From: Alexander Potapenko <glider@google.com>
To: glider@google.com
Cc: Alexander Viro <viro@zeniv.linux.org.uk>,
Alexei Starovoitov <ast@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Andrey Konovalov <andreyknvl@google.com>,
Andy Lutomirski <luto@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
Borislav Petkov <bp@alien8.de>, Christoph Hellwig <hch@lst.de>,
Christoph Lameter <cl@linux.com>,
David Rientjes <rientjes@google.com>,
Dmitry Vyukov <dvyukov@google.com>,
Eric Dumazet <edumazet@google.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Herbert Xu <herbert@gondor.apana.org.au>,
Ilya Leoshkevich <iii@linux.ibm.com>,
Ingo Molnar <mingo@redhat.com>, Jens Axboe <axboe@kernel.dk>,
Joonsoo Kim <iamjoonsoo.kim@lge.com>,
Kees Cook <keescook@chromium.org>, Marco Elver <elver@google.com>,
Mark Rutland <mark.rutland@arm.com>,
Matthew Wilcox <willy@infradead.org>,
"Michael S. Tsirkin" <mst@redhat.com>,
Pekka Enberg <penberg@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Petr Mladek <pmladek@suse.com>,
Steven Rostedt <rostedt@goodmis.org>,
Thomas Gleixner <tglx@linutronix.de>,
Vasily Gorbik <gor@linux.ibm.com>,
Vegard Nossum <vegard.nossum@oracle.com>,
Vlastimil Babka <vbabka@suse.cz>,
kasan-dev@googlegroups.com, linux-mm@kvack.org,
linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH v6 36/44] x86: kmsan: use __msan_ string functions where possible.
Date: Mon, 5 Sep 2022 14:24:44 +0200 [thread overview]
Message-ID: <20220905122452.2258262-37-glider@google.com> (raw)
In-Reply-To: <20220905122452.2258262-1-glider@google.com>
Unless stated otherwise (by explicitly calling __memcpy(), __memset() or
__memmove()) we want all string functions to call their __msan_ versions
(e.g. __msan_memcpy() instead of memcpy()), so that shadow and origin
values are updated accordingly.
Bootloader must still use the default string functions to avoid crashes.
Signed-off-by: Alexander Potapenko <glider@google.com>
---
Link: https://linux-review.googlesource.com/id/I7ca9bd6b4f5c9b9816404862ae87ca7984395f33
---
arch/x86/include/asm/string_64.h | 23 +++++++++++++++++++++--
include/linux/fortify-string.h | 2 ++
2 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/arch/x86/include/asm/string_64.h b/arch/x86/include/asm/string_64.h
index 6e450827f677a..3b87d889b6e16 100644
--- a/arch/x86/include/asm/string_64.h
+++ b/arch/x86/include/asm/string_64.h
@@ -11,11 +11,23 @@
function. */
#define __HAVE_ARCH_MEMCPY 1
+#if defined(__SANITIZE_MEMORY__)
+#undef memcpy
+void *__msan_memcpy(void *dst, const void *src, size_t size);
+#define memcpy __msan_memcpy
+#else
extern void *memcpy(void *to, const void *from, size_t len);
+#endif
extern void *__memcpy(void *to, const void *from, size_t len);
#define __HAVE_ARCH_MEMSET
+#if defined(__SANITIZE_MEMORY__)
+extern void *__msan_memset(void *s, int c, size_t n);
+#undef memset
+#define memset __msan_memset
+#else
void *memset(void *s, int c, size_t n);
+#endif
void *__memset(void *s, int c, size_t n);
#define __HAVE_ARCH_MEMSET16
@@ -55,7 +67,13 @@ static inline void *memset64(uint64_t *s, uint64_t v, size_t n)
}
#define __HAVE_ARCH_MEMMOVE
+#if defined(__SANITIZE_MEMORY__)
+#undef memmove
+void *__msan_memmove(void *dest, const void *src, size_t len);
+#define memmove __msan_memmove
+#else
void *memmove(void *dest, const void *src, size_t count);
+#endif
void *__memmove(void *dest, const void *src, size_t count);
int memcmp(const void *cs, const void *ct, size_t count);
@@ -64,8 +82,7 @@ char *strcpy(char *dest, const char *src);
char *strcat(char *dest, const char *src);
int strcmp(const char *cs, const char *ct);
-#if defined(CONFIG_KASAN) && !defined(__SANITIZE_ADDRESS__)
-
+#if (defined(CONFIG_KASAN) && !defined(__SANITIZE_ADDRESS__))
/*
* For files that not instrumented (e.g. mm/slub.c) we
* should use not instrumented version of mem* functions.
@@ -73,7 +90,9 @@ int strcmp(const char *cs, const char *ct);
#undef memcpy
#define memcpy(dst, src, len) __memcpy(dst, src, len)
+#undef memmove
#define memmove(dst, src, len) __memmove(dst, src, len)
+#undef memset
#define memset(s, c, n) __memset(s, c, n)
#ifndef __NO_FORTIFY
diff --git a/include/linux/fortify-string.h b/include/linux/fortify-string.h
index 3b401fa0f3746..6c8a1a29d0b63 100644
--- a/include/linux/fortify-string.h
+++ b/include/linux/fortify-string.h
@@ -285,8 +285,10 @@ __FORTIFY_INLINE void fortify_memset_chk(__kernel_size_t size,
* __builtin_object_size() must be captured here to avoid evaluating argument
* side-effects further into the macro layers.
