Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp1096470pxb; Tue, 26 Oct 2021 02:44:49 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxK/7KEOHDzAw2jrm4Kn8U9pHFEOR9ckRMmXLr8NVLj/yo7IiqwW8eL6QrWQyHuyblGmP0C X-Received: by 2002:a05:6a00:a8b:b0:44d:ef7c:94b9 with SMTP id b11-20020a056a000a8b00b0044def7c94b9mr25015042pfl.36.1635241488890; Tue, 26 Oct 2021 02:44:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1635241488; cv=none; d=google.com; s=arc-20160816; b=QcUEjtqWO6LVaMCo3rJzyjAIcfTRvV9mI/U5oIGoF67pNXxkXU/cVnICCXfzagV6Cp +5azamr9PW9oTZ9Qae9KeOAWhxURW+iDO6VaDXUaw4HHiqsNxQz/scVvO2WK27cyjtF+ 4rnO3PacitQl/dGP0EeV7TPhd1NpFApgmSaNRNH4ylsEMEADuJXzLnq6kxBECNzJe3g7 zIKTKsck+xZju1pPp7EIzl2fNald+t8EynbWSkQRpZxpcSZhuvIF12duLKcLVhtowdEG kC4kv/cKh00KLV6qzfKGLmfp6CqAQvHGvI0LlMhPafcsRGLn4CgQqQtrYowWDzkax/gY 5Jbg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=QUu57E+IbafflI6/qVuHyQy7kRwajg1mknD459Ucq7I=; b=FqibQhFz0o2EzfPOjIjQmOGRg3efEZ9YKOPkSyxgejEfjEMTODddSacfb7zAhiTVeF j0pkxe9WovBeFeNvnWyeWdK4Xw9cDLWVIM4isSmbsWnrh4H4tkZ77A9q9VLYR/VWtqM6 kNB5AUri27O6jllTkCqqpdl6WJfK8SUz/mwQ86+eB6+9DiMCuef7Ws3sZoJ3lRj/IBzK D+OxLLuTLKVv7+M6JBOQ1MHUsU1k2SXW4zuu1T7gwTbNi7TIJWj8N+0w+kCdejCDWTHL zWTpk2negJ6pQokiVwNMzlxLO/yuC6fvI2ApibtADlp3MjNhg7C1z0n7VOJkM3waMibw Wvng== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=T8WI27PG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id t13si18512448pgu.550.2021.10.26.02.44.12; Tue, 26 Oct 2021 02:44:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=T8WI27PG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234738AbhJZEv1 (ORCPT + 99 others); Tue, 26 Oct 2021 00:51:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36970 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231801AbhJZEvS (ORCPT ); Tue, 26 Oct 2021 00:51:18 -0400 Received: from mail-oi1-x235.google.com (mail-oi1-x235.google.com [IPv6:2607:f8b0:4864:20::235]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1C339C061745 for ; Mon, 25 Oct 2021 21:48:55 -0700 (PDT) Received: by mail-oi1-x235.google.com with SMTP id bk18so18716259oib.8 for ; Mon, 25 Oct 2021 21:48:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=QUu57E+IbafflI6/qVuHyQy7kRwajg1mknD459Ucq7I=; b=T8WI27PGDwenRdxbOfKA3S8HDZp6sbhIYxqeZCLhTLN8rjreR9bE81IbHgyxIXWZDN tfiz3zX8hZ98FBrMRlHLhXGjJR7QyTqpTTo76DmaTboNPKkLZTftb9grrBzZGXJZJMZ2 qQNrLs7a2o0D/fB8RmiTp7WV7e3Z4d+z3ZTe8qQX+Ayl03TcVgJd61dlM8KcEG2ckILv w0rld49kC3zcx0mj4gy3KLH4VOr+rh2GWb5FL8aISjJOO/UHp42QlfzDo5ae4NAyouwq VJIdniD5FIqowWM+CY/FCMQajtRI81OoYsunNKlf6BfaDVngZcP25jYNmsjDer9/zmDM DZqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=QUu57E+IbafflI6/qVuHyQy7kRwajg1mknD459Ucq7I=; b=Sm93OHB+FsDOLPtv4+Vm/R8bH5RlXWOaskWYVfkb0mWPZPuMYYsuYbw02UD9VEIVXm wRi0HdwF4hNHKjZ1IdegJDHwbdd+FbQ3gtHj+bZqrJqJqpQbcIC7rtKzUAGjFeRE4edU +sABTriXZJ42C9eUwq6ukIeCpMbo7sAt9nHx+jgu/g7y5UN9jQ0OzDOCifO9KWrdQd2i 3LDJ11QlsX+NrmwSTOAvnDv88JO581uD4yanaHvH0yIOC8Q+7K8v7RuO/SSD1XbW2idQ NVG5sed7MRIiVcX7qALA2bb1q9Myed/qom/RvivGhch/AwS06c1Pzwg6g7HPpOhf+yM+ v1lQ== X-Gm-Message-State: AOAM531KLiutohaicjgqQQBVOrKCTsIyqFymj7TS8qBKgBUqzh1LJZ7E CbHKpwDiFikllTwT9mie+EwWxBys+mFWsvVufFjnfVKUtcmg2KMF X-Received: by 2002:a05:6808:ec9:: with SMTP id q9mr25537738oiv.160.1635223734188; Mon, 25 Oct 2021 21:48:54 -0700 (PDT) MIME-Version: 1.0 