From: glider@google.com
To: Vegard Nossum <vegard.nossum@oracle.com>,
Dmitry Vyukov <dvyukov@google.com>,
Marco Elver <elver@google.com>,
Andrey Konovalov <andreyknvl@google.com>,
linux-mm@kvack.org
Cc: glider@google.com, viro@zeniv.linux.org.uk,
adilger.kernel@dilger.ca, akpm@linux-foundation.org,
aryabinin@virtuozzo.com, luto@kernel.org,
ard.biesheuvel@linaro.org, arnd@arndb.de, hch@infradead.org,
hch@lst.de, darrick.wong@oracle.com, davem@davemloft.net,
dmitry.torokhov@gmail.com, ebiggers@google.com,
edumazet@google.com, ericvh@gmail.com,
gregkh@linuxfoundation.org, harry.wentland@amd.com,
herbert@gondor.apana.org.au, iii@linux.ibm.com, mingo@elte.hu,
jasowang@redhat.com, axboe@kernel.dk, m.szyprowski@samsung.com,
mark.rutland@arm.com, martin.petersen@oracle.com,
schwidefsky@de.ibm.com, willy@infradead.org, mst@redhat.com,
mhocko@suse.com, monstr@monstr.eu, pmladek@suse.com, cai@lca.pw,
rdunlap@infradead.org, robin.murphy@arm.com,
sergey.senozhatsky@gmail.com, rostedt@goodmis.org,
tiwai@suse.com, tytso@mit.edu, tglx@linutronix.de,
gor@linux.ibm.com, wsa@the-dreams.de
Subject: [PATCH v5 26/38] kmsan: use __msan_ string functions where possible.
Date: Wed, 25 Mar 2020 17:12:37 +0100 [thread overview]
Message-ID: <20200325161249.55095-27-glider@google.com> (raw)
In-Reply-To: <20200325161249.55095-1-glider@google.com>
Unless stated otherwise (by explicitly calling __memcpy(), __memset() or
__memmove()) we want all string functions to call their __msan_ versions
(e.g. __msan_memcpy() instead of memcpy()), so that shadow and origin
values are updated accordingly.
Bootloader must still use the default string functions to avoid crashes.
Signed-off-by: Alexander Potapenko <glider@google.com>
To: Alexander Potapenko <glider@google.com>
Cc: Vegard Nossum <vegard.nossum@oracle.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Marco Elver <elver@google.com>
Cc: Andrey Konovalov <andreyknvl@google.com>
Cc: linux-mm@kvack.org
---
v3:
- use default string functions in the bootloader
v4:
- include kmsan-checks.h into compiler.h
- also handle memset() and memmove()
- fix https://github.com/google/kmsan/issues/64
v5:
- don't compile memset() and memmove() under KMSAN
Change-Id: Ib2512ce5aa8d457453dd38caa12f58f002166813
---
arch/x86/boot/compressed/misc.h | 1 +
arch/x86/include/asm/string_64.h | 23 ++++++++++++++++++-
.../firmware/efi/libstub/efi-stub-helper.c | 5 ++++
drivers/firmware/efi/libstub/tpm.c | 5 ++++
include/linux/compiler.h | 9 +++++++-
include/linux/string.h | 2 ++
6 files changed, 43 insertions(+), 2 deletions(-)
diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h
index c8181392f70d7..dd4bd8c5d97a1 100644
--- a/arch/x86/boot/compressed/misc.h
+++ b/arch/x86/boot/compressed/misc.h
@@ -12,6 +12,7 @@
#undef CONFIG_PARAVIRT_XXL
#undef CONFIG_PARAVIRT_SPINLOCKS
#undef CONFIG_KASAN
+#undef CONFIG_KMSAN
/* cpu_feature_enabled() cannot be used this early */
#define USE_EARLY_PGTABLE_L5
diff --git a/arch/x86/include/asm/string_64.h b/arch/x86/include/asm/string_64.h
index 75314c3dbe471..0442e679b3079 100644
--- a/arch/x86/include/asm/string_64.h
+++ b/arch/x86/include/asm/string_64.h
@@ -11,11 +11,23 @@
function. */
#define __HAVE_ARCH_MEMCPY 1
+#if defined(CONFIG_KMSAN)
+#undef memcpy
+/* __msan_memcpy() is defined in compiler.h */
+#define memcpy(dst, src, len) __msan_memcpy(dst, src, len)
+#else
extern void *memcpy(void *to, const void *from, size_t len);
+#endif
extern void *__memcpy(void *to, const void *from, size_t len);
#define __HAVE_ARCH_MEMSET
+#if defined(CONFIG_KMSAN)
+extern void *__msan_memset(void *s, int c, size_t n);
+#undef memset
+#define memset(dst, c, len) __msan_memset(dst, c, len)
+#else
