Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp10635639imu; Thu, 6 Dec 2018 04:29:08 -0800 (PST) X-Google-Smtp-Source: AFSGD/U6lhmrDcQTzFZBWDTfYMrsijgf8TD2ke0ZA1WckPYbB4dajfxy9j3boa122vcGlqG5hihb X-Received: by 2002:a62:c185:: with SMTP id i127mr24036174pfg.43.1544099348610; Thu, 06 Dec 2018 04:29:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1544099348; cv=none; d=google.com; s=arc-20160816; b=nkH3I0Yovdp0YfBiNplkhCOtbU3VHH3EZAUugisBHJgkIyNSTz7URnJ4T4PAQ/4XV6 0JIquqo1qwlEj+vkNH3HSXvSc5M3qWuEC0BVOkCAQX9deYpUN8PuHihUgeIrMMwJMiDd Vsqx9Jt+JY+ZM8uq8iEiUBSkqTZsf4nEuXyCAUETevxEspvHcV6CLFVNhC1QVFpT4WSx LfqPJJKj4KIMKM4gqN6w0YpASLykDyWw7fgs3zu4SmQyayB8kyD4XoPyX+EW0CVoJIQ5 imFHF/c8Em1wrnbU0kdEdbd5EmnVa5Vp8uH6GRXFrYQH7tRJvlXa9kiNViwuemmX7MvR h6YA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=wcrQnAPF661+3WixbW/biGMry6TOjJEviqadHK67u1g=; b=FNyppDc9sFK23G1f8pkbj0ub9PICNKLv2R4RkgjlVVaqPrWwP9iufYH4LTSrHZM24t HI/toYsC2USeqzYkNvgCpiE2ZPD7C6VTqBRjMS8iuyRsk34z87638Fr8muSJ1LNFG3rV BASG/lfSZ+DZqa4KICbCVwpcifxgDLsTX1LpMzmzENwdw8CrD+iOnBtagcGuFIEUU2WW 5A6Ti3tjP0bf2kDoRYkvzh5Orl23OkyescAmI9Eb8lw3HhEreHGkg2r3Xv3oJMyhIQnt 0mV8Gnvsbu677PoIB6jrvmVg0RvM+ch3G66v3sNaXdy1/CeQEebGkK8LzCKsF4dDjFSv QMsg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=HmoGJlRI; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o13si162072pgp.540.2018.12.06.04.28.52; Thu, 06 Dec 2018 04:29:08 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=HmoGJlRI; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729917AbeLFM0J (ORCPT + 99 others); Thu, 6 Dec 2018 07:26:09 -0500 Received: from mail-io1-f67.google.com ([209.85.166.67]:45433 "EHLO mail-io1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729907AbeLFM0H (ORCPT ); Thu, 6 Dec 2018 07:26:07 -0500 Received: by mail-io1-f67.google.com with SMTP id o5so163645iop.12 for ; Thu, 06 Dec 2018 04:26:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=wcrQnAPF661+3WixbW/biGMry6TOjJEviqadHK67u1g=; b=HmoGJlRIzBGjTI45c6oZZWLJ27CVota+y9lZnaIsdIwFfftDE7rpBoZpiV81DpW8E5 bbbZYB/VJq7jFDkIkODJxkM3IF6YadZuGC/qRwXJP9f62FgsVCDuHjXhnBihZhIJ/kzJ ijdLXpZMnjydMB5b0mgfN+X3h7uOXtsClC2AN1sXVvipVgnPbKk76xGdmLRK4ap3xQ/O YElv6bsfYZYa+Zd6qnV6DwOmTbb0LvEUGzkjH9esFyq4N/gqsIa3+0kdORAXODRkS0A1 Te4u9veYTWfdeWYC4NlC1HZfzLvHS7zt88QxWijgLt9P3lEYMEDW28wpHbxPz356g1Er +4+w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=wcrQnAPF661+3WixbW/biGMry6TOjJEviqadHK67u1g=; b=f+qv3iejS9PhsVevjA2jlmyZtOF0Na5/aY/B1Lpr13/jeo6urPB/Hqw4DVfDSWUzC/ FmxdtND5mWccXIPtQOHv0C9mOhsl+3bD99mlfH96NjPyMZ0lIQ8WboaETYrNHTOSf7gH goLLeBSKbrfQGq3mPPVB7T1y8mACPPqkMXZHyabC7nf+4jdXbko0fiUzPGyG9JXzqIib En1/yOuOvzuh2/lnttFRU4dHad0wUTw+MeIEUwCV+tTiv4ObYuiH8h3wpaicIScDBVlh fEUoRCThdTvxGnmV2Pe7o/7w1md83Gy7s6SDW6foQEDKfsVvwJH2j8EMokDXY/T2ZTy/ B4JQ== X-Gm-Message-State: AA+aEWa8w/m3z3ZU0M0psVNLpeHqlsZmQqv3flN5d8LK297+/hzG4l4R +h6kcmEYV9mrIooPi7vaeQLeyDUfKd63rCR6Rmd4UQ== X-Received: by 2002:a5d:91d7:: with SMTP id k23mr26027272ior.31.1544099165799; Thu, 06 Dec 2018 04:26:05 -0800 (PST) MIME-Version: 1.0 References: <20181129180138.GB4318@arm.com> <20181206111107.GE23697@arm.com> In-Reply-To: <20181206111107.GE23697@arm.com> From: Andrey Konovalov Date: Thu, 6 Dec 2018 13:25:54 +0100 Message-ID: Subject: Re: [PATCH v12 20/25] kasan, arm64: add brk handler for inline instrumentation To: Will Deacon Cc: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Catalin Marinas , Christoph Lameter , Andrew Morton , Mark Rutland , Nick Desaulniers , Marc Zyngier , Dave Martin , Ard Biesheuvel , "Eric W . Biederman" , Ingo Molnar , Paul Lawrence , Geert Uytterhoeven , Arnd Bergmann , "Kirill A. Shutemov" , Greg Kroah-Hartman , Kate Stewart , Mike Rapoport , kasan-dev , "open list:DOCUMENTATION" , LKML , Linux ARM , linux-sparse@vger.kernel.org, Linux Memory Management List , Linux Kbuild mailing list , Kostya Serebryany , Evgenii Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Jann Horn , Mark Brand , Chintan Pandya , Vishwath Mohan Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Dec 6, 2018 at 12:10 PM Will Deacon