References: <990a894c-1806-5ab2-775e-a6f2355c2299@ghiti.fr> In-Reply-To: From: Dmitry Vyukov Date: Tue, 26 Oct 2021 06:48:42 +0200 Message-ID: Subject: Re: [PATCH] kasan: Always respect CONFIG_KASAN_STACK To: Alexandre Ghiti Cc: Alexandre ghiti , Nathan Chancellor , Palmer Dabbelt , elver@google.com, akpm@linux-foundation.org, ryabinin.a.a@gmail.com, glider@google.com, andreyknvl@gmail.com, ndesaulniers@google.com, Arnd Bergmann , kasan-dev@googlegroups.com, linux-kernel@vger.kernel.org, llvm@lists.linux.dev, linux-riscv@lists.infradead.org, Paul Walmsley , aou@eecs.berkeley.edu, linux-mm@kvack.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 26 Oct 2021 at 06:39, Alexandre Ghiti wrote: > > Hi, > > On Fri, Oct 15, 2021 at 3:08 PM Alexandre ghiti wrote: > > > > On 10/14/21 8:31 PM, Alex Ghiti wrote: > > > Hi Nathan, > > > > > > Le 14/10/2021 =C3=A0 18:55, Nathan Chancellor a =C3=A9crit : > > >> On Fri, Oct 08, 2021 at 11:46:55AM -0700, Palmer Dabbelt wrote: > > >>> On Thu, 23 Sep 2021 07:59:46 PDT (-0700), nathan@kernel.org wrote: > > >>>> On Thu, Sep 23, 2021 at 12:07:17PM +0200, Marco Elver wrote: > > >>>>> On Wed, 22 Sept 2021 at 22:55, Nathan Chancellor > > >>>>> wrote: > > >>>>>> Currently, the asan-stack parameter is only passed along if > > >>>>>> CFLAGS_KASAN_SHADOW is not empty, which requires > > >>>>>> KASAN_SHADOW_OFFSET to > > >>>>>> be defined in Kconfig so that the value can be checked. In RISC-= V's > > >>>>>> case, KASAN_SHADOW_OFFSET is not defined in Kconfig, which means > > >>>>>> that > > >>>>>> asan-stack does not get disabled with clang even when > > >>>>>> CONFIG_KASAN_STACK > > >>>>>> is disabled, resulting in large stack warnings with allmodconfig= : > > >>>>>> > > >>>>>> drivers/video/fbdev/omap2/omapfb/displays/panel-lgphilips-lb035q= 02.c:117:12: > > >>>>>> > > >>>>>> error: stack frame size (14400) exceeds limit (2048) in function > > >>>>>> 'lb035q02_connect' [-Werror,-Wframe-larger-than] > > >>>>>> static int lb035q02_connect(struct omap_dss_device *dssdev) > > >>>>>> ^ > > >>>>>> 1 error generated. > > >>>>>> > > >>>>>> Ensure that the value of CONFIG_KASAN_STACK is always passed > > >>>>>> along to > > >>>>>> the compiler so that these warnings do not happen when > > >>>>>> CONFIG_KASAN_STACK is disabled. > > >>>>>> > > >>>>>> Link: https://github.com/ClangBuiltLinux/linux/issues/1453 > > >>>>>> References: 6baec880d7a5 ("kasan: turn off asan-stack for clang-= 8 > > >>>>>> and earlier") > > >>>>>> Signed-off-by: Nathan Chancellor > > >>>>> > > >>>>> Reviewed-by: Marco Elver > > >>>> > > >>>> Thanks! > > >>>> > > >>>>> [ Which tree are you planning to take it through? ] > > >>>> > > >>>> Gah, I was intending for it to go through -mm, then I cc'd neither > > >>>> Andrew nor linux-mm... :/ Andrew, do you want me to resend or can = you > > >>>> grab it from LKML? > > >>> > > >>> Acked-by: Palmer Dabbelt > > >>> > > >>> (assuming you still want it through somewhere else) > > >> > > >> Thanks, it is now in mainline as commit 19532869feb9 ("kasan: always > > >> respect CONFIG_KASAN_STACK"). > > >> > > >>>>> Note, arch/riscv/include/asm/kasan.h mentions KASAN_SHADOW_OFFSET= in > > >>>>> comment (copied from arm64). Did RISC-V just forget to copy over = the > > >>>>> Kconfig option? > > >>>> > > >>>> I