Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp4661603iob;
        Sun, 8 May 2022 21:02:13 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJx878BQuthMRNbLmrOKZmfLlKs55jGLOUk9lrbEEQmtsCuyZv5GKkW5J+pwIKFmW9Uq733X
X-Received: by 2002:a17:90b:601:b0:1d9:5a0f:2017 with SMTP id gb1-20020a17090b060100b001d95a0f2017mr24633229pjb.162.1652068933220;
        Sun, 08 May 2022 21:02:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1652068933; cv=none;
        d=google.com; s=arc-20160816;
        b=N0Fuc5PN90LN9Fd+ChSg2mjFegt/xp6S13P+DZOG6DAYMkfEzxBJQxQ++Zq7B080IX
         2b0I7Hk/rH1iMN0OniLxIHeBdHlsJ7h6gYmKXsub83kVwBIUKiWzVkTIuwLIsMnFw09g
         6WQWCFJ8MusyGI8ImXu8kGs+gew5RbujU8QaFlgmXKKQRMprrpGA7yCHlxuiMjwaJSFH
         JeOrS4mfQJjVwbFWlRHU8m/UtOljXF+4N0Xq7wZBUh/epIYSTS/9QD/pRf76GWnBIZnr
         6Gny7Ov5umfbwdvfLXksIoiFMJaXXqFx+kg9oV9ArgBq8WJjZHLKxgi/qYkEPibA7Jm/
         hfPQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=YKfnJFHuOviCdMg0UB5UffT9B/WVcObEOxiRN5y2Kug=;
        b=DOJkoVSP/ryTwde8io6QhxLQTJ6Er/QH38ATJWLcV5BAVitxNl/oZuJIbNAsCtQOZn
         oW3Itgi8pixLK5eTRO9nM+WmI9BTUJAM6iEzOO8XcwLjhakPI749p54htdto4rkR1vRP
         B+alx7qWc0euxiibcscQOnbq9tvWnWyesGP+vKUW9k4EV/MYwDLadV5yRzS6gqujg98Z
         HqIdUpgb5Oz7cVHH7Y1Lje0CLQPWC8k2Gvo3TO0Mc8aEzOhu1KjHCvD9QtLI38VGs3n8
         CRi32BO7C3dvWjE0o9YaSSl77wlcxsMqKkKkVn2nDt0TCiDYx1sxRkU0RN6tn06ozHhD
         7hgQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=emmUN3k1;
       spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19])
        by mx.google.com with ESMTPS id g188-20020a636bc5000000b0039cef73106esi11150886pgc.511.2022.05.08.21.02.12
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 08 May 2022 21:02:13 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=emmUN3k1;
       spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by lindbergh.monkeyblade.net (Postfix) with ESMTP id 42031A18F;
	Sun,  8 May 2022 21:00:37 -0700 (PDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1444240AbiEFRp7 (ORCPT <rfc822;anthony.2lannoy@gmail.com>
        + 99 others); Fri, 6 May 2022 13:45:59 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39470 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1444236AbiEFRp6 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 6 May 2022 13:45:58 -0400
Received: from mail-yb1-xb32.google.com (mail-yb1-xb32.google.com [IPv6:2607:f8b0:4864:20::b32])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AEBA353717
        for <linux-kernel@vger.kernel.org>; Fri,  6 May 2022 10:42:14 -0700 (PDT)
Received: by mail-yb1-xb32.google.com with SMTP id s30so14099575ybi.8
        for <linux-kernel@vger.kernel.org>; Fri, 06 May 2022 10:42:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=YKfnJFHuOviCdMg0UB5UffT9B/WVcObEOxiRN5y2Kug=;
        b=emmUN3k1bPN4J6n6aBe2FemprgUT+FF6VAYxV6ekMwnHvd4yMg9T5KGYmUYmFa9oAe
         l8wgj8tdCP2FJPIShfAg2Fk/rOBVcSKoqvKeqjnUKen1LIajvaEdZt/TPfqzH6t/XrSo
         syM1kjCv3gSDfacEuEc3EgG0lwGjeC2hWNg5U2El7kqEz+o0tsjk8MjpqNijR6o+XqPs
