Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp1459723ybk; Thu, 21 May 2020 07:24:24 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwOpstggU3r+Kr3wlRg85QeVJ402jztCobqQIvVkjC5jsRtn+PN+ecoF7rF04bn7WuDuJXA X-Received: by 2002:a50:c60c:: with SMTP id k12mr7697968edg.111.1590071064353; Thu, 21 May 2020 07:24:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590071064; cv=none; d=google.com; s=arc-20160816; b=G31gJvvTFWwUjXIaOB/GEF/SDI4Ry9Ox6s+ap4JZ0pYjb35izPFCTegnfkj8Gr80HC qmmpidXYgvOzYXR1/o6u6awt6AqPYqBkbj1paHlTCNbFFxUlk4vdvci98Snr4afYyF4s GKCJnmxJqzowoA1WERJW5KUX+zf6CCZ3VnlzU4uv2hIkWDDXIIBtSzp5nfhbhI/Bgvkw 8vkbg6PDhcdLTnJwiiDW6gE/PeWJwk63uMPjWlMKuZX/1eI0jpoDmb3R8oMYO70bCFlj /uNInjt6qwQpXef8tW9N7F5bNXRhFvpmzC2rkvXmoPpzBHgn9NNGAv5/xj+qYY/I8pIB wobw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:references :mime-version:message-id:in-reply-to:date:dkim-signature; bh=PC9Hjj7vUN5/seVEDSBqpv8gGPtTVfQoZ63r2GRfhtk=; b=i3XFjfGPbvCLWJOJ7HDsO3kyS3pPOgBUmuNaWK0L4mx+mjdcYxwjXi+I2qrD6vHiuS TgetoAh0GQHZMbf/6cdQDCzFyWibOJNlhJDHO7BEKrCu5fBd0TGIbkaUf3wwLzhTztKk jToLQr7A1Y/UrlC87QrzHf+VLOP6KDAW4O9hlnh2bjZ4VpfYnbl+bEceJxsI9jsA8INf 0P1EeXy3m1NYEyMofcKz0JPLF0idBvzbjMw/E4aGonUfbb3HjU6VJOnIUbJqWUhxB3FM jRKdU4F0EdYSuGrc9yAww36M2RArV/rP2C4Jn8PnyUL9HBqg+P+tvMo8FjCr8UvyguUk 3uUg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=b9oWgHML; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id j16si3367411ejy.558.2020.05.21.07.24.01; Thu, 21 May 2020 07:24:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=b9oWgHML; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729561AbgEUOWa (ORCPT + 99 others); Thu, 21 May 2020 10:22:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53696 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726965AbgEUOW2 (ORCPT ); Thu, 21 May 2020 10:22:28 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D84BDC061A0E for ; Thu, 21 May 2020 07:22:27 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id y189so5500803ybc.14 for ; Thu, 21 May 2020 07:22:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=PC9Hjj7vUN5/seVEDSBqpv8gGPtTVfQoZ63r2GRfhtk=; b=b9oWgHMLMPUDcUkLR5hWDOERL4TjlhiDvqOjVMt/Iaa5SmFVnalZJBZXxqRYcgYVAt kfPnhvKTzbUUjdfhUvvVr5i1ODWFKXj790mDo1aqFwQD9BdVsBrR+sueZKamlgXpIyzk bil56l8Jq9M4QiO9tNnjgErtQb3Yh7EFIIJDHjMxNMCqgwFdDY/8yjZv2J/7dzs+N+82 fFVXN6tnEbQUejS5s+9AjRj+/3/ZgJhINPiDMwCHUYE8Gi7IDpFMCEnXngtMGBi2ik6x Q9Pm7vTRqx+xNJDT9Ge+EG8TBmN7fwaL3FZeW9sUSnRBgHLqTj8i8+x5GR3tSdrOdg07 2gog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=PC9Hjj7vUN5/seVEDSBqpv8gGPtTVfQoZ63r2GRfhtk=; b=OOHsrQKBC7x9ldlXPMdpK8jpqTaAEg+1rpVZ+z5+BCn3nxWILXye+oNldW763JQbc8 ApLl6O4zrajtMKdOrjskcqCa906FGge7pQRxoHk8gW+O8rBVre1pKX6AG63X4F+wgF8b SFOiiIkKLpueA13MbBhkJrJGveUPQPrSePO1Ry/S6T7MkjV7djdpCBw7EulCvto6sgwz B80T4mNJdN32YVSN/xngIZIMpMjeCBpG9Bs7jBfMp9DpWhI3XMe/epcW9A8Cq9qig0i9 XDdeDld68+bOsQh0DfcftXp8tWfSAJtpJ1bqpSMWLhxn60FKeyUHSCj/c+T5qEcWAIU9 QlpQ== X-Gm-Message-State: AOAM532Wy2/xIR50D2sUd7aOJyxOKjYxTqxmI6lXG00j3vh1MmsQQJzj G8oFGh+MpkDB89fK55wW7NzWGmy/7A== X-Received: by 2002:a25:6cd6:: with SMTP id h205mr15954705ybc.404.1590070947070; Thu, 21 May 2020 07:22:27 -0700 (PDT) Date: Thu, 21 May 2020 16:20:39 +0200 In-Reply-To: <20200521142047.169334-1-elver@google.com> Message-Id: <20200521142047.169334-4-elver@google.com> Mime-Version: 1.0 References: <20200521142047.169334-1-elver@google.com> X-Mailer: git-send-email 2.26.2.761.g0e0b3e54be-goog Subject: [PATCH -tip v3 03/11] kcsan: Support distinguishing volatile accesses From: Marco Elver To: elver@google.com Cc: paulmck@kernel.org, dvyukov@google.com, glider@google.com, andreyknvl@google.com, kasan-dev@googlegroups.com, linux-kernel@vger.kernel.org, tglx@linutronix.de, mingo@kernel.org, peterz@infradead.org, will@kernel.org, clang-built-linux@googlegroups.com, bp@alien8.de Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org