Received: by 2002:ab2:620c:0:b0:1ef:ffd0:ce49 with SMTP id o12csp1421342lqt; Wed, 20 Mar 2024 03:40:01 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUg8E8TQRwlLxh5wnSZzvXpAheFWmZZmKEYU8rna5/gPl/yfdVitjfW9c10e0HVomW5Xp7n/Puxi0xhw4V093oh/XCT8sqXpsrK/PR6CQ== X-Google-Smtp-Source: AGHT+IEaaKEhakRFteVgIH6Yen9aC7T87NXGqdT711kXgkud2Gut1+zUwiR4LmhXge8AlbYlXxWA X-Received: by 2002:a17:902:f544:b0:1de:fbc3:8e4a with SMTP id h4-20020a170902f54400b001defbc38e4amr15765016plf.52.1710931201414; Wed, 20 Mar 2024 03:40:01 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1710931201; cv=pass; d=google.com; s=arc-20160816; b=fI1VcarrPCTijeIK/azKm6YDj8LGhdrDTKjmJylqIaj9Vx/vLnXER+wwgN71nlxvTM LfAXfayY9hjwy+DPc44CmolYx+VxIT41pezRHy5s++BLTZP/HzLuqM0p2wXxiuvVoHDS UfN1CeaWtxw2T1+6HSiUsc0sDoJJMWP/8bw8fNwGUj7OW7CXzEbPWBQKJwYxebKRyAad MeO+4BdpQdgyla9kK5Jzb8MRqeparQSCW6VWrpF7OMO9Fmj+iHuCR4FlyZTpo3ebBfnR +VWaRu9rj2IitaSJPVHt4cyvrGORvKNqYz6cEUwJ+Ixg40AVAShqwqoGxO2wqWsslhd5 PR3Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:message-id; bh=+71EL7yHyPxbE5mLWlDHn0FGrnDSG2rmWvmbU7hrWMI=; fh=MarApkI6h53pA3e6zT8M9A/C1Tmi4WnacIPwae9cuNw=; b=YAEvZpxjQJ2Kh2qXx4xGQb1/zl/2sYyVNkeMA4JseA/SMtWBfwa4XRWEjvoffHDz9c WJOCDnf2L1fdy80b16VDm+aZ/dFJ1Cd6dmDmdtmhUvVKB/lXn0UWk4ltRWOTpcWSmwxu 93yln34Vrvv0RjnDKArRc/9rmEAx9lf8u/b/N8jf0JZQg75H4+cCLk5FivM8gLchTDgh MoFUm8YRak+5wo9fp9S0qfH9XUXtNKIAYXwXbr2F9XC/+fgNguVb40LATb5vn90EEVMv +OAZ/5MJet4cg3zrPT+MJJila0pVL4bCHnVUxZoQRJ0ieWDeDh1vLIJ+hn2laiqHAXza FH5Q==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=i-love.sakura.ne.jp); spf=pass (google.com: domain of linux-kernel+bounces-108795-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-108795-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id im16-20020a170902bb1000b001defe4aec44si9180124plb.483.2024.03.20.03.40.01 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 20 Mar 2024 03:40:01 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-108795-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=i-love.sakura.ne.jp); spf=pass (google.com: domain of linux-kernel+bounces-108795-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-108795-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 1B359283A4E for ; Wed, 20 Mar 2024 10:40:01 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id B0BDB3A26E; Wed, 20 Mar 2024 10:39:55 +0000 (UTC) Received: from www262.sakura.ne.jp (www262.sakura.ne.jp [202.181.97.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6D2E039FED for ; Wed, 20 Mar 2024 10:39:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=202.181.97.72 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710931195; cv=none; b=BZvIvC04wuZLvpQlmw5lqNywToOs+tZl8BjjdnuyVJF9oZu9wVdH5CdgZHwWRWAgmGp8vZBuZxMQmDeoCrvEzvRWKaFKy749yT4dUwQuGfyu+4vQAbqE15UhFh4xtu9Xt7OhT5JN8lLdmcFmNFlyvWqlTaUHAIuVtpdwVuwA4ic= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710931195; c=relaxed/simple; bh=/YnmHjebPsYji+772rQDw2SVKaxnY04yaSAvNkDGeak=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=aHMYOFr1T//EZn83oDWMKNXGYo6rGM/xtomiDvXi3UzikacIL5FCnWe1PEzMJM2vIJrOaiQX1Chby4+SnCX4J42iEXdYo+DuATghSbZ8KXA00yNQcLMWvAinqXxifLk4nYU2RKyd+v731FPJpJWWmzEWWzufYRkBCzxzRnV6Zhs= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=I-love.SAKURA.ne.jp; spf=pass smtp.mailfrom=I-love.SAKURA.ne.jp; arc=none smtp.client-ip=202.181.97.72 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=I-love.SAKURA.ne.jp Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=I-love.SAKURA.ne.jp Received: from fsav313.sakura.ne.jp (fsav313.sakura.ne.jp [153.120.85.144]) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 42KAdo0k048716; Wed, 20 Mar 2024 19:39:50 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Received: from www262.sakura.ne.jp (202.181.97.72) by fsav313.