Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp273659pxm; Wed, 2 Mar 2022 15:08:50 -0800 (PST) X-Google-Smtp-Source: ABdhPJzSIOTNHBkXRl4sqv7hgpuIGhU3XB5/ZM3zBuea/ycIsoeK2SzCbrYyePp/f38xbb3tNRfT X-Received: by 2002:a17:902:cf04:b0:14d:79fd:a2c9 with SMTP id i4-20020a170902cf0400b0014d79fda2c9mr33248689plg.104.1646262530020; Wed, 02 Mar 2022 15:08:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1646262530; cv=none; d=google.com; s=arc-20160816; b=dx2EKGEgf4g/46a3ATbv1ZvEjJJcrdRj/2MUJXGJQEQcgqPmcvGbHzJRp9D+yC1lam eHmz64NFtvHGUsJh1GyFiQhDt6CqQkZ3HZ3Al6s7+wVQmBv0fU/mx892DZ7N20U3muV9 eQyiukRPTWp/Bd16dqc5fP7WhRZNG3YdHgI9bDNHduSJFCJ4vmwfeEVFmLUvqyZ6Go3x K0QAkODv/noXx/BdIE26CfCkmuZwHQYTrcD5LiAgCU6SRBrNvY2R5VvWBlNi2cqliCjb NCKFlBVlNOj/2WSl/q6Swn9qsLI9cxcrqzObZ0X1AnDBbOfAiF5ce/KCfmqqXq57U2Dl /sbg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=87o7sANrY5Obyuk6ZGRgPFc8t4HBbQ7LJJT+IQadP5M=; b=vd3bYruwHpwysBHtsQjBdXSBhxXI0BPcHOm9s0uNB4clh765xkqMUnl3SfkkH0wO6f KLhpazc0dmAJBWiub65x3i9uIMaIJqpQmlj25+KWwBJOz8l1/uzlpN1bIySKAAkunhUz QOBTh/ONmyi68XVZ88CxleUnoTnC7MuMFpLkA+zfDDxDw0PRVczk1YfTIcqfT5/Ds0qP EIV9gUT4ANMhb604iJdmThVmRQY1r75vB9xC8j5TTri7b5VjzowCZpqponuduTSOUCRt vrSCqC0ojEGswdgalnLhAUO8gQdtg5cXBJdofxcaYLIdVoQiVYbMU/6Od0ZTJdJ1Nn// jpqw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=d1ASAWaC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id v14-20020a170902e8ce00b0014ed70b92ccsi353677plg.279.2022.03.02.15.08.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Mar 2022 15:08:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=d1ASAWaC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id B3EC25838F; Wed, 2 Mar 2022 14:49:41 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243492AbiCBQky (ORCPT + 99 others); Wed, 2 Mar 2022 11:40:54 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35650 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240114AbiCBQks (ORCPT ); Wed, 2 Mar 2022 11:40:48 -0500 Received: from out0.migadu.com (out0.migadu.com [IPv6:2001:41d0:2:267::]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DDAD9CEA33 for ; Wed, 2 Mar 2022 08:40:03 -0800 (PST) X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1646239202; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=87o7sANrY5Obyuk6ZGRgPFc8t4HBbQ7LJJT+IQadP5M=; b=d1ASAWaCPabwRxpdrH/NY/MM1LnLKYv4/mm2/x3zmCQ0TPJe6nYt74oEJOUX6GzlRxJ1tX TMMHjPq1X51ecK0RfQA/Qgnn3XG4U8oSuGMKorU5yQucdp5EYczhmMIfFyRl1BKwohpHYn vzDLH7gVTyuSLZIWDIsy97pABMKQdpg= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 19/22] kasan: respect KASAN_BIT_REPORTED in all reporting routines Date: Wed, 2 Mar 2022 17:36:39 +0100 Message-Id: <715e346b10b398e29ba1b425299dcd79e29d58ce.1646237226.git.andreyknvl@google.com> In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Migadu-Flow: FLOW_OUT X-Migadu-Auth-User: linux.dev X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Andrey Konovalov Currently, only kasan_report() checks the KASAN_BIT_REPORTED and KASAN_BIT_MULTI_SHOT flags. Make other reporting routines check these flags as well. Also add explanatory comments. Note that the current->kasan_depth check is split out into report_suppressed() and only called for kasan_report(). Signed-off-by: Andrey Konovalov --- mm/kasan/report.c | 35 ++++++++++++++++++++++++++++++++--- 1 file changed, 32 insertions(+), 3 deletions(-) diff --git a/mm/kasan/report.c b/mm/kasan/report.c index 08631d873204..ef649f5cee29 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -381,12 +381,26 @@ static void print_memory_metadata(const void *addr) } } -static bool report_enabled(void) +/* + * Used to suppress reports within kasan_disable/enable_current() critical + * sections, which are used for marking accesses to slab metadata. + */ +static bool report_suppressed(void) { #if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) if (current->kasan_depth) - return false; + return true; #endif + return false; +} + +/* + * Used to avoid reporting more than one KASAN bug unless kasan_multi_shot + * is enabled. Note that KASAN tests effectively enable kasan_multi_shot + * for their duration. + */ +static bool report_enabled(void) +{ if (test_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags)) return true; return !test_and_set_bit(KASAN_BIT_REPORTED, &kasan_flags); @@ -416,6 +430,14 @@ void kasan_report_invalid_free(void *ptr, unsigned long ip) unsigned long flags; struct kasan_report_info info; + /* + * Do not check report_suppressed(), as an invalid-free cannot be + * caused by accessing slab metadata and thus should not be + * suppressed by kasan_disable/enable_current() critical sections. + */ + if (unlikely(!report_enabled())) + return; + start_report(&flags, true); info.type = KASAN_REPORT_INVALID_FREE; @@ -444,7 +466,7 @@ bool kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long irq_flags; struct kasan_report_info info; - if (unlikely(!report_enabled())) { + if (unlikely(report_suppressed()) || unlikely(!report_enabled())) { ret = false; goto out; } @@ -473,6 +495,13 @@ void kasan_report_async(void) { unsigned long flags; + /* + * Do not check report_suppressed(), as kasan_disable/enable_current() + * critical sections do not affect Hardware Tag-Based KASAN. + */ + if (unlikely(!report_enabled())) + return; + start_report(&flags, false); pr_err("BUG: KASAN: invalid-access\n"); pr_err("Asynchronous fault: no details available\n"); -- 2.25.1