[v4.4,10/45] mm/kasan: add API to check memory regions

Message ID 0cedfc51f5941ab2c2e9a09149d34c7451efda56.1560480942.git.viresh.kumar@linaro.org
State Superseded
Headers show
Series
  • V4.4 backport of arm64 Spectre patches
Related show

Commit Message

Viresh Kumar June 14, 2019, 3:07 a.m.
From: Andrey Ryabinin <aryabinin@virtuozzo.com>


commit 64f8ebaf115bcddc4aaa902f981c57ba6506bc42 upstream.

Memory access coded in an assembly won't be seen by KASAN as a compiler
can instrument only C code.  Add kasan_check_[read,write]() API which is
going to be used to check a certain memory range.

Link: http://lkml.kernel.org/r/1462538722-1574-3-git-send-email-aryabinin@virtuozzo.com
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>

Acked-by: Alexander Potapenko <glider@google.com>

Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

[ v4.4: Fixed MAINTAINERS conflict and added whole kasan entry ]
Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>

---
 MAINTAINERS                  | 14 ++++++++++++++
 include/linux/kasan-checks.h | 12 ++++++++++++
 mm/kasan/kasan.c             | 12 ++++++++++++
 3 files changed, 38 insertions(+)
 create mode 100644 include/linux/kasan-checks.h

-- 
2.21.0.rc0.269.g1a574e7a288b

Comments

Julien Thierry July 4, 2019, 2:15 p.m. | #1
Hi Viresh,

On 14/06/2019 04:07, Viresh Kumar wrote:
> From: Andrey Ryabinin <aryabinin@virtuozzo.com>

> 

> commit 64f8ebaf115bcddc4aaa902f981c57ba6506bc42 upstream.

> 

> Memory access coded in an assembly won't be seen by KASAN as a compiler

> can instrument only C code.  Add kasan_check_[read,write]() API which is

> going to be used to check a certain memory range.

> 

> Link: http://lkml.kernel.org/r/1462538722-1574-3-git-send-email-aryabinin@virtuozzo.com

> Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>

> Acked-by: Alexander Potapenko <glider@google.com>

> Cc: Dmitry Vyukov <dvyukov@google.com>

> Cc: Ingo Molnar <mingo@elte.hu>

> Cc: "H. Peter Anvin" <hpa@zytor.com>

> Cc: Thomas Gleixner <tglx@linutronix.de>

> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

> [ v4.4: Fixed MAINTAINERS conflict and added whole kasan entry ]

> Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>

> ---

>  MAINTAINERS                  | 14 ++++++++++++++

>  include/linux/kasan-checks.h | 12 ++++++++++++

>  mm/kasan/kasan.c             | 12 ++++++++++++

>  3 files changed, 38 insertions(+)

>  create mode 100644 include/linux/kasan-checks.h

> 

> diff --git a/MAINTAINERS b/MAINTAINERS

> index f4d4a5544dc1..2a8826732967 100644

> --- a/MAINTAINERS

> +++ b/MAINTAINERS

> @@ -5982,6 +5982,20 @@ S:	Maintained

>  F:	Documentation/hwmon/k8temp

>  F:	drivers/hwmon/k8temp.c

>  

> +KASAN

> +M:	Andrey Ryabinin <aryabinin@virtuozzo.com>

> +R:	Alexander Potapenko <glider@google.com>

> +R:	Dmitry Vyukov <dvyukov@google.com>

> +L:	kasan-dev@googlegroups.com

> +S:	Maintained

> +F:	arch/*/include/asm/kasan.h

> +F:	arch/*/mm/kasan_init*

> +F:	Documentation/kasan.txt

> +F:	include/linux/kasan*.h

> +F:	lib/test_kasan.c

> +F:	mm/kasan/

> +F:	scripts/Makefile.kasan

> +

>  KCONFIG

>  M:	"Yann E. MORIN" <yann.morin.1998@free.fr>

>  L:	linux-kbuild@vger.kernel.org

> diff --git a/include/linux/kasan-checks.h b/include/linux/kasan-checks.h

> new file mode 100644

> index 000000000000..b7f8aced7870

> --- /dev/null

> +++ b/include/linux/kasan-checks.h

> @@ -0,0 +1,12 @@

> +#ifndef _LINUX_KASAN_CHECKS_H

> +#define _LINUX_KASAN_CHECKS_H

> +

> +#ifdef CONFIG_KASAN

> +void kasan_check_read(const void *p, unsigned int size);

> +void kasan_check_write(const void *p, unsigned int size);

