Received: by 2002:a05:6a10:2785:0:0:0:0 with SMTP id ia5csp527756pxb; Thu, 14 Jan 2021 11:40:18 -0800 (PST) X-Google-Smtp-Source: ABdhPJwaXEyeehNUIimXmAHLFK5bxii0svN/TY2HIRpOXNBO999yjH5wtgX+iz7nG1CgWN9U2sAB X-Received: by 2002:a05:6402:1c8b:: with SMTP id cy11mr7197368edb.256.1610653218016; Thu, 14 Jan 2021 11:40:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1610653218; cv=none; d=google.com; s=arc-20160816; b=UviroCSpddJwxZ55TKXa4UwRG25/rO6HuytrNtZ3QI3u0K2/HzoI2MkegiXWsgYGw9 l24epGUwf4o1UtaJFN8EO/2X2lY51Sy+Sn/FgNSclXdh4FSIA3vkR9JjMb/ZwAbjjR7i 5R03gO5TnO7DD1qpGoqoy8PkQ4zfSjO9eSp8kmcIYATFtmIpHZQyEVIsr2Xtzepf0myw V8IdzPruyPMoYLGp0MdAfg/1Gv7sn8EEvl+avaSzICT3E/1ll4YSvecU3/hjLmqxR5wb k4sSWKDkrQmt5fNE8TSF9rA6LF1uu6yju68636w4bTAOKsbrcGB38JERO8PT6sDL2TlD ph0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:sender:dkim-signature; bh=dlHBXzPVuIEZihoAP6Eo/10Jyzfh4Jei55DxNnJp35U=; b=k7H7CHOnWXaXiDg/I9X1bWLKfgGagwjpd16GKPU7kllxkob08ddJ7zJhY3uzmRMyAm 4ABzv91pD83R56h7m0l9fp2+6Lr0rOJv1aDXSgcpzIKRsfdqhonjhGMhz3Q05S41isvV FWFzclIM8EfTirSpwVSCedvf8Lcb5bkaEqRW6IqwkUShhWEMrnZfGaAwDwGF7sGMRRMx GuGnYHL52T+ARMdfpgthyx22JrhdAkRnIRo7jeL7aWKcmwpmmqp/43Bvyqiux6S2C9FD Gf/qU0J6+fWnP60mO8A+n/wVpNcrIzqO0xij/yxe8Uwjsno6brtMtKtTCmzAR58nrmW2 YDcw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=YPOqpwdC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i11si2950198edu.256.2021.01.14.11.39.54; Thu, 14 Jan 2021 11:40:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=YPOqpwdC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730112AbhANThe (ORCPT + 99 others); Thu, 14 Jan 2021 14:37:34 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46904 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730045AbhANTha (ORCPT ); Thu, 14 Jan 2021 14:37:30 -0500 Received: from mail-wr1-x449.google.com (mail-wr1-x449.google.com [IPv6:2a00:1450:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EC5E2C0613ED for ; Thu, 14 Jan 2021 11:36:49 -0800 (PST) Received: by mail-wr1-x449.google.com with SMTP id w8so3048031wrv.18 for ; Thu, 14 Jan 2021 11:36:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:date:in-reply-to:message-id:mime-version:references:subject :from:to:cc; bh=dlHBXzPVuIEZihoAP6Eo/10Jyzfh4Jei55DxNnJp35U=; b=YPOqpwdCZMSDKL2q6sNm7ZwjCAWfWPbYvGsbuKefs4SVXtmTZC3ysuzAGYygtCATtf 8rvbdhCBMFgQX3oFKC/hlHakR7GzQaNZJ5vUwgSw1NcRLR5fZOMOMh0fK3EahYYgojpZ sO+wwhvRbxS7T2bUYXT3ITA8+DpNZpmIZNzwoLvZGrVNCrvrDd4QIpuctRnHbqh84rOo 0uOT4gzl83PEqEw0Bd1LvPiKg/rlZU/YXAivyH+jOZ3z0r1xNHW5Dvtr03PKkWd1QM3j gjBpyaYA2pUxandnwH9D7LLdDKcJPMQKrWkKEaM3k9QwSVewECc96fhA+evi5dO2Q2U/ Lxzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=dlHBXzPVuIEZihoAP6Eo/10Jyzfh4Jei55DxNnJp35U=; b=O1qLTsNdXAqOIYIC3SCdVSG5W0QRPOY/smzCnE9uCmOR8Hx7r1hqpu908u1BSJbL5r pmcQMBEhbV7O4k4YlGK08Fm8DDlnu+3uN5BWC3q749CL09W/booj/os27CnEiBe/qVLI DhGKw01MjSyeEb4veju8Z3EKiqXBWohnNzbq+yA2AQHw0FxdbvXq9jqsLcUBo8cJBFNV sS1ix9yUGjZfWTNhbQRK3pRJZgPpXDyAOCSIasXGBp6bbv6kJeSkc8kyQrBBTQgR63LE 4UYxOdFDpr/Gz0ZmquUNn7DUIOKC6hmqQLmbDJBufsFOJI+jkAny269bVMnZS7kKYKXQ o+BA== X-Gm-Message-State: