[v6,13/18] khwasan: add bug reporting routines

Message ID	f39cdef4fde40b6d2ef356db3e0126bda0e1e8c7.1535462971.git.andreyknvl@google.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-kbuild-owner@kernel.org> From: Andrey Konovalov <andreyknvl@google.com> To: Andrey Ryabinin <aryabinin@virtuozzo.com>, Alexander Potapenko <glider@google.com>, Dmitry Vyukov <dvyukov@google.com>, Catalin Marinas <catalin.marinas@arm.com>, Will Deacon <will.deacon@arm.com>, Christoph Lameter <cl@linux.com>, Andrew Morton <akpm@linux-foundation.org>, Mark Rutland <mark.rutland@arm.com>, Nick Desaulniers <ndesaulniers@google.com>, Marc Zyngier <marc.zyngier@arm.com>, Dave Martin <dave.martin@arm.com>, Ard Biesheuvel <ard.biesheuvel@linaro.org>, "Eric W . Biederman" <ebiederm@xmission.com>, Ingo Molnar <mingo@kernel.org>, Paul Lawrence <paullawrence@google.com>, Geert Uytterhoeven <geert@linux-m68k.org>, Arnd Bergmann <arnd@arndb.de>, "Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Kate Stewart <kstewart@linuxfoundation.org>, Mike Rapoport <rppt@linux.vnet.ibm.com>, kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany <kcc@google.com>, Evgeniy Stepanov <eugenis@google.com>, Lee Smith <Lee.Smith@arm.com>, Ramana Radhakrishnan <Ramana.Radhakrishnan@arm.com>, Jacob Bramley <Jacob.Bramley@arm.com>, Ruben Ayrapetyan <Ruben.Ayrapetyan@arm.com>, Jann Horn <jannh@google.com>, Mark Brand <markbrand@google.com>, Chintan Pandya <cpandya@codeaurora.org>, Vishwath Mohan <vishwath@google.com>, Andrey Konovalov <andreyknvl@google.com> Subject: [PATCH v6 13/18] khwasan: add bug reporting routines Date: Wed, 29 Aug 2018 13:35:17 +0200 Message-Id: <f39cdef4fde40b6d2ef356db3e0126bda0e1e8c7.1535462971.git.andreyknvl@google.com> In-Reply-To: <cover.1535462971.git.andreyknvl@google.com> References: <cover.1535462971.git.andreyknvl@google.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kbuild-owner@vger.kernel.org Precedence: bulk
Series	khwasan: kernel hardware assisted address sanitizer \| expand [v6,00/18] khwasan: kernel hardware assisted address sanitizer [v6,01/18] khwasan, mm: change kasan hooks signatures [v6,02/18] khwasan: move common kasan and khwasan code to common.c [v6,03/18] khwasan: add CONFIG_KASAN_GENERIC and CONFIG_KASAN_HW [v6,04/18] khwasan, arm64: adjust shadow size for CONFIG_KASAN_HW [v6,05/18] khwasan: initialize shadow to 0xff [v6,06/18] khwasan, arm64: untag virt address in __kimg_to_phys and _virt_addr_is_linear [v6,07/18] khwasan: add tag related helper functions [v6,08/18] khwasan: preassign tags to objects with ctors or SLAB_TYPESAFE_BY_RCU [v6,09/18] khwasan, arm64: fix up fault handling logic [v6,10/18] khwasan, arm64: enable top byte ignore for the kernel [v6,11/18] khwasan, mm: perform untagged pointers comparison in krealloc [v6,12/18] khwasan: split out kasan_report.c from report.c [v6,13/18] khwasan: add bug reporting routines [v6,14/18] khwasan: add hooks implementation [v6,15/18] khwasan, arm64: add brk handler for inline instrumentation [v6,16/18] khwasan, mm, arm64: tag non slab memory allocated via pagealloc [v6,17/18] khwasan: update kasan documentation [v6,18/18] kasan: add SPDX-License-Identifier mark to source files

Message ID

f39cdef4fde40b6d2ef356db3e0126bda0e1e8c7.1535462971.git.andreyknvl@google.com (mailing list archive)

