From patchwork Wed Mar 29 18:37:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 76764 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp613450vqo; Wed, 29 Mar 2023 11:39:15 -0700 (PDT) X-Google-Smtp-Source: AKy350a11OVX2QINX6phwd2euFWrPCOQzz19fA36Rjp1RbFd7bTQy596z51tu2aiYnyq+kQ5tUME X-Received: by 2002:a17:907:7633:b0:91f:6679:5581 with SMTP id jy19-20020a170907763300b0091f66795581mr3383832ejc.21.1680115155373; Wed, 29 Mar 2023 11:39:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680115155; cv=none; d=google.com; s=arc-20160816; b=HLnKVj6n/FUzg+5RTgrCCRsbILUAWqx7li/DHuNQqrp2MIVLwrk4JqA211+kX4exir J/HB1WInN6qSnBVWCMX7eYJuVLKkMogLf5l78+VbPxnsh9kkg6tdQNg44qQrjQVY0M+4 s+n1i0oD+/8eyfirb84yRi5jhrViF6m7tBhTxUeUNC8Ej4CxA9DZORAwxC/MeZmivJKb VUdplNHI3oJC2HhgOvD5hNco/I6XMnCPfDfjDtaglXyWPd+6vjkJSCLI2TJRndCm76m4 EFjv6knI5DFCVtRt7JeE5Rrk3IxPqwJcnaXiDZ6pEsK/4LX+W+S8VuOGeyQ3nvcuwGoK alFw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=z4DPZvfjlbyZR04Gs5VqWFFoeLvvcar/vhfVx7MEdnM=; b=YsC/Zyl76Ji02E36OQSGRIAGfM/gKdiRi6sIFp42qots7eh20Pdw7wDf+qTxvsAn8d MDZ79V2jqWHL9+M3Fj13AyjajRbVmtIzJ4t0YLF/EiQglRP6Vh17bIEX+LgZ3+dJlS8b UyqcI95MtdJekx4/5mRI89SxfqtN/UvLOYynvSkiFx+ZJGS1IPB8/DV+24ivDL7FjgFM +rPK2URep0BB/6QWjNwpVpUpInxlrGm6889Bw7i+6fLsAKV+yCevwTJkT7YcrziJRwri bQAkf/SWE60WoKj/X64aT7NEcnndmpvaMTCOYVTjOwtP2yfCKwtps3F4gXLP7Iiz0HwZ cAOw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=tIO3PhiO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h17-20020a17090634d100b008d89608d4a2si31682986ejb.204.2023.03.29.11.38.52; Wed, 29 Mar 2023 11:39:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=tIO3PhiO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229677AbjC2SiK (ORCPT + 99 others); Wed, 29 Mar 2023 14:38:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38490 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229549AbjC2SiE (ORCPT ); Wed, 29 Mar 2023 14:38:04 -0400 Received: from out-57.mta1.migadu.com (out-57.mta1.migadu.com [95.215.58.57]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B04195FF5 for ; Wed, 29 Mar 2023 11:37:58 -0700 (PDT) X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1680115076; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=z4DPZvfjlbyZR04Gs5VqWFFoeLvvcar/vhfVx7MEdnM=; b=tIO3PhiOR2emercQwp44M6baOhhxEcQzHduTG2CPuKla6sVHmxWnHM9YWmEeKX28DgvZCV 9A+wF0Dv2nb8xskHclLbAXuQUuMRdY7xvjnkSyquQNWXMA6uaxWiNQqgVyLwJFW+XmE4Iy wvEeIkQDa8WA5AxpvHMez3p9xsgBnf0= From: andrey.konovalov@linux.dev To: Marco Elver , Catalin Marinas Cc: Andrey Konovalov , Alexander Potapenko , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Vincenzo Frascino , Will Deacon , linux-arm-kernel@lists.infradead.org, Peter Collingbourne , Evgenii Stepanov , Andrew Morton , linux-mm@kvack.org, Weizhao Ouyang , linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH v2 1/5] kasan: drop empty tagging-related defines Date: Wed, 29 Mar 2023 20:37:44 +0200 Message-Id: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1761728428815738113?= X-GMAIL-MSGID: =?utf-8?q?1761728428815738113?= From: Andrey Konovalov mm/kasan/kasan.h provides a number of empty defines for a few arch-specific tagging-related routines, in case the architecture code didn't define them. The original idea was to simplify integration in case another architecture starts supporting memory tagging. However, right now, if any of those routines are not provided by an architecture, Hardware Tag-Based KASAN won't work. Drop the empty defines, as it would be better to get compiler errors rather than runtime crashes when adding support for a new architecture. Also drop empty hw_enable_tagging_sync/async/asymm defines for !CONFIG_KASAN_HW_TAGS case, as those are only used in mm/kasan/hw_tags.c. Signed-off-by: Andrey Konovalov --- mm/kasan/kasan.h | 26 -------------------------- 1 file changed, 26 deletions(-) diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index a61eeee3095a..b1895526d02f 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -395,28 +395,6 @@ static inline const void *arch_kasan_set_tag(const void *addr, u8 tag) #ifdef CONFIG_KASAN_HW_TAGS -#ifndef arch_enable_tagging_sync -#define arch_enable_tagging_sync() -#endif -#ifndef arch_enable_tagging_async -#define arch_enable_tagging_async() -#endif -#ifndef arch_enable_tagging_asymm -#define arch_enable_tagging_asymm() -#endif -#ifndef arch_force_async_tag_fault -#define arch_force_async_tag_fault() -#endif -#ifndef arch_get_random_tag -#define arch_get_random_tag() (0xFF) -#endif -#ifndef arch_get_mem_tag -#define arch_get_mem_tag(addr) (0xFF) -#endif -#ifndef arch_set_mem_tag_range -#define arch_set_mem_tag_range(addr, size, tag, init) ((void *)(addr)) -#endif - #define hw_enable_tagging_sync() arch_enable_tagging_sync() #define