AOAM532OtnHHsVSx77M0venMO2vKCvSmwRFDGXdMlZskob6H84DTkc0X 5I+aT3Ch3nkBY9ZorQuEQG/bIhW08x9EoCT7 Sender: "andreyknvl via sendgmr" X-Received: from andreyknvl3.muc.corp.google.com ([2a00:79e0:15:13:7220:84ff:fe09:7e9d]) (user=andreyknvl job=sendgmr) by 2002:a1c:dc46:: with SMTP id t67mr4074942wmg.183.1610653008585; Thu, 14 Jan 2021 11:36:48 -0800 (PST) Date: Thu, 14 Jan 2021 20:36:22 +0100 In-Reply-To: Message-Id: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH v3 06/15] kasan, arm64: allow using KUnit tests with HW_TAGS mode From: Andrey Konovalov To: Andrew Morton , Catalin Marinas , Vincenzo Frascino , Dmitry Vyukov , Alexander Potapenko , Marco Elver Cc: Will Deacon , Andrey Ryabinin , Peter Collingbourne , Evgenii Stepanov , Branislav Rankov , Kevin Brodsky , kasan-dev@googlegroups.com, linux-arm-kernel@lists.infradead.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On a high level, this patch allows running KUnit KASAN tests with the hardware tag-based KASAN mode. Internally, this change reenables tag checking at the end of each KASAN test that triggers a tag fault and leads to tag checking being disabled. With this patch KASAN tests are still failing for the hardware tag-based mode; fixes come in the next few patches. Link: https://linux-review.googlesource.com/id/Id94dc9eccd33b23cda4950be408c27f879e474c8 Signed-off-by: Andrey Konovalov --- arch/arm64/include/asm/memory.h | 1 + arch/arm64/include/asm/mte-kasan.h | 12 +++++++++ arch/arm64/kernel/mte.c | 12 +++++++++ arch/arm64/mm/fault.c | 16 +++++++----- lib/Kconfig.kasan | 4 +-- lib/test_kasan.c | 42 +++++++++++++++++++++--------- mm/kasan/kasan.h | 9 +++++++ 7 files changed, 75 insertions(+), 21 deletions(-) diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h index 18fce223b67b..cedfc9e97bcc 100644 --- a/arch/arm64/include/asm/memory.h +++ b/arch/arm64/include/asm/memory.h @@ -232,6 +232,7 @@ static inline const void *__tag_set(const void *addr, u8 tag) #ifdef CONFIG_KASAN_HW_TAGS #define arch_enable_tagging() mte_enable_kernel() +#define arch_set_tagging_report_once(state) mte_set_report_once(state) #define arch_init_tags(max_tag) mte_init_tags(max_tag) #define arch_get_random_tag() mte_get_random_tag() #define arch_get_mem_tag(addr) mte_get_mem_tag(addr) diff --git a/arch/arm64/include/asm/mte-kasan.h b/arch/arm64/include/asm/mte-kasan.h index 26349a4b5e2e..3748d5bb88c0 100644 --- a/arch/arm64/include/asm/mte-kasan.h +++ b/arch/arm64/include/asm/mte-kasan.h @@ -32,6 +32,9 @@ void *mte_set_mem_tag_range(void *addr, size_t size, u8 tag); void mte_enable_kernel(void); void mte_init_tags(u64 max_tag); +void mte_set_report_once(bool state); +bool mte_report_once(void); + #else /* CONFIG_ARM64_MTE */ static inline u8 mte_get_ptr_tag(void *ptr) @@ -60,6 +63,15 @@ static inline void mte_init_tags(u64 max_tag) { } +static inline void mte_set_report_once(bool state) +{ +} + +static inline bool mte_report_once(void) +{ + return false; +} + #endif /* CONFIG_ARM64_MTE */ #endif /* __ASSEMBLY__ */ diff --git a/arch/arm64/kernel/mte.c