The kasan_report() functions belongs to report.c, as it's a common
functions that does error reporting.
Reported-by: Leon Romanovsky <[email protected]>
Signed-off-by: Andrey Konovalov <[email protected]>
---
mm/kasan/common.c | 19 -------------------
mm/kasan/report.c | 22 ++++++++++++++++++++--
2 files changed, 20 insertions(+), 21 deletions(-)
diff --git a/mm/kasan/common.c b/mm/kasan/common.c
index 2906358e42f0..757d4074fe28 100644
--- a/mm/kasan/common.c
+++ b/mm/kasan/common.c
@@ -33,7 +33,6 @@
#include <linux/types.h>
#include <linux/vmalloc.h>
#include <linux/bug.h>
-#include <linux/uaccess.h>
#include <asm/cacheflush.h>
#include <asm/tlbflush.h>
@@ -613,24 +612,6 @@ void kasan_free_shadow(const struct vm_struct *vm)
}
#endif
-extern void __kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip);
-extern bool report_enabled(void);
-
-bool kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip)
-{
- unsigned long flags = user_access_save();
- bool ret = false;
-
- if (likely(report_enabled())) {
- __kasan_report(addr, size, is_write, ip);
- ret = true;
- }
-
- user_access_restore(flags);
-
- return ret;
-}
-
#ifdef CONFIG_MEMORY_HOTPLUG
static bool shadow_mapped(unsigned long addr)
{
diff --git a/mm/kasan/report.c b/mm/kasan/report.c
index 80f23c9da6b0..51ec45407a0b 100644
--- a/mm/kasan/report.c
+++ b/mm/kasan/report.c
@@ -29,6 +29,7 @@
#include <linux/kasan.h>
#include <linux/module.h>
#include <linux/sched/task_stack.h>
+#include <linux/uaccess.h>
#include <asm/sections.h>
@@ -454,7 +455,7 @@ static void print_shadow_for_address(const void *addr)
}
}
-bool report_enabled(void)
+static bool report_enabled(void)
{
if (current->kasan_depth)
return false;
@@ -479,7 +480,8 @@ void kasan_report_invalid_free(void *object, unsigned long ip)
end_report(&flags);
}
-void __kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip)
+static void __kasan_report(unsigned long addr, size_t size, bool is_write,
+ unsigned long ip)
{
struct kasan_access_info info;
void *tagged_addr;
@@ -518,6 +520,22 @@ void __kasan_report(unsigned long addr, size_t size, bool is_write, unsigned lon
end_report(&flags);
}
+bool kasan_report(unsigned long addr, size_t size, bool is_write,
+ unsigned long ip)
+{
+ unsigned long flags = user_access_save();
+ bool ret = false;
+
+ if (likely(report_enabled())) {
+ __kasan_report(addr, size, is_write, ip);
+ ret = true;
+ }
+
+ user_access_restore(flags);
+
+ return ret;
+}
+
#ifdef CONFIG_KASAN_INLINE
/*
* With CONFIG_KASAN_INLINE, accesses to bogus pointers (outside the high
--
2.26.2.645.ge9eca65c58-goog
On Tue, May 12, 2020 at 05:33:20PM +0200, Andrey Konovalov wrote:
> The kasan_report() functions belongs to report.c, as it's a common
> functions that does error reporting.
>
> Reported-by: Leon Romanovsky <[email protected]>
> Signed-off-by: Andrey Konovalov <[email protected]>
> ---
> mm/kasan/common.c | 19 -------------------
> mm/kasan/report.c | 22 ++++++++++++++++++++--
> 2 files changed, 20 insertions(+), 21 deletions(-)
>
Thanks,
Tested-by: Leon Romanovsky <[email protected]>
On Tue, May 12, 2020 at 05:33:20PM +0200, 'Andrey Konovalov' via kasan-dev wrote:
> The kasan_report() functions belongs to report.c, as it's a common
> functions that does error reporting.
