Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp30414rdg; Tue, 10 Oct 2023 03:25:04 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFaPsYlWq06882tvlj9mjIkGlDrt/GUtaVhSPNprWlA00ZajMeJgUtyxbaVEiO1WW38r1Y6 X-Received: by 2002:a05:6870:a448:b0:1c8:baa5:a50f with SMTP id n8-20020a056870a44800b001c8baa5a50fmr21432661oal.27.1696933504404; Tue, 10 Oct 2023 03:25:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1696933504; cv=none; d=google.com; s=arc-20160816; b=WndOCJRSQ/PeyjyPh8IIoM3t9vmkMW4KS5sCDrLTbroEUlVqlenjtIxTVskjNSArJc gDMTbvSDzfL5vsvfUg9edVXl3taN0fOCBBRKs1SIbx108Ohub2lU8Pwwo563c9rZ/cMd zzYiSIAHjg4Y2gY/Ef2/lL8T5zsghbOCWyOY5K6D3aDjywoKXzxrtCTmEq7onK8Vv3l0 3jf2RJysIld0pR0AfnnSLTLH9m6rGtiC9CicSMja1c4CDFccBpEi+9I7o0PnbBScecX4 Kv83hzTZ/uKAWHJvj+60d9ca4PES5XWGK0U1fagSEmYLhtNFI6FS/t/iN+MueuPIxja4 Z0Lw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=tKh8x8oY19PzBwcSOoxnn2dS2pp/W/rE1Xb9IqE8P3o=; fh=Humky4e+hth+m5LjjwqZefHA/L96cUXUrx8t/v+3zX4=; b=sNAnsxscGE1wzu+aYixqDARarT4pZA5jTDnePO9JxKWSfKYCLejXzREIYrfv29MfBj E2H71RV1Uv9uIMEg3qRGWOgDaellX/jDOKRd/yDYOhZbP4Q6PQxmgXoV4xPhgSkbA6WP MtYS8y84MNPrd2M7SyJdUE4Ch585kCwn4SI50GlQ7tgBzAvhMJhxgrVTzAlwL0cFqkz6 EwhzgQkecFH+Q3qi5klhLryz1VnjMoOZmhfdPXjwcVbwZKBEPQVN4gTf/oWxgN/tFW1L jV2PmqCHtHIeI0qheOH40JnanfwSiUEWAAfXl+SDfaA3hixayBQMnwFzT1T/rDetL/hj iBQA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=IuEk7NOT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from groat.vger.email (groat.vger.email. [23.128.96.35]) by mx.google.com with ESMTPS id l1-20020a056a00140100b0068a557febfcsi9205094pfu.111.2023.10.10.03.25.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Oct 2023 03:25:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) client-ip=23.128.96.35; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=IuEk7NOT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id D73AC80D0800; Tue, 10 Oct 2023 03:25:01 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230483AbjJJKYx (ORCPT + 99 others); Tue, 10 Oct 2023 06:24:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60162 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230518AbjJJKYv (ORCPT ); Tue, 10 Oct 2023 06:24:51 -0400 Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.151]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4A2EEC1; Tue, 10 Oct 2023 03:24:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1696933490; x=1728469490; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=ToiBWz7vYPbjtT1A6Pw5OFHNHbyj94PnFPsrgizUBr0=; b=IuEk7NOTKFYEC2WTk3dFsT30TSl9zVW8afVbVMiobe17n2ws1tf7Wsq8 ZcmAV+JBAnOrb/RiYJgwxU9CisvIStaXjaAqhhwRyrZG3yAeRkPq9t6B3 Nlrkqk4DfjAxjwqX4gHzVV5sk8xlVFxAbyzSp9Wj9u9MWlXFIWCIaX6ba Hx/U0uODEDVIYAuOG7UWUm2cZfVUUPixlSOdbAucYvSLYzSdqP6JW5sl2 T1bTGRzqpQqMx2mqHy4U6C+foNS1dJnV4iekowTfx9bTREztmvv/bMSiQ nAB9NAUBrssc2KPw1pXWRsCSj6GU7OPnecQpZRDO76+ulp9ST6DAMBRz+ g==; X-IronPort-AV: E=McAfee;i="6600,9927,10858"; a="364654363" X-IronPort-AV: E=Sophos;i="6.03,212,1694761200"; d="scan'208";a="364654363" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Oct 2023 03:24:41 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10858"; a="927087670" X-IronPort-AV: E=Sophos;i="6.03,212,1694761200"; d="scan'208";a="927087670" Received: from albertmo-mobl2.ger.corp.intel.com (HELO box.shutemov.name) ([10.251.208.38]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Oct 2023 03:24:37 -0700 Received: by box.shutemov.name (Postfix, from userid 1000) id CA51710989E; Tue, 10 Oct 2023 13:24:34 +0300 (+03) Date: Tue, 10 Oct 2023 13:24:34 +0300 From: "Kirill A. Shutemov" To: Borislav Petkov Cc: Thomas Gleixner , Ingo Molnar , Dave Hansen , Peter Zijlstra , x86@kernel.org, "H. Peter Anvin" , Andrey Ryabinin , Alexander Potapenko , Andrey Konovalov , Dmitry Vyukov , Vincenzo Frascino , kasan-dev@googlegroups.com, linux-kernel@vger.kernel.org, Fei Yang , stable@vger.kernel.org Subject: Re: [PATCH] x86/alternatives: Disable KASAN on text_poke_early() in apply_alternatives() Message-ID: <20231010102434.ncn3mxk7cesec6s5@box.shutemov.name> References: <20231010053716.2481-1-kirill.shutemov@linux.intel.com> <20231010081938.GBZSUJGlSvEkFIDnES@fat_crate.local> <20231010084041.ut5sshyrofh27yyx@box.shutemov.name> <20231010091235.GFZSUVgzTetLj2K+s8@fat_crate.local> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20231010091235.GFZSUVgzTetLj2K+s8@fat_crate.local> X-Spam-Status: No, score=2.8 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, RCVD_IN_SBL_CSS,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Tue, 10 Oct 2023 03:25:02 -0700 (PDT) X-Spam-Level: ** On Tue, Oct 10, 2023 at 11:12:35AM +0200, Borislav Petkov wrote: > On Tue, Oct 10, 2023 at 11:40:41AM +0300, Kirill A. Shutemov wrote: > > __VIRTUAL_MASK_SHIFT used in many places. I don't think it is good idea to > > give up on patching completely. > > Have you even looked at boot_cpu_has()'s asm? Obviously not :/ Okay, as alternative, the patch below also make the issue go away. But I am not sure it is fundamentaly better. boot_cpu_has() generates call to __asan_load8_noabort(). I think it only works because all KASAN code has ASAN instrumentation disabled. diff --git a/arch/x86/include/asm/kasan.h b/arch/x86/include/asm/kasan.h index de75306b932e..bfe97013abb0 100644 --- a/arch/x86/include/asm/kasan.h +++ b/arch/x86/include/asm/kasan.h @@ -12,8 +12,15 @@ * for kernel really starts from compiler's shadow offset + * 'kernel address space start' >> KASAN_SHADOW_SCALE_SHIFT */ + +#ifdef USE_EARLY_PGTABLE_L5 +#define __KASAN_VIRT_SHIFT (__pgtable_l5_enabled ? 56 : 47) +#else +#define __KASAN_VIRT_SHIFT (boot_cpu_has(X86_FEATURE_LA57) ? 56 : 47) +#endif + #define KASAN_SHADOW_START (KASAN_SHADOW_OFFSET + \ - ((-1UL << __VIRTUAL_MASK_SHIFT) >> \ + ((-1UL << __KASAN_VIRT_SHIFT) >> \ KASAN_SHADOW_SCALE_SHIFT)) /* * 47 bits for kernel address -> (47 - KASAN_SHADOW_SCALE_SHIFT) bits for shadow -- Kiryl Shutsemau / Kirill A. Shutemov