b/arch/arm64/kernel/mte.c index dc9ada64feed..c63b3d7a3cd9 100644 --- a/arch/arm64/kernel/mte.c +++ b/arch/arm64/kernel/mte.c @@ -25,6 +25,8 @@ u64 gcr_kernel_excl __ro_after_init; +static bool report_fault_once = true; + static void mte_sync_page_tags(struct page *page, pte_t *ptep, bool check_swap) { pte_t old_pte = READ_ONCE(*ptep); @@ -158,6 +160,16 @@ void mte_enable_kernel(void) isb(); } +void mte_set_report_once(bool state) +{ + WRITE_ONCE(report_fault_once, state); +} + +bool mte_report_once(void) +{ + return READ_ONCE(report_fault_once); +} + static void update_sctlr_el1_tcf0(u64 tcf0) { /* ISB required for the kernel uaccess routines */ diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c index a218f6f2fdc8..f1b77dc79948 100644 --- a/arch/arm64/mm/fault.c +++ b/arch/arm64/mm/fault.c @@ -302,7 +302,14 @@ static void die_kernel_fault(const char *msg, unsigned long addr, static void report_tag_fault(unsigned long addr, unsigned int esr, struct pt_regs *regs) { - bool is_write = ((esr & ESR_ELx_WNR) >> ESR_ELx_WNR_SHIFT) != 0; + static bool reported; + bool is_write; + + if (READ_ONCE(reported)) + return; + + if (mte_report_once()) + WRITE_ONCE(reported, true); /* The format of KASAN tags is 0xF. */ addr |= (0xF0UL << MTE_TAG_SHIFT); @@ -310,6 +317,7 @@ static void report_tag_fault(unsigned long addr, unsigned int esr, * SAS bits aren't set for all faults reported in EL1, so we can't * find out access size. */ + is_write = ((esr & ESR_ELx_WNR) >> ESR_ELx_WNR_SHIFT) != 0; kasan_report(addr, 0, is_write, regs->pc); } #else @@ -321,12 +329,8 @@ static inline void report_tag_fault(unsigned long addr, unsigned int esr, static void do_tag_recovery(unsigned long addr, unsigned int esr, struct pt_regs *regs) { - static bool reported; - if (!READ_ONCE(reported)) { - report_tag_fault(addr, esr, regs); - WRITE_ONCE(reported, true); - } + report_tag_fault(addr, esr, regs); /* * Disable MTE Tag Checking on the local CPU for the current EL. diff --git a/lib/Kconfig.kasan b/lib/Kconfig.kasan index f5fa4ba126bf..3091432acb0a 100644 --- a/lib/Kconfig.kasan +++ b/lib/Kconfig.kasan @@ -190,11 +190,11 @@ config KASAN_KUNIT_TEST kernel debugging features like KASAN. For more information on KUnit and unit tests in general, please refer - to the KUnit documentation in Documentation/dev-tools/kunit + to the KUnit documentation in Documentation/dev-tools/kunit. config TEST_KASAN_MODULE tristate "KUnit-incompatible tests of KASAN bug detection capabilities" - depends on m && KASAN + depends on m && KASAN && !KASAN_HW_TAGS help This is a part of the KASAN test suite that is incompatible with KUnit. Currently includes tests that do bad copy_from/to_user diff --git a/lib/test_kasan.c b/lib/test_kasan.c index c344fe506ffc..ef663bcf83e5 100644 --- a/lib/test_kasan.c +++ b/lib/test_kasan.c @@ -41,16 +41,20 @@ static bool multishot; /* * Temporarily enable multi-shot mode. Otherwise, KASAN would only report the - * first detected bug and panic the kernel if panic_on_warn is enabled. + * first detected