Received: by 2002:a05:6a10:6d10:0:0:0:0 with SMTP id gq16csp1231911pxb; Thu, 14 Apr 2022 01:04:44 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwY74F0v8q7ePN5p94/qfEnv9DtL7TYLuv8otiHVTPJl3RUt0h8i92dTYQ7GI4INLaIRT5I X-Received: by 2002:aa7:dcd3:0:b0:41d:70e4:bf4d with SMTP id w19-20020aa7dcd3000000b0041d70e4bf4dmr1645310edu.223.1649923484572; Thu, 14 Apr 2022 01:04:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649923484; cv=none; d=google.com; s=arc-20160816; b=HgvBqyDR6X7Xrx60tWFMWXqpXCdhdmwqfrExFDnvap5h600++Jbo4r5LBelBMjN8rY KMrGaVDuHnW5pZg/DwSCSTMQ67VR++2VTgCl0mX7h/Rv8SMksWs5n6anIo4pCIBSczcL ZaYhdprwCEAETssLwGiVs5MpW/XRr5jLor9k4GwYeExBlHqHHMZsfl3xg8QvtXyhb9nV b3FLaBwoANPn0rLR48bZrFt7bg5XRq+upx4qBiP3udeWKo88cWUAxeVis8iwrWMFgxEV EcAsyUVbuq7YAE3SIfwSSx0n+zItaSnqijtYCi91+Gap7kco54GXkCN7cOk3LfLR80nH wP4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=L2z4Q/1rfqvzlgKK/+Q8dR7Hr7nD3d/L3KDR+0LUxPU=; b=XWbttROSLJFzDc4OqSb1tnXMba+8QtphLWJVAeMYTLkG7ZhiwYW6k+kArMwSshR3t7 5ypBJOVJD2ZZmO1eGYa9lot5tmzri8yR62VuBuiMo+w00F2HvKNTn7iISDz2GBIzXJD7 kSrF8e/pLnXohcaQmxIF77sjWf7UXtstvLi8MXuL/oz2sncUAtXbkiZAN6e0NSSbHMC6 j7QGMYe892WdwOtQr3qs5aTnnIe9jIKBGwmH26pFUoOSb8Q8lChO9chfCHgXHuwUTOMs MzgHRFecmCXKz+jl7zQV6bm6f3eVjOi3DqDG1JzBcBZ48Rv8OvYCU7Ll0JFI5QefYQOZ gPGw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=ZvRioLZb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id gh22-20020a1709073c1600b006e6c486794bsi1398556ejc.485.2022.04.14.01.04.20; Thu, 14 Apr 2022 01:04:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=ZvRioLZb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230442AbiDMTap (ORCPT + 99 others); Wed, 13 Apr 2022 15:30:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36096 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238348AbiDMTal (ORCPT ); Wed, 13 Apr 2022 15:30:41 -0400 Received: from out2.migadu.com (out2.migadu.com [IPv6:2001:41d0:2:aacc::]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 508F672E24 for ; Wed, 13 Apr 2022 12:28:19 -0700 (PDT) X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1649878094; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=L2z4Q/1rfqvzlgKK/+Q8dR7Hr7nD3d/L3KDR+0LUxPU=; b=ZvRioLZbeDyL4poeadGgM2c8Po2yBKxCKpGbpWnDtBTp34qUgzhusba/LG+/a/YwJellq0 Z892c6X/MEaC7LAR5WuUDf/FvNuwCTgizZXrHwgPxfm7DJWldynpomv9Etgx46bEu/yTO4 TCy+al8B7eu/+lHMiLrkDnNJNV2av8o= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko , Mark Rutland Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Catalin Marinas , Will Deacon , Vincenzo Frascino , Sami Tolvanen , linux-arm-kernel@lists.infradead.org, Peter Collingbourne , Evgenii Stepanov , Florian Mayer , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH v3 0/3] kasan, arm64, scs: collect stack traces from Shadow Call Stack Date: Wed, 13 Apr 2022 21:26:43 +0200 Message-Id: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Migadu-Flow: FLOW_OUT X-Migadu-Auth-User: linux.dev X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Andrey Konovalov Currently, when saving alloc and free stack traces, KASAN uses the normal stack trace collection routines, which rely on the unwinder. Instead of invoking the unwinder, collect the stack trace by copying frames from the Shadow Call Stack. This reduces boot time by ~30% for all KASAN modes when Shadow Call Stack is enabled. See below for the details of how the measurements were performed. Stack staces are collected