Received: by 2002:ac0:8845:0:0:0:0:0 with SMTP id g63csp1922168img; Wed, 27 Feb 2019 07:41:39 -0800 (PST) X-Google-Smtp-Source: AHgI3IYrtOH+/T5Xud3/iwY5/JFuOn/2jmsF1+8+5GZYp7zwGRW1cXAaYMnJDdEcLGBAjvbDRe3d X-Received: by 2002:a62:f51d:: with SMTP id n29mr2242952pfh.21.1551282099167; Wed, 27 Feb 2019 07:41:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551282099; cv=none; d=google.com; s=arc-20160816; b=h7bvhEzG5VPQjplZzUQWRbu1GNJ1N8PNKHs5RTVEPKLf7eK6SnT5CMNKhaCGWUT5Xa 5kKyc7hAMZSqtXtn2qCZTolAtYkjUP9+rTepDv8oTz6QzaQ0sNDRh0SRrnqh/I1xNpzM 4O77JXbPRJrLMnkeJBHOoVa9hPYxTsJ16UbdS99Wg1BnW3iUyJASMfZ5Btymkhbs152g BQto7j4W4EQ5KIlRigFnqPn7MjwABRS1jWs7f6ci+nQfCkYZgOf8NZUXhQbSg/biZ/eY hhx7clgtCo9IuYMna76aH8m8o8GAqGSJDiikxlFVO/L/zGcCCdtuOhI+4j04YqdrenhJ 7c0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=9FTlGzrdjHMspvPIovy1tEc6cpfkFlq6LIdNnJjIV4s=; b=yJrkcKVqIGejg67icuhQ7WQNP7V5Z8zTlMfBheGNgO1NeYwOUri8GWUnjw47aBPeiM JLjnX+JH2EV9XXE/Jt+i6ZTz3UO34XNQRP6jFK4ot0nqdWTULF+ahNPu79VG/yjKDSkf oQRQdQ2DSipwuqyEqpUxuqb5VX56/M0NDtiufVB5mIPpCaIt43i9yV1LNNsvh3jIQ5Fm u5fuLq0CUAqa94R+8WfBdtSeclHulma+neYpN5QvgVLQU2M5DN2vfCntrgFUGjWyk/8x w+sICk/ejDjkKPBHTcShO5eFiFaLfhQdYkTuRqtnOZ1wWFv7l9Mtq4LFOFI7mbe5lodb Bu6Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=knrIfGMp; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t18si13259910pgv.285.2019.02.27.07.41.24; Wed, 27 Feb 2019 07:41:39 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=knrIfGMp; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730143AbfB0Pkl (ORCPT + 99 others); Wed, 27 Feb 2019 10:40:41 -0500 Received: from mail-io1-f66.google.com ([209.85.166.66]:34668 "EHLO mail-io1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726356AbfB0Pkl (ORCPT ); Wed, 27 Feb 2019 10:40:41 -0500 Received: by mail-io1-f66.google.com with SMTP id e1so13891516iok.1 for ; Wed, 27 Feb 2019 07:40:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=9FTlGzrdjHMspvPIovy1tEc6cpfkFlq6LIdNnJjIV4s=; b=knrIfGMpqIIDo3JVnjW0sniiT/hRvj9nuMqTzyhnTQAGG2dOuve4GL2Z73nLlxgb1L djA/ci0Vmi2xjHnWcgGlXzAChuvvGS2J8uSpOKUNv6PJqB4S+RXLTLQv6fXQgsFooeaf 7HL0QIdnZkZw3qfgHFT4iqa/zOn32Lr5Nlaa94ZBNVX5MX5UrF8MYgnPNcTswgIKBYIo 9rcVB/VLERykqhVkeJT6o2sgQP9QK1ssOTPpRObMkk9UY8BtjE6PaqYeyj4UdpTcePvH q3ZILJh7LndlhrMFVpLdjpxs9BeyhTSgsPWZ2NQzZnKR8D5lpYtSLnhMoclVbFTqftH8 aBbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=9FTlGzrdjHMspvPIovy1tEc6cpfkFlq6LIdNnJjIV4s=; b=lBHXsE0rXIVFvVVrBJ1iakT4JzKhINHUOxOgxm26vv9LcxKDBdYQDxFVHv0TkA4mDQ xhJQIk8qndLWH3cYFu0neF/kBRx53HY16GKhWbnmhs/OILghrlxegAAdOaWi1YuazNWt WWam1MJH9RfQS8lB9bltKyNtqPWreXOr4Bs0OMON0VZ9i5jKZ42e5B8gy5Yp6P+cbcY9 BEKqT1nwCF4F/Xg97KQ6hGyJzHE5YF3kGFLYnapVSMxFQAGquea0bQ3tWmpW77gZn8a8 oT6BH1p6n0rVp+auYcQnJXUHDQNGNmSiWU6YZLd9fnjPM8LU3p2svfc7+wzHKHrHLUR6 XW6g== X-Gm-Message-State: APjAAAUpwQbHCPzh6FAuPPg6U2BBzt7jF1LgkcwhY6t2EEu4AAk6+Q6h TjRIQ+qVVQMsDrBz8lxX5Q29UAILfSWmaJP1vkJJ2A== X-Received: by 2002:a6b:6b18:: with SMTP id g24mr1995974ioc.282.1551282039567; Wed, 27 Feb 2019 07:40:39 -0800 (PST) MIME-Version: 1.0 References: <20190225124330.613028745@infradead.org> <20190225125232.191698923@infradead.org> <20190227140830.GP32494@hirez.programming.kicks-ass.net> <19b35cb1-9527-2e15-6deb-9ce7c1ef1d66@virtuozzo.com> <20190227142623.GR32494@hirez.programming.kicks-ass.net> <20190227143313.GK32534@hirez.programming.kicks-ass.net> In-Reply-To: <20190227143313.GK32534@hirez.programming.kicks-ass.net> From: Dmitry Vyukov Date: Wed, 27 Feb 2019 16:40:28 +0100 Message-ID: Subject: Re: [PATCH 5/6] objtool: Add UACCESS validation To: Peter Zijlstra Cc: Andrey Ryabinin , Linus Torvalds , Thomas Gleixner , "H. Peter Anvin" , Julien Thierry , Will Deacon , Andy Lutomirski , Ingo Molnar , Catalin Marinas , James Morse , valentin.schneider@arm.com, Brian Gerst , Josh Poimboeuf , Andy Lutomirski , Borislav Petkov , Denys Vlasenko , LKML , Alexander Potapenko Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Feb 27, 2019 at 3:33 PM Peter Zijlstra wrote: > > On Wed, Feb 27, 2019 at 03:26:23PM +0100, Peter Zijlstra wrote: > > On Wed, Feb 27, 2019 at 05:17:58PM +0300, Andrey Ryabinin wrote: > > > > > > > > > On 2/27/19 5:08 PM, Peter Zijlstra wrote: > > > > > > I can't actually find any definitions of those functions, so I can't > > > > very well mark the safe, even if we wanted to. > > > > > > > > > > They are macro-generated. Use 'git grep DEFINE_ASAN' > > > > Ah, indeed! I'll go have a look. > > Urgh, kasan_report() is definitely unsafe. Now, admitedly we should > 'never' hit that, but it does leave us up a creek without a paddle. > > Not sure what to do here; best I can come up with atm. is kill SMAP on > KASAN builds. If SMAP detects additional bugs, then it would be pity to disable it with KASAN (detect bugs in production but not during testing). You mentioned that exception save/restore the UACCESS state. Is it possible to do the same in kasan_report? At the very least we need to survive report printing, what happens after that does not matter much (we've corrupted memory by now anyway).