hw_enable_tagging_async() arch_enable_tagging_async() #define hw_enable_tagging_asymm() arch_enable_tagging_asymm() @@ -430,10 +408,6 @@ void kasan_enable_tagging(void); #else /* CONFIG_KASAN_HW_TAGS */ -#define hw_enable_tagging_sync() -#define hw_enable_tagging_async() -#define hw_enable_tagging_asymm() - static inline void kasan_enable_tagging(void) { } #endif /* CONFIG_KASAN_HW_TAGS */ From patchwork Wed Mar 29 18:37:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 76765 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp613884vqo; Wed, 29 Mar 2023 11:40:12 -0700 (PDT) X-Google-Smtp-Source: AKy350b+CkHz97gvgHWEJejY774e7MKhORdktZiXWuL5Sf9FDGimm1SEic1eUi8Op0Yux8ChDOTN X-Received: by 2002:a17:902:e0c5:b0:1a0:6eb4:3871 with SMTP id e5-20020a170902e0c500b001a06eb43871mr16116649pla.20.1680115212293; Wed, 29 Mar 2023 11:40:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680115212; cv=none; d=google.com; s=arc-20160816; b=jVdpiTlwiv80Aph6YVA+HrBqCBhGyLKipJMsWR7bPK91POeuheodUPbTQKu9Fz2LNb t69aHDhVnTr5ipY3/GfnBPIUqccdNveZiisdo4GGwHuQB2m2Zt7JquORTJEMRXXF6hQo lHjRdCCU1EdDoXz/QoL2paOL1OKm0DyyHF+wA02kp37A0j+yyxOZVLcGwiPE965JrzZ3 +qqaEvPlCgy+g8JkcedxMUyU5qEdxR6tQgrS5pAAeURC7sDsYuYBlXxmgeAvvGe56/kV 2tygw8zjh/BC9T4OECwGvmQn1y2+qTWYRs2SzzjLJ0pdxOJ3wa+dNIdbpVLTqLMMsrLk z7Dw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=FR0GMMMnNdReMCefH2++iHzkAdqxWWuGhtNaRaBked8=; b=B2G80ghBybnpWyoXTXDR/QgLWZMHE9n2VkuhLSWZwwFJoO2I5eGAmUHv72r4Meoahf 017CMOc3uK7bav9mGihqIfx+BzldQ5VBiTJhM4iLHWQBzHE+JrGEGzLG+k91c+YdgO2g 26ro1Q6QmQbEhCZZxyw0hhB74wz91K1+jCTCZaKm4fsfQr9+SRSzC52ODXox2MHoDU8o /trq/SpOWGlvAPNiRIA/DXQnvvlHNDRX1GYr+vxLajDtYRxT2imPF7stSYABY9AfmtT3 ih1s7kaApKyDQN03B/+nsMg/Lq+uFmiAgvlceTH1b4llsS0iK1bRyqUUPf1vnFLVQJFV +SxA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=DbXVQvkG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y187-20020a638ac4000000b004fbd435fc2esi16048021pgd.447.2023.03.29.11.39.58; Wed, 29 Mar 2023 11:40:12 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=DbXVQvkG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229763AbjC2SiP (ORCPT + 99 others); Wed, 29 Mar 2023 14:38:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38602 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229620AbjC2SiE (ORCPT ); Wed, 29 Mar 2023 14:38:04 -0400 Received: from out-61.mta1.migadu.com (out-61.mta1.migadu.com [95.215.58.61]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A3A0461A5 for ; Wed, 29 Mar 2023 11:37:59 -0700 (PDT) X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1680115077; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=FR0GMMMnNdReMCefH2++iHzkAdqxWWuGhtNaRaBked8=; b=DbXVQvkGTlCs/4ox1E5HOmnOas+o8dhrEXZjhbQ6W8WQVmI5zYiq4ygRCi6EHxe9W/CCRl SYi0JaVw5IP0cy6wxqsztEnf8kDC6a250hmtkSn2HqVpd/QOP3J/6rbmYShIcirFB1djxa c4RW3q5ScoCHI8t9U4gig00pOB+z2mU= From: andrey.konovalov@linux.dev To: Marco Elver , Catalin Marinas Cc: Andrey Konovalov , Alexander Potapenko , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Vincenzo Frascino , Will Deacon , linux-arm-kernel@lists.infradead.org, Peter Collingbourne , Evgenii Stepanov , Andrew Morton , linux-mm@kvack.org, Weizhao Ouyang , linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH v2 2/5] kasan, arm64: rename tagging-related routines Date: Wed, 29 Mar 2023 20:37:45 +0200 Message-Id: <75c4000c862996060a20f1f66d6c9adcf9f23aca.1680114854.git.andreyknvl@google.com> In-Reply-To: References: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1761728488462946162?= X-GMAIL-MSGID: =?utf-8?q?1761728488462946162?= From: Andrey Konovalov Rename arch_enable_tagging_sync/async/asymm to arch_enable_tag_checks_sync/async/asymm, as the new name better reflects their function. Also rename kasan_enable_tagging to kasan_enable_hw_tags for the same reason. Signed-off-by: Andrey Konovalov --- arch/arm64/include/asm/memory.h | 6 +++--- mm/kasan/hw_tags.c | 12 ++++++------ mm/kasan/kasan.h | 10 +++++----- mm/kasan/kasan_test.c | 2 +- 4 files changed, 15 insertions(+), 15 deletions(-) diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h index 78e5163836a0..faf42bff9a60 100644 --- a/arch/arm64/include/asm/memory.h +++ b/arch/arm64/include/asm/memory.h @@ -261,9 +261,9 @@ static inline const void *__tag_set(const void *addr, u8 tag) } #ifdef CONFIG_KASAN_HW_TAGS -#define arch_enable_tagging_sync() mte_enable_kernel_sync() -#define arch_enable_tagging_async() mte_enable_kernel_async() -#define arch_enable_tagging_asymm() mte_enable_kernel_asymm() +#define arch_enable_tag_checks_sync() mte_enable_kernel_sync() +#define arch_enable_tag_checks_async() mte_enable_kernel_async() +#define arch_enable_tag_checks_asymm() mte_enable_kernel_asymm() #define