         q3onvlApQgHZ5xOXxhHzjSgk18UOnvT+GgtT76x6XFC/llE4jgVQddy0F0CFkFJAkHTB
         0S9hvZkV7X0lPAIZLLytf/7qjnZXN3mz9RqswI5f966807Geg/q/71UbscP2MlkhGUSo
         7bxw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=YKfnJFHuOviCdMg0UB5UffT9B/WVcObEOxiRN5y2Kug=;
        b=GMnNev09V0zakOmDaz8vN6vtmn2Gj3z8u8XJ4MhttvAi2UQHXRj6ZCk88vbc1F/JJI
         AYy7HnFs39wTvjI5qf6DWacY3oBWFMJU6uJXR5iZ2qr1kxwkRIJ1339GpCw+4CCWikhT
         +RgK+6Z9vJP02ZOG536Ux5TIuDd/bwjLIkyWRJgvqhv/YX2WtQs5m1d+433I+4nnMEpw
         J4KDUd7bOzdu7wOXoyiLHAEBQAYOut1u0C4h/OFHEEP0eUoXajKyuWTHGzsWbBq68x4J
         ExBmDcKf+AqiFocWxT2aFha4OrI07e4LsKnyJ6BkF5qwam14ca1/ofq6iVDIZ6/zDFQ6
         zGEQ==
X-Gm-Message-State: AOAM532VAhmTrjg4ueCGKjkctKauTkvWNgt3dftCV95eAS0EOelw4yhb
        Rq+76G/av/yG+ox/zz7NnwdqmQNa2slpypzkGOlEJw==
X-Received: by 2002:a25:bb0f:0:b0:61d:60f9:aaf9 with SMTP id
 z15-20020a25bb0f000000b0061d60f9aaf9mr3038082ybg.199.1651858933696; Fri, 06
 May 2022 10:42:13 -0700 (PDT)
MIME-Version: 1.0
References: <20220426164315.625149-1-glider@google.com> <20220426164315.625149-29-glider@google.com>
 <87a6c6y7mg.ffs@tglx> <CAG_fn=U7PPBmmkgxFcWFQUCqZitzMizr1e69D9f26sGGzeitLQ@mail.gmail.com>
 <87y1zjlhmj.ffs@tglx> <CAG_fn=XxAhBEBP2KJvahinbaxLAd1xvqTfRJdAu1Tk5r8=01jw@mail.gmail.com>
 <878rrfiqyr.ffs@tglx> <CAG_fn=XVchXCcOhFt+rP=vinRhkyrXJSP46cyvcZeHJWaDquGg@mail.gmail.com>
 <87k0ayhc43.ffs@tglx>
In-Reply-To: <87k0ayhc43.ffs@tglx>
From:   Alexander Potapenko <glider@google.com>
Date:   Fri, 6 May 2022 19:41:37 +0200
Message-ID: <CAG_fn=UpcXMqJiZvho6_G3rjvjQA-3Ax6X8ONVO0D+4Pttc9dA@mail.gmail.com>
Subject: Re: [PATCH v3 28/46] kmsan: entry: handle register passing from
 uninstrumented code
To:     Thomas Gleixner <tglx@linutronix.de>
Cc:     Alexander Viro <viro@zeniv.linux.org.uk>,
        Andrew Morton <akpm@linux-foundation.org>,
        Andrey Konovalov <andreyknvl@google.com>,
        Andy Lutomirski <luto@kernel.org>,
        Arnd Bergmann <arnd@arndb.de>, Borislav Petkov <bp@alien8.de>,
        Christoph Hellwig <hch@lst.de>,
        Christoph Lameter <cl@linux.com>,
        David Rientjes <rientjes@google.com>,
        Dmitry Vyukov <dvyukov@google.com>,
        Eric Dumazet <edumazet@google.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        Ilya Leoshkevich <iii@linux.ibm.com>,
        Ingo Molnar <mingo@redhat.com>, Jens Axboe <axboe@kernel.dk>,
        Joonsoo Kim <iamjoonsoo.kim@lge.com>,
        Kees Cook <keescook@chromium.org>,
        Marco Elver <elver@google.com>,
        Mark Rutland <mark.rutland@arm.com>,
        Matthew Wilcox <willy@infradead.org>,
        "Michael S. Tsirkin" <mst@redhat.com>,
        Pekka Enberg <penberg@kernel.org>,
        Peter Zijlstra <peterz@infradead.org>,
        Petr Mladek <pmladek@suse.com>,
        Steven Rostedt <rostedt@goodmis.org>,
        Vasily Gorbik <gor@linux.ibm.com>,
        Vegard Nossum <vegard.nossum@oracle.com>,
        Vlastimil Babka <vbabka@suse.cz>,
        kasan-dev <kasan-dev@googlegroups.com>,