>
> Reported-by: Leon Romanovsky <[email protected]>
> Signed-off-by: Andrey Konovalov <[email protected]>
Today's linux-next produced this with Clang 11.
mm/kasan/report.o: warning: objtool: kasan_report()+0x8a: call to __stack_chk_fail() with UACCESS enabled
kasan_report at mm/kasan/report.c:536
> ---
> mm/kasan/common.c | 19 -------------------
> mm/kasan/report.c | 22 ++++++++++++++++++++--
> 2 files changed, 20 insertions(+), 21 deletions(-)
>
> diff --git a/mm/kasan/common.c b/mm/kasan/common.c
> index 2906358e42f0..757d4074fe28 100644
> --- a/mm/kasan/common.c
> +++ b/mm/kasan/common.c
> @@ -33,7 +33,6 @@
> #include <linux/types.h>
> #include <linux/vmalloc.h>
> #include <linux/bug.h>
> -#include <linux/uaccess.h>
>
> #include <asm/cacheflush.h>
> #include <asm/tlbflush.h>
> @@ -613,24 +612,6 @@ void kasan_free_shadow(const struct vm_struct *vm)
> }
> #endif
>
> -extern void __kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip);
> -extern bool report_enabled(void);
> -
> -bool kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip)
> -{
> - unsigned long flags = user_access_save();
> - bool ret = false;
> -
> - if (likely(report_enabled())) {
> - __kasan_report(addr, size, is_write, ip);
> - ret = true;
> - }
> -
> - user_access_restore(flags);
> -
> - return ret;
> -}
> -
> #ifdef CONFIG_MEMORY_HOTPLUG
> static bool shadow_mapped(unsigned long addr)
> {
> diff --git a/mm/kasan/report.c b/mm/kasan/report.c
> index 80f23c9da6b0..51ec45407a0b 100644
> --- a/mm/kasan/report.c
> +++ b/mm/kasan/report.c
> @@ -29,6 +29,7 @@
> #include <linux/kasan.h>
> #include <linux/module.h>
> #include <linux/sched/task_stack.h>
> +#include <linux/uaccess.h>
>
> #include <asm/sections.h>
>
> @@ -454,7 +455,7 @@ static void print_shadow_for_address(const void *addr)
> }
> }
>
> -bool report_enabled(void)
> +static bool report_enabled(void)
> {
> if (current->kasan_depth)
> return false;
> @@ -479,7 +480,8 @@ void kasan_report_invalid_free(void *object, unsigned long ip)
> end_report(&flags);
> }
>
> -void __kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip)
> +static void __kasan_report(unsigned long addr, size_t size, bool is_write,
> + unsigned long ip)
> {
> struct kasan_access_info info;
> void *tagged_addr;
> @@ -518,6 +520,22 @@ void __kasan_report(unsigned long addr, size_t size, bool is_write, unsigned lon
> end_report(&flags);
> }
>
> +bool kasan_report(unsigned long addr, size_t size, bool is_write,
> + unsigned long ip)
> +{
> + unsigned long flags = user_access_save();
> + bool ret = false;
> +
> + if (likely(report_enabled())) {
> + __kasan_report(addr, size, is_write, ip);
> + ret = true;
> + }
> +
> + user_access_restore(flags);
> +
> + return ret;
> +}
> +
> #ifdef CONFIG_KASAN_INLINE
> /*
> * With CONFIG_KASAN_INLINE, accesses to bogus pointers (outside the high
> --
> 2.26.2.645.ge9eca65c58-goog
>
> --
> You received this message because you are subscribed to the Google Groups "kasan-dev" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
> To view this discussion on the web visit https://groups.google.com/d/msgid/kasan-dev/78a81fde6eeda9db72a7fd55fbc33173a515e4b1.1589297433.git.andreyknvl%40google.com.
On Thu, May 28, 2020 at 09:49:13AM -0400, Qian Cai wrote:
> On Tue, May 12, 2020 at 05:33:20PM +0200, 'Andrey Konovalov' via kasan-dev wrote:
> > The kasan_report() functions belongs to report.c, as it's a common
> > functions that does error reporting.
> >
> > Reported-by: Leon Romanovsky <[email protected]>
> > Signed-off-by: Andrey Konovalov <[email protected]>
>
> Today's linux-next produced this with Clang 11.
