Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp1491144pxb; Fri, 13 Nov 2020 14:19:11 -0800 (PST) X-Google-Smtp-Source: ABdhPJzuTfAz5ZSn5gzj30kXKx3FxXMz6Vp2Hfyx4P6DDGFABiu0IN/6gw4ySnrSyOFityPZ/OkI X-Received: by 2002:a17:906:13d0:: with SMTP id g16mr4050294ejc.327.1605305950843; Fri, 13 Nov 2020 14:19:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1605305950; cv=none; d=google.com; s=arc-20160816; b=TLDdWAO+/KADw6TIhK1WW6xwTh53aTMsWghStDMQQdcSxLrKYGjFCCuPaxt4ungyYP JtkQxx4RFXEULNWnoeppYxQ1g2yKzIP4JuqO7ECLX2VBKckppT6rGKt7zgTnVA0N3ERX Ds4pql0dpZj+RDNBBb10RGbvmcd66jpEyFwPQJhmUJHtGhTQWiQt7txj88sDhd4ytKrn bGmFZbEra/rTjai/WAMaQZ5wC/wWB0KeV1IyHS8Al+dZbPq0vg4zj2I6T9Bo0IZTUvKc d+dvMMfaW5iXxnJnpwcqjWykTt61d6HEX30kotJgrZ0uA7QEdjeo2vM+6EDnkx79auKh Itjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:sender:dkim-signature; bh=Q45/V4lVT7Gli3HEtLqShYgjMzT9iMOyirsX3EXqzak=; b=Lzcck9IbpDGVKi5iSnCHsXFptop9BHxC8lZISy/TGvF0fmjXm+k0ciWCv3GptQbf40 s5+kcIu6MKLuNg1aBCwet9tnn7sRdKbOJGnNQAmcJHwReNJ+QPaKu4TuT7u2jkJqsRWu zDRNinknDG9Fa1R+ueundgtBV6i0ZPeNE33dII1ailp7v7/StxjgemBeKDZJLFmC2fxB 2za9W3Rns8F4wTmJSKJCbWYSdl7rFS/XU8qPnHQURyLWji5rlZUE2Qk29GMGIUuHAZY3 cqwECUSASkP2MZYe30Kulf6vf2FPtxjAV4FRUcw87vBwBACFW9NJRCupRMFrSWs1oAaN qQoQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=VLuGzsQp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id ce10si8450736edb.515.2020.11.13.14.18.47; Fri, 13 Nov 2020 14:19:10 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=VLuGzsQp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726233AbgKMWRA (ORCPT + 99 others); Fri, 13 Nov 2020 17:17:00 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48416 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726359AbgKMWQs (ORCPT ); Fri, 13 Nov 2020 17:16:48 -0500 Received: from mail-qk1-x749.google.com (mail-qk1-x749.google.com [IPv6:2607:f8b0:4864:20::749]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5F7F3C0613D1 for ; Fri, 13 Nov 2020 14:16:46 -0800 (PST) Received: by mail-qk1-x749.google.com with SMTP id w189so7574568qkd.6 for ; Fri, 13 Nov 2020 14:16:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:date:in-reply-to:message-id:mime-version:references:subject :from:to:cc; bh=Q45/V4lVT7Gli3HEtLqShYgjMzT9iMOyirsX3EXqzak=; b=VLuGzsQpDNR/Zo3tTEPU/UkYL1ScCR2YdrNw7RDFebJmTUEs9pq/agtLQ4eE1XJLUo uDF1BTkXAkDu6856KQcfoMFXqZdeGpkisLSNwN3CCMjHTHoOEbC+pNah1onOojE8eeUu 8IYLzPbuxt9cQUoslLClHtM7jfjVS7X9+3RjFSnrweG6fTUMXYS0d2qgGLvFxKI4aXpH kQVP9aAn5D2+zvAQ/Wc5NKcWvMrWb2k1mAclYfNaMyrP++fU74TocuNgbcqv6uZpTpXK egn0Kb6FZDTkNWmygl7mmcyFUitCHYqTLVSRu+ZU/vAwzgHzCrEhA7hXXGVCXLm/vCod 3dwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=Q45/V4lVT7Gli3HEtLqShYgjMzT9iMOyirsX3EXqzak=; b=XXqa7bGU+nievj2eX+Fty10iiQCFUsF1yAh4CQ2N2q+ZlQ70jecjJ13f7mPDgd01BU Ehppns+ehnL3uiF6j7/c3+uRp2m/xxBxD7M53aEllYyxdLJUbDVyOO9/RVRmiOyqZsdE jWdSndzNEz2xkxmz44LfTSRtGBRzy6O45e9PWFNnU69DLI7g3SjaRQiWdR/bo+/uvrPF bWanYQH4YPn0Z/4FOo5CSEIqXoenifKkST9ud533TGGKacNPqgqWAtJmxlUoFHQKdDc2 1gTTAvE9KxfeTDEYFEhwnE0GnMMfcLFENUWAIYiSS5VuOrNcOjO9y0UklJDFOjWLs3gW rJLQ== X-Gm-Message-State: AOAM531wVlTMx4aSP520ryHxUtLEsSpmL7dxtX29Z1kRelqZJVC++hpR SXd7wG40EcwgmGnKQhKrElRh9uZzgLXbVj2P Sender: "andreyknvl via sendgmr" X-Received: from andreyknvl3.muc.corp.google.com ([2a00:79e0:15:13:7220:84ff:fe09:7e9d]) (user=andreyknvl job=sendgmr) by 2002:ad4:4a8a:: with SMTP id h10mr3721944qvx.55.1605305805462; Fri, 13 Nov 2020 14:16:45 -0800 (PST) Date: Fri, 13 Nov 2020 23:15:41 +0100 In-Reply-To: Message-Id: <2c16461ac57adff633df33f020f6ae9f330005f4.1605305705.git.andreyknvl@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.29.2.299.gdc1121823c-goog Subject: [PATCH mm v10 13/42] kasan: decode stack frame only with KASAN_STACK_ENABLE From: Andrey Konovalov To: Andrew Morton Cc: Catalin Marinas , Will Deacon , Vincenzo Frascino , Dmitry Vyukov , Andrey Ryabinin , Alexander Potapenko , Marco Elver , Evgenii Stepanov , Branislav Rankov , Kevin Brodsky , kasan-dev@googlegroups.com, linux-arm-kernel@lists.infradead.