Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp1193736ybx; Tue, 5 Nov 2019 11:56:20 -0800 (PST) X-Google-Smtp-Source: APXvYqxMzaUuXbjlxMpzc8Cnoae26hrHr5HdMqlWVAqjN+8oTtWGHAGiWnwAcd86Ky8DYF5RBpt3 X-Received: by 2002:a17:906:d72:: with SMTP id s18mr31428496ejh.29.1572983780859; Tue, 05 Nov 2019 11:56:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1572983780; cv=none; d=google.com; s=arc-20160816; b=PTKedey5fiu0+RR7OgVAkPbi6YmYDSx/vCpJyQj4c5eNjFUtpD3zXhsgrNNp2OcczB XpVBKFfD+ZX/t+3WZU2MS4RJTAWVhbynVyddkrtPKb9v/ZcBp80EZmcz21l6SEGgY5xR o3F9Slc8IVSuEfSsgqntuyqtLd+UJnGA5Nc9lxkHPjq90so6p9YAcQ0DYJbtqWFoYiHd ceQv3yxHzf4Ch00/49N0WHQNaagAdeDl111gpXJofVU5G+4KPPwebwG0nPeefFHYzfoo dqqzK/CMYApDNntvUZqRWwmF1MPEuDbi1SKjN6Wlkcv4Zr9ZAzk06Cn/Tp8p6nWzUDdy sfWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=JN/L3OaIrafNQib9frGtyAZYrdDrAsFreHB52qUoKdY=; b=0hgmiOrXZQZuu+3NlVK7surORUkrhW29bSdfAqSjf7ZInwk3ZxcfqING1dFuskEU2K tA3NwhZRSk46t3epbSNg0IlgY3K6SFwRecVOVVDtJt7JvoRPTcHb38Ev7rHhKysIcAx1 zmiJkeZPzO2qi4lhWxK+Pq9XRZJjZYCBnaOgGAJOFCF9hOIB6R9dadzJ3/h6BzaKn+1m SkXZ3vK6KZUkjRHiGjjZ9Fm5viZ1PMbGUmv1MR0XMkfzlgbpP1h1Z72bEg/U/HIUUJJn Fj8Rw8zonW6oUbowwGIIktuW5IojDDTaphsHQTsZQOQ87VcFwYaUirGyin2wUk8EfbMN wDbg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f10si6187392ejq.289.2019.11.05.11.55.57; Tue, 05 Nov 2019 11:56:20 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729521AbfKETzD (ORCPT + 99 others); Tue, 5 Nov 2019 14:55:03 -0500 Received: from foss.arm.com ([217.140.110.172]:57992 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725385AbfKETy5 (ORCPT ); Tue, 5 Nov 2019 14:54:57 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 8DFB87AD; Tue, 5 Nov 2019 11:54:56 -0800 (PST) Received: from lakrids.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 7AFF33FBB1; Tue, 5 Nov 2019 01:17:25 -0800 (PST) Date: Tue, 5 Nov 2019 09:17:23 +0000 From: Mark Rutland To: Sami Tolvanen Cc: Will Deacon , Catalin Marinas , Steven Rostedt , Masami Hiramatsu , Ard Biesheuvel , Dave Martin , Kees Cook , Laura Abbott , Marc Zyngier , Nick Desaulniers , Jann Horn , Miguel Ojeda , Masahiro Yamada , clang-built-linux , Kernel Hardening , linux-arm-kernel , LKML Subject: Re: [PATCH v4 07/17] scs: add support for stack usage debugging Message-ID: <20191105091723.GC4743@lakrids.cambridge.arm.com> References: <20191018161033.261971-1-samitolvanen@google.com> <20191101221150.116536-1-samitolvanen@google.com> <20191101221150.116536-8-samitolvanen@google.com> <20191104124017.GD45140@lakrids.cambridge.arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.11.1+11 (2f07cb52) (2018-12-01) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Nov 04, 2019 at 01:35:28PM -0800, Sami Tolvanen wrote: > On Mon, Nov 4, 2019 at 4:40 AM Mark Rutland wrote: > > > +#ifdef CONFIG_DEBUG_STACK_USAGE > > > +static inline unsigned long scs_used(struct task_struct *tsk) > > > +{ > > > + unsigned long *p = __scs_base(tsk); > > > + unsigned long *end = scs_magic(tsk); > > > + uintptr_t s = (uintptr_t)p; > > > > As previously, please use unsigned long for consistency. > > Ack. > > > > + while (p < end && *p) > > > + p++; > > > > I think this is the only place where we legtimately access the shadow > > call stack directly. > > There's also scs_corrupted, which checks that the end magic is intact. Ah, true. I missed that. > > When using SCS and KASAN, are the > > compiler-generated accesses to the SCS instrumented? > > > > If not, it might make sense to make this: > > > > while (p < end && READ_ONCE_NOCKECK(*p)) > > > > ... and poison the allocation from KASAN's PoV, so that we can find > > unintentional accesses more easily. > > Sure, that makes sense. I can poison the allocation for the > non-vmalloc case, I'll just need to refactor scs_set_magic to happen > before the poisoning. Sounds good! Mark.