KASAN is an important runtime memory debugging feature in linux kernel which can
detect use-after-free and out-of-bounds problems.
Changes in v2:
- Remove the porting of memmove and exclude the check instead.
- Fix some code noted by Christoph Hellwig
Changes in v3:
- Update the KASAN documentation to mention that riscv is supported.
Changes in v4:
- Correct the commit log
- Fix the bug reported by Greentime Hu
Nick Hu (3):
kasan: No KASAN's memmove check if archs don't have it.
riscv: Add KASAN support
kasan: Add riscv to KASAN documentation.
Documentation/dev-tools/kasan.rst | 4 +-
arch/riscv/Kconfig | 1 +
arch/riscv/include/asm/kasan.h | 27 ++++++++
arch/riscv/include/asm/pgtable-64.h | 5 ++
arch/riscv/include/asm/string.h | 9 +++
arch/riscv/kernel/head.S | 3 +
arch/riscv/kernel/riscv_ksyms.c | 2 +
arch/riscv/kernel/setup.c | 5 ++
arch/riscv/kernel/vmlinux.lds.S | 1 +
arch/riscv/lib/memcpy.S | 5 +-
arch/riscv/lib/memset.S | 5 +-
arch/riscv/mm/Makefile | 6 ++
arch/riscv/mm/kasan_init.c | 104 ++++++++++++++++++++++++++++
mm/kasan/common.c | 2 +
14 files changed, 173 insertions(+), 6 deletions(-)
create mode 100644 arch/riscv/include/asm/kasan.h
create mode 100644 arch/riscv/mm/kasan_init.c
--
2.17.0
If archs don't have memmove then the C implementation from lib/string.c is used,
and then it's instrumented by compiler. So there is no need to add KASAN's
memmove to manual checks.
Signed-off-by: Nick Hu <[email protected]>
---
mm/kasan/common.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/mm/kasan/common.c b/mm/kasan/common.c
index 6814d6d6a023..897f9520bab3 100644
--- a/mm/kasan/common.c
+++ b/mm/kasan/common.c
@@ -107,6 +107,7 @@ void *memset(void *addr, int c, size_t len)
return __memset(addr, c, len);
}
+#ifdef __HAVE_ARCH_MEMMOVE
#undef memmove
void *memmove(void *dest, const void *src, size_t len)
{
@@ -115,6 +116,7 @@ void *memmove(void *dest, const void *src, size_t len)
return __memmove(dest, src, len);
}
+#endif
#undef memcpy
void *memcpy(void *dest, const void *src, size_t len)
--
2.17.0
Add riscv to the KASAN documentation to mention that riscv
is supporting generic kasan now.
Signed-off-by: Nick Hu <[email protected]>
---
Documentation/dev-tools/kasan.rst | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Documentation/dev-tools/kasan.rst b/Documentation/dev-tools/kasan.rst
index b72d07d70239..34fbb7212cbc 100644
--- a/Documentation/dev-tools/kasan.rst
+++ b/Documentation/dev-tools/kasan.rst
@@ -21,8 +21,8 @@ global variables yet.
Tag-based KASAN is only supported in Clang and requires version 7.0.0 or later.
-Currently generic KASAN is supported for the x86_64, arm64, xtensa and s390
-architectures, and tag-based KASAN is supported only for arm64.
+Currently generic KASAN is supported for the x86_64, arm64, xtensa, s390 and
+riscv architectures, and tag-based KASAN is supported only for arm64.
Usage
-----
--
2.17.0
Nick Hu <[email protected]> 於 2019年10月28日 週一 上午10:41寫道:
>
> KASAN is an important runtime memory debugging feature in linux kernel which can
> detect use-after-free and out-of-bounds problems.
>
> Changes in v2:
> - Remove the porting of memmove and exclude the check instead.
> - Fix some code noted by Christoph Hellwig
>
> Changes in v3:
> - Update the KASAN documentation to mention that riscv is supported.
>
> Changes in v4:
> - Correct the commit log
> - Fix the bug reported by Greentime Hu
>
> Nick Hu (3):
> kasan: No KASAN's memmove check if archs don't have it.
> riscv: Add KASAN support
> kasan: Add riscv to KASAN documentation.