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Decoding routines aren't needed when CONFIG_KASAN_STACK_ENABLE is not enabled. Currently only generic KASAN mode implements stack error reporting. No functional changes for software modes. Signed-off-by: Andrey Konovalov Signed-off-by: Vincenzo Frascino Reviewed-by: Marco Elver Reviewed-by: Alexander Potapenko --- Change-Id: I084e3214f2b40dc0bef7c5a9fafdc6f5c42b06a2 --- mm/kasan/kasan.h | 6 ++ mm/kasan/report.c | 162 -------------------------------------- mm/kasan/report_generic.c | 162 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 168 insertions(+), 162 deletions(-) diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index e5b5f60bc963..488ca1ff5979 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -171,6 +171,12 @@ bool check_invalid_free(void *addr); void *find_first_bad_addr(void *addr, size_t size); const char *get_bug_type(struct kasan_access_info *info); +#if defined(CONFIG_KASAN_GENERIC) && CONFIG_KASAN_STACK +void print_address_stack_frame(const void *addr); +#else +static inline void print_address_stack_frame(const void *addr) { } +#endif + bool kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long ip); void kasan_report_invalid_free(void *object, unsigned long ip); diff --git a/mm/kasan/report.c b/mm/kasan/report.c index fff0c7befbfe..b18d193f7f58 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -211,168 +211,6 @@ static inline bool init_task_stack_addr(const void *addr) sizeof(init_thread_union.stack)); } -static bool __must_check tokenize_frame_descr(const char **frame_descr, - char *token, size_t max_tok_len, - unsigned long *value) -{ - const char *sep = strchr(*frame_descr, ' '); - - if (sep == NULL) - sep = *frame_descr + strlen(*frame_descr); - - if (token != NULL) { - const size_t tok_len = sep - *frame_descr; - - if (tok_len + 1 > max_tok_len) { - pr_err("KASAN internal error: frame description too long: %s\n", - *frame_descr); - return false; - } - - /* Copy token (+ 1 byte for '\0'). */ - strlcpy(token, *frame_descr, tok_len + 1); - } - - /* Advance frame_descr past separator. */ - *frame_descr = sep + 1; - - if (value != NULL && kstrtoul(token, 10, value)) { - pr_err("KASAN internal error: not a valid number: %s\n", token); - return false; - } - - return true; -} - -static void print_decoded_frame_descr(const char *frame_descr) -{ - /* - * We need to parse the following string: - * "n alloc_1 alloc_2 ... alloc_n" - * where alloc_i looks like - * "offset size len name" - * or "offset size len name:line". - */ - - char token[64]; - unsigned long num_objects; - - if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), - &num_objects)) - return; - - pr_err("\n"); - pr_err("this frame has %lu %s:\n", num_objects, - num_objects == 1 ? "object" : "objects"); - - while (num_objects--) { - unsigned long offset; - unsigned long size; - - /* access offset */ - if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), - &offset)) - return; - /* access size */ - if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), - &size)) - return; - /* name length (unused) */ - if (!tokenize_frame_descr(&frame_descr, NULL, 