>
> mm/kasan/report.o: warning: objtool: kasan_report()+0x8a: call to __stack_chk_fail() with UACCESS enabled
>
> kasan_report at mm/kasan/report.c:536
Peter, this was also reported with GCC about a month ago. Should we add
__stack_chk_fail() to the uaccess safe list?
--
Josh
On Thu, May 28, 2020 at 09:33:41AM -0500, Josh Poimboeuf wrote:
> On Thu, May 28, 2020 at 09:49:13AM -0400, Qian Cai wrote:
> > On Tue, May 12, 2020 at 05:33:20PM +0200, 'Andrey Konovalov' via kasan-dev wrote:
> > > The kasan_report() functions belongs to report.c, as it's a common
> > > functions that does error reporting.
> > >
> > > Reported-by: Leon Romanovsky <[email protected]>
> > > Signed-off-by: Andrey Konovalov <[email protected]>
> >
> > Today's linux-next produced this with Clang 11.
> >
> > mm/kasan/report.o: warning: objtool: kasan_report()+0x8a: call to __stack_chk_fail() with UACCESS enabled
> >
> > kasan_report at mm/kasan/report.c:536
>
> Peter, this was also reported with GCC about a month ago. Should we add
> __stack_chk_fail() to the uaccess safe list?
It calls panic(), which I suppose is pretty safe, it kills the entire
machine dead :-)
Ok.
On Thu, May 28, 2020 at 3:49 PM Qian Cai <[email protected]> wrote:
>
> On Tue, May 12, 2020 at 05:33:20PM +0200, 'Andrey Konovalov' via kasan-dev wrote:
> > The kasan_report() functions belongs to report.c, as it's a common
> > functions that does error reporting.
> >
> > Reported-by: Leon Romanovsky <[email protected]>
> > Signed-off-by: Andrey Konovalov <[email protected]>
>
> Today's linux-next produced this with Clang 11.
>
> mm/kasan/report.o: warning: objtool: kasan_report()+0x8a: call to __stack_chk_fail() with UACCESS enabled
>
> kasan_report at mm/kasan/report.c:536
Hm, the first patch in the series ("kasan: consistently disable
debugging features") disables stack protector for kasan files. Is that
patch in linux-next?
>
> > ---
> > mm/kasan/common.c | 19 -------------------
> > mm/kasan/report.c | 22 ++++++++++++++++++++--
> > 2 files changed, 20 insertions(+), 21 deletions(-)
> >
> > diff --git a/mm/kasan/common.c b/mm/kasan/common.c
> > index 2906358e42f0..757d4074fe28 100644
> > --- a/mm/kasan/common.c
> > +++ b/mm/kasan/common.c
> > @@ -33,7 +33,6 @@
> > #include <linux/types.h>
> > #include <linux/vmalloc.h>
> > #include <linux/bug.h>
> > -#include <linux/uaccess.h>
> >
> > #include <asm/cacheflush.h>
> > #include <asm/tlbflush.h>
> > @@ -613,24 +612,6 @@ void kasan_free_shadow(const struct vm_struct *vm)
> > }
> > #endif
> >
> > -extern void __kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip);
> > -extern bool report_enabled(void);
> > -
> > -bool kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip)
> > -{
> > - unsigned long flags = user_access_save();
> > - bool ret = false;
> > -
> > - if (likely(report_enabled())) {
> > - __kasan_report(addr, size, is_write, ip);
> > - ret = true;
> > - }
> > -
> > - user_access_restore(flags);
> > -
> > - return ret;
> > -}
> > -
> > #ifdef CONFIG_MEMORY_HOTPLUG
> > static bool shadow_mapped(unsigned long addr)
> > {
> > diff --git a/mm/kasan/report.c b/mm/kasan/report.c
> > index 80f23c9da6b0..51ec45407a0b 100644
> > --- a/mm/kasan/report.c
> > +++ b/mm/kasan/report.c
> > @@ -29,6 +29,7 @@
> > #include <linux/kasan.h>
> > #include <linux/module.h>
> > #include <linux/sched/task_stack.h>
> > +#include <linux/uaccess.h>
> >
> > #include <asm/sections.h>
> >
> > @@ -454,7 +455,7 @@ static void print_shadow_for_address(const void *addr)
> > }
> > }
> >
> > -bool report_enabled(void)
> > +static bool report_enabled(void)
> > {
> > if (current->kasan_depth)
