Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934163AbcLMPcB (ORCPT ); Tue, 13 Dec 2016 10:32:01 -0500 Received: from mail-db5eur01on0115.outbound.protection.outlook.com ([104.47.2.115]:20043 "EHLO EUR01-DB5-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S932277AbcLMPbq (ORCPT ); Tue, 13 Dec 2016 10:31:46 -0500 X-Greylist: delayed 9518 seconds by postgrey-1.27 at vger.kernel.org; Tue, 13 Dec 2016 10:30:48 EST Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=aryabinin@virtuozzo.com; Subject: Re: [PATCH v2] kasan: Support for r/w instrumentation control To: Dmitry Vyukov References: <1481608665-26941-1-git-send-email-maninder1.s@samsung.com> <6cc0eadc-5204-ce36-f5e8-88ba76bb6826@virtuozzo.com> CC: Maninder Singh , Alexander Potapenko , Jonathan Corbet , Michal Marek , Andrew Morton , kasan-dev , , LKML , "open list:KERNEL BUILD + fi..." , PANKAJ MISHRA , Ajeet Kumar Yadav , Vaneet narang From: Andrey Ryabinin Message-ID: <0889b8c5-0e26-2002-b015-497294fa171b@virtuozzo.com> Date: Tue, 13 Dec 2016 18:29:28 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [195.214.232.10] X-ClientProxiedBy: VI1PR07CA0072.eurprd07.prod.outlook.com (10.164.94.168) To VI1PR0801MB2064.eurprd08.prod.outlook.com (10.173.74.149) X-MS-Office365-Filtering-Correlation-Id: 799abefa-941e-4145-4372-08d4236cc10c X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:VI1PR0801MB2064; X-Microsoft-Exchange-Diagnostics: 1;VI1PR0801MB2064;3:gDQjxUtiXhGA2Vd588fS7nqz28M84mw/rezoVinL6cUmX3p8pOr1E2ba1L248kAzlG5kt3cOj/0GAnXsbQGpqQIgv9y1GCy5/E1G3WoV943ePTLufJZyMT9EAEk4t0hhw6RzPTTar+SxMOp8WDldZDi2pHSyb7rbF5vu8BTZeG5wMklSfS5FAhteXv9vjftRaC7wh8Shj/GGJFM2RJ98GeFXVdSq0Obnsb9LBS9g17oM7NbKMyLEbOfimDNDLLpqGHg01tn1071P5OP8BRBnTQ==;25:X7B8SAJxMmFW6ct7qkDg6pY90mncLjAHXI0bqVgrkJtk7sYsCgDNbicjOBNCn82XgxeEow9937n8tjTfXgbRx46QVxkp5tLBAWMsC8T8t7/bFh9EoyUw7xIv1zVltGSq2xuyfv+5arEqj5iAXgJwIBUu1eVApMZO0L9AGCpd9gfYJokPNmVFNjd7YmUP4OLXl3uasGu3gyoyVU259GrHWf/xJxf5LtP1wGvhCvZTSWflgXX3LFtgFvd8bEM1n6GAHxfHvCGrXhBDzy9WDiNk2P3tHQY0CthCedltzES2+y9qD5VVUW30cfYobNvhZjqVG57c9+oQ3MLpz1Tat5NHg/MVd4nW1p+D9XScPIIMgwkB+tIs5NUr+GEyKzxcKWIZNk/AKxO5hKiD0IfQWETNYuJsCqeocrV9WRd/qkSIit/QvHBq4SKqpnAyFF1E1eyFmtJOMuZ5mvpmUlEQhvAxqg== X-Microsoft-Exchange-Diagnostics: 1;VI1PR0801MB2064;31:D2ehosvzdVK8joZHqBjyGD8ntR4PXNkeZhx/mWk3egO6/yLciO9zEO5jifQ5aa0I2TdZLwVO78+hmdFYGqGPvV2JfFBGZltixdTIUL8VJuag3EiFbHJqG/yg0xc0J2g7UMjnXVyIYwjarKEXdNC3Tro/MliErQ2hmMC1uOKyXaSbDtDnWZ48z+jLW810GW33b2P4CAK7ZVGCZbPHzFBJyDXMdcrF+drmFNVbHRH0dLw5e51wmoLMjvw/3iSpd90qoy7nU5KxnWCIPokb0JhnBQ==;20:HwmtMTtlIIS+1/YnbA+ZFUP3yMPyzk4Oo54C5zvOuqYx31CKxS0KIG3Exxx48hxtzO4G1tmAuN16/Vh6eP7wi/gBojQzFZkhBVX7ewKtd+ZEo9KtRPL+oyF7Z/SyDWuSLWaWhF7Uo/d/g1lYuPrDknHIURRtuDRu9ESwu/fReAav+EiqyFDQxKkspt8+QhmMOQZp9AGD43uYP8G3N3sNvELSheZFekoWbeSY17fbpfFLNsCacDJTYdz3wcGd0eVr