Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp1322743ybk; Thu, 21 May 2020 04:11:58 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxcjOvXhHcypVAgKWTkzfBDIEtnNVpORgc8PdCIW4z8t0aX9szrbFq67yTctM7Eia2Nwgag X-Received: by 2002:a17:906:3ed3:: with SMTP id d19mr3172745ejj.404.1590059518256; Thu, 21 May 2020 04:11:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590059518; cv=none; d=google.com; s=arc-20160816; b=fcNQpib6zEH9EweqxECrC4RHb2x7lmzz3GiRHE2hdBv9LooGfIBleZJ+KKnjAbCOJk bZHvIz9wJEJdsgjovlDxfSxLYJKGJhknmI5YS6fbJszTgCCxeMibC/A84h6DuaCv0M06 7AKm3uZxex1wFwDcROP0S6l2h07dx69rTDIp40z709/VXaGmZ4f2wlb+PFrD0k3j7W7/ CqcZ+TvzhD0PUAbVm2aU+nDxi/RnQs8WQwmgKzbtxMBMXHwYRQeN8dkPATAFsRqDisf+ Ok2ermvcwATUdgZ9aG1I84OKUw66IcKH80jrWgH+gJizMd7MX1jvC4CwIfPZ/onuAa0L 3E6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:references :mime-version:message-id:in-reply-to:date:dkim-signature; bh=E0UepZUl50HW0uHDfJhRs9oZIgYHrAECVMB9g20DGiQ=; b=ohnkL0OUcKoqOSfp+f8oO/o6Ub14GN5dukUBRvWZ1oGzINArB3ESWBgHBQetb5t5R+ GxlJbS2RBmfdbIkLD86QFKDbZ7LEACqZJiWcXcsfDBGm8qJUEhYfRJWRMzYMG2lvXMRo /AG9bx3D8qIRv6mLegTnSxYrxoFbviyYE83nnImSAxqWjnYIOKw5qQPtDSOT/8fBBHoW SJmtm5aI10tZdspUwmIyTpZc1pObVpM61zpNLu3x2BSyAzyMl0I+jtLU9nkfuCb2oNlj YXFhgaMvxpbu0iiGXGsZsPo99sJoUZxfrZ65X5vruRdvXisikOwRxtSoGTlACaIcsT3F 4QtQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="oY/uD0ly"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p7si3141609ejr.611.2020.05.21.04.11.34; Thu, 21 May 2020 04:11:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="oY/uD0ly"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729089AbgEULKA (ORCPT + 99 others); Thu, 21 May 2020 07:10:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52038 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729084AbgEULJ6 (ORCPT ); Thu, 21 May 2020 07:09:58 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0CA10C061A0E for ; Thu, 21 May 2020 04:09:58 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id s8so4857925ybj.9 for ; Thu, 21 May 2020 04:09:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=E0UepZUl50HW0uHDfJhRs9oZIgYHrAECVMB9g20DGiQ=; b=oY/uD0lypzzY7RbHryAv7AQdD01jnrfv9h6MiH9bK4YOkm0hW3lIgen04LKNdDC72x w7LJtgm8qT6UVw+SLVLkOuF0uyIZif16xVJpCyDCaIaObTJXq2K9UI2wr5zZgFjRkLRq k2oIhn/yqo2/4rrLHtcctItkVZVnNB8ZaAl1k2ep3pQydvkgv7tUJW+QNSJsAaYI1UpX RQy9F63SQwVrR5NpnRLaW6Dlxvxo+yyBrHOqdYm4sh/qg386CBdA4ivmRa1CN+L4YJCo H19L9w/WkrH1tZ1nw2hfX9aFdckc32XIzZRL5gcsno8L//4drV8V5p7Tc+q78ShV1g7M Dfjg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=E0UepZUl50HW0uHDfJhRs9oZIgYHrAECVMB9g20DGiQ=; b=UrBOj6AaOrE7d5jK3eSiKc3bvowJ0fwUptwt0DoZdDo9rXSebjxnHpB49CuTt/sYha JN30mMMmyd9IsiPoco/jPh5hlvqEzl+tXGnGS71Vi/HwJdVRwIpgVl9w3kbxOSfFS+fQ qZhwD4RtRZ8crzNbB2SOgDqxMOIaacW4Wb+LBzEEhQzHLFCJm8GtluEfKnrxKAZCjFe/ sQ3+ErAWqSM1MQAz2iNwsvcgqTkA4xKVQQCQMZ1kDQBM8kBX8hN9VjP9f948zZhI1kbn qNX2mg7JhkhLymq4A+4aqgcAgwVmg1UoV+JPzzXhndDLtO6pLD3IEyakU0LkRepbE7qh SlfQ== X-Gm-Message-State: AOAM530R26EM94A8SEJUCW2WWMZyaYxs0gCIqwVQKpN4mZGg/oSzfPpT lYyciVQ7tF8ApQOeauFLQQye/OIAUA== X-Received: by 2002:a25:41c3:: with SMTP id o186mr14043993yba.48.1590059397203; Thu, 21 May 2020 04:09:57 -0700 (PDT) Date: Thu, 21 May 2020 13:08:46 +0200 In-Reply-To: <20200521110854.114437-1-elver@google.com> Message-Id: <20200521110854.114437-4-elver@google.com> Mime-Version: 1.0 References: <20200521110854.114437-1-elver@google.com> X-Mailer: git-send-email 2.26.2.761.g0e0b3e54be-goog Subject: [PATCH -tip v2 03/11] kcsan: Support distinguishing volatile accesses From: Marco Elver To: elver@google.com Cc: paulmck@kernel.org, dvyukov@google.com, glider@google.com, andreyknvl@google.com, kasan-dev@googlegroups.com, linux-kernel@vger.kernel.org, tglx@linutronix.de, mingo@kernel.org, peterz@infradead.org, will@kernel.org, clang-built-linux@googlegroups.com, bp@alien8.de Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org