From patchwork Thu Oct 17 12:59:05 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Linus Walleij <linus.walleij@linaro.org>
X-Patchwork-Id: 13839979
Return-Path: 
 <linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from bombadil.infradead.org (bombadil.infradead.org
 [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 68447D37485
	for <linux-arm-kernel@archiver.kernel.org>;
 Thu, 17 Oct 2024 13:07:07 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help
	:List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:In-Reply-To:References
	:Message-Id:Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:Date:
	From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:
	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
	bh=6BFCDJ7qVhDMxaXJRJGY9SIIhLehUaVssxlnvsh+LOk=; b=blE1xRmhVXRblxPW7NW6/ddqjH
	h6UGu44qiyfIImu5LerEZTqGvvfUiUUEAqVn3NzkXXwOLGZjPDAJpy7HdTbaIWi53TTMYPJ0ktXAH
	hci+HNGApaU5FfanFRy9kVP1gbe5quJ7YoPSI2NL59ujjmxRKMqgolCabu2SlCB90W+yj1YHvEbO4
	+zBM1EssR2Smedf2EQRruITEruJEvA7UoDlzPjax/w9lm+d651SlctXFurlW/EEf/y9iNKfhAqKPz
	OD7Sh7XXu3IwtbsiygUEcKmG+nGt1JkasapSzEgSwtooiPQ+es8ixmuDEXR9j9pWpxth+F4ql0e5d
	1Qhorxsg==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux))
	id 1t1QDL-0000000ErtK-48sG;
	Thu, 17 Oct 2024 13:06:52 +0000
Received: from mail-lf1-x132.google.com ([2a00:1450:4864:20::132])
	by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux))
	id 1t1Q5v-0000000Eqp5-0NHc
	for linux-arm-kernel@lists.infradead.org;
	Thu, 17 Oct 2024 12:59:15 +0000
Received: by mail-lf1-x132.google.com with SMTP id
 2adb3069b0e04-539e1543ab8so1618415e87.2
        for <linux-arm-kernel@lists.infradead.org>;
 Thu, 17 Oct 2024 05:59:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google; t=1729169949; x=1729774749;
 darn=lists.infradead.org;
        h=cc:to:in-reply-to:references:message-id:content-transfer-encoding
         :mime-version:subject:date:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=6BFCDJ7qVhDMxaXJRJGY9SIIhLehUaVssxlnvsh+LOk=;
        b=PVIhtj00NaD7VJXYdg5fHS1IjL8nb3Ha11jgI4nHb7hMgoGpzvHH9IhTkqf677OcTR
         obKLKXdfhc8vvFEVrd89qjLH/l1T08vx2tMSbAJLSwsorqPLpjQbXgdgvVgD5TqezHBh
         ac+dKemXrlXynerlAwtPucLb6yIaXwTJGs311HDXxjR4O+j+/CGQJYWAo6IzJGmSwFg/
         MWCcxzxa1UclFnp5kENe+JU8XWPIb5m3FWbrrvOhUTZ+YAi/lTLGYh+MYVngIkXz76y/
         TuI5fF7R+jGK/JO1GXCQXAQSA8f4ZcgybKJnKi8vht/szvegspg1cSxig2OzauoiRTyU
         gSAQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1729169949; x=1729774749;
        h=cc:to:in-reply-to:references:message-id:content-transfer-encoding
         :mime-version:subject:date:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=6BFCDJ7qVhDMxaXJRJGY9SIIhLehUaVssxlnvsh+LOk=;
        b=LMU/A/wr0WTmFNQE3ArTKc1RW4GgCmpGYA6/Ca0UNkNnvT5qoZ6nlHD6oL4A3iWPOk
         ZnpsLVPnP4rB8bFkAGucv9eV3dPHcywc/MdHRhfHy2hlXvhJ1B0Vcl4XRIDbL1fwZW0X
         lEOuOTFtRJZIvwWWaHD4NZx1jr+FCrnQO3uf3rQjQnsD/KouTBbxTyejV1Avv4jACAJI
         O+k9Lc598LWsaBmaZ1EUD4dniA4nFT/0ZHhS41YxP2+2XTCQ2cq+NyuZnBrPFg18t4J/
         4ecN+CPYODwxcPILWyq4IQG2E3Kv0YmBMKObqlt4ol7eKiD8L4QE6aYAAVrkEJyxOrR2
         4JaQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCXQTbbZd+DaMd2041m3Y8YtIvXdVBhqYKg+skGBh8T7vZ4f4FCXHcg+gHEhmkdeTsGQKYnn20b7oKnol8Vt3a6L@lists.infradead.org
X-Gm-Message-State: AOJu0Yxwt2C6ss+rJ0SEnp7xkT/6kMPeM2q8OZtXwATn5XAdB3XcmEKb
	JKQAyem9QEl0VhrI1vWsWR+iolxsduoipfj24o8RpCftJ5ecu52YbOsCImeDVHo=
X-Google-Smtp-Source: 
 AGHT+IF0wuz7DTtzD28aNSx7raxRcYA1A8KJuM3dHXxpuquyQIHiAKRrTmrvQ2MEJoBWVhM3GQONJw==
X-Received: by 2002:ac2:4e07:0:b0:539:9767:903d with SMTP id
 2adb3069b0e04-539e572fbdcmr10356406e87.60.1729169948899;
        Thu, 17 Oct 2024 05:59:08 -0700 (PDT)
Received: from lino.lan ([85.235.12.238])
        by smtp.gmail.com with ESMTPSA id
 2adb3069b0e04-53a00013c21sm763349e87.270.2024.10.17.05.59.08
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 17 Oct 2024 05:59:08 -0700 (PDT)
From: Linus Walleij <linus.walleij@linaro.org>
Date: Thu, 17 Oct 2024 14:59:05 +0200
Subject: [PATCH v3 1/2] ARM: ioremap: Sync PGDs for VMALLOC shadow
MIME-Version: 1.0
Message-Id: <20241017-arm-kasan-vmalloc-crash-v3-1-d2a34cd5b663@linaro.org>
References: <20241017-arm-kasan-vmalloc-crash-v3-0-d2a34cd5b663@linaro.org>
In-Reply-To: <20241017-arm-kasan-vmalloc-crash-v3-0-d2a34cd5b663@linaro.org>
To: Clement LE GOFFIC <clement.legoffic@foss.st.com>,
 Russell King <linux@armlinux.org.uk>, Kees Cook <kees@kernel.org>,
 AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com>,
 Mark Brown <broonie@kernel.org>, Mark Rutland <mark.rutland@arm.com>,
 Ard Biesheuvel <ardb@kernel.org>
Cc: Antonio Borneo <antonio.borneo@foss.st.com>,
 linux-stm32@st-md-mailman.stormreply.com,
 linux-arm-kernel@lists.infradead.org,
 Linus Walleij <linus.walleij@linaro.org>, stable@vger.kernel.org
X-Mailer: b4 0.14.0
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20241017_055911_197638_2E06BCA0 
X-CRM114-Status: GOOD (  15.05  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