X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6041248)(20161123555025)(20161123560025)(20161123564025)(20161123562025)(6072148);SRVR:VI1PR0801MB2064;BCL:0;PCL:0;RULEID:;SRVR:VI1PR0801MB2064; X-Microsoft-Exchange-Diagnostics: 1;VI1PR0801MB2064;4:whc7flKj3F9vYiZU0ez1YMHU1lqoJaYymgz4iqqPoJStTjMwm43B+U9kMaFS1QQfpzPga47WIc4vfZtlk2MOBhkfdVWavQu/ixqoCEF1uRIgim74Euml7eiB9UAHkyXc79TItcJT3Ca+ktm4tjmsu3xUh6qrydrFQ/W6buuHlAr7l6rb9fiX8ePRptLph8rbIpJe92qX5D0mJYJlcEBsR0H5hJQrg7VqGeRongJ6s9zy+OhF9diEQHuKuCED28XgXChwgd26KH0fiJ/x0qF8ISMa9Xgm0qcOSy0U1qqZkH2Y40jJvDW5RTgnyOwqlfAdotBziPmQPuQKZhwaW3GWUPlp4pko96yKlpuUa2V17tXtCCoTXw8qWDEt4bCMxIrG8+RqnokZFTiv4RR2OqUK+wBs8+IZML8kyKneyI7Uw9aLRq14V75Nlpz/Bqcwp9E5JQ6BsTqWBrBnuDwrglsWE4P1ZCEtrCQjAhogGAvff6LjHrtvehRvKv7lJToMjBHZArqD9rYNLnnC7i9aV/Wdie6c8/JXn+PUi9t1C1R7f751jzTvDYBQ7r1TR2SclU1L X-Forefront-PRVS: 01559F388D X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10019020)(4630300001)(6009001)(6049001)(7916002)(39450400003)(189002)(24454002)(199003)(377454003)(7416002)(68736007)(8676002)(93886004)(31696002)(7736002)(81156014)(81166006)(50466002)(33646002)(90366009)(65826007)(2950100002)(6916009)(305945005)(6486002)(5660300001)(110136003)(6666003)(77096006)(38730400001)(229853002)(230700001)(83506001)(66066001)(3846002)(54356999)(64126003)(76176999)(4001350100001)(97736004)(4326007)(86362001)(65806001)(47776003)(50986999)(65956001)(101416001)(42186005)(31686004)(36756003)(105586002)(106356001)(23676002)(6116002)(92566002)(2906002)(189998001);DIR:OUT;SFP:1102;SCL:1;SRVR:VI1PR0801MB2064;H:[10.30.19.223];FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtWSTFQUjA4MDFNQjIwNjQ7MjM6eGplVWRoRXBsUnRNbGJXOTN3ZzBsbnlu?= =?utf-8?B?UjdnUHMyYUl3V2J5YlBqYzRHenV3SWlUN2Q2WFlGdUJrL2QvL3ZwdTR1R2pl?= =?utf-8?B?Qkw2WGJwWTlRVU12VFRUcU1lTGsvclhubWo0WHk4WVplcm14OHV4dnh6em45?= =?utf-8?B?Ynh3cDVCL2lvRnNQaDQ3RWVtQ1Y5RzNCbUVyWU5GWWVPUm52MjRvczNHbjhJ?= =?utf-8?B?VzcrSDUyWVJMYndaYUhOWGl5NldSQ0lFNjlsT0VnOEtEQ0xpODk1L2x5NStr?= =?utf-8?B?V1I3OVhwWHF5QTlJSFFYV0VFcUhaM0dXMTN3N3RDdnY5SmtZRVdTSEM1UTNS?= =?utf-8?B?cGNRMEZxMFJpVzBySE5GUngzK2p0TXVOb21BM3JFSExOcmZWMGJTaXNNL25k?= =?utf-8?B?RVMxWlRIaU1tL2pkMncySWpxL0IzTzRHQXZMWG52ME9oUGpUZW9NVVJ6NytS?= =?utf-8?B?Q0pIVXRYcmQ0blIvMkh5Nmt3Rm9tMFRXVXMvcFJ1dlJiYTFTSFQyMGR3QWlE?= =?utf-8?B?czVIa1pyWFc3RmdhVER0cTNHRFdQc1lxejVHOEN5SjJEd21BQnBGamhpdlF4?= =?utf-8?B?NXhUbWZQMTBCVUQyNjZWVVMvc0tFZkpJVUl2NzNvWXRyM3JacENQT3dtWXpU?= =?utf-8?B?WmpjL3lQUmlWb2RHNDFuczRTMmI1VlBWemhDUitDeFFzNlZsWktoOFlRS2Ur?= =?utf-8?B?UXJqdDlHbHhoVnp0R0dsS283TFNrd09aK3Bmcmw0ZjYyOTZQUXpEN1JSYzdo?= =?utf-8?B?UDRUdi81UkNpY2xYaGdjRTcxM2JhUE9sUkFRTHl5dUI2UkFOZ082d1VIQzlS?= =?utf-8?B?K3pGeGR3eXE1VVd3cmp1UjhDVWFwZDUyMTd1VW44dG9VaG9Ncm15QUF6UkVV?= =?utf-8?B?WE0yQ0NEWnZEdkpnUC8yd09uZHgycHJKZjVEUlNXbjBaR2VjKzZXQi8yaDIv?