Received: by 2002:a05:6602:18e:0:0:0:0 with SMTP id m14csp3664257ioo; Wed, 25 May 2022 05:44:21 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx8YSHmAAXfw8XsALSN+Jyqq8uNnCwnlkTeQYdbyEzDOQrf4WXWj/U4mgbCMORyD9RTAlNC X-Received: by 2002:a17:902:e804:b0:161:969c:ab59 with SMTP id u4-20020a170902e80400b00161969cab59mr33912123plg.142.1653482660762; Wed, 25 May 2022 05:44:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1653482660; cv=none; d=google.com; s=arc-20160816; b=QzwfM7Xe1oBk9Gwui1/mo+7QjWnweIIMYdNs69lfgNftKduJDaoXh0SjFUkX7/DPgE 43G5pCl51wBjmCobCQOIKlBnQLRfXsJcurVwKFjWK4a4xgguh1L2RP8PwC2s+t5RjVD7 5kncytT7Gmt360+ZAaaEmiVBFIEUcWDgjhtWTpoClqQ5eYbyJ5C23gZ2mEGnWQAfWQ7G Hfr8FT9NdCG5f29hqGUJe5wJg+LeVIBwq88CLfAZchL0hWVk+OJn/DIjSypAYKBi8UkP vYUiaE/R6xQGBWrwMLHpzswH7s9dmBUd5AzoXfHcjQO0Ae4G7NXn6rtAKftzk+Q1sHB5 U3iw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:user-agent :content-transfer-encoding:references:in-reply-to:date:cc:to:from :subject:message-id:dkim-signature; bh=kt2sayrFs9fm5f2jDsLTGATuG5rlPL0q0HMqvl93aaY=; b=BpxsyIY40vl47MDLMntT38Eim9Fcyp1sh/mNGsT8ze0WIHFUFy918daKbGx3m+TlYr pL0GC3h7SjGvuDrSTrJTvJxTIIu3p67hvBVzE0Z8T/XuZVrkpkB0IDxnIUUuFUQ27sCY xycrcXkw4OyicgR354j15nc/J9bu0+EdJM+rduCAQY6XvKk4ziVlfiJ1WwxsjT8k+ZZd nPWPnkPqO8MT18b7M1viVmE1ojrW+mx5onzej+ek1f6FVMN5tGIZdoLEifdjgf+OW/px tJ0PaG/I6n2CQ1Wv6egUqsS4DMcdwN8HeU84iX/H2iuSVIJONqHpx3zoquRLdnCKl4ax eI6A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sipsolutions.net header.s=mail header.b="KH/49QEz"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=sipsolutions.net Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id n31-20020a63591f000000b003fa722ae55dsi10186597pgb.873.2022.05.25.05.44.08; Wed, 25 May 2022 05:44:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@sipsolutions.net header.s=mail header.b="KH/49QEz"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=REJECT dis=NONE) header.from=sipsolutions.net Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234789AbiEXKpV (ORCPT + 99 others); Tue, 24 May 2022 06:45:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56402 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233952AbiEXKpT (ORCPT ); Tue, 24 May 2022 06:45:19 -0400 Received: from sipsolutions.net (s3.sipsolutions.net [IPv6:2a01:4f8:191:4433::2]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B60B55EDDB for ; Tue, 24 May 2022 03:45:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sipsolutions.net; s=mail; h=MIME-Version:Content-Transfer-Encoding: Content-Type:References:In-Reply-To:Date:Cc:To:From:Subject:Message-ID:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-To: Resent-Cc:Resent-Message-ID; bh=kt2sayrFs9fm5f2jDsLTGATuG5rlPL0q0HMqvl93aaY=; t=1653389117; x=1654598717; b=KH/49QEzCCtlTfrU4QoDTcBU2X7ScvOMp+0wIi+rxt37SaV faWqZhbdZsx31lVLZIvEEBosTS9ub+H8VI02LF54yRVlYumxYs5tFN+RylyRT8WfMDjdfxlkXB5nn Pakcxy2Ve7n39eo/I9YNBwgYMgSAMo4fw+xFXGCtrlcgnkfZd6dC7IPyc1JHVe1DwQLiC0soSAbvZ fNtOWO+UuFGjHnf/Szz+4obBsJB3u7H2UqVilu8rlI3ZGIXeWVfmSmfMO9gXvHr5iF4uZd7mNB8a0 