void *memset(void *s, int c, size_t n);
+#endif
void *__memset(void *s, int c, size_t n);
#define __HAVE_ARCH_MEMSET16
@@ -55,7 +67,13 @@ static inline void *memset64(uint64_t *s, uint64_t v, size_t n)
}
#define __HAVE_ARCH_MEMMOVE
+#if defined(CONFIG_KMSAN)
+#undef memmove
+void *__msan_memmove(void *dest, const void *src, size_t len);
+#define memmove(dst, src, len) __msan_memmove(dst, src, len)
+#else
void *memmove(void *dest, const void *src, size_t count);
+#endif
void *__memmove(void *dest, const void *src, size_t count);
int memcmp(const void *cs, const void *ct, size_t count);
@@ -64,7 +82,8 @@ char *strcpy(char *dest, const char *src);
char *strcat(char *dest, const char *src);
int strcmp(const char *cs, const char *ct);
-#if defined(CONFIG_KASAN) && !defined(__SANITIZE_ADDRESS__)
+#if (defined(CONFIG_KASAN) && !defined(__SANITIZE_ADDRESS__)) || \
+ (defined(CONFIG_KMSAN) && !defined(__SANITIZE_MEMORY__))
/*
* For files that not instrumented (e.g. mm/slub.c) we
@@ -73,7 +92,9 @@ int strcmp(const char *cs, const char *ct);
#undef memcpy
#define memcpy(dst, src, len) __memcpy(dst, src, len)
+#undef memmove
#define memmove(dst, src, len) __memmove(dst, src, len)
+#undef memset
#define memset(s, c, n) __memset(s, c, n)
#ifndef __NO_FORTIFY
diff --git a/drivers/firmware/efi/libstub/efi-stub-helper.c b/drivers/firmware/efi/libstub/efi-stub-helper.c
index 9f34c72429397..610f791c2493e 100644
--- a/drivers/firmware/efi/libstub/efi-stub-helper.c
+++ b/drivers/firmware/efi/libstub/efi-stub-helper.c
@@ -5,7 +5,12 @@
* implementation files.
*
* Copyright 2011 Intel Corporation; author Matt Fleming
+ *
+ *
+ * This file is not linked with KMSAN runtime.
+ * Do not replace memcpy with __memcpy.
*/
+#undef CONFIG_KMSAN
#include <linux/efi.h>
#include <asm/efi.h>
diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libstub/tpm.c
index 1d59e103a2e3a..7e8906b1c1c98 100644
--- a/drivers/firmware/efi/libstub/tpm.c
+++ b/drivers/firmware/efi/libstub/tpm.c
@@ -6,7 +6,12 @@
* Copyright (C) 2017 Google, Inc.
* Matthew Garrett <mjg59@google.com>
* Thiebaud Weksteen <tweek@google.com>
+ *
+ *
+ * This file is not linked with KMSAN runtime.
+ * Do not replace memcpy with __memcpy.
*/
+#undef CONFIG_KMSAN
#include <linux/efi.h>
#include <linux/tpm_eventlog.h>
#include <asm/efi.h>
diff --git a/include/linux/compiler.h b/include/linux/compiler.h
index c6c67729729e3..f2b97241fe2d4 100644
--- a/include/linux/compiler.h
+++ b/include/linux/compiler.h
@@ -180,6 +180,13 @@ void ftrace_likely_update(struct ftrace_likely_data *f, int val,
#include <uapi/linux/types.h>
#include <linux/kcsan-checks.h>
+#ifdef CONFIG_KMSAN
+void *__msan_memcpy(void *dst, const void *src, u64 size);
+#define __DO_MEMCPY(res, p, size) __msan_memcpy(res, p, size)
+#else
+#define __DO_MEMCPY(res, p, size) __builtin_memcpy(res, p, size)
+#endif
+
#define __READ_ONCE_SIZE \
({ \
switch (size) { \
@@ -189,7 +196,7 @@ void ftrace_likely_update(struct ftrace_likely_data *f, int val,
case 8: *(__u64 *)res = *(volatile __u64 *)p; break; \
default: \
barrier(); \
- __builtin_memcpy((void *)res, (const void *)p, size); \
+ __DO_MEMCPY((void *)res, (const void *)p, size); \
barrier(); \
} \
})
diff --git a/include/linux/string.h b/include/linux/string.h
index 6dfbb2efa8157..7ef92817c082f 100644
--- a/include/linux/string.h
+++ b/include/linux/string.h
@@ -356,6 +356,7 @@ __FORTIFY_INLINE char *strncat(char *p, const char *q, __kernel_size_t count)
return p;
}
+#ifndef CONFIG_KMSAN
__FORTIFY_INLINE void *memset(void *p, int c, __kernel_size_t size)
{
size_t p_size = __builtin_object_size(p, 0);
@@ -395,6 +396,7 @@ __FORTIFY_INLINE void *memmove(void *p, const void *q, __kernel_size_t size)