arch_force_async_tag_fault() mte_check_tfsr_exit() #define arch_get_random_tag() mte_get_random_tag() #define arch_get_mem_tag(addr) mte_get_mem_tag(addr) diff --git a/mm/kasan/hw_tags.c b/mm/kasan/hw_tags.c index d1bcb0205327..b092e37b69a7 100644 --- a/mm/kasan/hw_tags.c +++ b/mm/kasan/hw_tags.c @@ -205,7 +205,7 @@ void kasan_init_hw_tags_cpu(void) * Enable async or asymm modes only when explicitly requested * through the command line. */ - kasan_enable_tagging(); + kasan_enable_hw_tags(); } /* kasan_init_hw_tags() is called once on boot CPU. */ @@ -373,19 +373,19 @@ void __kasan_poison_vmalloc(const void *start, unsigned long size) #endif -void kasan_enable_tagging(void) +void kasan_enable_hw_tags(void) { if (kasan_arg_mode == KASAN_ARG_MODE_ASYNC) - hw_enable_tagging_async(); + hw_enable_tag_checks_async(); else if (kasan_arg_mode == KASAN_ARG_MODE_ASYMM) - hw_enable_tagging_asymm(); + hw_enable_tag_checks_asymm(); else - hw_enable_tagging_sync(); + hw_enable_tag_checks_sync(); } #if IS_ENABLED(CONFIG_KASAN_KUNIT_TEST) -EXPORT_SYMBOL_GPL(kasan_enable_tagging); +EXPORT_SYMBOL_GPL(kasan_enable_hw_tags); void kasan_force_async_fault(void) { diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index b1895526d02f..a1613f5d7608 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -395,20 +395,20 @@ static inline const void *arch_kasan_set_tag(const void *addr, u8 tag) #ifdef CONFIG_KASAN_HW_TAGS -#define hw_enable_tagging_sync() arch_enable_tagging_sync() -#define hw_enable_tagging_async() arch_enable_tagging_async() -#define hw_enable_tagging_asymm() arch_enable_tagging_asymm() +#define hw_enable_tag_checks_sync() arch_enable_tag_checks_sync() +#define hw_enable_tag_checks_async() arch_enable_tag_checks_async() +#define hw_enable_tag_checks_asymm() arch_enable_tag_checks_asymm() #define hw_force_async_tag_fault() arch_force_async_tag_fault() #define hw_get_random_tag() arch_get_random_tag() #define hw_get_mem_tag(addr) arch_get_mem_tag(addr) #define hw_set_mem_tag_range(addr, size, tag, init) \ arch_set_mem_tag_range((addr), (size), (tag), (init)) -void kasan_enable_tagging(void); +void kasan_enable_hw_tags(void); #else /* CONFIG_KASAN_HW_TAGS */ -static inline void kasan_enable_tagging(void) { } +static inline void kasan_enable_hw_tags(void) { } #endif /* CONFIG_KASAN_HW_TAGS */ diff --git a/mm/kasan/kasan_test.c b/mm/kasan/kasan_test.c index 627eaf1ee1db..a375776f9896 100644 --- a/mm/kasan/kasan_test.c +++ b/mm/kasan/kasan_test.c @@ -148,7 +148,7 @@ static void kasan_test_exit(struct kunit *test) kasan_sync_fault_possible()) { \ if (READ_ONCE(test_status.report_found) && \ !READ_ONCE(test_status.async_fault)) \ - kasan_enable_tagging(); \ + kasan_enable_hw_tags(); \ migrate_enable(); \ } \ WRITE_ONCE(test_status.report_found, false); \ From patchwork Wed Mar 29 18:37:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 76767 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp618986vqo; Wed, 29 Mar 2023 11:51:24 -0700 (PDT) X-Google-Smtp-Source: AKy350b1JCsy+MsTMqm7ZZn/fBIInJ4MVKAalwKGv47zEDjHNEh24v0931gJQkP8JHuPFpvtVhmX X-Received: by 2002:a17:906:a416:b0:878:7c18:8fd9 with SMTP id l22-20020a170906a41600b008787c188fd9mr19447512ejz.44.1680115884397; Wed, 29 Mar 2023 11:51:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680115884; cv=none; d=google.com; s=arc-20160816; b=u7WHyPse++8beFulTrw7kqmy97jkuV7DpMtMzCb/EAXzg/p1EpB7gkcGJ6vRFoKyU3 1oK594QhWClM+FX+M4Dr5nk+8iCSRG/tMInTOxrJwXiOo5aY1r0+IoB4CF+9ahmOEzOu 53U11C843QRp1V/r9OCG2g8Vx+7Mza/4eampMcpHurUcDMVB/gqqHQRZcxAcWr3hDcpI OM+8VSxOdWutkiGJvPLY9IGedpOBeN37O7p5yFZ2QWfRjodzGaW/xZjMffFOvR93owwQ sNlPMtJb4YvIjUPGGbPfPXXM0Y8d/rsTe/wpM/5WlnML5ZBnjdrrV5+CHMFJrjSehWcm KyGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=R0ZTLDK0+ErC3gsprSGJ+tiVFRHa88yHqEYRk0ERiZ0=; b=Qrv8uwTCYQ3flkzGz+ShgagLO5yCIaCB+DiDhmm3C+SJgr1Jw+w2mEckflS8TiUsHS FNF2NmnDKfR36l9JsLGAlWw/oB83VXJoNhHas2TeHr9xTavdgnLbYUoREVcahid19LMX K5XkhMqgzVyDXTyfMrFRT0LxWecbN7m5Cuyjn9sqDiH0Ke73eho8m1xlUqlYYWu/9vNg xS61BrZSo+yg2fbYTQjfZ0Xw0/suOamlDBl2l/An9UdvSMsINGV5RHeclZ56KJDGfout uoeMgN26d1vSRdaSo7/bZ9HZf//ummTXrdhF65KnWMvrdnFlY6Y6HbofHFygwiDat7Vq 12WQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=oP2VA3+D; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b8-20020aa7cd08000000b004acda72375fsi35051327edw.84.2023.03.29.11.50.58; Wed, 29 Mar 2023 11:51:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=oP2VA3+D; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229544AbjC2SiU (ORCPT + 99 others); Wed, 29 Mar 2023 14:38:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38516 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229649AbjC2SiF (ORCPT ); Wed, 29 Mar 2023 14:38:05 -0400 Received: from out-19.mta1.migadu.com (out-19.mta1.migadu.com [95.215.58.19]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AC4813AB9 for ; Wed, 29 Mar 2023 11:38:00 -0700 (PDT) X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1680115078; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=R0ZTLDK0+ErC3gsprSGJ+tiVFRHa88yHqEYRk0ERiZ0=; b=oP2VA3+D9Qr8dKR4UOrrmrc1+nxlHZsTDv96qHpFlLIIE0qAxFcHxNtGpjSuXYDtYGe7g0 R9YJpt11ce2lsJJGHndi0vAWGx+Lrt1/J0xo2kovQdSX5r6myxaV5UGnajysVl3a/fkg9M 5PYt++7HFPVvKJdr1l9qX0EEByPuMKk= From: andrey.konovalov@linux.dev To: Marco Elver , Catalin Marinas Cc: Andrey Konovalov , Alexander Potapenko , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Vincenzo Frascino , Will Deacon , linux-arm-kernel@lists.infradead.org, Peter Collingbourne , Evgenii Stepanov , Andrew Morton , linux-mm@kvack.org, Weizhao Ouyang , linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH v2 3/5] arm64: mte: Rename TCO routines Date: Wed, 29 Mar 2023 20:37:46 +0200 Message-Id: <74d26337b2360733956114069e96ff11c296a944.1680114854.git.andreyknvl@google.com> In-Reply-To: References: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1761729193588409111?= X-GMAIL-MSGID: =?utf-8?q?1761729193588409111?= From: Vincenzo Frascino The TCO related routines are used in uaccess methods and load_unaligned_zeropad() but are unrelated to both even if the naming suggest otherwise. Improve the readability of the code moving the away from uaccess.h and pre-pending them with "mte". Cc: Will Deacon Signed-off-by: Vincenzo Frascino Signed-off-by: Catalin Marinas Signed-off-by: Andrey Konovalov --- Chages v1->v2: - Drop __ from mte_disable/enable_tco names, as those functions are to be exported to KASAN code. --- arch/arm64/include/asm/mte-kasan.h | 81 +++++++++++++++++++++++++ arch/arm64/include/asm/mte.h | 12 ---- arch/arm64/include/asm/uaccess.h | 66 +++----------------- arch/arm64/include/asm/word-at-a-time.h | 4 +- 4 files changed, 93 insertions(+), 70 deletions(-) diff --git a/arch/arm64/include/asm/mte-kasan.h b/arch/arm64/include/asm/mte-kasan.h index 9f79425fc65a..2e98028c1965 100644 --- a/arch/arm64/include/asm/mte-kasan.h +++ b/arch/arm64/include/asm/mte-kasan.h @@ -13,8 +13,73 @@ #include +#ifdef CONFIG_KASAN_HW_TAGS + +/* Whether the MTE asynchronous mode is enabled. */ +DECLARE_STATIC_KEY_FALSE(mte_async_or_asymm_mode); + +static inline bool system_uses_mte_async_or_asymm_mode(void) +{ + return static_branch_unlikely(&mte_async_or_asymm_mode); +} + +#else /* CONFIG_KASAN_HW_TAGS */ + +static inline bool system_uses_mte_async_or_asymm_mode(void) +{ + return false; +} + +#endif /* CONFIG_KASAN_HW_TAGS */ + #ifdef CONFIG_ARM64_MTE +/* + * The Tag Check Flag (TCF) mode for MTE is per EL, hence TCF0 + * affects EL0 and TCF affects EL1 irrespective of which TTBR is + * used. + * The kernel accesses TTBR0 usually with LDTR/STTR instructions + * when UAO is available, so these would act as EL0 accesses using + * TCF0. + * However futex.h code uses exclusives which would be executed as + * EL1, this can potentially cause a tag check fault even if the + * user disables TCF0. + * + * To address the problem we set the PSTATE.TCO bit in uaccess_enable() + * and reset it in uaccess_disable(). + * + * The Tag check override (TCO) bit disables temporarily the tag checking + * preventing the issue. + */ +static inline void mte_disable_tco(void) +{ + asm volatile(ALTERNATIVE("nop", SET_PSTATE_TCO(0), + ARM64_MTE, CONFIG_KASAN_HW_TAGS)); +} + +static inline void mte_enable_tco(void) +{ + asm volatile(ALTERNATIVE("nop", SET_PSTATE_TCO(1), + ARM64_MTE, CONFIG_KASAN_HW_TAGS)); +} + +/* + * These functions disable tag checking only if in MTE async mode + * since the sync mode generates exceptions synchronously and the + * nofault or load_unaligned_zeropad can handle them. + */ +static inline void __mte_disable_tco_async(void) +{ + if (system_uses_mte_async_or_asymm_mode()) + mte_disable_tco(); +} + +static inline void __mte_enable_tco_async(void) +{ + if (system_uses_mte_async_or_asymm_mode()) + mte_enable_tco(); +} + /* * These functions are meant to be only used from KASAN runtime through * the arch_*() interface defined in asm/memory.h. @@ -138,6 +203,22 @@ void mte_enable_kernel_asymm(void); #else /* CONFIG_ARM64_MTE */ +static inline void mte_disable_tco(void) +{ +} + +static inline void mte_enable_tco(void) +{ +} + +static inline void __mte_disable_tco_async(void) +{ +} + +static inline void __mte_enable_tco_async(void) +{ +} + static inline u8 mte_get_ptr_tag(void *ptr) { return 0xFF; diff --git a/arch/arm64/include/asm/mte.h b/arch/arm64/include/asm/mte.h index 20dd06d70af5..c028afb1cd0b 100644 --- a/arch/arm64/include/asm/mte.h +++ b/arch/arm64/include/asm/mte.h @@ -178,14 +178,6 @@ static inline