Received: by 2002:a25:2c96:0:0:0:0:0 with SMTP id s144csp933612ybs; Mon, 25 May 2020 03:00:09 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxSXMFsfGljAmkpI8xI2StR7VcfFHJojs5iyEoHc/OI0g59qelY43K/czhndvEymPfhlBbe X-Received: by 2002:a17:906:7d90:: with SMTP id v16mr17435793ejo.554.1590400809088; Mon, 25 May 2020 03:00:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590400809; cv=none; d=google.com; s=arc-20160816; b=fuERbhkVsbYLEiKAns5Fqry8u8rFbpYV+/WkNO0xoDs5VYM2E+uNtFDMHUBzqNr1YH yov6l6ojbUsd7rva2Ppxo8ZbwFSfCsfnkTLpQXasF5Yy/h1y5p3L0MzSRMpznqKqMPO9 dUk2z56QPc76lbqGYuDgt5lc+9cpkUkBBWFeJ2DXVgkcgkdhBz79XAwUTdJqoBgCe4/7 kesRbu3YDCAMorOsuufXhUvFQ0h3gNwdW0UQG4NzE7rD0ziVG7PfiL9hKdXjghGQnL8L UojIMV2MMGWhjlCrMvmnsQ8M1eY2rcbU7jnarIRCUkfVUfDAyfca82RvT2ZAVzBwA/KN 8uaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=W3OPQj+6MaWJ3brcNW2aa4WZVKniXvFNcmel059rH8E=; b=JMk0P2TUkGxj+JbOsNOXxvibGH1rVqahiPxmnhFdhuGJj8sNWRLDchL6XfQbKUuAxz VMKyIRo6QhDQQO2hsjwbMA+9stWP20Ztptz3OC6egw5g5aKDGPjdA1d/Hcpu5oBO3cy2 f7Y7+OZFs/3CN/N8CYPabb72plc0MZlDAiZ736k7ebJ++PPdocwBCarJLL0w1pvrnlOW mrUSzbI0NTMta5SFrWF9v43lQzZP+x7/ZLU8qog/EarxnLRzA7GUmFJ0kPh4ki5WFbLS k1Sdo/BQqTaW5wiqlu6vHHOTCCAZSgIAY/k4MthnA+W9AOLVjAODH5jzYU5zMCepktKy FUjw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Jy+KUYg4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v2si9374079ejg.198.2020.05.25.02.59.46; Mon, 25 May 2020 03:00:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Jy+KUYg4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389693AbgEYJ4z (ORCPT + 99 others); Mon, 25 May 2020 05:56:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59966 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389630AbgEYJ4y (ORCPT ); Mon, 25 May 2020 05:56:54 -0400 Received: from mail-qk1-x743.google.com (mail-qk1-x743.google.com [IPv6:2607:f8b0:4864:20::743]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7E080C061A0E for ; Mon, 25 May 2020 02:56:54 -0700 (PDT) Received: by mail-qk1-x743.google.com with SMTP id z80so17062169qka.0 for ; Mon, 25 May 2020 02:56:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=W3OPQj+6MaWJ3brcNW2aa4WZVKniXvFNcmel059rH8E=; b=Jy+KUYg4h6yqEgXZCmyC1r7hZaPjIJ5NbD8kOSB7ANDSGTcv/cxI7IqondbwUcYIx4 YDawj4yAqtGCTp0JhlLeUar5y5gF5ERMxMtMxT9kSvZxxMG4qNqP+DMsADzyMxnVKbjp Qp5JMPqDS0aZAK6jAL+ldHNC8V3WS0Ap82mFULselou6eQNZR6sUCTVknKoKe+7skkSe dQeDlVCIHtIQn2PZEtJqdGm5TlcgmE0EGSNqzldorS8mctTWozaYEL/goXdYZEUy6XHq b1ZewotnWXEtHoJ8G6kTfaYc7CdNtQvcQjiQnRuegORWPKpgBsNANNWjDA7f82Y4NWg5 MWzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=W3OPQj+6MaWJ3brcNW2aa4WZVKniXvFNcmel059rH8E=; b=J/mZMJwBhFkrYX+qqHth2RDIqlDUlqxaG2wh7uwFnzX9WljqbcBbGeZikr5BJEcKiO /Wp26boTbQNPCZCZsIZzvRFT16HCfrP1/YbJXx9P0nN1p7DsFynx3QoXopO5YNwFnLAm Cm/djY7Mo3wXqv4GGTL+yVOoRPearCrNFko8cZQkw443nyiMGuzanfTn57pVoPeqyVly