bug and panic the kernel if panic_on_warn is enabled. For + * hardware tag-based KASAN also allow tag checking to be reenabled for each + * test, see the comment for KUNIT_EXPECT_KASAN_FAIL(). */ static int kasan_test_init(struct kunit *test) { multishot = kasan_save_enable_multi_shot(); + hw_set_tagging_report_once(false); return 0; } static void kasan_test_exit(struct kunit *test) { + hw_set_tagging_report_once(true); kasan_restore_multi_shot(multishot); } @@ -59,19 +63,31 @@ static void kasan_test_exit(struct kunit *test) * KASAN report; causes a test failure otherwise. This relies on a KUnit * resource named "kasan_data". Do not use this name for KUnit resources * outside of KASAN tests. + * + * For hardware tag-based KASAN, when a tag fault happens, tag checking is + * normally auto-disabled. When this happens, this test handler reenables + * tag checking. As tag checking can be only disabled or enabled per CPU, this + * handler disables migration (preemption). */ -#define KUNIT_EXPECT_KASAN_FAIL(test, expression) do { \ - fail_data.report_expected = true; \ - fail_data.report_found = false; \ - kunit_add_named_resource(test, \ - NULL, \ - NULL, \ - &resource, \ - "kasan_data", &fail_data); \ - expression; \ - KUNIT_EXPECT_EQ(test, \ - fail_data.report_expected, \ - fail_data.report_found); \ +#define KUNIT_EXPECT_KASAN_FAIL(test, expression) do { \ + if (IS_ENABLED(CONFIG_KASAN_HW_TAGS)) \ + migrate_disable(); \ + fail_data.report_expected = true; \ + fail_data.report_found = false; \ + kunit_add_named_resource(test, \ + NULL, \ + NULL, \ + &resource, \ + "kasan_data", &fail_data); \ + expression; \ + KUNIT_EXPECT_EQ(test, \ + fail_data.report_expected, \ + fail_data.report_found); \ + if (IS_ENABLED(CONFIG_KASAN_HW_TAGS)) { \ + if (fail_data.report_found) \ + hw_enable_tagging(); \ + migrate_enable(); \ + } \ } while (0) #define KASAN_TEST_NEEDS_CONFIG_ON(test, config) do { \ diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index c3fb9bf241d3..292dfbc37deb 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -280,6 +280,9 @@ static inline const void *arch_kasan_set_tag(const void *addr, u8 tag) #ifndef arch_init_tags #define arch_init_tags(max_tag) #endif +#ifndef arch_set_tagging_report_once +#define arch_set_tagging_report_once(state) +#endif #ifndef arch_get_random_tag #define arch_get_random_tag() (0xFF) #endif @@ -292,10 +295,16 @@ static inline const void *arch_kasan_set_tag(const void *addr, u8 tag) #define hw_enable_tagging() arch_enable_tagging() #define hw_init_tags(max_tag) arch_init_tags(max_tag) +#define hw_set_tagging_report_once(state) arch_set_tagging_report_once(state) #define hw_get_random_tag() arch_get_random_tag() #define hw_get_mem_tag(addr) arch_get_mem_tag(addr) #define hw_set_mem_tag_range(addr, size, tag) arch_set_mem_tag_range((addr), (size), (tag)) +#else /* CONFIG_KASAN_HW_TAGS */ + +#define hw_enable_tagging() +#define hw_set_tagging_report_once(state) + #endif /* CONFIG_KASAN_HW_TAGS */ #ifdef CONFIG_KASAN_SW_TAGS -- 2.30.0.284.gd98b1dd5eaa7-goog