0, NULL)) - return; - /* object name */ - if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), - NULL)) - return; - - /* Strip line number; without filename it's not very helpful. */ - strreplace(token, ':', '\0'); - - /* Finally, print object information. */ - pr_err(" [%lu, %lu) '%s'", offset, offset + size, token); - } -} - -static bool __must_check get_address_stack_frame_info(const void *addr, - unsigned long *offset, - const char **frame_descr, - const void **frame_pc) -{ - unsigned long aligned_addr; - unsigned long mem_ptr; - const u8 *shadow_bottom; - const u8 *shadow_ptr; - const unsigned long *frame; - - BUILD_BUG_ON(IS_ENABLED(CONFIG_STACK_GROWSUP)); - - /* - * NOTE: We currently only support printing frame information for - * accesses to the task's own stack. - */ - if (!object_is_on_stack(addr)) - return false; - - aligned_addr = round_down((unsigned long)addr, sizeof(long)); - mem_ptr = round_down(aligned_addr, KASAN_GRANULE_SIZE); - shadow_ptr = kasan_mem_to_shadow((void *)aligned_addr); - shadow_bottom = kasan_mem_to_shadow(end_of_stack(current)); - - while (shadow_ptr >= shadow_bottom && *shadow_ptr != KASAN_STACK_LEFT) { - shadow_ptr--; - mem_ptr -= KASAN_GRANULE_SIZE; - } - - while (shadow_ptr >= shadow_bottom && *shadow_ptr == KASAN_STACK_LEFT) { - shadow_ptr--; - mem_ptr -= KASAN_GRANULE_SIZE; - } - - if (shadow_ptr < shadow_bottom) - return false; - - frame = (const unsigned long *)(mem_ptr + KASAN_GRANULE_SIZE); - if (frame[0] != KASAN_CURRENT_STACK_FRAME_MAGIC) { - pr_err("KASAN internal error: frame info validation failed; invalid marker: %lu\n", - frame[0]); - return false; - } - - *offset = (unsigned long)addr - (unsigned long)frame; - *frame_descr = (const char *)frame[1]; - *frame_pc = (void *)frame[2]; - - return true; -} - -static void print_address_stack_frame(const void *addr) -{ - unsigned long offset; - const char *frame_descr; - const void *frame_pc; - - if (IS_ENABLED(CONFIG_KASAN_SW_TAGS)) - return; - - if (!get_address_stack_frame_info(addr, &offset, &frame_descr, - &frame_pc)) - return; - - /* - * get_address_stack_frame_info only returns true if the given addr is - * on the current task's stack. - */ - pr_err("\n"); - pr_err("addr %px is located in stack of task %s/%d at offset %lu in frame:\n", - addr, current->comm, task_pid_nr(current), offset); - pr_err(" %pS\n", frame_pc); - - if (!frame_descr) - return; - - print_decoded_frame_descr(frame_descr); -} - static void print_address_description(void *addr, u8 tag) { struct page *page = kasan_addr_to_page(addr); diff --git a/mm/kasan/report_generic.c b/mm/kasan/report_generic.c index 7d5b9e5c7cfe..b543a1ed6078 100644 --- a/mm/kasan/report_generic.c +++ b/mm/kasan/report_generic.c @@ -16,6 +16,7 @@ #include #include #include +#include #include #include #include @@ -122,6 +123,167 @@ const char *get_bug_type(struct kasan_access_info *info) return get_wild_bug_type(info); } +#if CONFIG_KASAN_STACK +static bool __must_check tokenize_frame_descr(const char **frame_descr, + char *token, size_t max_tok_len, + unsigned long *value) +{ + const char *sep = strchr(*frame_descr, ' '); + + if (sep == NULL) + sep = *frame_descr + strlen(*frame_descr); + + if (token != NULL) { + const size_t tok_len = sep - *frame_descr; + + if (tok_len + 1 > max_tok_len) { + pr_err("KASAN internal error: frame description too long: %s\n", + *frame_descr); + return false; + } + + /* Copy token (+ 1 byte for '\0'). */ + strlcpy(token, *frame_descr, tok_len + 1); + } + + /* Advance frame_descr past separator. */ + *frame_descr = sep + 1; + + if (value != NULL && kstrtoul(token, 10, value)) { + pr_err("KASAN internal error: not a valid number: %s\n", token); + return false; + } + + return true; +} + +static void print_decoded_frame_descr(const char *frame_descr) +{ + /* + * We need to parse the following string: + * "n alloc_1 alloc_2 ... alloc_n" + * where alloc_i looks like + * "offset size len name" + * or "offset size len name:line". + */ + + char token[64]; + unsigned long num_objects; + + if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), + &num_objects)) + return; + + pr_err("\n"); + pr_err("this frame has %lu %s:\n", num_objects, + num_objects == 1 ? "object" : "objects"); + + while (num_objects--) { + unsigned long offset; + unsigned long size; + + /* access offset */ + if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), + &offset)) + return; + /* access size */ + if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), + &size)) + return; + /* name length (unused) */ + if (!tokenize_frame_descr(&frame_descr, NULL, 0, NULL)) + return; + /* object name */ + if (!tokenize_frame_descr(&frame_descr, token, sizeof(token), + NULL)) + return; + + /* Strip line number; without filename it's not very helpful. */ + strreplace(token, ':', '\0'); + + /* Finally, print object information. */ + pr_err(" [%lu, %lu) '%s'", offset, offset + size, token); + } +} + +static bool __must_check get_address_stack_frame_info(const void *addr, + unsigned long *offset, + const char **frame_descr, + const void **frame_pc) +{ + unsigned long aligned_addr; + unsigned long mem_ptr; + const u8 *shadow_bottom; + const u8 *shadow_ptr; + const unsigned long *frame; + + BUILD_BUG_ON(IS_ENABLED(CONFIG_STACK_GROWSUP)); + + /* + * NOTE: We currently only support printing frame information for + * accesses to the task's own stack. + */ + if (!object_is_on_stack(addr)) + return false; + + aligned_addr = round_down((unsigned long)addr, sizeof(long)); + mem_ptr = round_down(aligned_addr, KASAN_GRANULE_SIZE); + shadow_ptr = kasan_mem_to_shadow((void *)aligned_addr); + shadow_bottom = kasan_mem_to_shadow(end_of_stack(current)); + + while (shadow_ptr >= shadow_bottom && *shadow_ptr != KASAN_STACK_LEFT) { + shadow_ptr--; + mem_ptr -= KASAN_GRANULE_SIZE; + } + + while (shadow_ptr >= shadow_bottom && *shadow_ptr == KASAN_STACK_LEFT) { + shadow_ptr--; + mem_ptr -= KASAN_GRANULE_SIZE; + } + + if (shadow_ptr < shadow_bottom) + return false; + + frame = (const unsigned long *)(mem_ptr + KASAN_GRANULE_SIZE); + if (frame[0] != KASAN_CURRENT_STACK_FRAME_MAGIC) { + pr_err("KASAN internal error: frame info validation failed; invalid marker: %lu\n", + frame[0]); + return false; + } + + *offset = (unsigned long)addr - (unsigned long)frame; + *frame_descr = (const char *)frame[1]; + *frame_pc = (void *)frame[2]; + + return true; +} + +void print_address_stack_frame(const void *addr) +{ + unsigned long offset; + const char *frame_descr; + const void *frame_pc; + + if (!get_address_stack_frame_info(addr, &offset, &frame_descr, + &frame_pc)) + return; + + /* + * get_address_stack_frame_info only returns true if the given addr is + * on the current task's stack. + */ + pr_err("\n"); + pr_err("addr %px is located in stack of task %s/%d at offset %lu in frame:\n", + addr, current->comm, task_pid_nr(current), offset); + pr_err(" %pS\n", frame_pc); + + if (!frame_descr) + return; + + print_decoded_frame_descr(frame_descr); +} +#endif /* CONFIG_KASAN_STACK */ + #define DEFINE_ASAN_REPORT_LOAD(size) \ void __asan_report_load##size##_noabort(unsigned long addr) \ { \ -- 2.29.2.299.gdc1121823c-goog