fortify_panic(__func__);
return __builtin_memmove(p, q, size);
}
+#endif
extern void *__real_memscan(void *, int, __kernel_size_t) __RENAME(memscan);
__FORTIFY_INLINE void *memscan(void *p, int c, __kernel_size_t size)
--
2.25.1.696.g5e7596f4ac-goog
next prev parent reply other threads:[~2020-03-25 16:14 UTC|newest]
Thread overview: 94+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-25 16:12 [PATCH v5 00/38] Add KernelMemorySanitizer infrastructure glider
2020-03-25 16:12 ` [PATCH v5 01/38] stackdepot: reserve 5 extra bits in depot_stack_handle_t glider
2020-03-30 13:36 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 02/38] kmsan: add ReST documentation glider
2020-03-30 14:32 ` Andrey Konovalov
2020-04-13 14:45 ` Alexander Potapenko
2020-03-25 16:12 ` [PATCH v5 03/38] kmsan: gfp: introduce __GFP_NO_KMSAN_SHADOW glider
2020-03-25 16:19 ` Michal Hocko
2020-03-25 17:26 ` Alexander Potapenko
2020-03-25 17:40 ` Alexander Potapenko
2020-03-25 17:49 ` Matthew Wilcox
2020-03-25 18:03 ` Alexander Potapenko
2020-03-25 18:09 ` Matthew Wilcox
2020-03-25 18:30 ` Alexander Potapenko
2020-03-25 18:43 ` Michal Hocko
2020-03-25 18:40 ` Michal Hocko
2020-03-25 18:38 ` Michal Hocko
2020-03-27 12:20 ` Alexander Potapenko
2020-04-25 9:45 ` Alexander Potapenko
2020-03-25 17:43 ` Michal Hocko
2020-03-25 16:12 ` [PATCH v5 04/38] kmsan: introduce __no_sanitize_memory and __SANITIZE_MEMORY__ glider
2020-03-30 13:37 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 05/38] kmsan: reduce vmalloc space glider
2020-03-30 13:48 ` Andrey Konovalov
2020-04-14 14:21 ` Alexander Potapenko
2020-04-23 19:14 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 06/38] kmsan: add KMSAN runtime core glider
2020-03-25 16:12 ` [PATCH v5 07/38] kmsan: KMSAN compiler API implementation glider
2020-03-25 16:12 ` [PATCH v5 08/38] kmsan: add KMSAN hooks for kernel subsystems glider
2020-03-25 16:12 ` [PATCH v5 09/38] kmsan: stackdepot: don't allocate KMSAN metadata for stackdepot glider
2020-04-23 19:22 ` Andrey Konovalov
2020-04-25 9:46 ` Alexander Potapenko
2020-03-25 16:12 ` [PATCH v5 10/38] kmsan: define READ_ONCE_NOCHECK() glider
2020-04-23 19:20 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 11/38] kmsan: make READ_ONCE_TASK_STACK() return initialized values glider
2020-04-23 19:15 ` Andrey Konovalov
2020-04-23 19:18 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 12/38] kmsan: x86: sync metadata pages on page fault glider
2020-04-23 19:15 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 13/38] kmsan: add tests for KMSAN glider
2020-04-23 19:02 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 14/38] crypto: kmsan: disable accelerated configs under KMSAN glider
2020-04-23 18:50 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 15/38] kmsan: x86: disable UNWINDER_ORC " glider
2020-04-14 17:52 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 16/38] kmsan: x86/asm: softirq: add KMSAN IRQ entry hooks glider
2020-04-14 17:54 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 17/38] kmsan: disable KMSAN instrumentation for certain kernel parts glider
2020-04-14 17:56 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 18/38] kmsan: mm: call KMSAN hooks from SLUB code glider
2020-03-25 16:12 ` [PATCH v5 19/38] kmsan: mm: maintain KMSAN metadata for page operations glider
2020-03-25 16:12 ` [PATCH v5 20/38] kmsan: handle memory sent to/from USB glider
2020-04-14 14:46 ` Andrey Konovalov
2020-04-14 15:50 ` Alan Stern
2020-04-14 17:48 ` Andrey Konovalov
2020-04-14 20:45 ` Alan Stern
2020-04-27 13:59 ` Alexander Potapenko
2020-03-25 16:12 ` [PATCH v5 21/38] kmsan: handle task creation and exiting glider
