Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp2227559imm; Tue, 4 Sep 2018 00:01:17 -0700 (PDT) X-Google-Smtp-Source: ANB0VdYTU6RjqP+xjUHzbxdCcZi2+5gowQfvcJ70I6KCgU8iwr092AN7ommqTp3nH6UGUkLo4j3b X-Received: by 2002:a62:9101:: with SMTP id l1-v6mr33598158pfe.226.1536044477235; Tue, 04 Sep 2018 00:01:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1536044477; cv=none; d=google.com; s=arc-20160816; b=O8vOFiO2aeecsh13kjHQGCQyeuIceLACAaICkixV1OCjvBq/zboMbz+K232q9/YHMV 9wE4CwPd18vk8EJaZUdr6IEj/FuRZqiHLqMZy5Nuwd6xtIADgqsewizIpKQ9rSUi1BrX DO/KNZyWMZDB3AAkKaNZ5zRoOtM4ABLylZ1SGOLld7w7rbMlFuBI+aUuuXyJ0WJWisIi /VEYmeJWtLAN9WIRKR5ayP2DXFCpp9tZBmOQI9BAIi4gSxUNDpqbZaGcI3VPrSthJIId MvNOHAS1aH78dta6DbESBhFmgtVMEYdsinQ6M6juLoaDGv0xYT/alDClRXIS9iPE/swH QUiQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:arc-authentication-results; bh=r6JRzuvM84qGB5gclqMLCK4TvmF8fb21DEWInijY/nM=; b=wlQXW6wDo8DPJomz0LcF4lFia0PB6DObfqsWUO9d/F5RNpzY2pMAnScOACfcAXMMgW xa0ZT1SXq6ZBinoRbLczQ9CMXWf3AUYtrhLwrR0Z4/3XHQPs+tW+IIk88PlGRbfY2luU CKtL/QmDuDNzh8sS9kGDlpIPrwCwaWVkUxo4UvLjzy9C4q4cwWGS+cV89WNP6k47u6Mk 7PnOVojMqOyebruVLn3hSwea7SVCDcfDD5uVIP7hQLQ8jQ0o4MbnasQYHWzIJEoMkTBO DgjdcJWu6mlwtIPXkVuLVcCWrradFGejj6e6nIHNpaonZZHwN1JsqFN+hqgNyA8DLbQh WUsA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w16-v6si5675043pgj.61.2018.09.04.00.01.01; Tue, 04 Sep 2018 00:01:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726339AbeIDLXF (ORCPT + 99 others); Tue, 4 Sep 2018 07:23:05 -0400 Received: from lgeamrelo12.lge.com ([156.147.23.52]:60797 "EHLO lgeamrelo11.lge.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726041AbeIDLXF (ORCPT ); Tue, 4 Sep 2018 07:23:05 -0400 Received: from unknown (HELO lgemrelse6q.lge.com) (156.147.1.121) by 156.147.23.52 with ESMTP; 4 Sep 2018 15:59:19 +0900 X-Original-SENDERIP: 156.147.1.121 X-Original-MAILFROM: kyeongdon.kim@lge.com Received: from unknown (HELO ?10.159.80.93?) (10.159.80.93) by 156.147.1.121 with ESMTP; 4 Sep 2018 15:59:18 +0900 X-Original-SENDERIP: 10.159.80.93 X-Original-MAILFROM: kyeongdon.kim@lge.com Subject: Re: Re: [PATCH v2] arm64: kasan: add interceptors for strcmp/strncmp functions To: Andrey Ryabinin Cc: catalin.marinas@arm.com, will.deacon@arm.com, glider@google.com, dvyukov@google.com, Jason@zx2c4.com, robh@kernel.org, ard.biesheuvel@linaro.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org References: <1535014606-176525-1-git-send-email-kyeongdon.kim@lge.com> From: Kyeongdon Kim Message-ID: Date: Tue, 4 Sep 2018 15:59:17 +0900 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello Andrey, Thanks for your review. On 2018-09-03 오후 6:40, Andrey Ryabinin wrote: > > > On 08/23/2018 11:56 AM, Kyeongdon Kim wrote: > > > diff --git a/mm/kasan/kasan.c b/mm/kasan/kasan.c > > index c3bd520..61ad7f1 100644 > > --- a/mm/kasan/kasan.c > > +++ b/mm/kasan/kasan.c > > @@ -304,6 +304,29 @@ void *memcpy(void *dest, const void *src, > size_t len) > > > > return __memcpy(dest, src, len); > > } > > +#ifdef CONFIG_ARM64 > > +/* > > + * Arch arm64 use assembly variant for strcmp/strncmp, > > + * xtensa use inline asm operations and x86_64 use c one, > > + * so now this interceptors only for arm64 kasan. > > + */ > > +#undef strcmp > > +int strcmp(const char *cs, const char *ct) > > +{ > > + check_memory_region((unsigned long)cs, 1, false, _RET_IP_); > > + check_memory_region((unsigned long)ct, 1, false, _RET_IP_); > > + > > Well this is definitely wrong. strcmp() often accesses far more than > one byte. > > > + return __strcmp(cs, ct); > > +} > > +#undef strncmp > > +int strncmp(const char *cs, const char *ct, size_t len) > > +{ > > + check_memory_region((unsigned long)cs, len, false, _RET_IP_); > > + check_memory_region((unsigned long)ct, len, false, _RET_IP_); > > This will cause false positives. Both 'cs', and 'ct' could be less > than len bytes. > > There is no need in these interceptors, just use the C implementations > from lib/string.c > like you did in your first patch. > The only thing that was wrong in the first patch is that assembly > implementations > were compiled out instead of being declared week. > Well, at first I thought so.. I would remove diff code in /mm/kasan/kasan.c then use C implementations in lib/string.c w/ assem implementations as weak : diff --git a/lib/string.c b/lib/string.c index 2c0900a..a18b18f 100644 --- a/lib/string.c +++ b/lib/string.c @@ -312,7 +312,7 @@ size_t strlcat(char *dest, const char *src, size_t count)  EXPORT_SYMBOL(strlcat);  #endif -#ifndef __HAVE_ARCH_STRCMP +#if (defined(CONFIG_ARM64) && defined(CONFIG_KASAN)) || !defined(__HAVE_ARCH_STRCMP)  /**   * strcmp - Compare two strings   * @cs: One string @@ -336,7 +336,7 @@ int strcmp(const char *cs, const char *ct)  EXPORT_SYMBOL(strcmp);  #endif -#ifndef __HAVE_ARCH_STRNCMP +#if (defined(CONFIG_ARM64) && defined(CONFIG_KASAN)) || !defined(__HAVE_ARCH_STRNCMP)  /**   * strncmp - Compare two length-limited strings Can I get your opinion wrt this ? Thanks,