> +#else

> +static inline void kasan_check_read(const void *p, unsigned int size) { }

> +static inline void kasan_check_write(const void *p, unsigned int size) { }

> +#endif

> +

> +#endif

> diff --git a/mm/kasan/kasan.c b/mm/kasan/kasan.c

> index b7397b459960..3ad31df33e76 100644

> --- a/mm/kasan/kasan.c

> +++ b/mm/kasan/kasan.c

> @@ -274,6 +274,18 @@ static __always_inline void check_memory_region(unsigned long addr,

>  void __asan_loadN(unsigned long addr, size_t size);

>  void __asan_storeN(unsigned long addr, size_t size);

>  

> +void kasan_check_read(const void *p, unsigned int size)

> +{

> +	check_memory_region((unsigned long)p, size, false, _RET_IP_);


I know you have updated the code since then but the issue seems to be
also present on your updated branch.

This patch breaks the build when enabling CONFIG_KASAN because in 4.4
check_memory_region() only takes 3 arguments.

> +}

> +EXPORT_SYMBOL(kasan_check_read);

> +

> +void kasan_check_write(const void *p, unsigned int size)

> +{

> +	check_memory_region((unsigned long)p, size, true, _RET_IP_);

> +}

> +EXPORT_SYMBOL(kasan_check_write);

> +

>  #undef memset

>  void *memset(void *addr, int c, size_t len)

>  {

> 


Cheers,

-- 
Julien Thierry
Viresh Kumar July 5, 2019, 3:13 a.m. | #2
On 04-07-19, 15:15, Julien Thierry wrote:
> I know you have updated the code since then but the issue seems to be

> also present on your updated branch.

> 

> This patch breaks the build when enabling CONFIG_KASAN because in 4.4

> check_memory_region() only takes 3 arguments.


Fixed and pushed again. Thanks.

I have also tried enabling all the other ifdefs used in these patches
to make sure it doesn't work after enabling them. Looks good now.

-- 
viresh

Patch

diff --git a/MAINTAINERS b/MAINTAINERS
index f4d4a5544dc1..2a8826732967 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -5982,6 +5982,20 @@  S:	Maintained
 F:	Documentation/hwmon/k8temp
 F:	drivers/hwmon/k8temp.c
 
+KASAN
+M:	Andrey Ryabinin <aryabinin@virtuozzo.com>
+R:	Alexander Potapenko <glider@google.com>
+R:	Dmitry Vyukov <dvyukov@google.com>
+L:	kasan-dev@googlegroups.com
+S:	Maintained
+F:	arch/*/include/asm/kasan.h
+F:	arch/*/mm/kasan_init*
+F:	Documentation/kasan.txt
+F:	include/linux/kasan*.h
+F:	lib/test_kasan.c
+F:	mm/kasan/
+F:	scripts/Makefile.kasan
+
 KCONFIG
 M:	"Yann E. MORIN" <yann.morin.1998@free.fr>
 L:	linux-kbuild@vger.kernel.org
diff --git a/include/linux/kasan-checks.h b/include/linux/kasan-checks.h
new file mode 100644
index 000000000000..b7f8aced7870
--- /dev/null
+++ b/include/linux/kasan-checks.h
@@ -0,0 +1,12 @@ 
+#ifndef _LINUX_KASAN_CHECKS_H
+#define _LINUX_KASAN_CHECKS_H
+
+#ifdef CONFIG_KASAN
+void kasan_check_read(const void *p, unsigned int size);
+void kasan_check_write(const void *p, unsigned int size);
+#else
+static inline void kasan_check_read(const void *p, unsigned int size) { }
+static inline void kasan_check_write(const void *p, unsigned int size) { }
+#endif
+
+#endif
diff --git a/mm/kasan/kasan.c b/mm/kasan/kasan.c
index b7397b459960..3ad31df33e76 100644
--- a/mm/kasan/kasan.c
+++ b/mm/kasan/kasan.c
@@ -274,6 +274,18 @@  static __always_inline void check_memory_region(unsigned long addr,
 void __asan_loadN(unsigned long addr, size_t size);
 void __asan_storeN(unsigned long addr, size_t size);
 
+void kasan_check_read(const void *p, unsigned int size)
+{
+	check_memory_region((unsigned long)p, size, false, _RET_IP_);
+}
+EXPORT_SYMBOL(kasan_check_read);
+
+void kasan_check_write(const void *p, unsigned int size)
+{
+	check_memory_region((unsigned long)p, size, true, _RET_IP_);
+}
+EXPORT_SYMBOL(kasan_check_write);
+
 #undef memset
 void *memset(void *addr, int c, size_t len)
 {