2020-03-25 16:12 ` [PATCH v5 22/38] kmsan: net: check the value of skb before sending it to the network glider
2020-04-27 14:02 ` Alexander Potapenko
2020-03-25 16:12 ` [PATCH v5 23/38] kmsan: printk: treat the result of vscnprintf() as initialized glider
2020-04-14 14:37 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 24/38] kmsan: disable instrumentation of certain functions glider
2020-04-14 15:04 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 25/38] kmsan: unpoison |tlb| in arch_tlb_gather_mmu() glider
2020-04-08 16:07 ` Andrey Konovalov
2020-03-25 16:12 ` glider [this message]
2020-03-25 16:12 ` [PATCH v5 27/38] kmsan: hooks for copy_to_user() and friends glider
2020-03-25 16:12 ` [PATCH v5 28/38] kmsan: init: call KMSAN initialization routines glider
2020-04-08 16:04 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 29/38] kmsan: enable KMSAN builds glider
2020-04-14 14:56 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 30/38] kmsan: handle /dev/[u]random glider
2020-04-08 16:03 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 31/38] kmsan: virtio: check/unpoison scatterlist in vring_map_one_sg() glider
2020-03-25 16:12 ` [PATCH v5 32/38] kmsan: disable strscpy() optimization under KMSAN glider
2020-04-08 16:00 ` Andrey Konovalov
2020-04-13 14:19 ` Alexander Potapenko
2020-04-13 15:32 ` Steven Rostedt
2020-04-13 16:16 ` Alexander Potapenko
2020-03-25 16:12 ` [PATCH v5 33/38] kmsan: add iomap support glider
2020-04-08 15:57 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 34/38] kmsan: dma: unpoison memory mapped by dma_direct_map_page() glider
2020-03-25 16:19 ` Christoph Hellwig
2020-03-27 17:03 ` Alexander Potapenko
2020-03-27 17:06 ` Christoph Hellwig
2020-03-27 18:46 ` Alexander Potapenko
2020-03-28 8:52 ` Christoph Hellwig
2020-04-14 15:26 ` Alexander Potapenko
2020-03-25 16:12 ` [PATCH v5 35/38] kmsan: disable physical page merging in biovec glider
2020-03-25 16:12 ` [PATCH v5 36/38] x86: kasan: kmsan: support CONFIG_GENERIC_CSUM on x86, enable it for KASAN/KMSAN glider
2020-04-08 15:53 ` Andrey Konovalov
2020-03-25 16:12 ` [PATCH v5 37/38] kmsan: x86/uprobes: unpoison regs in arch_uprobe_exception_notify() glider
2020-03-25 16:12 ` [PATCH v5 38/38] kmsan: block: skip bio block merging logic for KMSAN glider
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200325161249.55095-27-glider@google.com \
--to=glider@google.com \
--cc=adilger.kernel@dilger.ca \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@google.com \
--cc=ard.biesheuvel@linaro.org \
--cc=arnd@arndb.de \
--cc=aryabinin@virtuozzo.com \
--cc=axboe@kernel.dk \
--cc=cai@lca.pw \
--cc=darrick.wong@oracle.com \
--cc=davem@davemloft.net \
--cc=dmitry.torokhov@gmail.com \
--cc=dvyukov@google.com \
--cc=ebiggers@google.com \
--cc=edumazet@google.com \
--cc=elver@google.com \
--cc=ericvh@gmail.com \
--cc=gor@linux.ibm.com \
--cc=gregkh@linuxfoundation.org \
--cc=harry.wentland@amd.com \
--cc=hch@infradead.org \
--cc=hch@lst.de \
--cc=herbert@gondor.apana.org.au \
--cc=iii@linux.ibm.com \
--cc=jasowang@redhat.com \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=m.szyprowski@samsung.com \
--cc=mark.rutland@arm.com \
--cc=martin.petersen@oracle.com \
--cc=mhocko@suse.com \
--cc=mingo@elte.hu \
--cc=monstr@monstr.eu \
--cc=mst@redhat.com \
--cc=pmladek@suse.com \
--cc=rdunlap@infradead.org \
--cc=robin.murphy@arm.com \
--cc=rostedt@goodmis.org \
--cc=schwidefsky@de.ibm.com \
--cc=sergey.senozhatsky@gmail.com \
--cc=tglx@linutronix.de \
--cc=tiwai@suse.com \
--cc=tytso@mit.edu \
--cc=vegard.nossum@oracle.com \
--cc=viro@zeniv.linux.org.uk \
--cc=willy@infradead.org \
--cc=wsa@the-dreams.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.