wrote: > > On Thu, Dec 06, 2018 at 11:31:43AM +0100, Andrey Konovalov wrote: > > On Thu, Nov 29, 2018 at 7:01 PM Will Deacon wrote: > > > > > > On Tue, Nov 27, 2018 at 05:55:38PM +0100, Andrey Konovalov wrote: > > > > Tag-based KASAN inline instrumentation mode (which embeds checks of shadow > > > > memory into the generated code, instead of inserting a callback) generates > > > > a brk instruction when a tag mismatch is detected. > > > > > > > > This commit adds a tag-based KASAN specific brk handler, that decodes the > > > > immediate value passed to the brk instructions (to extract information > > > > about the memory access that triggered the mismatch), reads the register > > > > values (x0 contains the guilty address) and reports the bug. > > > > > > > > Reviewed-by: Andrey Ryabinin > > > > Reviewed-by: Dmitry Vyukov > > > > Signed-off-by: Andrey Konovalov > > > > --- > > > > arch/arm64/include/asm/brk-imm.h | 2 + > > > > arch/arm64/kernel/traps.c | 68 +++++++++++++++++++++++++++++++- > > > > include/linux/kasan.h | 3 ++ > > > > 3 files changed, 71 insertions(+), 2 deletions(-) > > > > > > > > diff --git a/arch/arm64/include/asm/brk-imm.h b/arch/arm64/include/asm/brk-imm.h > > > > index ed693c5bcec0..2945fe6cd863 100644 > > > > --- a/arch/arm64/include/asm/brk-imm.h > > > > +++ b/arch/arm64/include/asm/brk-imm.h > > > > @@ -16,10 +16,12 @@ > > > > * 0x400: for dynamic BRK instruction > > > > * 0x401: for compile time BRK instruction > > > > * 0x800: kernel-mode BUG() and WARN() traps > > > > + * 0x9xx: tag-based KASAN trap (allowed values 0x900 - 0x9ff) > > > > */ > > > > #define FAULT_BRK_IMM 0x100 > > > > #define KGDB_DYN_DBG_BRK_IMM 0x400 > > > > #define KGDB_COMPILED_DBG_BRK_IMM 0x401 > > > > #define BUG_BRK_IMM 0x800 > > > > +#define KASAN_BRK_IMM 0x900 > > > > > > > > #endif > > > > diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c > > > > index 5f4d9acb32f5..04bdc53716ef 100644 > > > > --- a/arch/arm64/kernel/traps.c > > > > +++ b/arch/arm64/kernel/traps.c > > > > @@ -35,6 +35,7 @@ > > > > #include > > > > #include > > > > #include > > > > +#include > > > > > > > > #include > > > > #include > > > > @@ -284,10 +285,14 @@ void arm64_notify_die(const char *str, struct pt_regs *regs, > > > > } > > > > } > > > > > > > > -void arm64_skip_faulting_instruction(struct pt_regs *regs, unsigned long size) > > > > +void __arm64_skip_faulting_instruction(struct pt_regs *regs, unsigned long size) > > > > { > > > > regs->pc += size; > > > > +} > > > > > > > > +void arm64_skip_faulting_instruction(struct pt_regs *regs, unsigned long size) > > > > +{ > > > > + __arm64_skip_faulting_instruction(regs, size); > > > > /* > > > > * If we were single stepping, we want to get the step exception after > > > > * we return from the trap. > > > > @@ -959,7 +964,7 @@ static int bug_handler(struct pt_regs *regs, unsigned int esr) > > > > } > > > > > > > > /* If thread survives, skip over the BUG instruction and continue: */ > > > > - arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); > > > > + __arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); > > > > > > Why do you want to avoid the single-step logic here? Given that we're > > > skipping over the brk instruction, why wouldn't you want that to trigger > > > a step exception if single-step is enabled? > > > > I was asked to do that, see the discussion here: > > > > https://www.spinics.net/lists/linux-mm/msg146575.html > > https://www.spinics.net/lists/linux-mm/msg148215.html > > https://www.spinics.net/lists/linux-mm/msg148367.html > > Aha, but we subsequently fixed the underlying problem in commit > 9478f1927e6e ("arm64: only advance singlestep for user instruction traps"). > You were on cc, but I appreciate it's not clear that it was related to this. Sorry, missed that patch. > Anyway, you can just call arm64_skip_faulting_instruction() as you were > doing and there's no need for this refactoring. > > Please could you spin a new version so that akpm can replace the one which > he has queued? Done. Thanks!