Message ID | 20211208044808.872554-2-pcc@google.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | kernel: introduce uaccess logging | expand |
On Wed, 8 Dec 2021 at 05:48, Peter Collingbourne <pcc@google.com> wrote: > > In an upcoming change we are going to add uaccess instrumentation > that uses inline access to struct task_struct from the > instrumentation routines. Because instrumentation.h is included > from many places including (recursively) from sched.h this would > otherwise lead to a circular dependency. Break the dependency by > moving uaccess instrumentation routines into a separate header, > instrumentation-uaccess.h. > > Link: https://linux-review.googlesource.com/id/I625728db0c8db374e13e4ebc54985ac5c79ace7d > Signed-off-by: Peter Collingbourne <pcc@google.com> Acked-by: Dmitry Vyukov <dvyukov@google.com> > --- > include/linux/instrumented-uaccess.h | 49 ++++++++++++++++++++++++++++ > include/linux/instrumented.h | 34 ------------------- > include/linux/uaccess.h | 2 +- > lib/iov_iter.c | 2 +- > lib/usercopy.c | 2 +- > 5 files changed, 52 insertions(+), 37 deletions(-) > create mode 100644 include/linux/instrumented-uaccess.h > > diff --git a/include/linux/instrumented-uaccess.h b/include/linux/instrumented-uaccess.h > new file mode 100644 > index 000000000000..ece549088e50 > --- /dev/null > +++ b/include/linux/instrumented-uaccess.h > @@ -0,0 +1,49 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > + > +/* > + * This header provides generic wrappers for memory access instrumentation for > + * uaccess routines that the compiler cannot emit for: KASAN, KCSAN. > + */ > +#ifndef _LINUX_INSTRUMENTED_UACCESS_H > +#define _LINUX_INSTRUMENTED_UACCESS_H > + > +#include <linux/compiler.h> > +#include <linux/kasan-checks.h> > +#include <linux/kcsan-checks.h> > +#include <linux/types.h> > + > +/** > + * instrument_copy_to_user - instrument reads of copy_to_user > + * > + * Instrument reads from kernel memory, that are due to copy_to_user (and > + * variants). The instrumentation must be inserted before the accesses. > + * > + * @to destination address > + * @from source address > + * @n number of bytes to copy > + */ > +static __always_inline void > +instrument_copy_to_user(void __user *to, const void *from, unsigned long n) > +{ > + kasan_check_read(from, n); > + kcsan_check_read(from, n); > +} > + > +/** > + * instrument_copy_from_user - instrument writes of copy_from_user > + * > + * Instrument writes to kernel memory, that are due to copy_from_user (and > + * variants). The instrumentation should be inserted before the accesses. > + * > + * @to destination address > + * @from source address > + * @n number of bytes to copy > + */ > +static __always_inline void > +instrument_copy_from_user(const void *to, const void __user *from, unsigned long n) > +{ > + kasan_check_write(to, n); > + kcsan_check_write(to, n); > +} > + > +#endif /* _LINUX_INSTRUMENTED_UACCESS_H */ > diff --git a/include/linux/instrumented.h b/include/linux/instrumented.h > index 42faebbaa202..b68f415510c7 100644 > --- a/include/linux/instrumented.h > +++ b/include/linux/instrumented.h > @@ -102,38 +102,4 @@ static __always_inline void instrument_atomic_read_write(const volatile void *v, > kcsan_check_atomic_read_write(v, size); > } > > -/** > - * instrument_copy_to_user - instrument reads of copy_to_user > - * > - * Instrument reads from kernel memory, that are due to copy_to_user (and > - * variants). The instrumentation must be inserted before the accesses. > - * > - * @to destination address > - * @from source address > - * @n number of bytes to copy > - */ > -static __always_inline void > -instrument_copy_to_user(void __user *to, const void *from, unsigned long n) > -{ > - kasan_check_read(from, n); > - kcsan_check_read(from, n); > -} > - > -/** > - * instrument_copy_from_user - instrument writes of copy_from_user > - * > - * Instrument writes to kernel memory, that are due to copy_from_user (and > - * variants). The instrumentation should be inserted before the accesses. > - * > - * @to destination address > - * @from source address > - * @n number of bytes to copy > - */ > -static __always_inline void > -instrument_copy_from_user(const void *to, const void __user *from, unsigned long n) > -{ > - kasan_check_write(to, n); > - kcsan_check_write(to, n); > -} > - > #endif /* _LINUX_INSTRUMENTED_H */ > diff --git a/include/linux/uaccess.h b/include/linux/uaccess.h > index ac0394087f7d..c0c467e39657 100644 > --- a/include/linux/uaccess.h > +++ b/include/linux/uaccess.h > @@ -3,7 +3,7 @@ > #define __LINUX_UACCESS_H__ > > #include <linux/fault-inject-usercopy.h> > -#include <linux/instrumented.h> > +#include <linux/instrumented-uaccess.h> > #include <linux/minmax.h> > #include <linux/sched.h> > #include <linux/thread_info.h> > diff --git a/lib/iov_iter.c b/lib/iov_iter.c > index 66a740e6e153..3f9dc6df7102 100644 > --- a/lib/iov_iter.c > +++ b/lib/iov_iter.c > @@ -12,7 +12,7 @@ > #include <linux/compat.h> > #include <net/checksum.h> > #include <linux/scatterlist.h> > -#include <linux/instrumented.h> > +#include <linux/instrumented-uaccess.h> > > #define PIPE_PARANOIA /* for now */ > > diff --git a/lib/usercopy.c b/lib/usercopy.c > index 7413dd300516..1cd188e62d06 100644 > --- a/lib/usercopy.c > +++ b/lib/usercopy.c > @@ -1,7 +1,7 @@ > // SPDX-License-Identifier: GPL-2.0 > #include <linux/bitops.h> > #include <linux/fault-inject-usercopy.h> > -#include <linux/instrumented.h> > +#include <linux/instrumented-uaccess.h> > #include <linux/uaccess.h> > > /* out-of-line parts */ > -- > 2.34.1.173.g76aa8bc2d0-goog >