*/
+#ifndef CONFIG_KMSAN
#define memset(p, c, s) __fortify_memset_chk(p, c, s, \
__builtin_object_size(p, 0), __builtin_object_size(p, 1))
+#endif
/*
* To make sure the compiler can enforce protection against buffer overflows,
--
2.37.2.789.g6183377224-goog
next prev parent reply other threads:[~2022-09-05 12:32 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-05 12:24 [PATCH v6 00/44] Add KernelMemorySanitizer infrastructure Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 01/44] x86: add missing include to sparsemem.h Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 02/44] stackdepot: reserve 5 extra bits in depot_stack_handle_t Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 03/44] instrumented.h: allow instrumenting both sides of copy_from_user() Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 04/44] x86: asm: instrument usercopy in get_user() and put_user() Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 05/44] asm-generic: instrument usercopy in cacheflush.h Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 06/44] kmsan: add ReST documentation Alexander Potapenko
2022-09-06 3:10 ` [PATCH v6 6/44] " Bagas Sanjaya
2022-11-07 14:24 ` Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 07/44] kmsan: introduce __no_sanitize_memory and __no_kmsan_checks Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 08/44] kmsan: mark noinstr as __no_sanitize_memory Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 09/44] x86: kmsan: pgtable: reduce vmalloc space Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 10/44] libnvdimm/pfn_dev: increase MAX_STRUCT_PAGE_SIZE Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 11/44] kmsan: add KMSAN runtime core Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 12/44] kmsan: disable instrumentation of unsupported common kernel code Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 13/44] MAINTAINERS: add entry for KMSAN Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 14/44] mm: kmsan: maintain KMSAN metadata for page operations Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 15/44] mm: kmsan: call KMSAN hooks from SLUB code Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 16/44] kmsan: handle task creation and exiting Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 17/44] init: kmsan: call KMSAN initialization routines Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 18/44] instrumented.h: add KMSAN support Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 19/44] kmsan: unpoison @tlb in arch_tlb_gather_mmu() Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 20/44] kmsan: add iomap support Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 21/44] Input: libps2: mark data received in __ps2_command() as initialized Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 22/44] dma: kmsan: unpoison DMA mappings Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 23/44] virtio: kmsan: check/unpoison scatterlist in vring_map_one_sg() Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 24/44] kmsan: handle memory sent to/from USB Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 25/44] kmsan: add tests for KMSAN Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 26/44] kmsan: disable strscpy() optimization under KMSAN Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 27/44] crypto: kmsan: disable accelerated configs " Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 28/44] kmsan: disable physical page merging in biovec Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 29/44] block: kmsan: skip bio block merging logic for KMSAN Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 30/44] kcov: kmsan: unpoison area->list in kcov_remote_area_put() Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 31/44] security: kmsan: fix interoperability with auto-initialization Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 32/44] objtool: kmsan: list KMSAN API functions as uaccess-safe Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 33/44] x86: kmsan: disable instrumentation of unsupported code Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 34/44] x86: kmsan: skip shadow checks in __switch_to() Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 35/44] x86: kmsan: handle open-coded assembly in lib/iomem.c Alexander Potapenko
2022-09-05 12:24 ` Alexander Potapenko [this message]
2022-09-05 12:24 ` [PATCH v6 37/44] x86: kmsan: sync metadata pages on page fault Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 38/44] x86: kasan: kmsan: support CONFIG_GENERIC_CSUM on x86, enable it for KASAN/KMSAN Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 39/44] x86: fs: kmsan: disable CONFIG_DCACHE_WORD_ACCESS Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 40/44] x86: kmsan: don't instrument stack walking functions Alexander Potapenko
2022-09-09 8:57 ` Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 41/44] entry: kmsan: introduce kmsan_unpoison_entry_regs() Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 42/44] bpf: kmsan: initialize BPF registers with zeroes Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 43/44] mm: fs: initialize fsdata passed to write_begin/write_end interface Alexander Potapenko
2022-09-05 12:24 ` [PATCH v6 44/44] x86: kmsan: enable KMSAN builds for x86 Alexander Potapenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220905122452.2258262-37-glider@google.com \
--to=glider@google.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@google.com \
--cc=arnd@arndb.de \
--cc=ast@kernel.org \
--cc=axboe@kernel.dk \
--cc=bp@alien8.de \
--cc=cl@linux.com \
--cc=dvyukov@google.com \
--cc=edumazet@google.com \
--cc=elver@google.com \
--cc=gor@linux.ibm.com \
--cc=gregkh@linuxfoundation.org \
--cc=hch@lst.de \
--cc=herbert@gondor.apana.org.au \
--cc=iamjoonsoo.kim@lge.com \
--cc=iii@linux.ibm.com \
--cc=kasan-dev@googlegroups.com \
--cc=keescook@chromium.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=mark.rutland@arm.com \
--cc=mingo@redhat.com \
--cc=mst@redhat.com \
--cc=penberg@kernel.org \
--cc=peterz@infradead.org \
--cc=pmladek@suse.com \
--cc=rientjes@google.com \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
--cc=vbabka@suse.cz \
--cc=vegard.nossum@oracle.com \
--cc=viro@zeniv.linux.org.uk \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.