>
> Documentation/dev-tools/kasan.rst | 4 +-
> arch/riscv/Kconfig | 1 +
> arch/riscv/include/asm/kasan.h | 27 ++++++++
> arch/riscv/include/asm/pgtable-64.h | 5 ++
> arch/riscv/include/asm/string.h | 9 +++
> arch/riscv/kernel/head.S | 3 +
> arch/riscv/kernel/riscv_ksyms.c | 2 +
> arch/riscv/kernel/setup.c | 5 ++
> arch/riscv/kernel/vmlinux.lds.S | 1 +
> arch/riscv/lib/memcpy.S | 5 +-
> arch/riscv/lib/memset.S | 5 +-
> arch/riscv/mm/Makefile | 6 ++
> arch/riscv/mm/kasan_init.c | 104 ++++++++++++++++++++++++++++
> mm/kasan/common.c | 2 +
> 14 files changed, 173 insertions(+), 6 deletions(-)
> create mode 100644 arch/riscv/include/asm/kasan.h
> create mode 100644 arch/riscv/mm/kasan_init.c
>
Hi Nick,
I have tested KASAN feature with test_kasan.ko based on commit
cd9e72b80090a8cd7d84a47a30a06fa92ff277d1 (tag: riscv/for-v5.4-rc3) and
it passed in Qemu and Unleashed board.
Thank you for fixing the bug. :)
Tested-by: Greentime Hu <[email protected]>
Hello Andrey, Alexander, Dmitry,
On Mon, 28 Oct 2019, Nick Hu wrote:
> If archs don't have memmove then the C implementation from lib/string.c is used,
> and then it's instrumented by compiler. So there is no need to add KASAN's
> memmove to manual checks.
>
> Signed-off-by: Nick Hu <[email protected]>
If you're happy with this revision of this patch, could you please ack it
so we can merge it as part of the RISC-V KASAN patch set?
Or if you'd prefer to take this patch yourself, please let me know.
- Paul
> ---
> mm/kasan/common.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/mm/kasan/common.c b/mm/kasan/common.c
> index 6814d6d6a023..897f9520bab3 100644
> --- a/mm/kasan/common.c
> +++ b/mm/kasan/common.c
> @@ -107,6 +107,7 @@ void *memset(void *addr, int c, size_t len)
> return __memset(addr, c, len);
> }
>
> +#ifdef __HAVE_ARCH_MEMMOVE
> #undef memmove
> void *memmove(void *dest, const void *src, size_t len)
> {
> @@ -115,6 +116,7 @@ void *memmove(void *dest, const void *src, size_t len)
>
> return __memmove(dest, src, len);
> }
> +#endif
>
> #undef memcpy
> void *memcpy(void *dest, const void *src, size_t len)
> --
> 2.17.0
>
>
> _______________________________________________
> linux-riscv mailing list
> [email protected]
> http://lists.infradead.org/mailman/listinfo/linux-riscv
>
- Paul
On Sun, Nov 17, 2019 at 5:58 AM Paul Walmsley <[email protected]> wrote:
>
> Hello Andrey, Alexander, Dmitry,
>
> On Mon, 28 Oct 2019, Nick Hu wrote:
>
> > If archs don't have memmove then the C implementation from lib/string.c is used,
> > and then it's instrumented by compiler. So there is no need to add KASAN's
> > memmove to manual checks.
> >
> > Signed-off-by: Nick Hu <[email protected]>
>
> If you're happy with this revision of this patch, could you please ack it
> so we can merge it as part of the RISC-V KASAN patch set?
>
> Or if you'd prefer to take this patch yourself, please let me know.
Hi Paul,
Acked-by: Dmitry Vyukov <[email protected]>
We don't have separate tree for kasan. Merging this via RISC-V tree
should be fine.
Thanks
> -
>
> > ---
> > mm/kasan/common.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/mm/kasan/common.c b/mm/kasan/common.c
> > index 6814d6d6a023..897f9520bab3 100644
> > --- a/mm/kasan/common.c
> > +++ b/mm/kasan/common.c
> > @@ -107,6 +107,7 @@ void *memset(void *addr, int c, size_t len)
> > return __memset(addr, c, len);
> > }
> >
> > +#ifdef __HAVE_ARCH_MEMMOVE
> > #undef memmove
> > void *memmove(void *dest, const void *src, size_t len)
> > {
> > @@ -115,6 +116,7 @@ void *memmove(void *dest, const void *src, size_t len)
> >
> > return __memmove(dest, src, len);
> > }
> > +#endif
> >
> > #undef memcpy
> > void *memcpy(void *dest, const void *src, size_t len)
> > --
> > 2.17.0
> >
> >
> > _______________________________________________
> > linux-riscv mailing list
> > [email protected]
> > http://lists.infradead.org/mailman/listinfo/linux-riscv
> >
>
>
> - Paul
On 10/28/19 5:40 AM, Nick Hu wrote:
> If archs don't have memmove then the C implementation from lib/string.c is used,
> and then it's instrumented by compiler. So there is no need to add KASAN's
> memmove to manual checks.
>
> Signed-off-by: Nick Hu <[email protected]>
> ---
Acked-by: Andrey Ryabinin <[email protected]>