Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp8841380ybl; Fri, 17 Jan 2020 02:01:12 -0800 (PST) X-Google-Smtp-Source: APXvYqyZY7GRvv6krPpArn7TC9MPN0hdzIRXJmZ2VztTJHKvnWVTn7I5skygp8toQc2bCX+/m95D X-Received: by 2002:a9d:4e97:: with SMTP id v23mr5142973otk.201.1579255272506; Fri, 17 Jan 2020 02:01:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1579255272; cv=none; d=google.com; s=arc-20160816; b=HY2SuhiEq0hlKn4fXrFjlV6YoMNAu6gA4110R/dsxZn/Ov6h/XrIWXXoscnC2xZqXQ KAhF6nTVzIvcqTUw0EXND/uz79u/+1l3RmxNDpkyZ/T1vAkf1M2WigKYRI1N4XTLfBTS ZzUtpkyc7cLDX7o3vDtq7ALc6SGMrXFrpnaVWZadW00JcyR65V0rlsppSxyXDDGHQez5 fsOD4Rvl0l8/fkBht60XIfQAfGCjMKLM81Fr6X4qTNKMB+woxmVR7W5BaOfIE3IULLbj 9qLMuomKkGC4PBTWQQpJkZ75oekCTiMbpaNOH9e3V7wdnZZHV0Nkd64833cDZKtTlPOU LRzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=jC/gslMBQjozVdraFcTbF5iK/wO0zoAIUa/gx2s21AI=; b=gSx/JQP+5yyeb7z2DaqgBy3Zuu9xbwmIgNEDXWd+Wcjka9r+RlwnXUQTVnxNDDzgxZ kASY4ZUNCw396EqXFyKP6yM5LY78b2RAOEwt/BpdnzFPTeHQmaRnpKbxnPGJBx+C1gMG AVc1iAQ9DJj9DWbdi/OAsrG1E7nSxFUWS9u2iLFyPb2FQzcqCY04qDB9Dw5SoJHtEpLL QxWeaPxTrc57+gE/+TdH/ejoUyUm1sEhiYK2wIwtng+0pWKLf3Xsy86G+IkprFZ6Tv8D lXibcm/eAVFoDHUP3z29ndQE5zR+afKnhr0WQgskFR0HgTv7hwLPUitDg5+gTlk6BnFB Kp/A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=dFb8Zxd4; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k10si12821643oik.276.2020.01.17.02.01.01; Fri, 17 Jan 2020 02:01:12 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=dFb8Zxd4; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729030AbgAQKAB (ORCPT + 99 others); Fri, 17 Jan 2020 05:00:01 -0500 Received: from mail-qk1-f193.google.com ([209.85.222.193]:37219 "EHLO mail-qk1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726053AbgAQJ75 (ORCPT ); Fri, 17 Jan 2020 04:59:57 -0500 Received: by mail-qk1-f193.google.com with SMTP id 21so22150672qky.4 for ; Fri, 17 Jan 2020 01:59:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=jC/gslMBQjozVdraFcTbF5iK/wO0zoAIUa/gx2s21AI=; b=dFb8Zxd4b6QhukcYJeb/+Y1gu5WKTtG8UOyyGTYW62kJkCoWulv38wWhEZdFdDofO0 8aXS+I429dwmMs9njLgs55rvt5XlKGAEKvpQ2Fz74/9Loq0byAqUCJ12PQJIorTIjPNM SsBenxpwGvX1aipe0a5zMQnuBerkXI1m/qtErOzKPebtD8zEjOGMSS1Qkh6ZTSxhkIzk Of/K4apTIvBkdWab834TrlBi8Kshg8CTVS0J+5mBW5wncAIb7l2/ucKjrwve657r/ZtB +JYMMYrvPJ7I5x+hT23ADe9chNut8lArojNJKe3RS2xJrKJ7ZrETtU/+Q83k2rlDmhLw sbrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=jC/gslMBQjozVdraFcTbF5iK/wO0zoAIUa/gx2s21AI=; b=RUEJU1mOjrX8P3C4mDU3+PQiUSBmsY0G9saXX8IiNBnFazBkPbR4caSGxl1a/fjs0P kYRtL6lYtABO9FhHQyXJHz7rVyc+twRPzpXq+2IjsSJ2yYqFO2Yz7yYvDhZ8yJzMyDg9 qW19lhj3LT+AlQ+wgG1J3BbHp715yThD5XUfIRJzdH6cPVx7YOD2mPySL70CEcTm6rWd gmFn+tYV90SUoCJUXn29ey3ZT0ZyO/M596xk8uJe0OLWizJpCE4GI2aeOyW9p/C2VNeh j8h4HwzfSRqkNa75k4MDzAQkfR3+VZpBZdDsIuwss+5/SP6y0Ro4Vp7zwJpbJKSX10/1 Xt/A== X-Gm-Message-State: APjAAAW08c+5hHU9lEq76WSDnY3j9BIlpz93KNSz2CK0yfGC5r66IHHf XMN8VysyNQIOjIQVfFNHgJ/zjDgBgPcWpD+8dVl+0A== X-Received: by 2002:a05:620a:1136:: with SMTP id p22mr37899734qkk.8.1579255195666; Fri, 17 Jan 2020 01:59:55 -0800 (PST) MIME-Version: 1.0 References: <20200115182816.33892-1-trishalfonso@google.com> <4f382794416c023b6711ed2ca645abe4fb17d6da.camel@sipsolutions.net> <2092169e6dd1f8d15f1db4b3787cc9fe596097b7.camel@sipsolutions.net> In-Reply-To: From: Dmitry Vyukov Date: Fri, 17 Jan 2020 10:59:44 +0100 Message-ID: Subject: Re: [RFC PATCH] UML: add support for KASAN under x86_64 To: Johannes Berg Cc: Patricia Alfonso , Richard Weinberger , Jeff Dike , Brendan Higgins , LKML , kasan-dev , linux-um@lists.infradead.org, David Gow , Andrey Ryabinin , anton.ivanov@cambridgegreys.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jan 16, 2020 at 10:39 PM Patricia Alfonso wrote: > > On Thu, Jan 16, 2020 at 1:23 AM Dmitry Vyukov wrote: > > > > On Thu, Jan 16, 2020 at 10:20 AM Johannes Berg > > wrote: > > > > > > On Thu, 2020-01-16 at 10:18 +0100, Dmitry Vyukov wrote: > > > > > > > > Looking at this problem and at the number of KASAN_SANITIZE := n in > > > > Makefiles (some of which are pretty sad, e.g. ignoring string.c, > > > > kstrtox.c, vsprintf.c -- that's where the bugs are!), I think we > > > > initialize KASAN too late. I think we need to do roughly what we do in > > > > user-space asan (because it is user-space asan!). Constructors run > > > > before main and it's really good, we need to initialize KASAN from > > > > these constructors. Or if that's not enough in all cases, also add own > > > > constructor/.preinit array entry to initialize as early as possible. > > > > > I am not too happy with the number of KASAN_SANITIZE := n's either. > This sounds like a good idea. Let me look into it; I am not familiar > with constructors or .preint array. > > > > We even control the linker in this case, so we can put something into > > > the .preinit array *first*. > > > > Even better! If we can reliably put something before constructors, we > > don't even need lazy init in constructors. > > > > > > All we need to do is to call mmap syscall, there is really no > > > > dependencies on anything kernel-related. > > > > > > OK. I wasn't really familiar with those details. > > > > > > > This should resolve the problem with constructors (after they > > > > initialize KASAN, they can proceed to do anything they need) and it > > > > should get rid of most KASAN_SANITIZE (in particular, all of > > > > lib/Makefile and kernel/Makefile) and should fix stack instrumentation > > > > (in case it does not work now). The only tiny bit we should not > > > > instrument is the path from constructor up to mmap call. > > This sounds like a great solution. I am getting this KASAN report: > "BUG: KASAN: stack-out-of-bounds in syscall_stub_data+0x2a5/0x2c7", > which is probably because of this stack instrumentation problem you > point out. [reposting to the list] If that part of the code I mentioned is instrumented, manifestation would be different -- stack instrumentation will try to access shadow, shadow is not mapped yet, so it would crash on the shadow access. What you are seeing looks like, well, a kernel bug where it does a bad stack access. Maybe it's KASAN actually _working_? :)