= =?utf-8?B?clpPYk1PeGxRbmxEck00dUZBZk11dXBvdDh4eXJ4bWRPRjZBMDZFVExoYy9K?= =?utf-8?B?Q2NFT1JWWStVcHpGWXFyMTFaKy8xS0hiM25ROEtOalNwOVlaUU9KM084azk1?= =?utf-8?B?Q2srMEVocUNzM2hxK0d3M2UySjBDTmZYR0l5WjM4UGZoWW4zd09uVnBkS2pv?= =?utf-8?B?OU9BMlNPb2k0QXk3SjZRZ0tvTWQrMjFxQzV0MTdqSHlPZUlmcmVlM0pLMzEv?= =?utf-8?B?MGVVYndOSnpobUMwYUg4Q2ltQjF2VFVidGdqSmVFUmdoSVNjdW9HcWVtVmo4?= =?utf-8?B?L2dyd2h4aWRCYTRra05lUnBDN3VDeC84VkV0M0YyclVWdjhWN0FSS2ZiTW9s?= =?utf-8?B?UGFsT1hzdUhkVTA4ZS82d0JBZnlHS201a01MVlJjL2hzQ1BadHhSRDZraVp0?= =?utf-8?B?bVVqRFFBd0ltclB4ejZudDJ6THl5TU5tZTV1ZkxVRlRidy9WM0p2MjFXM3g1?= =?utf-8?B?R1pKQVdRaU0ybzM5cDRCNmxobWlFcng5eHBrVHFnYlJFWFMzaFVWM1I5RWZr?= =?utf-8?B?b2JUOFJRTkxJMHBkWGlCdE5aeGNFTElVcUNwOGdqdExBNDdoK2hwRmp2UlJC?= =?utf-8?B?STJkVWZ0cVJKMHRJYUJLU0Y3N3JjYVdnN3hmenhmbnZTdjFZVUg5YTVxak1R?= =?utf-8?B?UTRXY0c1UXlwbjFRMFFqNDByZHNHQWNLc3VqblFwVjV6d3cxVnFUZGdjazUz?= =?utf-8?B?OFdWZmlyVFJoZlpTRWxrK01GWWxHY25kYnBYOGx0N2IrdXA4NDNieXRuMlVB?= =?utf-8?B?aUI4Slo1TkdLTGc2NmRSeFk3TkQzRWRaQnN2bUF0RW1nelgyb0I0dC9RU3dJ?= =?utf-8?B?R2FxdXNKSGI1MisrdjROSGlOQk5OS1BqejFBQ0d0Tk0vTG92UT09?= X-Microsoft-Exchange-Diagnostics: 1;VI1PR0801MB2064;6:X/JqE3MWhm75r/3cBVKtoEfAibUGevQp871sYZGrbBkv6OvEj1beihRMokMkalr8h+9XoKtQJbZeCV6o1/b66LpHlnzIDzODf3gNSTDw+JCWxF4DC0OH0tvbL4QYPWlXlf1oYW401DvlIMGCZIqTCFC+1lNCQUDwZS+v6r5lnc34K9U0FCnSXM8E4+Jm1N3cuV5w3r9+Tk1S+dmPvWapnEVLMI3l3K/gAogTwrDIZHPaVBgGAQN2LcGVmj6IL+qmeSwxL17+h79Y4+zv3w1aqBlXXqo/Ip9pV5q/spwrZcPjFJR5DftJZTyyQBUf7hw7xkYF2YvDnGSXK7QWINJupLRP1okHG1tZNVcy7o7Sc3sOZALbhb9+2y48aBAQp4cnzB7hL3JQ9NeUbCb/di8/5THcYqj00aZaq670CxDjn10=;5:SP18Gor4Uz+nh+tkTn5oP3fW7z1D5xDwh0ogm5qD3m048jz4zKkUMEOKenkVcI3b5JI7iOreCFP+vjvq2Zsfu/BTJ4dzN3G60XrQyWkIGWS4RATXNL1XM72iUBvQRAX6NIla/dn/JFADamRhMRfjJw==;24:4OXeNZ288OmfEB25rl2Ks8smzGkCTr6vi70hc4kaMJXpcBSVXNykapmwmgBMHUKzDG9EZmjKdoMbiVcjUvly0x0HB9tqg1/iPolN3ELAA7A= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;VI1PR0801MB2064;7:H07/2QTuM1ECYYSgn+YKBVrup5I2+9TMZ4K0VnavnZOKJPPx05KQh1Pa75pK3jvOA6/CJqZjI81rIEVZADyQUtMFP6MHDGYpSFy6pWbk+FhsvOnI713Ng+RSHsS+qlIzIeCJmN5Bf92Ckql7Evy/ErwHTHP8KhJRpIgvSXAQUnMFL8B9N/fp5H/pWVCxjgS5kro4Cq3c6Ra3onPx8qNKp7Fg5Q551/+zxX92eFouM1cMKmOrE4gmdN721h0BhZBqDMYzFPz20DLi78YhpRdCgmHjysn3pqnCodhjJJEOpN54s3XtnzndioxSgOPQ3bfxpDzCWW+RHm8BYlXnU1hhEp3SIk40BRcdnrvJElWtOQSIICygEtQ7yvSwIn3TNF+8Jn1GO6IS8qP5kWfTDAepoYFLGU8m21FiUdLRmQOnwzu1Wjel28pH+GYYtm1bjbBeQgIPr1rYlXV+prec8cdshg==;20:UVOYOQ1sxXZXmnl5mDnHdMWSRFjVX48fQPrGpN0zvYkJmS5kQSjFI3RSCRKpdP9pJn8HE2muHdowWi4uvSk9J2F0nUbzhYOQqMZAh147wbrDe7qpxPIjvZI8pFnk7p96lGf1gRq5HNsSBuD7txq31mnT8Mzz3k3a/McFs7fiv80= X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Dec 2016 15:28:55.8260 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0801MB2064 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2835 