State

New, archived

Headers

From: Andrey Konovalov <andreyknvl@google.com>
To: Andrey Ryabinin <aryabinin@virtuozzo.com>,
        Alexander Potapenko <glider@google.com>,
        Dmitry Vyukov <dvyukov@google.com>,
        Catalin Marinas <catalin.marinas@arm.com>,
        Will Deacon <will.deacon@arm.com>,
        Christoph Lameter <cl@linux.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        Mark Rutland <mark.rutland@arm.com>,
        Nick Desaulniers <ndesaulniers@google.com>,
        Marc Zyngier <marc.zyngier@arm.com>,
        Dave Martin <dave.martin@arm.com>,
        Ard Biesheuvel <ard.biesheuvel@linaro.org>,
        "Eric W . Biederman" <ebiederm@xmission.com>,
        Ingo Molnar <mingo@kernel.org>,
        Paul Lawrence <paullawrence@google.com>,
        Geert Uytterhoeven <geert@linux-m68k.org>,
        Arnd Bergmann <arnd@arndb.de>,
        "Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Kate Stewart <kstewart@linuxfoundation.org>,
        Mike Rapoport <rppt@linux.vnet.ibm.com>,
        kasan-dev@googlegroups.com, linux-doc@vger.kernel.org,
        linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
        linux-sparse@vger.kernel.org, linux-mm@kvack.org,
        linux-kbuild@vger.kernel.org
Cc: Kostya Serebryany <kcc@google.com>,
        Evgeniy Stepanov <eugenis@google.com>,
        Lee Smith <Lee.Smith@arm.com>,
        Ramana Radhakrishnan <Ramana.Radhakrishnan@arm.com>,
        Jacob Bramley <Jacob.Bramley@arm.com>,
        Ruben Ayrapetyan <Ruben.Ayrapetyan@arm.com>,
        Jann Horn <jannh@google.com>,
        Mark Brand <markbrand@google.com>,
        Chintan Pandya <cpandya@codeaurora.org>,
        Vishwath Mohan <vishwath@google.com>,
        Andrey Konovalov <andreyknvl@google.com>
Subject: [PATCH v6 13/18] khwasan: add bug reporting routines
Date: Wed, 29 Aug 2018 13:35:17 +0200
Message-Id: 
 <f39cdef4fde40b6d2ef356db3e0126bda0e1e8c7.1535462971.git.andreyknvl@google.com>
In-Reply-To: <cover.1535462971.git.andreyknvl@google.com>
References: <cover.1535462971.git.andreyknvl@google.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-kbuild-owner@vger.kernel.org
Precedence: bulk

Series

khwasan: kernel hardware assisted address sanitizer | expand

Commit Message

Andrey Konovalov Aug. 29, 2018, 11:35 a.m. UTC

This commit adds rountines, that print KHWASAN error reports. Those are
quite similar to KASAN, the difference is:

1. The way KHWASAN finds the first bad shadow cell (with a mismatching
   tag). KHWASAN compares memory tags from the shadow memory to the pointer
   tag.

2. KHWASAN reports all bugs with the "KASAN: invalid-access" header. This
   is done, so various external tools that already parse the kernel logs
   looking for KASAN reports wouldn't need to be changed.

Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
---
 include/linux/kasan.h     |  3 +++
 mm/kasan/kasan.h          |  7 +++++
 mm/kasan/kasan_report.c   |  7 ++---
 mm/kasan/khwasan_report.c | 21 +++++++++++++++
 mm/kasan/report.c         | 57 +++++++++++++++++++++------------------
 5 files changed, 64 insertions(+), 31 deletions(-)