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav313.sakura.ne.jp); Wed, 20 Mar 2024 19:39:50 +0900 (JST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav313.sakura.ne.jp) Received: from [192.168.1.6] (M106072142033.v4.enabler.ne.jp [106.72.142.33]) (authenticated bits=0) by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 42KAdoUV048713 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NO); Wed, 20 Mar 2024 19:39:50 +0900 (JST) (envelope-from penguin-kernel@I-love.SAKURA.ne.jp) Message-ID: Date: Wed, 20 Mar 2024 19:39:49 +0900 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v1 3/3] x86: call instrumentation hooks from copy_mc.c Content-Language: en-US To: Alexander Potapenko Cc: akpm@linux-foundation.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, kasan-dev@googlegroups.com, tglx@linutronix.de, x86@kernel.org, Linus Torvalds , Dmitry Vyukov , Marco Elver References: <20240319163656.2100766-1-glider@google.com> <20240319163656.2100766-3-glider@google.com> From: Tetsuo Handa In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit On 2024/03/20 18:29, Alexander Potapenko wrote: > But for KASAN/KCSAN we can afford more aggressive checks. > First, if we postpone them after the actual memory accesses happen, > the kernel may panic on the invalid access without a decent error > report. > Second, even if in a particular case only `len-ret` bytes were copied, > the caller probably expected both `src` and `dst` to have `len` > addressable bytes. > Checking for the whole length in this case is more likely to detect a > real error than produce a false positive. KASAN/KCSAN care about whether the requested address range is accessible but do not care about whether the requested address range was actually accessed? By the way, we have the same problem for copy_page() and I was thinking about https://lkml.kernel.org/r/1a817eb5-7cd8-44d6-b409-b3bc3f377cb9@I-love.SAKURA.ne.jp . But given that instrument_memcpy_{before,after} are added, how do we want to use instrument_memcpy_{before,after} for copy_page() ? Should we rename assembly version of copy_page() so that we don't need to use tricky wrapping like below? diff --git a/arch/x86/include/asm/page_64.h b/arch/x86/include/asm/page_64.h index cc6b8e087192..b9b794656880 100644 --- a/arch/x86/include/asm/page_64.h +++ b/arch/x86/include/asm/page_64.h @@ -9,6 +9,7 @@ #include #include +#include /* duplicated to the one in bootmem.h */ extern unsigned long max_pfn; @@ -59,6 +60,13 @@ static inline void clear_page(void *page) } void copy_page(void *to, void *from); +#define copy_page(to, from) do { \ + void *_to = (to); \ + void *_from = (from); \ + instrument_memcpy_before(_to, _from, PAGE_SIZE); \ + copy_page(_to, _from); \ + instrument_memcpy_after(_to, _from, PAGE_SIZE, 0); \ +} while (0) #ifdef CONFIG_X86_5LEVEL /*