From: Andrey Konovalov <andreyknvl@google.com>
To: Andrew Morton <akpm@linux-foundation.org>,
Alexander Potapenko <glider@google.com>,
Marco Elver <elver@google.com>
Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>,
Dmitry Vyukov <dvyukov@google.com>,
kasan-dev@googlegroups.com, linux-mm@kvack.org,
linux-kernel@vger.kernel.org,
Andrey Konovalov <andreyknvl@google.com>
Subject: [PATCH 06/11] kasan: docs: update GENERIC implementation details section
Date: Thu, 11 Mar 2021 22:37:18 +0100 [thread overview]
Message-ID: <dd89dd245fe6fe0e66680a9ccd135f6778fc2c60.1615498565.git.andreyknvl@google.com> (raw)
In-Reply-To: <f6efb2f36fc1f40eb22df027e6bc956cac71745e.1615498565.git.andreyknvl@google.com>
Update the "Implementation details" section for generic KASAN:
- Don't mention kmemcheck, it's not present in the kernel anymore.
- Don't mention GCC as the only supported compiler.
- Update kasan_mem_to_shadow() definition to match actual code.
- Punctuation, readability, and other minor clean-ups.
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
---
Documentation/dev-tools/kasan.rst | 27 +++++++++++++--------------
1 file changed, 13 insertions(+), 14 deletions(-)
diff --git a/Documentation/dev-tools/kasan.rst b/Documentation/dev-tools/kasan.rst
index 2f939241349d..1fb4b715a3ce 100644
--- a/Documentation/dev-tools/kasan.rst
+++ b/Documentation/dev-tools/kasan.rst
@@ -200,12 +200,11 @@ Implementation details
Generic KASAN
~~~~~~~~~~~~~
-From a high level perspective, KASAN's approach to memory error detection is
-similar to that of kmemcheck: use shadow memory to record whether each byte of
-memory is safe to access, and use compile-time instrumentation to insert checks
-of shadow memory on each memory access.
+Software KASAN modes use shadow memory to record whether each byte of memory is
+safe to access and use compile-time instrumentation to insert shadow memory
+checks before each memory access.
-Generic KASAN dedicates 1/8th of kernel memory to its shadow memory (e.g. 16TB
+Generic KASAN dedicates 1/8th of kernel memory to its shadow memory (16TB
to cover 128TB on x86_64) and uses direct mapping with a scale and offset to
translate a memory address to its corresponding shadow address.
@@ -214,23 +213,23 @@ address::
static inline void *kasan_mem_to_shadow(const void *addr)
{
- return ((unsigned long)addr >> KASAN_SHADOW_SCALE_SHIFT)
+ return (void *)((unsigned long)addr >> KASAN_SHADOW_SCALE_SHIFT)
+ KASAN_SHADOW_OFFSET;
}
where ``KASAN_SHADOW_SCALE_SHIFT = 3``.
Compile-time instrumentation is used to insert memory access checks. Compiler
-inserts function calls (__asan_load*(addr), __asan_store*(addr)) before each
-memory access of size 1, 2, 4, 8 or 16. These functions check whether memory
-access is valid or not by checking corresponding shadow memory.
+inserts function calls (``__asan_load*(addr)``, ``__asan_store*(addr)``) before
+each memory access of size 1, 2, 4, 8, or 16. These functions check whether
+memory accesses are valid or not by checking corresponding shadow memory.
-GCC 5.0 has possibility to perform inline instrumentation. Instead of making
-function calls GCC directly inserts the code to check the shadow memory.
-This option significantly enlarges kernel but it gives x1.1-x2 performance
-boost over outline instrumented kernel.
+With inline instrumentation, instead of making function calls, the compiler
+directly inserts the code to check shadow memory. This option significantly
+enlarges the kernel, but it gives an x1.1-x2 performance boost over the
+outline-instrumented kernel.
-Generic KASAN is the only mode that delays the reuse of freed object via
+Generic KASAN is the only mode that delays the reuse of freed objects via
quarantine (see mm/kasan/quarantine.c for implementation).
Software tag-based KASAN
--
2.31.0.rc2.261.g7f71774620-goog
next prev parent reply other threads:[~2021-03-11 21:38 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-11 21:37 [PATCH 01/11] kasan: docs: clean up sections Andrey Konovalov
2021-03-11 21:37 ` [PATCH 02/11] kasan: docs: update overview section Andrey Konovalov
2021-03-12 10:17 ` Marco Elver
2021-03-12 13:51 ` Andrey Konovalov
2021-03-11 21:37 ` [PATCH 03/11] kasan: docs: update usage section Andrey Konovalov
2021-03-11 21:37 ` [PATCH 04/11] kasan: docs: update error reports section Andrey Konovalov
2021-03-11 21:37 ` [PATCH 05/11] kasan: docs: update boot parameters section Andrey Konovalov
2021-03-11 21:37 ` Andrey Konovalov [this message]
2021-03-11 21:37 ` [PATCH 07/11] kasan: docs: update SW_TAGS implementation details section Andrey Konovalov
2021-03-11 21:37 ` [PATCH 08/11] kasan: docs: update HW_TAGS " Andrey Konovalov
2021-03-11 21:37 ` [PATCH 09/11] kasan: docs: update shadow memory section Andrey Konovalov
2021-03-12 10:52 ` Marco Elver
2021-03-12 13:52 ` Andrey Konovalov
2021-03-11 21:37 ` [PATCH 10/11] kasan: docs: update ignoring accesses section Andrey Konovalov
2021-03-12 11:02 ` Marco Elver
2021-03-12 14:07 ` Andrey Konovalov
2021-03-11 21:37 ` [PATCH 11/11] kasan: docs: update tests section Andrey Konovalov
2021-03-12 10:47 ` Marco Elver
2021-03-12 13:53 ` Andrey Konovalov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=dd89dd245fe6fe0e66680a9ccd135f6778fc2c60.1615498565.git.andreyknvl@google.com \
--to=andreyknvl@google.com \
--cc=akpm@linux-foundation.org \
--cc=aryabinin@virtuozzo.com \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=glider@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).