Changes v1->v2:
- Update changelog of patch #1.
Andrey Konovalov (2):
kasan, mm: fix conflicts with init_on_alloc/free
kasan, arm64: fix pointer tags in KASAN reports
arch/arm64/mm/fault.c | 2 ++
mm/slub.c | 7 ++++---
2 files changed, 6 insertions(+), 3 deletions(-)
--
2.30.0.284.gd98b1dd5eaa7-goog
As of the "arm64: expose FAR_EL1 tag bits in siginfo" patch, the address
that is passed to report_tag_fault has pointer tags in the format of 0x0X,
while KASAN uses 0xFX format (note the difference in the top 4 bits).
Fix up the pointer tag before calling kasan_report.
Link: https://linux-review.googlesource.com/id/I9ced973866036d8679e8f4ae325de547eb969649
Fixes: dceec3ff7807 ("arm64: expose FAR_EL1 tag bits in siginfo")
Fixes: 4291e9ee6189 ("kasan, arm64: print report from tag fault handler")
Signed-off-by: Andrey Konovalov <[email protected]>
---
arch/arm64/mm/fault.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
index 3c40da479899..a218f6f2fdc8 100644
--- a/arch/arm64/mm/fault.c
+++ b/arch/arm64/mm/fault.c
@@ -304,6 +304,8 @@ static void report_tag_fault(unsigned long addr, unsigned int esr,
{
bool is_write = ((esr & ESR_ELx_WNR) >> ESR_ELx_WNR_SHIFT) != 0;
+ /* The format of KASAN tags is 0xF<x>. */
+ addr |= (0xF0UL << MTE_TAG_SHIFT);
/*
* SAS bits aren't set for all faults reported in EL1, so we can't
* find out access size.
--
2.30.0.284.gd98b1dd5eaa7-goog
On Thu, Jan 14, 2021 at 08:33:57PM +0100, Andrey Konovalov wrote:
> As of the "arm64: expose FAR_EL1 tag bits in siginfo" patch, the address
> that is passed to report_tag_fault has pointer tags in the format of 0x0X,
> while KASAN uses 0xFX format (note the difference in the top 4 bits).
>
> Fix up the pointer tag before calling kasan_report.
>
> Link: https://linux-review.googlesource.com/id/I9ced973866036d8679e8f4ae325de547eb969649
> Fixes: dceec3ff7807 ("arm64: expose FAR_EL1 tag bits in siginfo")
> Fixes: 4291e9ee6189 ("kasan, arm64: print report from tag fault handler")
> Signed-off-by: Andrey Konovalov <[email protected]>
> ---
> arch/arm64/mm/fault.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
> index 3c40da479899..a218f6f2fdc8 100644
> --- a/arch/arm64/mm/fault.c
> +++ b/arch/arm64/mm/fault.c
> @@ -304,6 +304,8 @@ static void report_tag_fault(unsigned long addr, unsigned int esr,
> {
> bool is_write = ((esr & ESR_ELx_WNR) >> ESR_ELx_WNR_SHIFT) != 0;
>
> + /* The format of KASAN tags is 0xF<x>. */
> + addr |= (0xF0UL << MTE_TAG_SHIFT);
> /*
> * SAS bits aren't set for all faults reported in EL1, so we can't
> * find out access size.
I already replied here but I don't see any change in v2:
https://lore.kernel.org/linux-arm-kernel/20210113165441.GC27045@gaia/
--
Catalin
On Fri, Jan 15, 2021 at 11:49 AM Catalin Marinas
<[email protected]> wrote:
>
> On Thu, Jan 14, 2021 at 08:33:57PM +0100, Andrey Konovalov wrote:
> > As of the "arm64: expose FAR_EL1 tag bits in siginfo" patch, the address
> > that is passed to report_tag_fault has pointer tags in the format of 0x0X,
> > while KASAN uses 0xFX format (note the difference in the top 4 bits).
> >
> > Fix up the pointer tag before calling kasan_report.
> >
> > Link: https://linux-review.googlesource.com/id/I9ced973866036d8679e8f4ae325de547eb969649
> > Fixes: dceec3ff7807 ("arm64: expose FAR_EL1 tag bits in siginfo")
> > Fixes: 4291e9ee6189 ("kasan, arm64: print report from tag fault handler")
> > Signed-off-by: Andrey Konovalov <[email protected]>
> > ---
> > arch/arm64/mm/fault.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c
> > index 3c40da479899..a218f6f2fdc8 100644
> > --- a/arch/arm64/mm/fault.c
> > +++ b/arch/arm64/mm/fault.c
> > @@ -304,6 +304,8 @@ static void report_tag_fault(unsigned long addr, unsigned int esr,
> > {
> > bool is_write = ((esr & ESR_ELx_WNR) >> ESR_ELx_WNR_SHIFT) != 0;
> >
> > + /* The format of KASAN tags is 0xF<x>. */
> > + addr |= (0xF0UL << MTE_TAG_SHIFT);
> > /*
> > * SAS bits aren't set for all faults reported in EL1, so we can't
> > * find out access size.
>
> I already replied here but I don't see any change in v2:
>
> https://lore.kernel.org/linux-arm-kernel/20210113165441.GC27045@gaia/
Hi Catalin,
Sorry, Gmail decided to mark all your emails as spam for some reason,
so I didn't see any of them :(
I'll fix this in v3.
Thanks!