In the kernel, volatile is used in various concurrent context, whether in low-level synchronization primitives or for legacy reasons. If supported by the compiler, we will assume that aligned volatile accesses up to sizeof(long long) (matching compiletime_assert_rwonce_type()) are atomic. Recent versions Clang [1] (GCC tentative [2]) can instrument volatile accesses differently. Add the option (required) to enable the instrumentation, and provide the necessary runtime functions. None of the updated compilers are widely available yet (Clang 11 will be the first release to support the feature). [1] https://github.com/llvm/llvm-project/commit/5a2c31116f412c3b6888be361137efd705e05814 [2] https://gcc.gnu.org/pipermail/gcc-patches/2020-April/544452.html This patch allows removing any explicit checks in primitives such as READ_ONCE() and WRITE_ONCE(). Acked-by: Will Deacon Signed-off-by: Marco Elver --- v2: * Reword Makefile comment. --- kernel/kcsan/core.c | 43 ++++++++++++++++++++++++++++++++++++++++++ scripts/Makefile.kcsan | 5 ++++- 2 files changed, 47 insertions(+), 1 deletion(-) diff --git a/kernel/kcsan/core.c b/kernel/kcsan/core.c index a73a66cf79df..15f67949d11e 100644 --- a/kernel/kcsan/core.c +++ b/kernel/kcsan/core.c @@ -789,6 +789,49 @@ void __tsan_write_range(void *ptr, size_t size) } EXPORT_SYMBOL(__tsan_write_range); +/* + * Use of explicit volatile is generally disallowed [1], however, volatile is + * still used in various concurrent context, whether in low-level + * synchronization primitives or for legacy reasons. + * [1] https://lwn.net/Articles/233479/ + * + * We only consider volatile accesses atomic if they are aligned and would pass + * the size-check of compiletime_assert_rwonce_type(). + */ +#define DEFINE_TSAN_VOLATILE_READ_WRITE(size) \ + void __tsan_volatile_read##size(void *ptr) \ + { \ + const bool is_atomic = size <= sizeof(long long) && \ + IS_ALIGNED((unsigned long)ptr, size); \ + if (IS_ENABLED(CONFIG_KCSAN_IGNORE_ATOMICS) && is_atomic) \ + return; \ + check_access(ptr, size, is_atomic ? KCSAN_ACCESS_ATOMIC : 0); \ + } \ + EXPORT_SYMBOL(__tsan_volatile_read##size); \ + void __tsan_unaligned_volatile_read##size(void *ptr) \ + __alias(__tsan_volatile_read##size); \ + EXPORT_SYMBOL(__tsan_unaligned_volatile_read##size); \ + void __tsan_volatile_write##size(void *ptr) \ + { \ + const bool is_atomic = size <= sizeof(long long) && \ + IS_ALIGNED((unsigned long)ptr, size); \ + if (IS_ENABLED(CONFIG_KCSAN_IGNORE_ATOMICS) && is_atomic) \ + return; \ + check_access(ptr, size, \ + KCSAN_ACCESS_WRITE | \ + (is_atomic ? KCSAN_ACCESS_ATOMIC : 0)); \ + } \ + EXPORT_SYMBOL(__tsan_volatile_write##size); \ + void __tsan_unaligned_volatile_write##size(void *ptr) \ + __alias(__tsan_volatile_write##size); \ + EXPORT_SYMBOL(__tsan_unaligned_volatile_write##size) + +DEFINE_TSAN_VOLATILE_READ_WRITE(1); +DEFINE_TSAN_VOLATILE_READ_WRITE(2); +DEFINE_TSAN_VOLATILE_READ_WRITE(4); +DEFINE_TSAN_VOLATILE_READ_WRITE(8); +DEFINE_TSAN_VOLATILE_READ_WRITE(16); + /* * The below are not required by KCSAN, but can still be emitted by the * compiler. diff --git a/scripts/Makefile.kcsan b/scripts/Makefile.kcsan index 20337a7ecf54..75d2942b9437 100644 --- a/scripts/Makefile.kcsan +++ b/scripts/Makefile.kcsan @@ -9,7 +9,10 @@ else cc-param = --param -$(1) endif +# Keep most options here optional, to allow enabling more compilers if absence +# of some options does not break KCSAN nor causes false positive reports. CFLAGS_KCSAN := -fsanitize=thread \ - $(call cc-option,$(call cc-param,tsan-instrument-func-entry-exit=0) -fno-optimize-sibling-calls) + $(call cc-option,$(call cc-param,tsan-instrument-func-entry-exit=0) -fno-optimize-sibling-calls) \ + $(call cc-param,tsan-distinguish-volatile=1) endif # CONFIG_KCSAN -- 2.26.2.761.g0e0b3e54be-goog