Lines: 65 On 12/13/2016 05:13 PM, Dmitry Vyukov wrote: > On Tue, Dec 13, 2016 at 2:59 PM, Andrey Ryabinin > wrote: >> On 12/13/2016 12:38 PM, Dmitry Vyukov wrote: >>> On Tue, Dec 13, 2016 at 10:20 AM, Andrey Ryabinin >>> wrote: >>>> >>>> >>>> On 12/13/2016 11:58 AM, Dmitry Vyukov wrote: >>>> >>>>> --- a/Documentation/dev-tools/kasan.rst >>>>> +++ b/Documentation/dev-tools/kasan.rst >>>>> @@ -40,6 +40,14 @@ similar to the following to the respective kernel Makefile: >>>>> >>>>> KASAN_SANITIZE := n >>>>> >>>>> +Sometimes it may be useful to disable instrumentation of reads, or writes >>>>> +or both for the entire kernel. For example, if binary size is a concern, >>>>> +it may be useful to disable instrumentation of reads to reduce binary size but >>>>> +still catch more harmful bugs on writes. Or, if one is interested only in >>>>> +sanitization of a particular module and performance is a concern, she can >>>>> +disable instrumentation of both reads and writes for kernel code. >>>>> +Instrumentation can be disabled with CONFIG_KASAN_READS and >>>>> CONFIG_KASAN_WRITES. >>>>> + >>>> >>>> I don't understand this. How this can be related to modules? Configs are global. >>>> You can't just disable/enable config per module. >>> >>> >>> Build everything without instrumentation. Then enable instrumentation >>> and do "make lib/test_kasan.ko". >>> Or build everything, copy out bzImage, change config, build everything again. >> >> Yeah, this is soooooo convenient... >> >> Seriously speaking, per-file instrumentation is absolutely irrelevant to this patch and should have been >> addressed from a different angle. E.g. see how UBSAN/GCOV/KCOV do that. > > > KASAN already has that functionality (i.e. KASAN_SANITIZE_main.o := > n). But that functionality is intended for cases when we want to > persistently disable instrumentation of some files (e.g. if they cause > crashes of false positives). CONFIG_KASAN_READS/WRITES is intended for > situations when one wants to disable instrumentation wholesale. > I'm talking about UBSAN_SANITIZE_ALL/KCOV_INSTRUMENT_ALL/GCOV_PROFILE_ALL KASAN doesn't have something similar. I didn't add this because IMO it's not very useful for KASAN. One may have a bug in instrumented code, but it can be easily missed if access is done in generic code. Very simple example is passing invalid pointer in strcpy() > >> As for this patch, I'd say only one option would be enough - KASAN_DONT_SANITIZE_READS. >> Nobody wants to sanitize only reads without writes, right? Writes are fewer and more dangerous. > > I've asked this question in v1. See the case related to modules -- one > can use completely uninstrumented kernel, but load an instrumented > modules. > I get it, but again, it's not the right way to address this problem.