Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp5674208ybi; Wed, 31 Jul 2019 01:27:48 -0700 (PDT) X-Google-Smtp-Source: APXvYqxaOGLICQ/oPcmpM85lbA4bb2yLLwKdIyfuwD1rZnt6Smz066uacZiybDz8ai20uoL77Trp X-Received: by 2002:a17:902:9004:: with SMTP id a4mr119789480plp.109.1564561668197; Wed, 31 Jul 2019 01:27:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564561668; cv=none; d=google.com; s=arc-20160816; b=AUcIPWlkvM4aWwE4VAN75r4izfjwv843aDGtcJKe/Pr76TA5oSGv2dPQSj8r+P/6HX 2sFdE/loihZA7hx8Q+yajjKwcjBt748mbRPkIyYllTxGFh4+97nauP1+KWLfRIOQWAFF 0roYsHJeR4IqJDwEOfAazeIpF/atoJNFWFvmGbjv4Hs1WllTxJCifgShKJsPfR9o/p9A EKEz4QIgj//RopsC5FcwasnmJ/20bhniYTltfrw/fzOHcRa6wG3IHvMoVaAgA8nwEFkJ JZsZPtQJo1ktjq1kuPgiOPvxI+zNVZdwEarL4OjAsgmgCS/uvJ8BqdQ2bNeRWsfgAPGa U7LQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=UahEbtdXwZNAU+KwZPeJAGjgE2lYz0Dt6XczqvKwLUQ=; b=Gft+8UxB1910Y53zyyMKxhP1PbJukjqtQn0r4Ft8dmVoshpqbmr78rW9yU7BL8OBBa m2aZ7UV4RlhOX9KTnAeweMPjCk9SXQLZyQdSRjJEEUc4lSob1W2eNR7ys/UoyIZ776/i 029zFa4yYx2WPSPkzvW6wClwo5di4fILhnwo5XyE8utDA2/pGLzzc1Fqod665Qi3N+yG sFUyMZbjPH63l6Po6Cehupi1REl9BV5vCItbYv+rjutwS8QR3O5KpO17lYTyyN0zNX+I FsS4Bsb9Pv0AsIJWlAuErvFCLpwq1q3j9Hf0yHstTeWJivlVznVPYzNFjrV2itqV6vSQ q4Xg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@axtens.net header.s=google header.b=ClaBu1v6; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 3si30160921pli.12.2019.07.31.01.27.33; Wed, 31 Jul 2019 01:27:48 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@axtens.net header.s=google header.b=ClaBu1v6; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727209AbfGaHQK (ORCPT + 99 others); Wed, 31 Jul 2019 03:16:10 -0400 Received: from mail-pf1-f193.google.com ([209.85.210.193]:40614 "EHLO mail-pf1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725913AbfGaHQJ (ORCPT ); Wed, 31 Jul 2019 03:16:09 -0400 Received: by mail-pf1-f193.google.com with SMTP id p184so31329916pfp.7 for ; Wed, 31 Jul 2019 00:16:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=axtens.net; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=UahEbtdXwZNAU+KwZPeJAGjgE2lYz0Dt6XczqvKwLUQ=; b=ClaBu1v6WJ4WtUuG4BiRwFve0q7yeVjT3ieM+Bmxe0M/RaaIqHw2L2kaStQrsQQxvm SFh9kyie4gCs8EuO+wJTMeMSxCVDiM43VRfcY1z1mY4NGrA1ObPdQYQUQRETS8V9bGJZ 4s/nbwxEGP4iyHoPO4NUWgW+BhSG8jTSAFgzY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=UahEbtdXwZNAU+KwZPeJAGjgE2lYz0Dt6XczqvKwLUQ=; b=RBxu3DKPusdTlR0S/J59RwrW9n3mqq6taBlbXKngCtTf/UY8Z9o+3Vzov7H75P5T1K v2LnUBrBd1r3NBeSfXp0uaT51x1UQn3Hek0XafLOau3odAPddWixiBRBEjXM8UJqIhpr sV7XlJ+s2tBEsuU8aUn2iJZnG+6RPyAqfYLG+LPQt7LkzdCal6aoXly+FbD2UhCc3m46 0mm5MJqa0bs2zuVqFbfRdsH0eTNBxmFjJ2LlYviBUseDd/LKwAVgI4uDMymVguqTxtoT IKIulP2Oz/XjegoiGoZREs7D237z6Ja9ebuMgp9rFBOKrG7Zm0Z3tsOPun+p7zz/beHf P+ow== X-Gm-Message-State: APjAAAVhP9+2BtbiUDwP9APi0pvJ4ifLM07MF4CfTILh+3XbI1sRDX0C jfGguzOfZGoGMnm5aASPPPk3bXeQ X-Received: by 2002:a63:fd57:: with SMTP id m23mr47211876pgj.204.1564557368818; Wed, 31 Jul 2019 00:16:08 -0700 (PDT) Received: from localhost (ppp167-251-205.static.internode.on.net. [59.167.251.205]) by smtp.gmail.com with ESMTPSA id i14sm104075707pfk.0.2019.07.31.00.16.07 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Wed, 31 Jul 2019 00:16:08 -0700 (PDT) From: Daniel Axtens To: kasan-dev@googlegroups.com, linux-mm@kvack.org, x86@kernel.org, aryabinin@virtuozzo.com, glider@google.com, luto@kernel.org, linux-kernel@vger.kernel.org, mark.rutland@arm.com, dvyukov@google.com Cc: Daniel Axtens Subject: [PATCH v3 3/3] x86/kasan: support KASAN_VMALLOC Date: Wed, 31 Jul 2019 