Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp8845372ybl;
        Fri, 17 Jan 2020 02:05:14 -0800 (PST)
X-Google-Smtp-Source: APXvYqyNk+BtEt08XpM/Vg2WPt7dwrHwKigGpl4Apoid/FCz93Kr2aHI2ovuxkQXJOscDel4Xz/b
X-Received: by 2002:a05:6830:451:: with SMTP id d17mr5304205otc.53.1579255513777;
        Fri, 17 Jan 2020 02:05:13 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1579255513; cv=none;
        d=google.com; s=arc-20160816;
        b=vcg1HqIagHBf67dhYdwDt7Hn628BjbvrACCbJNNb6IkRHItgSHDxVIIcx+RZtdZXtD
         a1x8fyXnCPKcuscm6qpM0blBMkaDhtUH1RyLGBB3wAfq02IuWrZgdfDl+xDiJh3mByAa
         onVctlYjxVyXMiUpGffk2xJ9YyIoZ6r5rafBqGt3yqs1fEpkucFw7BboRfNYBU00f3Mh
         QXnyhmApsEFWl09YD5BdqbL9l/Cbg96h9ubI5kijnsbZG4yUyOECZsLSLMXsC/7FIp7P
         BVz3f59kFu9VBB264mWzVs7IE4BH0kuYQsObrmaioMIna+qra6kTrnnWZ1Q7/MjrNcAn
         wGPg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=kN9jFTsuucSemoNqf4dJLa9bNAFNxkxyRhdletZB1KA=;
        b=jVIgL6NR/Rib6iHc+bapuGUkOvolAAgaUK9axcLJJg2/uviLp17wH0EihfT8QWhHvi
         aLzX7MrdxFBtE6akIJo2H0Xn8Xvy+/WdSwwQgV1GkIjvwmQhBi+KRuhMzyRBTG4VDe5v
         GAtfWpD+ua3aqCaCPs8UYoCXnlVBQOFsuQdt2crDycuxFJ7I0SXijuKHPpI3dLdF8fCV
         Dtqqkymq5AsC/3uG57TTS8ggvWrlW44l9o5oIXTYmOveW56FiSB4NVH/w9aBnOGLQqpq
         TYe6rWyAt/Z3LkSfn0TIIOM/pJMVs1MFzHiW7qTYn18WkXPlmDZe4C+f/QKLUzqi4xZ1
         Wm6A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=uMUCEpzD;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id u25si15097111otg.170.2020.01.17.02.05.00;
        Fri, 17 Jan 2020 02:05:13 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=uMUCEpzD;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727012AbgAQKDV (ORCPT <rfc822;ablacktshirt@gmail.com>
        + 99 others); Fri, 17 Jan 2020 05:03:21 -0500
Received: from mail-qt1-f195.google.com ([209.85.160.195]:41281 "EHLO
        mail-qt1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726220AbgAQKDU (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 17 Jan 2020 05:03:20 -0500
Received: by mail-qt1-f195.google.com with SMTP id k40so21315333qtk.8
        for <linux-kernel@vger.kernel.org>; Fri, 17 Jan 2020 02:03:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=kN9jFTsuucSemoNqf4dJLa9bNAFNxkxyRhdletZB1KA=;
        b=uMUCEpzDOb/YhPzJDKgHLZVBqvCippkuTHyQxxp2Cmnpz40yntAZP2m+g1FEG6tExR
         LFWi1AdXr+eAjej1PGMgGvob4wKuvYLxCLUH6GqPqhEFe83i0lTFH9W7wJR1MbKHKMMl
         uY7xC1fZdWlpU+eCfoSoeM1EJOvyX1xDyaJIPHusSH7gbW4L3Sv7X8jPKhabFm4jEUX1
         gBHm5RJ1SAHQugvdz0i52hpuEXVFgdBm6NXxab0lOrWJxbi4gWwFZIlg2ukDVOBnD9U0
         Ml5rETIniSPU8xMl5Ynb2ANw3+Nag/pkH0bmbsKR+tyvRUjKYor6GazB+AVaJ5aXCvCl
         gqdg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=kN9jFTsuucSemoNqf4dJLa9bNAFNxkxyRhdletZB1KA=;
        b=eitBN8NdfbnDbfoZut1gFO+oK+T9RbKwvV5IjKefI2d/yeL14wJLYhgxXsM5ho5TkG
         uF1PQGXtZZt8LvCxzqBtY4wH8rnwFugzCQwo6tCKeuaB+k8UE5HPLqlPmfvYDMNfIcmD
         JOVdFgU/x8KPQVLekfrKBR0WoMP3vIonRc+Y+9UdYaFTDc5eNDwpjyndihwvjqor/dyI
         MDLviWI7FLI2PmEAnIG16ATxseg7by3tE3HBB4A/1jMk1ZMa0EFmJDHtwJEZd+N97Spw
         Dwyy1Qp3YYnKP7/EZGiXQAPIiCRyk0Z+eBXKpJ9joZpoBAN3LnfjYhgQHhPJjKRMxDdG
         WXsA==
X-Gm-Message-State: APjAAAUdiMy7mdZV//ouPfnSuWAjzn/LnDLNGBHTuLcq/V2HmztVKEK/
        PEfAsP1La3Ghna3Szlxs//W2rV0MK8AWgbE23yxP1w==
X-Received: by 2002:ac8:30f7:: with SMTP id w52mr6677250qta.380.1579255399591;
 Fri, 17 Jan 2020 02:03:19 -0800 (PST)
MIME-Version: 1.0
References: <20200115182816.33892-1-trishalfonso@google.com>
 <dce24e66d89940c8998ccc2916e57877ccc9f6ae.camel@sipsolutions.net>
 <CAKFsvU+sUdGC9TXK6vkg5ZM9=f7ePe7+rh29DO+kHDzFXacx2w@mail.gmail.com>
 <4f382794416c023b6711ed2ca645abe4fb17d6da.camel@sipsolutions.net>
 <b55720804de8e56febf48c7c3c11b578d06a8c9f.camel@sipsolutions.net>
 <CACT4Y+brqD-o-u3Vt=C-PBiS2Wz+wXN3Q3RqBhf3XyRYaRoZJw@mail.gmail.com>
 <2092169e6dd1f8d15f1db4b3787cc9fe596097b7.camel@sipsolutions.net>
 <CACT4Y+b6C+y9sDfMYPDy-nh=WTt5+u2kLcWx2LQmHc1A5L7y0A@mail.gmail.com> <CACT4Y+atPME1RYvusmr2EQpv_mNkKJ2_LjMeANv0HxF=+Uu5hw@mail.gmail.com>