When sync:ing the VMALLOC area to other CPUs, make sure to also
sync the KASAN shadow memory for the VMALLOC area, so that we
don't get stale entries for the shadow memory in the top level PGD.

Since we are now copying PGDs in two instances, create a helper
function named memcpy_pgd() to do the actual copying, and
create a helper to map the addresses of VMALLOC_START and
VMALLOC_END into the corresponding shadow memory.

Cc: stable@vger.kernel.org
Fixes: 565cbaad83d8 ("ARM: 9202/1: kasan: support CONFIG_KASAN_VMALLOC")
Link: https://lore.kernel.org/linux-arm-kernel/a1a1d062-f3a2-4d05-9836-3b098de9db6d@foss.st.com/
Reported-by: Clement LE GOFFIC <clement.legoffic@foss.st.com>
Suggested-by: Mark Rutland <mark.rutland@arm.com>
Suggested-by: Russell King (Oracle) <linux@armlinux.org.uk>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
---
 arch/arm/mm/ioremap.c | 25 +++++++++++++++++++++----
 1 file changed, 21 insertions(+), 4 deletions(-)

diff --git a/arch/arm/mm/ioremap.c b/arch/arm/mm/ioremap.c
index 794cfea9f9d4..94586015feed 100644
--- a/arch/arm/mm/ioremap.c
+++ b/arch/arm/mm/ioremap.c
@@ -23,6 +23,7 @@
  */
 #include <linux/module.h>
 #include <linux/errno.h>
+#include <linux/kasan.h>
 #include <linux/mm.h>
 #include <linux/vmalloc.h>
 #include <linux/io.h>
@@ -115,16 +116,32 @@ int ioremap_page(unsigned long virt, unsigned long phys,
 }
 EXPORT_SYMBOL(ioremap_page);
 
+static unsigned long arm_kasan_mem_to_shadow(unsigned long addr)
+{
+	return (unsigned long)kasan_mem_to_shadow((void *)addr);
+}
+
+static void memcpy_pgd(struct mm_struct *mm, unsigned long start,
+		       unsigned long end)
+{
+	memcpy(pgd_offset(mm, start), pgd_offset_k(start),
+	       sizeof(pgd_t) * (pgd_index(end) - pgd_index(start)));
+}
+
 void __check_vmalloc_seq(struct mm_struct *mm)
 {
 	int seq;
 
 	do {
 		seq = atomic_read(&init_mm.context.vmalloc_seq);
-		memcpy(pgd_offset(mm, VMALLOC_START),
-		       pgd_offset_k(VMALLOC_START),
-		       sizeof(pgd_t) * (pgd_index(VMALLOC_END) -
-					pgd_index(VMALLOC_START)));
+		memcpy_pgd(mm, VMALLOC_START, VMALLOC_END);
+		if (IS_ENABLED(CONFIG_KASAN_VMALLOC)) {
+			unsigned long start =
+				arm_kasan_mem_to_shadow(VMALLOC_START);
+			unsigned long end =
+				arm_kasan_mem_to_shadow(VMALLOC_END);
+			memcpy_pgd(mm, start, end);
+		}
 		/*
 		 * Use a store-release so that other CPUs that observe the
 		 * counter's new value are guaranteed to see the results of the