17:15:50 +1000 Message-Id: <20190731071550.31814-4-dja@axtens.net> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190731071550.31814-1-dja@axtens.net> References: <20190731071550.31814-1-dja@axtens.net> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org In the case where KASAN directly allocates memory to back vmalloc space, don't map the early shadow page over it. We prepopulate pgds/p4ds for the range that would otherwise be empty. This is required to get it synced to hardware on boot, allowing the lower levels of the page tables to be filled dynamically. Acked-by: Dmitry Vyukov Signed-off-by: Daniel Axtens --- v2: move from faulting in shadow pgds to prepopulating --- arch/x86/Kconfig | 1 + arch/x86/mm/kasan_init_64.c | 61 +++++++++++++++++++++++++++++++++++++ 2 files changed, 62 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 222855cc0158..40562cc3771f 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -134,6 +134,7 @@ config X86 select HAVE_ARCH_JUMP_LABEL select HAVE_ARCH_JUMP_LABEL_RELATIVE select HAVE_ARCH_KASAN if X86_64 + select HAVE_ARCH_KASAN_VMALLOC if X86_64 select HAVE_ARCH_KGDB select HAVE_ARCH_MMAP_RND_BITS if MMU select HAVE_ARCH_MMAP_RND_COMPAT_BITS if MMU && COMPAT diff --git a/arch/x86/mm/kasan_init_64.c b/arch/x86/mm/kasan_init_64.c index 296da58f3013..2f57c4ddff61 100644 --- a/arch/x86/mm/kasan_init_64.c +++ b/arch/x86/mm/kasan_init_64.c @@ -245,6 +245,52 @@ static void __init kasan_map_early_shadow(pgd_t *pgd) } while (pgd++, addr = next, addr != end); } +static void __init kasan_shallow_populate_p4ds(pgd_t *pgd, + unsigned long addr, + unsigned long end, + int nid) +{ + p4d_t *p4d; + unsigned long next; + void *p; + + p4d = p4d_offset(pgd, addr); + do { + next = p4d_addr_end(addr, end); + + if (p4d_none(*p4d)) { + p = early_alloc(PAGE_SIZE, nid, true); + p4d_populate(&init_mm, p4d, p); + } + } while (p4d++, addr = next, addr != end); +} + +static void __init kasan_shallow_populate_pgds(void *start, void *end) +{ + unsigned long addr, next; + pgd_t *pgd; + void *p; + int nid = early_pfn_to_nid((unsigned long)start); + + addr = (unsigned long)start; + pgd = pgd_offset_k(addr); + do { + next = pgd_addr_end(addr, (unsigned long)end); + + if (pgd_none(*pgd)) { + p = early_alloc(PAGE_SIZE, nid, true); + pgd_populate(&init_mm, pgd, p); + } + + /* + * we need to populate p4ds to be synced when running in + * four level mode - see sync_global_pgds_l4() + */ + kasan_shallow_populate_p4ds(pgd, addr, next, nid); + } while (pgd++, addr = next, addr != (unsigned long)end); +} + + #ifdef CONFIG_KASAN_INLINE static int kasan_die_handler(struct notifier_block *self, unsigned long val, @@ -352,9 +398,24 @@ void __init kasan_init(void) shadow_cpu_entry_end = (void *)round_up( (unsigned long)shadow_cpu_entry_end, PAGE_SIZE); + /* + * If we're in full vmalloc mode, don't back vmalloc space with early + * shadow pages. Instead, prepopulate pgds/p4ds so they are synced to + * the global table and we can populate the lower levels on demand. + */ +#ifdef CONFIG_KASAN_VMALLOC + kasan_shallow_populate_pgds( + kasan_mem_to_shadow((void *)PAGE_OFFSET + MAXMEM), + kasan_mem_to_shadow((void *)VMALLOC_END)); + + kasan_populate_early_shadow( + kasan_mem_to_shadow((void *)VMALLOC_END + 1), + shadow_cpu_entry_begin); +#else kasan_populate_early_shadow( kasan_mem_to_shadow((void *)PAGE_OFFSET + MAXMEM), shadow_cpu_entry_begin); +#endif kasan_populate_shadow((unsigned long)shadow_cpu_entry_begin, (unsigned long)shadow_cpu_entry_end, 0); -- 2.20.1