AI056N6nmNsEJ1CsNqjdQMEc07vBmqRjfJ6OUL9gHSeG44FEj5QjwWoF/V0yqWrGZRtT 7gcBFGq74oCC7XV5ebmWWycdAT52C4Dz22rXDmATPBKjkygMPOKwjvkoUj2j1bZr0sKN mSbQ== X-Gm-Message-State: AOAM532+FE8gmgxnMyNMmMgR6KbdnXixt1zaWmnWy2ISlPUHj43tFOpz Ax+8LxrNQV4+Qd3Y/wYcg0+7YOq7SDYpqhvUTNYtXw== X-Received: by 2002:a05:620a:786:: with SMTP id 6mr1210763qka.407.1590400613522; Mon, 25 May 2020 02:56:53 -0700 (PDT) MIME-Version: 1.0 References: <20200522020151.23405-1-walter-zh.wu@mediatek.com> In-Reply-To: <20200522020151.23405-1-walter-zh.wu@mediatek.com> From: Dmitry Vyukov Date: Mon, 25 May 2020 11:56:42 +0200 Message-ID: Subject: Re: [PATCH v6 3/4] kasan: add tests for call_rcu stack recording To: Walter Wu Cc: Andrey Ryabinin , Alexander Potapenko , Matthias Brugger , kasan-dev , Linux-MM , LKML , Linux ARM , wsd_upstream , linux-mediatek@lists.infradead.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, May 22, 2020 at 4:02 AM Walter Wu wrote: > > Test call_rcu() call stack recording and verify whether it correctly > is printed in KASAN report. Reviewed-and-tested-by: Dmitry Vyukov > Signed-off-by: Walter Wu > Cc: Andrey Ryabinin > Cc: Dmitry Vyukov > Cc: Alexander Potapenko > Cc: Matthias Brugger > --- > lib/test_kasan.c | 30 ++++++++++++++++++++++++++++++ > 1 file changed, 30 insertions(+) > > diff --git a/lib/test_kasan.c b/lib/test_kasan.c > index e3087d90e00d..6e5fb05d42d8 100644 > --- a/lib/test_kasan.c > +++ b/lib/test_kasan.c > @@ -792,6 +792,35 @@ static noinline void __init vmalloc_oob(void) > static void __init vmalloc_oob(void) {} > #endif > > +static struct kasan_rcu_info { > + int i; > + struct rcu_head rcu; > +} *global_ptr; > + > +static noinline void __init kasan_rcu_reclaim(struct rcu_head *rp) > +{ > + struct kasan_rcu_info *fp = container_of(rp, > + struct kasan_rcu_info, rcu); > + > + kfree(fp); > + fp->i = 1; > +} > + > +static noinline void __init kasan_rcu_uaf(void) > +{ > + struct kasan_rcu_info *ptr; > + > + pr_info("use-after-free in kasan_rcu_reclaim\n"); > + ptr = kmalloc(sizeof(struct kasan_rcu_info), GFP_KERNEL); > + if (!ptr) { > + pr_err("Allocation failed\n"); > + return; > + } > + > + global_ptr = rcu_dereference_protected(ptr, NULL); > + call_rcu(&global_ptr->rcu, kasan_rcu_reclaim); > +} > + > static int __init kmalloc_tests_init(void) > { > /* > @@ -839,6 +868,7 @@ static int __init kmalloc_tests_init(void) > kasan_bitops(); > kmalloc_double_kzfree(); > vmalloc_oob(); > + kasan_rcu_uaf(); > > kasan_restore_multi_shot(multishot); > > -- > 2.18.0 > > -- > You received this message because you are subscribed to the Google Groups "kasan-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an email to kasan-dev+unsubscribe@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/msgid/kasan-dev/20200522020151.23405-1-walter-zh.wu%40mediatek.com.