Comments

Dmitry Vyukov Sept. 12, 2018, 5:50 p.m. UTC | #1

On Wed, Aug 29, 2018 at 1:35 PM, Andrey Konovalov <andreyknvl@google.com> wrote:
> This commit adds rountines, that print KHWASAN error reports. Those are
> quite similar to KASAN, the difference is:
>
> 1. The way KHWASAN finds the first bad shadow cell (with a mismatching
>    tag). KHWASAN compares memory tags from the shadow memory to the pointer
>    tag.
>
> 2. KHWASAN reports all bugs with the "KASAN: invalid-access" header. This
>    is done, so various external tools that already parse the kernel logs
>    looking for KASAN reports wouldn't need to be changed.
>
> Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
> ---
>  include/linux/kasan.h     |  3 +++
>  mm/kasan/kasan.h          |  7 +++++
>  mm/kasan/kasan_report.c   |  7 ++---
>  mm/kasan/khwasan_report.c | 21 +++++++++++++++
>  mm/kasan/report.c         | 57 +++++++++++++++++++++------------------
>  5 files changed, 64 insertions(+), 31 deletions(-)
>
> diff --git a/include/linux/kasan.h b/include/linux/kasan.h
> index 1f852244e739..4424359a9dfa 100644
> --- a/include/linux/kasan.h
> +++ b/include/linux/kasan.h
> @@ -174,6 +174,9 @@ void *khwasan_preset_slub_tag(struct kmem_cache *cache, const void *addr);
>  void *khwasan_preset_slab_tag(struct kmem_cache *cache, unsigned int idx,
>                                         const void *addr);
>
> +void kasan_report(unsigned long addr, size_t size,
> +                       bool write, unsigned long ip);
> +
>  #else /* CONFIG_KASAN_HW */
>
>  static inline void khwasan_init(void) { }
> diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h
> index 82672473740c..d60859d26be7 100644
> --- a/mm/kasan/kasan.h
> +++ b/mm/kasan/kasan.h
> @@ -119,8 +119,15 @@ void kasan_poison_shadow(const void *address, size_t size, u8 value);
>  void check_memory_region(unsigned long addr, size_t size, bool write,
>                                 unsigned long ret_ip);
>
> +void *find_first_bad_addr(void *addr, size_t size);
>  const char *get_bug_type(struct kasan_access_info *info);
>
> +#ifdef CONFIG_KASAN_HW

We already have #ifdef CONFIG_KASAN_HW section below with additional
functions for KASAN_HW and empty stubs otherwise. I would add this one
there as well.

> +void print_tags(u8 addr_tag, const void *addr);
> +#else
> +static inline void print_tags(u8 addr_tag, const void *addr) { }
> +#endif
> +
>  void kasan_report(unsigned long addr, size_t size,
>                 bool is_write, unsigned long ip);
>  void kasan_report_invalid_free(void *object, unsigned long ip);
> diff --git a/mm/kasan/kasan_report.c b/mm/kasan/kasan_report.c
> index 2d8decbecbd5..fdf2d77e3125 100644
> --- a/mm/kasan/kasan_report.c
> +++ b/mm/kasan/kasan_report.c
> @@ -33,10 +33,10 @@
>  #include "kasan.h"
>  #include "../slab.h"
>
> -static const void *find_first_bad_addr(const void *addr, size_t size)
> +void *find_first_bad_addr(void *addr, size_t size)
>  {
>         u8 shadow_val = *(u8 *)kasan_mem_to_shadow(addr);
> -       const void *first_bad_addr = addr;
> +       void *first_bad_addr = addr;
>
>         while (!shadow_val && first_bad_addr < addr + size) {
>                 first_bad_addr += KASAN_SHADOW_SCALE_SIZE;
> @@ -50,9 +50,6 @@ static const char *get_shadow_bug_type(struct kasan_access_info *info)
>         const char *bug_type = "unknown-crash";
>         u8 *shadow_addr;
>
> -       info->first_bad_addr = find_first_bad_addr(info->access_addr,
> -                                               info->access_size);
> -
>         shadow_addr = (u8 *)kasan_mem_to_shadow(info->first_bad_addr);
>
>         /*
> diff --git a/mm/kasan/khwasan_report.c b/mm/kasan/khwasan_report.c
> index 2edbc3c76be5..51238b404b08 100644
> --- a/mm/kasan/khwasan_report.c
> +++ b/mm/kasan/khwasan_report.c
> @@ -37,3 +37,24 @@ const char *get_bug_type(struct kasan_access_info *info)
>  {
>         return "invalid-access";
>  }
> +
> +void *find_first_bad_addr(void *addr, size_t size)
> +{
> +       u8 tag = get_tag(addr);
> +       void *untagged_addr = reset_tag(addr);
> +       u8 *shadow = (u8 *)kasan_mem_to_shadow(untagged_addr);
> +       void *first_bad_addr = untagged_addr;
> +
> +       while (*shadow == tag && first_bad_addr < untagged_addr + size) {

I think it's better to check that are within bounds before accessing
shadow. Otherwise it's kinda potential out-of-bounds access ;)
I know that we _should_ not do an oob here, but still.
Also feels that this function can be shortened to something like:

u8 tag = get_tag(addr);
void *p = reset_tag(addr);
void *end = p + size;

while (p < end && tag == *(u8 *)kasan_mem_to_shadow(p))
        p += KASAN_SHADOW_SCALE_SIZE;
return p;