void mte_disable_tco_entry(struct task_struct *task) } #ifdef CONFIG_KASAN_HW_TAGS -/* Whether the MTE asynchronous mode is enabled. */ -DECLARE_STATIC_KEY_FALSE(mte_async_or_asymm_mode); - -static inline bool system_uses_mte_async_or_asymm_mode(void) -{ - return static_branch_unlikely(&mte_async_or_asymm_mode); -} - void mte_check_tfsr_el1(void); static inline void mte_check_tfsr_entry(void) @@ -212,10 +204,6 @@ static inline void mte_check_tfsr_exit(void) mte_check_tfsr_el1(); } #else -static inline bool system_uses_mte_async_or_asymm_mode(void) -{ - return false; -} static inline void mte_check_tfsr_el1(void) { } diff --git a/arch/arm64/include/asm/uaccess.h b/arch/arm64/include/asm/uaccess.h index 5c7b2f9d5913..30ea7b5c3ccb 100644 --- a/arch/arm64/include/asm/uaccess.h +++ b/arch/arm64/include/asm/uaccess.h @@ -136,55 +136,9 @@ static inline void __uaccess_enable_hw_pan(void) CONFIG_ARM64_PAN)); } -/* - * The Tag Check Flag (TCF) mode for MTE is per EL, hence TCF0 - * affects EL0 and TCF affects EL1 irrespective of which TTBR is - * used. - * The kernel accesses TTBR0 usually with LDTR/STTR instructions - * when UAO is available, so these would act as EL0 accesses using - * TCF0. - * However futex.h code uses exclusives which would be executed as - * EL1, this can potentially cause a tag check fault even if the - * user disables TCF0. - * - * To address the problem we set the PSTATE.TCO bit in uaccess_enable() - * and reset it in uaccess_disable(). - * - * The Tag check override (TCO) bit disables temporarily the tag checking - * preventing the issue. - */ -static inline void __uaccess_disable_tco(void) -{ - asm volatile(ALTERNATIVE("nop", SET_PSTATE_TCO(0), - ARM64_MTE, CONFIG_KASAN_HW_TAGS)); -} - -static inline void __uaccess_enable_tco(void) -{ - asm volatile(ALTERNATIVE("nop", SET_PSTATE_TCO(1), - ARM64_MTE, CONFIG_KASAN_HW_TAGS)); -} - -/* - * These functions disable tag checking only if in MTE async mode - * since the sync mode generates exceptions synchronously and the - * nofault or load_unaligned_zeropad can handle them. - */ -static inline void __uaccess_disable_tco_async(void) -{ - if (system_uses_mte_async_or_asymm_mode()) - __uaccess_disable_tco(); -} - -static inline void __uaccess_enable_tco_async(void) -{ - if (system_uses_mte_async_or_asymm_mode()) - __uaccess_enable_tco(); -} - static inline void uaccess_disable_privileged(void) { - __uaccess_disable_tco(); + mte_disable_tco(); if (uaccess_ttbr0_disable()) return; @@ -194,7 +148,7 @@ static inline void uaccess_disable_privileged(void) static inline void uaccess_enable_privileged(void) { - __uaccess_enable_tco(); + mte_enable_tco(); if (uaccess_ttbr0_enable()) return; @@ -302,8 +256,8 @@ do { \ #define get_user __get_user /* - * We must not call into the scheduler between __uaccess_enable_tco_async() and - * __uaccess_disable_tco_async(). As `dst` and `src` may contain blocking + * We must not call into the scheduler between __mte_enable_tco_async() and + * __mte_disable_tco_async(). As `dst` and `src` may contain blocking * functions, we must evaluate these outside of the critical section. */ #define __get_kernel_nofault(dst, src, type, err_label) \ @@ -312,10 +266,10 @@ do { \ __typeof__(src) __gkn_src = (src); \ int __gkn_err = 0; \ \ - __uaccess_enable_tco_async(); \ + __mte_enable_tco_async(); \ __raw_get_mem("ldr", *((type *)(__gkn_dst)), \ (__force type *)(__gkn_src), __gkn_err, K); \ - __uaccess_disable_tco_async(); \ + __mte_disable_tco_async(); \ \ if (unlikely(__gkn_err)) \ goto err_label; \ @@ -388,8 +342,8 @@ do { \ #define put_user __put_user /* - * We must not call into the scheduler between __uaccess_enable_tco_async() and - * __uaccess_disable_tco_async(). As `dst` and `src` may contain blocking + * We must not call into the scheduler between __mte_enable_tco_async() and + * __mte_disable_tco_async(). As `dst` and `src` may contain blocking * functions, we must evaluate these outside of the critical section. */ #define __put_kernel_nofault(dst, src, type, err_label) \ @@ -398,10 +352,10 @@ do { \ __typeof__(src) __pkn_src = (src); \ int __pkn_err = 0; \ \ - __uaccess_enable_tco_async(); \ + __mte_enable_tco_async(); \ __raw_put_mem("str", *((type *)(__pkn_src)), \ (__force type *)(__pkn_dst), __pkn_err, K); \ - __uaccess_disable_tco_async(); \ + __mte_disable_tco_async(); \ \ if (unlikely(__pkn_err)) \ goto err_label; \ diff --git a/arch/arm64/include/asm/word-at-a-time.h b/arch/arm64/include/asm/word-at-a-time.h index 1c8e4f2490bf..f3b151ed0d7a 100644 --- a/arch/arm64/include/asm/word-at-a-time.h +++ b/arch/arm64/include/asm/word-at-a-time.h @@ -55,7 +55,7 @@ static inline unsigned long load_unaligned_zeropad(const void *addr) { unsigned long