS to be enabled even when CONFIG_ARM64_MTE is
> enabled.
>
> Signed-off-by: Andrey Konovalov <andreyknvl@google.com>

Reviewed-by: Marco Elver <elver@google.com>


> ---
>  arch/arm64/Kconfig | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index 6fefab9041d8..62a7668976a2 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -135,7 +135,7 @@ config ARM64
>         select HAVE_ARCH_JUMP_LABEL
>         select HAVE_ARCH_JUMP_LABEL_RELATIVE
>         select HAVE_ARCH_KASAN if !(ARM64_16K_PAGES && ARM64_VA_BITS_48)
> -       select HAVE_ARCH_KASAN_SW_TAGS if (HAVE_ARCH_KASAN && !ARM64_MTE)
> +       select HAVE_ARCH_KASAN_SW_TAGS if HAVE_ARCH_KASAN
>         select HAVE_ARCH_KASAN_HW_TAGS if (HAVE_ARCH_KASAN && ARM64_MTE)
>         select HAVE_ARCH_KFENCE
>         select HAVE_ARCH_KGDB
> --
> 2.29.2.576.ga3fc446d84-goog
>

^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [PATCH mm 1/2] kasan: don't use read-only static keys
  2020-12-09 18:49   ` Marco Elver
@ 2020-12-09 18:57     ` Kees Cook
  2020-12-09 19:00       ` Marco Elver
  0 siblings, 1 reply; 8+ messages in thread
From: Kees Cook @ 2020-12-09 18:57 UTC (permalink / raw)
  To: Marco Elver
  Cc: Andrey Konovalov, Andrew Morton, Catalin Marinas, Will Deacon,
	Vincenzo Frascino, Dmitry Vyukov, Andrey Ryabinin,
	Alexander Potapenko, Evgenii Stepanov, Branislav Rankov,
	Kevin Brodsky, kasan-dev, Linux ARM,
	Linux Memory Management List, LKML

On Wed, Dec 09, 2020 at 07:49:36PM +0100, Marco Elver wrote:
> On Wed, 9 Dec 2020 at 19:24, Andrey Konovalov <andreyknvl@google.com> wrote:
> > __ro_after_init static keys are incompatible with usage in loadable kernel
> > modules and cause crashes. Don't use those, use normal static keys.
> >
> > Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
> 
> Reviewed-by: Marco Elver <elver@google.com>
> 
> > ---
> >
> > This fix can be squashed into
> > "kasan: add and integrate kasan boot parameters".
> >
> > ---
> >  mm/kasan/hw_tags.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/mm/kasan/hw_tags.c b/mm/kasan/hw_tags.c
> > index c91f2c06ecb5..55bd6f09c70f 100644
> > --- a/mm/kasan/hw_tags.c
> > +++ b/mm/kasan/hw_tags.c
> > @@ -43,11 +43,11 @@ static enum kasan_arg_stacktrace kasan_arg_stacktrace __ro_after_init;
> >  static enum kasan_arg_fault kasan_arg_fault __ro_after_init;
> >
> >  /* Whether KASAN is enabled at all. */
> > -DEFINE_STATIC_KEY_FALSE_RO(kasan_flag_enabled);
> > +DEFINE_STATIC_KEY_FALSE(kasan_flag_enabled);
> 
> Side-node: This appears to be just a bad interface; I think the macro
> DEFINE_STATIC_KEY_FALSE_RO() is error-prone, if it can't be guaranteed
> that this is always safe, since the presence of the macro encourages
> its use and we'll inevitably run into this problem again.
> 
> >  EXPORT_SYMBOL(kasan_flag_enabled);
> 
> DEFINE_STATIC_KEY_FALSE_RO() + EXPORT_SYMBOL() is an immediate bug.
> Given its use has not increased substantially since its introduction,
> it may be safer to consider its removal.

Right -- it seems the export is the problem, not the RO-ness. What is
actually trying to change the flag after __init?

-- 
Kees Cook

^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [PATCH mm 1/2] kasan: don't use read-only static keys
  2020-12-09 18:57     ` Kees Cook
@ 2020-12-09 19:00       ` Marco Elver
  0 siblings, 0 replies; 8+ messages in thread
From: Marco Elver @ 2020-12-09 19:00 UTC (permalink / raw)
  To: Kees Cook
  Cc: Andrey Konovalov, Andrew Morton, Catalin Marinas, Will Deacon,
	Vincenzo Frascino, Dmitry Vyukov, Andrey Ryabinin,
	Alexander Potapenko, Evgenii Stepanov, Branislav Rankov,
	Kevin Brodsky, kasan-dev, Linux ARM,
	Linux Memory Management List, LKML