> +               first_bad_addr += KASAN_SHADOW_SCALE_SIZE;
> +               shadow = (u8 *)kasan_mem_to_shadow(first_bad_addr);
> +       }
> +       return first_bad_addr;
> +}
> +
> +void print_tags(u8 addr_tag, const void *addr)
> +{
> +       u8 *shadow = (u8 *)kasan_mem_to_shadow(addr);
> +
> +       pr_err("Pointer tag: [%02x], memory tag: [%02x]\n", addr_tag, *shadow);
> +}
> diff --git a/mm/kasan/report.c b/mm/kasan/report.c
> index 155247a6f8a8..e031c78f2e52 100644
> --- a/mm/kasan/report.c
> +++ b/mm/kasan/report.c
> @@ -64,11 +64,10 @@ static int __init kasan_set_multi_shot(char *str)
>  }
>  __setup("kasan_multi_shot", kasan_set_multi_shot);
>
> -static void print_error_description(struct kasan_access_info *info,
> -                                       const char *bug_type)
> +static void print_error_description(struct kasan_access_info *info)
>  {
>         pr_err("BUG: KASAN: %s in %pS\n",
> -               bug_type, (void *)info->ip);
> +               get_bug_type(info), (void *)info->ip);
>         pr_err("%s of size %zu at addr %px by task %s/%d\n",
>                 info->is_write ? "Write" : "Read", info->access_size,
>                 info->access_addr, current->comm, task_pid_nr(current));
> @@ -272,6 +271,8 @@ void kasan_report_invalid_free(void *object, unsigned long ip)
>
>         start_report(&flags);
>         pr_err("BUG: KASAN: double-free or invalid-free in %pS\n", (void *)ip);
> +       print_tags(get_tag(object), reset_tag(object));
> +       object = reset_tag(object);
>         pr_err("\n");
>         print_address_description(object);
>         pr_err("\n");
> @@ -279,41 +280,45 @@ void kasan_report_invalid_free(void *object, unsigned long ip)
>         end_report(&flags);
>  }
>
> -static void kasan_report_error(struct kasan_access_info *info)
> -{
> -       unsigned long flags;
> -
> -       start_report(&flags);
> -
> -       print_error_description(info, get_bug_type(info));
> -       pr_err("\n");
> -
> -       if (!addr_has_shadow(info->access_addr)) {
> -               dump_stack();
> -       } else {
> -               print_address_description((void *)info->access_addr);
> -               pr_err("\n");
> -               print_shadow_for_address(info->first_bad_addr);
> -       }
> -
> -       end_report(&flags);
> -}
> -
>  void kasan_report(unsigned long addr, size_t size,
>                 bool is_write, unsigned long ip)
>  {
>         struct kasan_access_info info;
> +       void *tagged_addr;
> +       void *untagged_addr;
> +       unsigned long flags;
>
>         if (likely(!report_enabled()))
>                 return;
>
>         disable_trace_on_warning();
>
> -       info.access_addr = (void *)addr;
> -       info.first_bad_addr = (void *)addr;
> +       tagged_addr = (void *)addr;
> +       untagged_addr = reset_tag(tagged_addr);
> +
> +       info.access_addr = tagged_addr;
> +       if (addr_has_shadow(untagged_addr))
> +               info.first_bad_addr = find_first_bad_addr(tagged_addr, size);
> +       else
> +               info.first_bad_addr = untagged_addr;
>         info.access_size = size;
>         info.is_write = is_write;
>         info.ip = ip;
>
> -       kasan_report_error(&info);
> +       start_report(&flags);
> +
> +       print_error_description(&info);
> +       if (addr_has_shadow(untagged_addr))
> +               print_tags(get_tag(tagged_addr), info.first_bad_addr);
> +       pr_err("\n");
> +
> +       if (addr_has_shadow(untagged_addr)) {
> +               print_address_description(untagged_addr);
> +               pr_err("\n");
> +               print_shadow_for_address(info.first_bad_addr);
> +       } else {
> +               dump_stack();
> +       }
> +
> +       end_report(&flags);
>  }
> --
> 2.19.0.rc0.228.g281dcd1b4d0-goog
>

Andrey Konovalov Sept. 18, 2018, 5:36 p.m. UTC | #2

On Wed, Sep 12, 2018 at 7:50 PM, Dmitry Vyukov <dvyukov@google.com> wrote:
> On Wed, Aug 29, 2018 at 1:35 PM, Andrey Konovalov <andreyknvl@google.com> wrote:

>> +#ifdef CONFIG_KASAN_HW
>
> We already have #ifdef CONFIG_KASAN_HW section below with additional
> functions for KASAN_HW and empty stubs otherwise. I would add this one
> there as well.