ret; - __uaccess_enable_tco_async(); + __mte_enable_tco_async(); /* Load word from unaligned pointer addr */ asm( @@ -65,7 +65,7 @@ static inline unsigned long load_unaligned_zeropad(const void *addr) : "=&r" (ret) : "r" (addr), "Q" (*(unsigned long *)addr)); - __uaccess_disable_tco_async(); + __mte_disable_tco_async(); return ret; } From patchwork Wed Mar 29 18:37:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 76766 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp616058vqo; Wed, 29 Mar 2023 11:45:02 -0700 (PDT) X-Google-Smtp-Source: AKy350ZfKRVK/hnBG+Dhv05NZtMH0fJ1Vp2j5TPZAmFW4z/ea1gvAeu6C40VYrDx0OqEI1LlJni3 X-Received: by 2002:a17:906:ad9:b0:930:8714:6739 with SMTP id z25-20020a1709060ad900b0093087146739mr19544979ejf.30.1680115502498; Wed, 29 Mar 2023 11:45:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680115502; cv=none; d=google.com; s=arc-20160816; b=sRaavWKrBUzrKw2rClAYlECBzcph8ct93vgaGJBZK89VAqMUfZN82InLFZDFxkB/qI hkyYthvntiWJDDAbbtC0zrL5OcunbECdZw6q4+RnJJAP2NbIL4SSDkHjNCsVftXyYNPx Mx4e5UAVNW30/8fjRDgwA1h6oC1AC8uzE+QiDfuiiO8lXPsuR/VL+COpbpoDS6tGG5pF lyTnS9sNVjIFhzLsJcWlYdK7DKRD/L7bWcZunLvaRr8jU39QtTYtkbnULHCaw3+icLo4 4/wJIOMF3YLc8YL4aOaMHHhA2JkvRsJWwxR9Boc7HXAZrjjeH9l8nQ/dhBo//NlC+0N3 vBHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=4IBB0t30IQWFgjzMoDMwNtgr4khYAd9V6YJirYANKJw=; b=ENVTbs2MRwvkOyoakCbj5tIKAzAIZIOMKI7rZu7Ws6N+p4Xmw9BE69MBizQnHj76Ly sLYxZF94Fx9apKcqpdmDW9W2GsRcWmV9OPfnKnkTSzoXFhs6xi1Zst5yoU8PIeJm9hbb XDD+kFAk60x6A9zs0RDx8jgryJMJ/P8kre0CH3aVIKTAll8fgM2GBsZj+dsMyFYE/0XY ThViRcR9LHU4IW21FqA5aN4VgN2tJ7AlkWqYr7gel0Ohcl8UnMNO5yayfoRB4Yz6mR0I bfmx2lm7JgRn68ZWEF62NwJAjJ7uIRNPysGfocpEzwnV7Ds1HkGlm9/t7VMIT+H4H4k1 +jRQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=QgAd4ttX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d5-20020a50fb05000000b004ad0993e54esi33744220edq.487.2023.03.29.11.44.38; Wed, 29 Mar 2023 11:45:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=QgAd4ttX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229687AbjC2SiM (ORCPT + 99 others); Wed, 29 Mar 2023 14:38:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38620 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229638AbjC2SiF (ORCPT ); Wed, 29 Mar 2023 14:38:05 -0400 Received: from out-10.mta1.migadu.com (out-10.mta1.migadu.com [IPv6:2001:41d0:203:375::a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C5F571FDA for ; Wed, 29 Mar 2023 11:38:01 -0700 (PDT) X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1680115080; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=4IBB0t30IQWFgjzMoDMwNtgr4khYAd9V6YJirYANKJw=; b=QgAd4ttXeu2KtUbjd+eYGisjZq9ioQEf7KHQO41mUQEncgqcvFT0kMtVWTnVhTvqO39dCs qnfT8VmxT5x2t4jFNaIYtC86D2toghjLwz4S6LnFhsQ33dWNChtMewppVDGTmO1JwwMcY9 /ZquEfYJhPqccz/gfQ0PZ1hFiaHWscc= From: andrey.konovalov@linux.dev To: Marco Elver , Catalin Marinas Cc: Andrey Konovalov , Alexander Potapenko , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Vincenzo Frascino , Will Deacon , linux-arm-kernel@lists.infradead.org, Peter Collingbourne , Evgenii Stepanov , Andrew Morton , linux-mm@kvack.org, Weizhao Ouyang , linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH v2 4/5] kasan, arm64: add arch_suppress_tag_checks_start/stop Date: Wed, 29 Mar 2023 20:37:47 +0200 Message-Id: <7ad5e5a9db79e3aba08d8f43aca24350b04080f6.1680114854.git.andreyknvl@google.com> In-Reply-To: References: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1761728793005074890?= X-GMAIL-MSGID: =?utf-8?q?1761728793005074890?= From: Andrey Konovalov Add two new tagging-related routines arch_suppress_tag_checks_start/stop that suppress MTE tag checking via the TCO register. These rouines are used in the next patch. Signed-off-by: Andrey Konovalov --- arch/arm64/include/asm/memory.h | 2 ++ mm/kasan/kasan.h | 2 ++ 2 files changed, 4 insertions(+) diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h index faf42bff9a60..05e42bd3555f 100644 --- a/arch/arm64/include/asm/memory.h +++ b/arch/arm64/include/asm/memory.h @@ -264,6 +264,8 @@ static inline const void *__tag_set(const void *addr, u8 tag) #define arch_enable_tag_checks_sync() mte_enable_kernel_sync() #define arch_enable_tag_checks_async() mte_enable_kernel_async() #define arch_enable_tag_checks_asymm() mte_enable_kernel_asymm() +#define arch_suppress_tag_checks_start() mte_enable_tco() +#define arch_suppress_tag_checks_stop() mte_disable_tco() #define arch_force_async_tag_fault() mte_check_tfsr_exit() #define arch_get_random_tag() mte_get_random_tag() #define arch_get_mem_tag(addr) mte_get_mem_tag(addr) diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h index a1613f5d7608..f5e4f5f2ba20 100644 --- a/mm/kasan/kasan.h +++ b/mm/kasan/kasan.h @@ -398,6 +398,8 @@ static inline