> > return false;
> > @@ -479,7 +480,8 @@ void kasan_report_invalid_free(void *object, unsigned long ip)
> > end_report(&flags);
> > }
> >
> > -void __kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip)
> > +static void __kasan_report(unsigned long addr, size_t size, bool is_write,
> > + unsigned long ip)
> > {
> > struct kasan_access_info info;
> > void *tagged_addr;
> > @@ -518,6 +520,22 @@ void __kasan_report(unsigned long addr, size_t size, bool is_write, unsigned lon
> > end_report(&flags);
> > }
> >
> > +bool kasan_report(unsigned long addr, size_t size, bool is_write,
> > + unsigned long ip)
> > +{
> > + unsigned long flags = user_access_save();
> > + bool ret = false;
> > +
> > + if (likely(report_enabled())) {
> > + __kasan_report(addr, size, is_write, ip);
> > + ret = true;
> > + }
> > +
> > + user_access_restore(flags);
> > +
> > + return ret;
> > +}
> > +
> > #ifdef CONFIG_KASAN_INLINE
> > /*
> > * With CONFIG_KASAN_INLINE, accesses to bogus pointers (outside the high
> > --
> > 2.26.2.645.ge9eca65c58-goog
> >
> > --
> > You received this message because you are subscribed to the Google Groups "kasan-dev" group.
> > To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
> > To view this discussion on the web visit https://groups.google.com/d/msgid/kasan-dev/78a81fde6eeda9db72a7fd55fbc33173a515e4b1.1589297433.git.andreyknvl%40google.com.
On Thu, May 28, 2020 at 05:00:54PM +0200, 'Andrey Konovalov' via kasan-dev wrote:
> On Thu, May 28, 2020 at 3:49 PM Qian Cai <[email protected]> wrote:
> >
> > On Tue, May 12, 2020 at 05:33:20PM +0200, 'Andrey Konovalov' via kasan-dev wrote:
> > > The kasan_report() functions belongs to report.c, as it's a common
> > > functions that does error reporting.
> > >
> > > Reported-by: Leon Romanovsky <[email protected]>
> > > Signed-off-by: Andrey Konovalov <[email protected]>
> >
> > Today's linux-next produced this with Clang 11.
> >
> > mm/kasan/report.o: warning: objtool: kasan_report()+0x8a: call to __stack_chk_fail() with UACCESS enabled
> >
> > kasan_report at mm/kasan/report.c:536
>
> Hm, the first patch in the series ("kasan: consistently disable
> debugging features") disables stack protector for kasan files. Is that
> patch in linux-next?
Yes, it is there,
+CFLAGS_report.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector)
It seems that will not work for Clang?
On Thu, May 28, 2020 at 5:15 PM Qian Cai <[email protected]> wrote:
>
> On Thu, May 28, 2020 at 05:00:54PM +0200, 'Andrey Konovalov' via kasan-dev wrote:
> > On Thu, May 28, 2020 at 3:49 PM Qian Cai <[email protected]> wrote:
> > >
> > > On Tue, May 12, 2020 at 05:33:20PM +0200, 'Andrey Konovalov' via kasan-dev wrote:
> > > > The kasan_report() functions belongs to report.c, as it's a common
> > > > functions that does error reporting.
> > > >
> > > > Reported-by: Leon Romanovsky <[email protected]>
> > > > Signed-off-by: Andrey Konovalov <[email protected]>
> > >
> > > Today's linux-next produced this with Clang 11.
> > >
> > > mm/kasan/report.o: warning: objtool: kasan_report()+0x8a: call to __stack_chk_fail() with UACCESS enabled
> > >
> > > kasan_report at mm/kasan/report.c:536
> >
> > Hm, the first patch in the series ("kasan: consistently disable
> > debugging features") disables stack protector for kasan files. Is that
> > patch in linux-next?
>
> Yes, it is there,
>
> +CFLAGS_report.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector)
>
> It seems that will not work for Clang?
Ah, Clang doesn't have -fno-conserve-stack and that makes the whole
cc-option expression fail? OK, I'll send a fix.