Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp4300070ybv; Tue, 25 Feb 2020 17:20:33 -0800 (PST) X-Google-Smtp-Source: APXvYqxjPLdSy59SG0kQJwk3WMnYjDtZD3oI4CLxeEE6sHXT6l4fmWD4ZfaIAiSE5N4tWUrj5saV X-Received: by 2002:a05:6808:aa8:: with SMTP id r8mr1227426oij.7.1582680033454; Tue, 25 Feb 2020 17:20:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582680033; cv=none; d=google.com; s=arc-20160816; b=WU9UpZY3ewbOIyN6R8o+XDSdlb/RnLHDkOm3C8QIW5sI2weKI1HLxGC1PanwpcJ4wf X7JEF78gHmXxu7IvUdw9FDGZPrr+cEXZSzomcM/NFZiA9RtpAp+KGoui8vrO+769yEWS VO4zlUGvA8JEWkylJfGAaY6iA29Zy8D1RLQek9ykq4+n9liVimM7vNWOt7fV/S9wRDVa D4TE8Ut5smkzJTzimx8sPCyxr+J7RLhc3zi/sni3MPZqi6QPaU4KGTvl8IOLfe/iwWQi YpQ0x/e2ed0BkRlOPPPv8aRv3RGYv9C5gRrXP9+e/RfIISkqxj+Ikl5aY/lVfGFLRl2P HWcg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=V+WJdtiodK7smJaw6cytKeNqvxCywC6JW8awTtYsnT4=; b=Ftyg0hKiRRNf26sBIOxvzvQBaJnpGtwdZbMsDzARIXFORCgKE1IhCuTYtmkFG46dPv HqR27wpfYpCUCbEnVrkAhQzjNmSjyxccZxc+bOmSBGluEGjl6Ifo4nizsdTGJl41SlPd eBH2tTXeFXiz9x9vrV3wdi56jgpC8CUb0/o9y8EqVXDx8kagSRDqFTkMtkd4sUIi+ebe tI4DlEjmAv+3emElrfG1hGwnU11exm7M9mR14Idn5P1xlmgWvJ7kRhS5gq1Pq6vS2EIv eANOY6wpCcc8dxlBsQTMOn9A3SAy6tqg4BIF02Ffr2g35BcC+EFjGvpffW7ySw5C2zzK SKOw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=l4604xpw; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y12si337026oti.162.2020.02.25.17.20.20; Tue, 25 Feb 2020 17:20:33 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=l4604xpw; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729763AbgBZBTe (ORCPT + 99 others); Tue, 25 Feb 2020 20:19:34 -0500 Received: from mail-pg1-f194.google.com ([209.85.215.194]:37724 "EHLO mail-pg1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729376AbgBZBTe (ORCPT ); Tue, 25 Feb 2020 20:19:34 -0500 Received: by mail-pg1-f194.google.com with SMTP id z12so442592pgl.4 for ; Tue, 25 Feb 2020 17:19:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=V+WJdtiodK7smJaw6cytKeNqvxCywC6JW8awTtYsnT4=; b=l4604xpw1I8955q9AJdeAjThTj77w5HfTFVsOgRzhxDZ0vM6gMjC8oeO4rqZCFsaox ZL/o13PdpDkiVgbVPLqS6E4izZOSUR739tueSpiptZML8g4LElY0KhMqkuFeS5sObhOF JOwdK51GnNpY+2ZwrKbnYeyV+VFN6Du8fjnf3/1QsQPpwNPdNxhHtDj5pkuJlxDpVS2R GhGoL68sm/V/cldSwdhNvaxy4/NszTqHPJLbJPMUZmgJKwjoLJu60kFbSsur5dceh/zE WEd4v0dzMW8UnaLMEd6VNNLYRRyYIg9MqkoKj1DKF8Svrkj+Fg2YjvcbJYCRg7b1NOzN c4gQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=V+WJdtiodK7smJaw6cytKeNqvxCywC6JW8awTtYsnT4=; b=M+iBiSmtufNm7RtO9mUaiOMN8xMTmT/o3GtFoI5KEH1E4wd+db1DFIo8pnpqQo+VHJ xlyG0/xEK+RW6BhAB0pe6NdZi4ElC5UzakJYD8TMhfSmiAvsEYcgr6QIrENu2vEct6o/ 9FH22nYZ+34DH2N0k0JIk0l/KQuRBpXaZLTd2KDydJ0yaTlTmku8PDVgSq/mkswquZM4 o5O0uK2QkkAnSt1jUCKrextliU/Sd8gFgmLJBBnm3BhU8hcwdSwjYKfbzYhI8Og1/R8U SvhoZFd/hatUlPLNNTgIObF6k4bVWptpq9vB5u1BVX/4Nxl7pqW8NwMAfWetFK4nLRIb 7ajQ== X-Gm-Message-State: APjAAAXwSJ6x0D/2Iwd7U0NG4jvdRgTacTGk8RcwVeXBLVWrM3RLHwh4 5Dwebv0+dtyK26Kk7/D4iejb6c8ajx/ZvC+BWtb6yw== X-Received: by 2002:aa7:8545:: with SMTP id y5mr1551644pfn.185.1582679973137; Tue, 25 Feb 2020 17:19:33 -0800 (PST) MIME-Version: 1.0 References: <20200226004608.8128-1-trishalfonso@google.com> In-Reply-To: <20200226004608.8128-1-trishalfonso@google.com> From: Brendan Higgins Date: Tue, 25 Feb 2020 17:19:21 -0800 Message-ID: Subject: Re: [PATCH] UML: add support for KASAN under x86_64 To: Patricia Alfonso Cc: Jeff Dike , Richard Weinberger , Anton Ivanov , aryabinin@virtuozzo.com, Dmitry Vyukov , David Gow , Johannes Berg , kasan-dev@googlegroups.com, Linux Kernel Mailing List , linux-um Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Feb 