do see it defined in that file as well but you are right that > > >>>> they did > > >>>> not copy the Kconfig logic, even though it was present in the tree > > >>>> when > > >>>> RISC-V KASAN was implemented. Perhaps they should so that they get > > >>>> access to the other flags in the "else" branch? > > >>> > > >>> Ya, looks like we just screwed this up. I'm seeing some warnings l= ike > > >>> > > >>> cc1: warning: =E2=80=98-fsanitize=3Dkernel-address=E2=80=99 wit= h stack protection > > >>> is not supported without =E2=80=98-fasan-shadow-offset=3D=E2=80=99 = for this target > > >> > > >> Hmmm, I thought I did a GCC build with this change but I must not ha= ve > > >> :/ > > >> > > >>> which is how I ended up here, I'm assuming that's what you're > > >>> talking about > > >>> here? LMK if you were planning on sending along a fix or if you > > >>> want me to > > >>> go figure it out. > > >> > > >> I took a look at moving the logic into Kconfig like arm64 before sen= ding > > >> this change and I did not really understand it well enough to do so.= I > > >> think it would be best if you were able to do that so that nothing g= ets > > >> messed up. > > >> > > > > > > I'll do it tomorrow, I'm the last one who touched kasan on riscv :) > > > > > > > Adding KASAN_SHADOW_OFFSET config makes kasan kernel fails to boot. > > It receives a *write* fault at the beginning of a memblock_alloc > > function while populating the kernel shadow memory: the trap address is > > in the kasan shadow virtual address range and this corresponds to a > > kernel address in init_stack. The question is: how do I populate the > > stack shadow mapping without using memblock API? It's weird, I don't > > find anything on other architectures. > > @kasan: Any idea what we are doing wrong in riscv to encounter the > above situation? Hi Alex, Palmer, The patch changes the definition of the KASAN_SHADOW_OFFSET const. Does it's value change as a result or not? Have you tried to print it before/after? If value does not change, then this is more mysterious. If it changes, then there lots of possible explanations (points to unmapped region, overlaps with something), but we need to know values before/after to answer this. > Thanks, > > Alex > > > > > And just a short note: I have realized this will break with the sv48 > > patchset as we decide at runtime the address space width and the kasan > > shadow start address is different between sv39 and sv48. I will have to > > do like x86 and move the kasan shadow start at the end of the address > > space so that it is the same for both sv39 and sv48. > > > > Thanks, > > > > Alex > > > > > > > Thanks, > > > > > > Alex > > > > > >> Cheers, > > >> Nathan > > >> > > >> _______________________________________________ > > >> linux-riscv mailing list > > >> linux-riscv@lists.infradead.org > > >> http://lists.infradead.org/mailman/listinfo/linux-riscv > > >> > > > > > > _______________________________________________ > > > linux-riscv mailing list > > > linux-riscv@lists.infradead.org > > > http://lists.infradead.org/mailman/listinfo/linux-riscv > > > > _______________________________________________ > > linux-riscv mailing list > > linux-riscv@lists.infradead.org > > http://lists.infradead.org/mailman/listinfo/linux-riscv