Will do in v7.

>
>> +void print_tags(u8 addr_tag, const void *addr);
>> +#else
>> +static inline void print_tags(u8 addr_tag, const void *addr) { }
>> +#endif

>> +void *find_first_bad_addr(void *addr, size_t size)
>> +{
>> +       u8 tag = get_tag(addr);
>> +       void *untagged_addr = reset_tag(addr);
>> +       u8 *shadow = (u8 *)kasan_mem_to_shadow(untagged_addr);
>> +       void *first_bad_addr = untagged_addr;
>> +
>> +       while (*shadow == tag && first_bad_addr < untagged_addr + size) {
>
> I think it's better to check that are within bounds before accessing
> shadow. Otherwise it's kinda potential out-of-bounds access ;)
> I know that we _should_ not do an oob here, but still.
> Also feels that this function can be shortened to something like:
>
> u8 tag = get_tag(addr);
> void *p = reset_tag(addr);
> void *end = p + size;
>
> while (p < end && tag == *(u8 *)kasan_mem_to_shadow(p))
>         p += KASAN_SHADOW_SCALE_SIZE;
> return p;

Will do in v7.

diff --git a/include/linux/kasan.h b/include/linux/kasan.h
index 1f852244e739..4424359a9dfa 100644
--- a/include/linux/kasan.h
+++ b/include/linux/kasan.h
@@ -174,6 +174,9 @@  void *khwasan_preset_slub_tag(struct kmem_cache *cache, const void *addr);
 void *khwasan_preset_slab_tag(struct kmem_cache *cache, unsigned int idx,
 					const void *addr);
 
+void kasan_report(unsigned long addr, size_t size,
+			bool write, unsigned long ip);
+
 #else /* CONFIG_KASAN_HW */
 
 static inline void khwasan_init(void) { }
diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h
index 82672473740c..d60859d26be7 100644
--- a/mm/kasan/kasan.h
+++ b/mm/kasan/kasan.h
@@ -119,8 +119,15 @@  void kasan_poison_shadow(const void *address, size_t size, u8 value);
 void check_memory_region(unsigned long addr, size_t size, bool write,
 				unsigned long ret_ip);
 
+void *find_first_bad_addr(void *addr, size_t size);
 const char *get_bug_type(struct kasan_access_info *info);
 
+#ifdef CONFIG_KASAN_HW
+void print_tags(u8 addr_tag, const void *addr);
+#else
+static inline void print_tags(u8 addr_tag, const void *addr) { }
+#endif
+
 void kasan_report(unsigned long addr, size_t size,
 		bool is_write, unsigned long ip);
 void kasan_report_invalid_free(void *object, unsigned long ip);
diff --git a/mm/kasan/kasan_report.c b/mm/kasan/kasan_report.c
index 2d8decbecbd5..fdf2d77e3125 100644
--- a/mm/kasan/kasan_report.c
+++ b/mm/kasan/kasan_report.c
@@ -33,10 +33,10 @@ 
 #include "kasan.h"
 #include "../slab.h"
 
-static const void *find_first_bad_addr(const void *addr, size_t size)
+void *find_first_bad_addr(void *addr, size_t size)
 {
 	u8 shadow_val = *(u8 *)kasan_mem_to_shadow(addr);
-	const void *first_bad_addr = addr;
+	void *first_bad_addr = addr;
 
 	while (!shadow_val && first_bad_addr < addr + size) {
 		first_bad_addr += KASAN_SHADOW_SCALE_SIZE;
@@ -50,9 +50,6 @@  static const char *get_shadow_bug_type(struct kasan_access_info *info)
 	const char *bug_type = "unknown-crash";
 	u8 *shadow_addr;
 
-	info->first_bad_addr = find_first_bad_addr(info->access_addr,
-						info->access_size);
-
 	shadow_addr = (u8 *)kasan_mem_to_shadow(info->first_bad_addr);
 