        Linux Memory Management List <linux-mm@kvack.org>,
        Linux-Arch <linux-arch@vger.kernel.org>,
        LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-9.5 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE,
	USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, May 6, 2022 at 6:14 PM Thomas Gleixner <tglx@linutronix.de> wrote:
>
> On Fri, May 06 2022 at 16:52, Alexander Potapenko wrote:
> > On Thu, May 5, 2022 at 11:56 PM Thomas Gleixner <tglx@linutronix.de> wrote:
> >> @@ -452,6 +455,7 @@ irqentry_state_t noinstr irqentry_nmi_en
> >>         rcu_nmi_enter();
> >>
> >>         instrumentation_begin();
> >> +       unpoison(regs);
> >>         trace_hardirqs_off_finish();
> >>         ftrace_nmi_enter();
> >>         instrumentation_end();
> >>
> >> As I said: 4 places :)
> >
> > These four instances still do not look sufficient.
> > Right now I am seeing e.g. reports with the following stack trace:
> >
> > BUG: KMSAN: uninit-value in irqtime_account_process_tick+0x255/0x580
> > kernel/sched/cputime.c:382
> >  irqtime_account_process_tick+0x255/0x580 kernel/sched/cputime.c:382
> >  account_process_tick+0x98/0x450 kernel/sched/cputime.c:476
> >  update_process_times+0xe4/0x3e0 kernel/time/timer.c:1786
> >  tick_sched_handle kernel/time/tick-sched.c:243
> >  tick_sched_timer+0x83e/0x9e0 kernel/time/tick-sched.c:1473
> >  __run_hrtimer+0x518/0xe50 kernel/time/hrtimer.c:1685
> >  __hrtimer_run_queues kernel/time/hrtimer.c:1749
> >  hrtimer_interrupt+0x838/0x15a0 kernel/time/hrtimer.c:1811
> >  local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1086
> >  __sysvec_apic_timer_interrupt+0x1ae/0x680 arch/x86/kernel/apic/apic.c:1103
> >  sysvec_apic_timer_interrupt+0x95/0xc0 arch/x86/kernel/apic/apic.c:1097
> > ...
> > (uninit creation stack trace is irrelevant here, because it is some
> > random value from the stack)
> >
> > sysvec_apic_timer_interrupt() receives struct pt_regs from
> > uninstrumented code, so regs can be partially uninitialized.
> > They are not passed down the call stack directly, but are instead
> > saved by set_irq_regs() in sysvec_apic_timer_interrupt() and loaded by
> > get_irq_regs() in tick_sched_timer().
>
> sysvec_apic_timer_interrupt() invokes irqentry_enter() _before_
> set_irq_regs() and irqentry_enter() unpoisons @reg.
>
> Confused...

As far as I can tell in this case sysvect_apic_timer_interrupt() is
called by the following code in arch/x86/kernel/idt.c:

  INTG(LOCAL_TIMER_VECTOR,                asm_sysvec_apic_timer_interrupt),

, which does not use IDTENTRY_SYSVEC framework and thus does not call
irqentry_enter().

I guess handling those will require wrapping every interrupt gate into
a function that performs register unpoisoning?

By the way, if it helps, I think we don't necessarily have to call
kmsan_unpoison_memory() from within the
instrumentation_begin()/instrumentation_end() region?
We could move the call to the beginning of irqentry_enter(), removing
unnecessary duplication.