from the Shadow Call Stack via a new stack_trace_save_shadow() interface. Note that the implementation is best-effort and only works in certain contexts. See patch #3 for details. --- Changes ======= v2->v3: - Limit hardirq and drop SDEI support for performance and simplicity. - Move stack_trace_save_shadow() implementation back to mm/kasan: it's not mature enough to be used as a system-wide stack trace collection replacement. - Clarify -ENOSYS return value from stack_trace_save_shadow(). - Don't rename nr_entries to size in kasan_save_stack(). - Check return value of stack_trace_save_shadow() instead of checking CONFIG_HAVE_SHADOW_STACKTRACE in kasan_save_stack(). v1->v2: - Provide a kernel-wide stack_trace_save_shadow() interface for collecting stack traces from shadow stack. - Use ptrauth_strip_insn_pac() and READ_ONCE_NOCHECK, see the comments. - Get SCS pointer from x18, as per-task value is meant to save the SCS value on CPU switches. - Collect stack frames from SDEI and IRQ contexts. Perf ==== To measure performance impact, I used QEMU in full system emulation mode on an x86-64 host. As proposed by Mark, I passed no filesystem to QEMU and booted with panic=-1: qemu-system-aarch64 \ -machine virt,mte=on -cpu max \ -m 2G -smp 1 -nographic \ -kernel ./xbins/Image \ -append "console=ttyAMA0 earlyprintk=serial panic=-1" \ -no-shutdown -no-reboot Just in case, the QEMU version is: $ qemu-system-aarch64 --version QEMU emulator version 6.2.94 (v5.2.0-rc3-12124-g81c7ed41a1) Copyright (c) 2003-2022 Fabrice Bellard and the QEMU Project developers Then, I recorded the timestamp of when the "Kernel panic" line was printed to the kernel log. The measurements were done on 5 kernel flavors: master (mainline commit a19944809fe99): master-no-stack-traces (stack trace collection commented out) master-no-stack-depot (saving to stack depot commented out) up-scs-stacks-v3 (collecting stack traces from SCS) up-scs-stacks-v3-noscs (up-scs-stacks-v3 with __noscs marking) (The last flavor is included just for the record: it produces an unexpected slowdown. The likely reason is that helper functions stop getting inlined.) All the branches can be found here: https://github.com/xairy/linux/branches/all The measurements were performed for Generic and HW_TAGS KASAN modes. The .configs are here (essentially, defconfig + SCS + KASAN): Generic KASAN: https://gist.github.com/xairy/d527ad31c0b54898512c92898d62beed HW_TAGS KASAN: https://gist.github.com/xairy/390e4ef0140de3f4f9a49efe20708d21 The results: Generic KASAN ------------- master-no-stack-traces: 8.03 master: 11.55 (+43.8%) master-no-stack-depot: 11.53 (+43.5%) up-scs-stacks-v3: 8.31 (+3.4%) up-scs-stacks-v3-noscs: 9.11 (+13.4%) HW_TAGS KASAN ------------- master-no-stack-traces: 3.31 master: 5.01 (+51%) master-no-stack-depot: 4.85 (+47%) up-scs-stacks-v3: 3.49 (+5.4%) up-scs-stacks-v3-noscs: 4.27 (+29%) The deviation for all numbers above is ~0.05. As can be seen, the up-scs-stacks-v3 flavor results in a significantly faster boot compared to master. Andrey Konovalov (3): arm64, scs: expose irq_shadow_call_stack_ptr kasan, arm64: implement stack_trace_save_shadow kasan: use stack_trace_save_shadow arch/arm64/include/asm/scs.h | 10 +++++- arch/arm64/kernel/irq.c | 4 +-- arch/arm64/kernel/sdei.c | 3 -- mm/kasan/common.c | 66 +++++++++++++++++++++++++++++++++++- 4 files changed, 75 insertions(+), 8 deletions(-) -- 2.25.1