diff --git a/include/linux/instrumented-uaccess.h b/include/linux/instrumented-uaccess.h new file mode 100644 index 000000000000..ece549088e50 --- /dev/null +++ b/include/linux/instrumented-uaccess.h @@ -0,0 +1,49 @@ +/* SPDX-License-Identifier: GPL-2.0 */ + +/* + * This header provides generic wrappers for memory access instrumentation for + * uaccess routines that the compiler cannot emit for: KASAN, KCSAN. + */ +#ifndef _LINUX_INSTRUMENTED_UACCESS_H +#define _LINUX_INSTRUMENTED_UACCESS_H + +#include <linux/compiler.h> +#include <linux/kasan-checks.h> +#include <linux/kcsan-checks.h> +#include <linux/types.h> + +/** + * instrument_copy_to_user - instrument reads of copy_to_user + * + * Instrument reads from kernel memory, that are due to copy_to_user (and + * variants). The instrumentation must be inserted before the accesses. + * + * @to destination address + * @from source address + * @n number of bytes to copy + */ +static __always_inline void +instrument_copy_to_user(void __user *to, const void *from, unsigned long n) +{ + kasan_check_read(from, n); + kcsan_check_read(from, n); +} + +/** + * instrument_copy_from_user - instrument writes of copy_from_user + * + * Instrument writes to kernel memory, that are due to copy_from_user (and + * variants). The instrumentation should be inserted before the accesses. + * + * @to destination address + * @from source address + * @n number of bytes to copy + */ +static __always_inline void +instrument_copy_from_user(const void *to, const void __user *from, unsigned long n) +{ + kasan_check_write(to, n); + kcsan_check_write(to, n); +} + +#endif /* _LINUX_INSTRUMENTED_UACCESS_H */ diff --git a/include/linux/instrumented.h b/include/linux/instrumented.h index 42faebbaa202..b68f415510c7 100644 --- a/include/linux/instrumented.h +++ b/include/linux/instrumented.h @@ -102,38 +102,4 @@ static __always_inline void instrument_atomic_read_write(const volatile void *v, kcsan_check_atomic_read_write(v, size); } -/** - * instrument_copy_to_user - instrument reads of copy_to_user - * - * Instrument reads from kernel memory, that are due to copy_to_user (and - * variants). The instrumentation must be inserted before the accesses. - * - * @to destination address - * @from source address - * @n number of bytes to copy - */ -static __always_inline void -instrument_copy_to_user(void __user *to, const void *from, unsigned long n) -{ - kasan_check_read(from, n); - kcsan_check_read(from, n); -} - -/** - * instrument_copy_from_user - instrument writes of copy_from_user - * - * Instrument writes to kernel memory, that are due to copy_from_user (and - * variants). The instrumentation should be inserted before the accesses. - * - * @to destination address - * @from source address - * @n number of bytes to copy - */ -static __always_inline void -instrument_copy_from_user(const void *to, const void __user *from, unsigned long n) -{ - kasan_check_write(to, n); - kcsan_check_write(to, n); -} - #endif /* _LINUX_INSTRUMENTED_H */ diff --git a/include/linux/uaccess.h b/include/linux/uaccess.h index ac0394087f7d..c0c467e39657 100644 --- a/include/linux/uaccess.h +++ b/include/linux/uaccess.h @@ -3,7 +3,7 @@ #define __LINUX_UACCESS_H__ #include <linux/fault-inject-usercopy.h> -#include <linux/instrumented.h> +#include <linux/instrumented-uaccess.h> #include <linux/minmax.h> #include <linux/sched.h> #include <linux/thread_info.h> diff --git a/lib/iov_iter.c b/lib/iov_iter.c index 66a740e6e153..3f9dc6df7102 100644 --- a/lib/iov_iter.c +++ b/lib/iov_iter.c @@ -12,7 +12,7 @@ #include <linux/compat.h> #include <net/checksum.h> #include <linux/scatterlist.h> -#include <linux/instrumented.h> +#include <linux/instrumented-uaccess.h> #define PIPE_PARANOIA /* for now */ diff --git a/lib/usercopy.c b/lib/usercopy.c index 7413dd300516..1cd188e62d06 100644 --- a/lib/usercopy.c +++ b/lib/usercopy.c @@ -1,7 +1,7 @@ // SPDX-License-Identifier: GPL-2.0 #include <linux/bitops.h> #include <linux/fault-inject-usercopy.h> -#include <linux/instrumented.h> +#include <linux/instrumented-uaccess.h> #include <linux/uaccess.h> /* out-of-line parts */
In an upcoming change we are going to add uaccess instrumentation that uses inline access to struct task_struct from the instrumentation routines. Because instrumentation.h is included from many places including (recursively) from sched.h this would otherwise lead to a circular dependency. Break the dependency by moving uaccess instrumentation routines into a separate header, instrumentation-uaccess.h. Link: https://linux-review.googlesource.com/id/I625728db0c8db374e13e4ebc54985ac5c79ace7d Signed-off-by: Peter Collingbourne <pcc@google.com> --- include/linux/instrumented-uaccess.h | 49 ++++++++++++++++++++++++++++ include/linux/instrumented.h | 34 ------------------- include/linux/uaccess.h | 2 +- lib/iov_iter.c | 2 +- lib/usercopy.c | 2 +- 5 files changed, 52 insertions(+), 37 deletions(-) create mode 100644 include/linux/instrumented-uaccess.h