const void *arch_kasan_set_tag(const void *addr, u8 tag) #define hw_enable_tag_checks_sync() arch_enable_tag_checks_sync() #define hw_enable_tag_checks_async() arch_enable_tag_checks_async() #define hw_enable_tag_checks_asymm() arch_enable_tag_checks_asymm() +#define hw_suppress_tag_checks_start() arch_suppress_tag_checks_start() +#define hw_suppress_tag_checks_stop() arch_suppress_tag_checks_stop() #define hw_force_async_tag_fault() arch_force_async_tag_fault() #define hw_get_random_tag() arch_get_random_tag() #define hw_get_mem_tag(addr) arch_get_mem_tag(addr) From patchwork Wed Mar 29 18:37:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 76768 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp620885vqo; Wed, 29 Mar 2023 11:55:39 -0700 (PDT) X-Google-Smtp-Source: AKy350ZxjY1PmdjqWd4RvYIsqTBbV3KvPgVn/MGKVRQe6Pp81F4Y/gwoTsleHbKzl+6vYa+GcfeX X-Received: by 2002:a17:907:c249:b0:932:fc34:88e with SMTP id tj9-20020a170907c24900b00932fc34088emr21434046ejc.52.1680116138830; Wed, 29 Mar 2023 11:55:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680116138; cv=none; d=google.com; s=arc-20160816; b=dfeJHZ09wIiWSYQX3Vzvc1WcdL7WDIYTnGT4dUo05PmJpAHGP0DdVqS1ED8Go2rEy8 mpnS+YTYTLfA27FxJzu5ywKzi44yL32ozxohWOmbnoyfjItKtRWqjBwE8ucB2vv43xG+ IT75FoyebnXGCkUDdaY0Nu203qaQoqhzdiQ0zwBRjQwl7hxuwH7RwLwHjbFQR9ggC4Xw 7s2JKwxh5iDZMKxo4IQVCXOMe47Pyq6ELsoARSIzNvIIIFHjDbFv2kjVisdq1Jk1fjXK gsCNR/DDQ/WSGdw0+LGPiFBfJGqWPlJFl4Zwiwtpng8MEJ0n2zWSVzSCnubBl+KfNHog lSJA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=KXwl8tO7n70VCzS+2Z99ZqyN4ebAwCoCQirv2FwloPQ=; b=0zDh5hNiMt9AeVCFhCCng4SMBRGzvhQ+HeztKOjbATR2j2DLP2QdSwX7s2pd5veO6p Bhz/sGXU5txlslqj64lkmlYNvBqjtKheZ1PkzFRXJ/NN0K86XiZj6pB0kERxLIm7I/zy fCb0F57ALzBdZVWNOWWFUQmStpuZR8RqYwlAQCV99vDr0AviALczF7VcDgQWKCU7SGgu jb7dFwAdO/7qhWkrORLWAxagCg8stUiQIEQPA3eAZD6Zt/v+Q/wePSNalaUHMZlnNFO5 UX+SgX/jCY4bB/x9DbTgjVhCUK3gk56KjTE8xdEt5IQ4z9WO/ceTHwVO52vpsBqF6vB6 F/oA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=agGDWJ9x; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d24-20020aa7d698000000b004c056644702si34584876edr.400.2023.03.29.11.55.15; Wed, 29 Mar 2023 11:55:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=agGDWJ9x; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229820AbjC2SiY (ORCPT + 99 others); Wed, 29 Mar 2023 14:38:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38546 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229682AbjC2SiG (ORCPT ); Wed, 29 Mar 2023 14:38:06 -0400 Received: from out-56.mta1.migadu.com (out-56.mta1.migadu.com [IPv6:2001:41d0:203:375::38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F00C859F3 for ; Wed, 29 Mar 2023 11:38:02 -0700 (PDT) X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1680115080; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=KXwl8tO7n70VCzS+2Z99ZqyN4ebAwCoCQirv2FwloPQ=; b=agGDWJ9xzHKORm0clngE5cybrY2NbiNiuT8Au3+SurJwSKOhd7350jBTyPn/yXpT9rTRV9 BE7EEFNPLvmCxOGUcnuqPyNdnpttIko/We2eAOk+kYoVbjy2qrGk3zUJLFwLcwFmSyampp LtPeZOW+QWpuEawW1ooy7OC5yXZRZpE= From: andrey.konovalov@linux.dev To: Marco Elver , Catalin Marinas Cc: Andrey Konovalov , Alexander Potapenko , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Vincenzo Frascino , Will Deacon , linux-arm-kernel@lists.infradead.org, Peter Collingbourne , Evgenii Stepanov , Andrew Morton , linux-mm@kvack.org, Weizhao Ouyang , linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH v2 5/5] kasan: suppress recursive reports for HW_TAGS Date: Wed, 29 Mar 2023 20:37:48 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1761729460468439350?= X-GMAIL-MSGID: =?utf-8?q?1761729460468439350?= From: Andrey Konovalov KASAN suppresses reports for bad accesses done by the KASAN reporting code. The reporting code might access poisoned memory for reporting purposes. Software KASAN modes do this by suppressing reports during reporting via current->kasan_depth, the same way they suppress reports during accesses to poisoned slab metadata. Hardware Tag-Based KASAN does not use current->kasan_depth, and instead resets pointer tags for accesses to poisoned memory done by the reporting code. Despite that, a recursive report can still happen: 1. On hardware with faulty MTE support. This was observed by Weizhao Ouyang on a faulty hardware that caused memory tags to randomly change from time to time. 2. Theoretically, due to a previous MTE-undetected memory corruption. A recursive report can happen via: 1. Accessing a pointer with a non-reset tag in the reporting code, e.g. slab->slab_cache, which is what Weizhao Ouyang observed. 