p+pD3ka2cutRmkLCLUE42tDzKySGZ5URkSipgMdb1cJP/cACQJ9nVJCK74LAQ1WQ==; Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.95) (envelope-from ) id 1ntS2D-003HQk-AK; Tue, 24 May 2022 12:45:05 +0200 Message-ID: Subject: Re: [PATCH] UML: add support for KASAN under x86_64 From: Johannes Berg To: Vincent Whitchurch Cc: Patricia Alfonso , Jeff Dike , Richard Weinberger , anton.ivanov@cambridgegreys.com, Andrey Ryabinin , Dmitry Vyukov , Brendan Higgins , David Gow , kasan-dev , LKML , linux-um@lists.infradead.org Date: Tue, 24 May 2022 12:45:03 +0200 In-Reply-To: <20220524103423.GA13239@axis.com> References: <20200226004608.8128-1-trishalfonso@google.com> <4b8c1696f658b4c6c393956734d580593b55c4c0.camel@sipsolutions.net> <1fb57ec2a830deba664379f3e0f480e08e6dec2f.camel@sipsolutions.net> <20220524103423.GA13239@axis.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.44.1 (3.44.1-1.fc36) MIME-Version: 1.0 X-malware-bazaar: not-scanned X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_PASS,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Vincent, > Old thread, but I had a look at this the other day and I think I got it > working. Since the entire shadow area is mapped at init, we don't need > to do any mappings later. Nice!! I've always wanted to get back to this too. > It works both with and without KASAN_VMALLOC. KASAN_STACK works too > after I disabled sanitization of the stacktrace code. All kasan kunit > tests pass and the test_kasan.ko module works too. :-) > The CONFIG_UML checks need to > be replaced with something more appropriate (new config? __weak > functions?) and the free functions should probably be hooked up to > madvise(MADV_DONTNEED) so we discard unused pages in the shadow > mapping. I guess a new config would be most appropriate - that way code can be compiled out accordingly. But I don't know who maintains the KASAN code, I guess have to discuss with them. > Note that there's a KASAN stack-out-of-bounds splat on startup when just > booting UML. That looks like a real (17-year-old) bug, I've posted a > fix for that: >=20 > https://lore.kernel.org/lkml/20220523140403.2361040-1-vincent.whitchurch= @axis.com/ Hah, right, I was wondering how that came up suddenly now... Almost suprised it's just a single bug so far :) > --- a/mm/kasan/shadow.c > +++ b/mm/kasan/shadow.c > @@ -295,8 +295,14 @@ int kasan_populate_vmalloc(unsigned long addr, unsig= ned long size) > return 0; > =20 > shadow_start =3D (unsigned long)kasan_mem_to_shadow((void *)addr); > - shadow_start =3D ALIGN_DOWN(shadow_start, PAGE_SIZE); > shadow_end =3D (unsigned long)kasan_mem_to_shadow((void *)addr + size); > + > + if (IS_ENABLED(CONFIG_UML)) { > + __memset(kasan_mem_to_shadow((void *)addr), KASAN_VMALLOC_INVALID, sha= dow_end - shadow_start); > + return 0; > + } >=20 If that were if (IS_ENABLED(CONFIG_KASAN_NO_SHADOW_ALLOC)) { ... } (or so) as discussed above, it might be a little more readable, but otherwise it doesn't really seem all _that_ intrusive. I'll give it a spin later. johannes