 	/*
diff --git a/mm/kasan/khwasan_report.c b/mm/kasan/khwasan_report.c
index 2edbc3c76be5..51238b404b08 100644
--- a/mm/kasan/khwasan_report.c
+++ b/mm/kasan/khwasan_report.c
@@ -37,3 +37,24 @@  const char *get_bug_type(struct kasan_access_info *info)
 {
 	return "invalid-access";
 }
+
+void *find_first_bad_addr(void *addr, size_t size)
+{
+	u8 tag = get_tag(addr);
+	void *untagged_addr = reset_tag(addr);
+	u8 *shadow = (u8 *)kasan_mem_to_shadow(untagged_addr);
+	void *first_bad_addr = untagged_addr;
+
+	while (*shadow == tag && first_bad_addr < untagged_addr + size) {
+		first_bad_addr += KASAN_SHADOW_SCALE_SIZE;
+		shadow = (u8 *)kasan_mem_to_shadow(first_bad_addr);
+	}
+	return first_bad_addr;
+}
+
+void print_tags(u8 addr_tag, const void *addr)
+{
+	u8 *shadow = (u8 *)kasan_mem_to_shadow(addr);
+
+	pr_err("Pointer tag: [%02x], memory tag: [%02x]\n", addr_tag, *shadow);
+}
diff --git a/mm/kasan/report.c b/mm/kasan/report.c
index 155247a6f8a8..e031c78f2e52 100644
--- a/mm/kasan/report.c
+++ b/mm/kasan/report.c
@@ -64,11 +64,10 @@  static int __init kasan_set_multi_shot(char *str)
 }
 __setup("kasan_multi_shot", kasan_set_multi_shot);
 
-static void print_error_description(struct kasan_access_info *info,
-					const char *bug_type)
+static void print_error_description(struct kasan_access_info *info)
 {
 	pr_err("BUG: KASAN: %s in %pS\n",
-		bug_type, (void *)info->ip);
+		get_bug_type(info), (void *)info->ip);
 	pr_err("%s of size %zu at addr %px by task %s/%d\n",
 		info->is_write ? "Write" : "Read", info->access_size,
 		info->access_addr, current->comm, task_pid_nr(current));
@@ -272,6 +271,8 @@  void kasan_report_invalid_free(void *object, unsigned long ip)
 
 	start_report(&flags);
 	pr_err("BUG: KASAN: double-free or invalid-free in %pS\n", (void *)ip);
+	print_tags(get_tag(object), reset_tag(object));
+	object = reset_tag(object);
 	pr_err("\n");
 	print_address_description(object);
 	pr_err("\n");
@@ -279,41 +280,45 @@  void kasan_report_invalid_free(void *object, unsigned long ip)
 	end_report(&flags);
 }
 
-static void kasan_report_error(struct kasan_access_info *info)
-{
-	unsigned long flags;
-
-	start_report(&flags);
-
-	print_error_description(info, get_bug_type(info));
-	pr_err("\n");
-
-	if (!addr_has_shadow(info->access_addr)) {
-		dump_stack();
-	} else {
-		print_address_description((void *)info->access_addr);
-		pr_err("\n");
-		print_shadow_for_address(info->first_bad_addr);
-	}
-
-	end_report(&flags);
-}
-
 void kasan_report(unsigned long addr, size_t size,
 		bool is_write, unsigned long ip)
 {
 	struct kasan_access_info info;
+	void *tagged_addr;
+	void *untagged_addr;
+	unsigned long flags;
 
 	if (likely(!report_enabled()))
 		return;
 
 	disable_trace_on_warning();
 
-	info.access_addr = (void *)addr;
-	info.first_bad_addr = (void *)addr;
+	tagged_addr = (void *)addr;
+	untagged_addr = reset_tag(tagged_addr);
+
+	info.access_addr = tagged_addr;
+	if (addr_has_shadow(untagged_addr))
+		info.first_bad_addr = find_first_bad_addr(tagged_addr, size);
+	else
+		info.first_bad_addr = untagged_addr;
 	info.access_size = size;
 	info.is_write = is_write;
 	info.ip = ip;
 
-	kasan_report_error(&info);
+	start_report(&flags);
+
+	print_error_description(&info);
+	if (addr_has_shadow(untagged_addr))
+		print_tags(get_tag(tagged_addr), info.first_bad_addr);
+	pr_err("\n");
+
+	if (addr_has_shadow(untagged_addr)) {
+		print_address_description(untagged_addr);
+		pr_err("\n");
+		print_shadow_for_address(info.first_bad_addr);
+	} else {
+		dump_stack();
+	}
+
+	end_report(&flags);
 }

[v6,13/18] khwasan: add bug reporting routines

Commit Message

Comments

Patch