In the kernel, volatile is used in various concurrent context, whether in low-level synchronization primitives or for legacy reasons. If supported by the compiler, we will assume that aligned volatile accesses up to sizeof(long long) (matching compiletime_assert_rwonce_type()) are atomic. Recent versions Clang [1] (GCC tentative [2]) can instrument volatile accesses differently. Add the option (required) to enable the instrumentation, and provide the necessary runtime functions. None of the updated compilers are widely available yet (Clang 11 will be the first release to support the feature). [1] https://github.com/llvm/llvm-project/commit/5a2c31116f412c3b6888be361137efd705e05814 [2] https://gcc.gnu.org/pipermail/gcc-patches/2020-April/544452.html This patch allows removing any explicit checks in primitives such as READ_ONCE() and WRITE_ONCE(). Signed-off-by: Marco Elver --- v2: * Reword Makefile comment. --- kernel/kcsan/core.c | 43 ++++++++++++++++++++++++++++++++++++++++++ scripts/Makefile.kcsan | 5 ++++- 2 files changed, 47 insertions(+), 1 deletion(-) diff --git a/kernel/kcsan/core.c b/kernel/kcsan/core.c index a73a66cf79df..15f67949d11e 100644 --- a/kernel/kcsan/core.c +++ b/kernel/kcsan/core.c @@ -789,6 +789,49 @@ void __tsan_write_range(void *ptr, size_t size) } EXPORT_SYMBOL(__tsan_write_range); +/* + * Use of explicit volatile is generally disallowed [1], however, volatile is + * still used in various concurrent context, whether in low-level + * synchronization primitives or for legacy reasons. + * [1] https://lwn.net/Articles/233479/ + * + * We only consider volatile accesses atomic if they are aligned and would pass + * the size-check of compiletime_assert_rwonce_type(). + */ +#define DEFINE_TSAN_VOLATILE_READ_WRITE(size) \ + void __tsan_volatile_read##size(void *ptr) \ + { \ + const bool is_atomic = size <= sizeof(long long) && \ + IS_ALIGNED((unsigned long)ptr, size); \ + if (IS_ENABLED(CONFIG_KCSAN_IGNORE_ATOMICS) && is_atomic) \ + return; \ + check_access(ptr, size, is_atomic ? KCSAN_ACCESS_ATOMIC : 0); \ + } \ + EXPORT_SYMBOL(__tsan_volatile_read##size); \ + void __tsan_unaligned_volatile_read##size(void *ptr) \ + __alias(__tsan_volatile_read##size); \ + EXPORT_SYMBOL(__tsan_unaligned_volatile_read##size); \ + void __tsan_volatile_write##size(void *ptr) \ + { \ + const bool is_atomic = size <= sizeof(long long) && \ + IS_ALIGNED((unsigned long)ptr, size); \ + if (IS_ENABLED(CONFIG_KCSAN_IGNORE_ATOMICS) && is_atomic) \ + return; \ + check_access(ptr, size, \ + KCSAN_ACCESS_WRITE | \ + (is_atomic ? KCSAN_ACCESS_ATOMIC : 0)); \ + } \ + EXPORT_SYMBOL(__tsan_volatile_write##size); \ + void __tsan_unaligned_volatile_write##size(void *ptr) \ + __alias(__tsan_volatile_write##size); \ + EXPORT_SYMBOL(__tsan_unaligned_volatile_write##size) + +DEFINE_TSAN_VOLATILE_READ_WRITE(1); +DEFINE_TSAN_VOLATILE_READ_WRITE(2); +DEFINE_TSAN_VOLATILE_READ_WRITE(4); +DEFINE_TSAN_VOLATILE_READ_WRITE(8); +DEFINE_TSAN_VOLATILE_READ_WRITE(16); + /* * The below are not required by KCSAN, but can still be emitted by the * compiler. diff --git a/scripts/Makefile.kcsan b/scripts/Makefile.kcsan index 20337a7ecf54..75d2942b9437 100644 --- a/scripts/Makefile.kcsan +++ b/scripts/Makefile.kcsan @@ -9,7 +9,10 @@ else cc-param = --param -$(1) endif +# Keep most options here optional, to allow enabling more compilers if absence +# of some options does not break KCSAN nor causes false positive reports. CFLAGS_KCSAN := -fsanitize=thread \ - $(call cc-option,$(call cc-param,tsan-instrument-func-entry-exit=0) -fno-optimize-sibling-calls) + $(call cc-option,$(call cc-param,tsan-instrument-func-entry-exit=0) -fno-optimize-sibling-calls) \ + $(call cc-param,tsan-distinguish-volatile=1) endif # CONFIG_KCSAN -- 2.26.2.761.g0e0b3e54be-goog