In-Reply-To: <CACT4Y+atPME1RYvusmr2EQpv_mNkKJ2_LjMeANv0HxF=+Uu5hw@mail.gmail.com>
From:   Dmitry Vyukov <dvyukov@google.com>
Date:   Fri, 17 Jan 2020 11:03:07 +0100
Message-ID: <CACT4Y+bsaZoPC1Q7_rV-e_aO=LVPA-cE3btT_VARStWYk6dcPA@mail.gmail.com>
Subject: Re: [RFC PATCH] UML: add support for KASAN under x86_64
To:     Johannes Berg <johannes@sipsolutions.net>
Cc:     Patricia Alfonso <trishalfonso@google.com>,
        Richard Weinberger <richard@nod.at>,
        Jeff Dike <jdike@addtoit.com>,
        Brendan Higgins <brendanhiggins@google.com>,
        LKML <linux-kernel@vger.kernel.org>,
        kasan-dev <kasan-dev@googlegroups.com>,
        linux-um@lists.infradead.org, David Gow <davidgow@google.com>,
        Andrey Ryabinin <aryabinin@virtuozzo.com>,
        anton.ivanov@cambridgegreys.com
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Jan 17, 2020 at 10:59 AM Dmitry Vyukov <dvyukov@google.com> wrote:
>
> On Thu, Jan 16, 2020 at 10:39 PM Patricia Alfonso
> <trishalfonso@google.com> wrote:
> >
> > On Thu, Jan 16, 2020 at 1:23 AM Dmitry Vyukov <dvyukov@google.com> wrote:
> > >
> > > On Thu, Jan 16, 2020 at 10:20 AM Johannes Berg
> > > <johannes@sipsolutions.net> wrote:
> > > >
> > > > On Thu, 2020-01-16 at 10:18 +0100, Dmitry Vyukov wrote:
> > > > >
> > > > > Looking at this problem and at the number of KASAN_SANITIZE := n in
> > > > > Makefiles (some of which are pretty sad, e.g. ignoring string.c,
> > > > > kstrtox.c, vsprintf.c -- that's where the bugs are!), I think we
> > > > > initialize KASAN too late. I think we need to do roughly what we do in
> > > > > user-space asan (because it is user-space asan!). Constructors run
> > > > > before main and it's really good, we need to initialize KASAN from
> > > > > these constructors. Or if that's not enough in all cases, also add own
> > > > > constructor/.preinit array entry to initialize as early as possible.
> > > >
> >
> > I am not too happy with the number of KASAN_SANITIZE := n's either.
> > This sounds like a good idea. Let me look into it; I am not familiar
> > with constructors or .preint array.
> >
> > > > We even control the linker in this case, so we can put something into
> > > > the .preinit array *first*.
> > >
> > > Even better! If we can reliably put something before constructors, we
> > > don't even need lazy init in constructors.
> > >
> > > > > All we need to do is to call mmap syscall, there is really no
> > > > > dependencies on anything kernel-related.
> > > >
> > > > OK. I wasn't really familiar with those details.
> > > >
> > > > > This should resolve the problem with constructors (after they
> > > > > initialize KASAN, they can proceed to do anything they need) and it
> > > > > should get rid of most KASAN_SANITIZE (in particular, all of
> > > > > lib/Makefile and kernel/Makefile) and should fix stack instrumentation
> > > > > (in case it does not work now). The only tiny bit we should not
> > > > > instrument is the path from constructor up to mmap call.
> >
> > This sounds like a great solution. I am getting this KASAN report:
> > "BUG: KASAN: stack-out-of-bounds in syscall_stub_data+0x2a5/0x2c7",
> > which is probably because of this stack instrumentation problem you
> > point out.
>
> [reposting to the list]
>
> If that part of the code I mentioned is instrumented, manifestation
> would be different -- stack instrumentation will try to access shadow,
> shadow is not mapped yet, so it would crash on the shadow access.
>
> What you are seeing looks like, well, a kernel bug where it does a bad
> stack access. Maybe it's KASAN actually _working_? :)

Though, stack instrumentation may have issues with longjmp-like things.
I would suggest first turning off stack instrumentation and getting
that work. Solving problems one-by-one is always easier.
If you need help debugging this, please post more info: patch, what
you are doing, full kernel output (preferably from start, if it's not
too lengthy).