Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp408670ybv; Wed, 5 Feb 2020 07:39:43 -0800 (PST) X-Google-Smtp-Source: APXvYqwpZeMeklFkfpxq9T0n89ayFXnp58ysGXu3KOYlvUyDuXIQc8i0QQIOVxO7WDp8Kna/6XWZ X-Received: by 2002:aca:f1d4:: with SMTP id p203mr3289595oih.116.1580917183544; Wed, 05 Feb 2020 07:39:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1580917183; cv=none; d=google.com; s=arc-20160816; b=BMVcGujflOIJhYv4T/QSNF9UDMrQpBncXt4mZFJBZh19hmTb/kdlMJ8U1zHyk6VPin xjlhkcob9A3JuwSlGCXia80biEVt/IFGmbe7o4WlyT5v2dqMQP6byrp75V/yrrO71iJ4 YpooKqDMA4RW4XdrZuekK+5iqFip2P9Q94Rzm7Kuwk17YQhBdDct1MZD3/QRSnbG+8li xbHBGGVvnO3JwbhjD0Dmkdsiq0ydwi0gWexIGIjDYQLROhfnc48iCm9O4xWz1SMmVGzm Fq9BavbimOhBRL7otOivMpp2/vYmot0oC/XTiRwezLBtLc/OtmUkv6wHJexXlxQmHVd0 IEuA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:reply-to:message-id :subject:cc:to:from:date:dkim-signature; bh=eFRNuuTsMmhE9sra5dwvYU3KWqvN22oz2bku6/S0n18=; b=JPwDlxfz8YTKVJjsje56QW5daxWTwm9rh+ApMWEs+ZZWTj1z8+J0bIGiG+cHKLH7lj YmMSEe0XrKH6/15IvHNxAh0DldRHMBJj/XssBxOlx8frsw8ky/aHpKpY23/3e4uTwKA0 toW1yEK3xqN6V9x0m4mWCh0YSMWQziRr3GsmK7WdKghW8rpRc8+4potYCO/3PQr2lBZY K/FlFJt+s+G5mEkZefc/8vVAVfIM3dLH3EGsg4ahNzp9IPvx3BDM6NCc3vIbjwqVkluW IOr0s7YtG9UkGKBi1bG4nW++kRcpN2PCQMJQtPuIsFzgagIPbbLTqUNbtytCnGTOpfDs 1fmw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=dy5Bfasr; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i19si138855oik.272.2020.02.05.07.39.30; Wed, 05 Feb 2020 07:39:43 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=dy5Bfasr; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727116AbgBEPhg (ORCPT + 99 others); Wed, 5 Feb 2020 10:37:36 -0500 Received: from mail.kernel.org ([198.145.29.99]:56892 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726416AbgBEPhg (ORCPT ); Wed, 5 Feb 2020 10:37:36 -0500 Received: from paulmck-ThinkPad-P72.home (50-39-105-78.bvtn.or.frontiernet.net [50.39.105.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 31B8320730; Wed, 5 Feb 2020 15:37:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1580917056; bh=Wh2b6DVd1shfgI0Kbv5AvxSLUygA72NcMLb333+3XJ8=; h=Date:From:To:Cc:Subject:Reply-To:References:In-Reply-To:From; b=dy5BfasroV5bfLYX5gvhhFsJcu1ep5tplPCJbzcZR1kwljIJEbdWr3BmfNyt7Gs6H vzl1DmOYiiiaZmqqk+QV0gJ6HeOu2uWsOQdN3BNJMcH1FvBxquH8dJz4CA3ZiBQGfU B2B2lyMBGFdo6sK93XciVXqesyDqovihfNK9gSWM= Received: by paulmck-ThinkPad-P72.home (Postfix, from userid 1000) id F093A35227F6; Wed, 5 Feb 2020 07:37:35 -0800 (PST) Date: Wed, 5 Feb 2020 07:37:35 -0800 From: "Paul E. McKenney" To: Marco Elver Cc: andreyknvl@google.com, glider@google.com, dvyukov@google.com, kasan-dev@googlegroups.com, linux-kernel@vger.kernel.org Subject: Re: [PATCH] kcsan: Fix 0-sized checks Message-ID: <20200205153735.GY2935@paulmck-ThinkPad-P72> Reply-To: paulmck@kernel.org References: <20200205101419.149903-1-elver@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200205101419.149903-1-elver@google.com> User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Feb 05, 2020 at 11:14:19AM +0100, Marco Elver wrote: > Instrumentation of arbitrary memory-copy functions, such as user-copies, > may be called with size of 0, which could lead to false positives. > > To avoid this, add a comparison in check_access() for size==0, which > will be optimized out for constant sized instrumentation > (__tsan_{read,write}N), and therefore not affect the common-case > fast-path. > > Signed-off-by: Marco Elver Queued, thank you! Thanx, Paul > --- > kernel/kcsan/core.c | 7 +++++++ > kernel/kcsan/test.c | 10 ++++++++++ > 2 files changed, 17 insertions(+) > > diff --git a/kernel/kcsan/core.c b/kernel/kcsan/core.c > index e3c7d8f34f2ff..82c2bef827d42 100644 > --- a/kernel/kcsan/core.c > +++ b/kernel/kcsan/core.c > @@ -455,6 +455,13 @@ static __always_inline void check_access(const volatile void *ptr, size_t size, > atomic_long_t *watchpoint; > long encoded_watchpoint; > > + /* > + * Do nothing for 0 sized check; this comparison will be optimized out > + * for constant sized instrumentation (__tsan_{read,write}N). > + */ > + if (unlikely(size == 0)) > + return; > + > /* > * Avoid user_access_save in fast-path: find_watchpoint is safe without > * user_access_save, as the address that ptr points to is only used to > diff --git a/kernel/kcsan/test.c b/kernel/kcsan/test.c > index cc6000239dc01..d26a052d33838 100644 > --- a/kernel/kcsan/test.c > +++ b/kernel/kcsan/test.c > @@ -92,6 +92,16 @@ static bool test_matching_access(void) > return false; > if (WARN_ON(matching_access(9, 1, 10, 1))) > return false; > + > + /* > + * An access of size 0 could match another access, as demonstrated here. > + * Rather than add more comparisons to 'matching_access()', which would > + * end up in the fast-path for *all* checks, check_access() simply > + * returns for all accesses of size 0. > + */ > + if (WARN_ON(!matching_access(8, 8, 12, 0))) > + return false; > + > return true; > } > > -- > 2.25.0.341.g760bfbb309-goog >