On Wed, 9 Dec 2020 at 19:57, Kees Cook <keescook@chromium.org> wrote:
>
> On Wed, Dec 09, 2020 at 07:49:36PM +0100, Marco Elver wrote:
> > On Wed, 9 Dec 2020 at 19:24, Andrey Konovalov <andreyknvl@google.com> wrote:
> > > __ro_after_init static keys are incompatible with usage in loadable kernel
> > > modules and cause crashes. Don't use those, use normal static keys.
> > >
> > > Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
> >
> > Reviewed-by: Marco Elver <elver@google.com>
> >
> > > ---
> > >
> > > This fix can be squashed into
> > > "kasan: add and integrate kasan boot parameters".
> > >
> > > ---
> > >  mm/kasan/hw_tags.c | 4 ++--
> > >  1 file changed, 2 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/mm/kasan/hw_tags.c b/mm/kasan/hw_tags.c
> > > index c91f2c06ecb5..55bd6f09c70f 100644
> > > --- a/mm/kasan/hw_tags.c
> > > +++ b/mm/kasan/hw_tags.c
> > > @@ -43,11 +43,11 @@ static enum kasan_arg_stacktrace kasan_arg_stacktrace __ro_after_init;
> > >  static enum kasan_arg_fault kasan_arg_fault __ro_after_init;
> > >
> > >  /* Whether KASAN is enabled at all. */
> > > -DEFINE_STATIC_KEY_FALSE_RO(kasan_flag_enabled);
> > > +DEFINE_STATIC_KEY_FALSE(kasan_flag_enabled);
> >
> > Side-node: This appears to be just a bad interface; I think the macro
> > DEFINE_STATIC_KEY_FALSE_RO() is error-prone, if it can't be guaranteed
> > that this is always safe, since the presence of the macro encourages
> > its use and we'll inevitably run into this problem again.
> >
> > >  EXPORT_SYMBOL(kasan_flag_enabled);
> >
> > DEFINE_STATIC_KEY_FALSE_RO() + EXPORT_SYMBOL() is an immediate bug.
> > Given its use has not increased substantially since its introduction,
> > it may be safer to consider its removal.
>
> Right -- it seems the export is the problem, not the RO-ness. What is
> actually trying to change the flag after __init?

It seems to want to add it to a list on module loads:
https://lore.kernel.org/lkml/20201208125129.GY2414@hirez.programming.kicks-ass.net/

-- Marco

^ permalink raw reply	[flat|nested] 8+ messages in thread
* Re: [PATCH mm 2/2] Revert "kasan, arm64: don't allow SW_TAGS with ARM64_MTE"
  2020-12-09 18:51   ` Marco Elver
@ 2020-12-09 23:22     ` Andrew Morton
  0 siblings, 0 replies; 8+ messages in thread
From: Andrew Morton @ 2020-12-09 23:22 UTC (permalink / raw)
  To: Marco Elver
  Cc: Andrey Konovalov, Catalin Marinas, Will Deacon,
	Vincenzo Frascino, Dmitry Vyukov, Andrey Ryabinin,
	Alexander Potapenko, Evgenii Stepanov, Branislav Rankov,
	Kevin Brodsky, kasan-dev, Linux ARM,
	Linux Memory Management List, LKML

On Wed, 9 Dec 2020 19:51:05 +0100 Marco Elver <elver@google.com> wrote:

> > This is no logner the case: in-kernel MTE is never enabled unless the
> > CONFIG_KASAN_HW_TAGS is enabled, so there are no more conflicts with
> > CONFIG_KASAN_SW_TAGS.
> >
> > Allow CONFIG_KASAN_SW_TAGS to be enabled even when CONFIG_ARM64_MTE is
> > enabled.
> >
> > Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
> 
> Reviewed-by: Marco Elver <elver@google.com>

Thanks.  I simply dropped
kasan-arm64-dont-allow-sw_tags-with-arm64_mte.patch.

^ permalink raw reply	[flat|nested] 8+ messages in thread
end of thread, other threads:[~2020-12-09 23:23 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-12-09 18:24 [PATCH mm 0/2] kasan: a few HW_TAGS fixes Andrey Konovalov
2020-12-09 18:24 ` [PATCH mm 1/2] kasan: don't use read-only static keys Andrey Konovalov
2020-12-09 18:49   ` Marco Elver
2020-12-09 18:57     ` Kees Cook
2020-12-09 19:00       ` Marco Elver
2020-12-09 18:24 ` [PATCH mm 2/2] Revert "kasan, arm64: don't allow SW_TAGS with ARM64_MTE" Andrey Konovalov
2020-12-09 18:51   ` Marco Elver
2020-12-09 23:22     ` Andrew Morton

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).