2. Theoretically, via external non-annotated routines, e.g. stackdepot. To resolve this issue, resetting tags for all of the pointers in the reporting code and all the used external routines would be impractical. Instead, disable tag checking done by the CPU for the duration of KASAN reporting for Hardware Tag-Based KASAN. Without this fix, Hardware Tag-Based KASAN reporting code might deadlock. Fixes: 2e903b914797 ("kasan, arm64: implement HW_TAGS runtime") Reported-by: Weizhao Ouyang Signed-off-by: Andrey Konovalov Reviewed-by: Marco Elver --- Considering that 1. the bug this patch fixes was only observed on faulty MTE hardware, and 2. the patch depends on the other patches in this series, I don't think it's worth backporting it into stable. Changes v1->v2: - Disable preemption instead of migration. - Fix comment typo. --- mm/kasan/report.c | 59 ++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 48 insertions(+), 11 deletions(-) diff --git a/mm/kasan/report.c b/mm/kasan/report.c index 89078f912827..892a9dc9d4d3 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -72,10 +72,18 @@ static int __init kasan_set_multi_shot(char *str) __setup("kasan_multi_shot", kasan_set_multi_shot); /* - * Used to suppress reports within kasan_disable/enable_current() critical - * sections, which are used for marking accesses to slab metadata. + * This function is used to check whether KASAN reports are suppressed for + * software KASAN modes via kasan_disable/enable_current() critical sections. + * + * This is done to avoid: + * 1. False-positive reports when accessing slab metadata, + * 2. Deadlocking when poisoned memory is accessed by the reporting code. + * + * Hardware Tag-Based KASAN instead relies on: + * For #1: Resetting tags via kasan_reset_tag(). + * For #2: Suppression of tag checks via CPU, see report_suppress_start/end(). */ -static bool report_suppressed(void) +static bool report_suppressed_sw(void) { #if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) if (current->kasan_depth) @@ -84,6 +92,30 @@ static bool report_suppressed(void) return false; } +static void report_suppress_start(void) +{ +#ifdef CONFIG_KASAN_HW_TAGS + /* + * Disable preemption for the duration of printing a KASAN report, as + * hw_suppress_tag_checks_start() disables checks on the current CPU. + */ + preempt_disable(); + hw_suppress_tag_checks_start(); +#else + kasan_disable_current(); +#endif +} + +static void report_suppress_stop(void) +{ +#ifdef CONFIG_KASAN_HW_TAGS + hw_suppress_tag_checks_stop(); + preempt_enable(); +#else + kasan_enable_current(); +#endif +} + /* * Used to avoid reporting more than one KASAN bug unless kasan_multi_shot * is enabled. Note that KASAN tests effectively enable kasan_multi_shot @@ -174,7 +206,7 @@ static void start_report(unsigned long *flags, bool sync) /* Do not allow LOCKDEP mangling KASAN reports. */ lockdep_off(); /* Make sure we don't end up in loop. */ - kasan_disable_current(); + report_suppress_start(); spin_lock_irqsave(&report_lock, *flags); pr_err("==================================================================\n"); } @@ -192,7 +224,7 @@ static void end_report(unsigned long *flags, void *addr) panic("kasan.fault=panic set ...\n"); add_taint(TAINT_BAD_PAGE, LOCKDEP_NOW_UNRELIABLE); lockdep_on(); - kasan_enable_current(); + report_suppress_stop(); } static void print_error_description(struct kasan_report_info *info) @@ -480,9 +512,13 @@ void kasan_report_invalid_free(void *ptr, unsigned long ip, enum kasan_report_ty struct kasan_report_info info; /* - * Do not check report_suppressed(), as an invalid-free cannot be - * caused by accessing slab metadata and thus should not be - * suppressed by kasan_disable/enable_current() critical sections. + * Do not check report_suppressed_sw(), as an invalid-free cannot be + * caused by accessing poisoned memory and thus should not be suppressed + * by kasan_disable/enable_current() critical sections. + * + * Note that for Hardware Tag-Based KASAN, kasan_report_invalid_free() + * is triggered by explicit tag checks and not by the ones performed by + * the CPU. Thus, reporting invalid-free is not suppressed as well. */ if (unlikely(!report_enabled())) return; @@ -517,7 +553,7 @@ bool kasan_report(unsigned long addr, size_t size, bool is_write, unsigned long irq_flags; struct kasan_report_info info; - if (unlikely(report_suppressed()) || unlikely(!report_enabled())) { + if (unlikely(report_suppressed_sw()) || unlikely(!report_enabled())) { ret = false; goto out; } @@ -549,8 +585,9 @@ void kasan_report_async(void) unsigned long flags; /* - * Do not check report_suppressed(), as kasan_disable/enable_current() - * critical sections do not affect Hardware Tag-Based KASAN. + * Do not check report_suppressed_sw(), as + * kasan_disable/enable_current() critical sections do not affect + * Hardware Tag-Based KASAN. */ if (unlikely(!report_enabled())) return;