25, 2020 at 4:46 PM Patricia Alfonso wrote: > > Make KASAN run on User Mode Linux on x86_64. > > Depends on Constructor support in UML - "[RFC PATCH] um: > implement CONFIG_CONSTRUCTORS for modules" > (https://patchwork.ozlabs.org/patch/1234551/) by Johannes Berg. > > The location of the KASAN shadow memory, starting at > KASAN_SHADOW_OFFSET, can be configured using the > KASAN_SHADOW_OFFSET option. UML uses roughly 18TB of address > space, and KASAN requires 1/8th of this. The default location of > this offset is 0x7fff8000 as suggested by Dmitry Vyukov. There is > usually enough free space at this location; however, it is a config > option so that it can be easily changed if needed. > > The UML-specific KASAN initializer uses mmap to map > the roughly 2.25TB of shadow memory to the location defined by > KASAN_SHADOW_OFFSET. kasan_init() utilizes constructors to initialize > KASAN before main(). > > Disable stack instrumentation on UML via KASAN_STACK config option to > avoid false positive KASAN reports. > > Signed-off-by: Patricia Alfonso A couple of minor nits (well one nit and one question), but overall this looks good to me. Reviewed-by: Brendan Higgins > --- > arch/um/Kconfig | 13 +++++++++++++ > arch/um/Makefile | 6 ++++++ > arch/um/include/asm/common.lds.S | 1 + > arch/um/include/asm/kasan.h | 32 ++++++++++++++++++++++++++++++++ > arch/um/kernel/dyn.lds.S | 5 ++++- > arch/um/kernel/mem.c | 18 ++++++++++++++++++ > arch/um/os-Linux/mem.c | 22 ++++++++++++++++++++++ > arch/um/os-Linux/user_syms.c | 4 ++-- > arch/x86/um/Makefile | 3 ++- > arch/x86/um/vdso/Makefile | 3 +++ > lib/Kconfig.kasan | 2 +- > 11 files changed, 104 insertions(+), 5 deletions(-) > create mode 100644 arch/um/include/asm/kasan.h > > diff --git a/arch/um/Kconfig b/arch/um/Kconfig > index 0917f8443c28..fb2ad1fb05fd 100644 > --- a/arch/um/Kconfig > +++ b/arch/um/Kconfig > @@ -8,6 +8,7 @@ config UML > select ARCH_HAS_KCOV > select ARCH_NO_PREEMPT > select HAVE_ARCH_AUDITSYSCALL > + select HAVE_ARCH_KASAN if X86_64 > select HAVE_ARCH_SECCOMP_FILTER > select HAVE_ASM_MODVERSIONS > select HAVE_UID16 > @@ -200,6 +201,18 @@ config UML_TIME_TRAVEL_SUPPORT > > It is safe to say Y, but you probably don't need this. > > +config KASAN_SHADOW_OFFSET > + hex > + depends on KASAN > + default 0x7fff8000 nit: It looks like you chose the default that Dmitry suggested. Some explanation of this in the help would probably be good. > + help > + This is the offset at which the ~2.25TB of shadow memory is > + mapped and used by KASAN for memory debugging. This can be any > + address that has at least KASAN_SHADOW_SIZE(total address space divided > + by 8) amount of space so that the KASAN shadow memory does not conflict > + with anything. The default is 0x7fff8000, as it fits into immediate of > + most instructions. > + > endmenu [...] > diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan > index 81f5464ea9e1..5b54f3c9a741 100644 > --- a/lib/Kconfig.kasan > +++ b/lib/Kconfig.kasan > @@ -125,7 +125,7 @@ config KASAN_STACK_ENABLE > > config KASAN_STACK > int > - default 1 if KASAN_STACK_ENABLE || CC_IS_GCC > + default 1 if (KASAN_STACK_ENABLE || CC_IS_GCC) && !UML Up to the KASAN people, but I think you can probably move this to arch/um/Kconfig. There is some advantage to having all the UML specific Kconfigery in arch/um/Kconfig, but there are also already a lot of things that specify !UML outside of arch/um/. > default 0 > > config KASAN_S390_4_LEVEL_PAGING > -- > 2.25.0.265.gbab2e86ba0-goog >