From patchwork Thu Jan 18 12:41:07 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: lizhe.67@bytedance.com
X-Patchwork-Id: 13522812
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id E6112C4707B
	for <linux-mm@archiver.kernel.org>; Thu, 18 Jan 2024 12:41:27 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 7414F6B009A; Thu, 18 Jan 2024 07:41:27 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 6F0616B009E; Thu, 18 Jan 2024 07:41:27 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 543E16B009C; Thu, 18 Jan 2024 07:41:27 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com
 [216.40.44.11])
	by kanga.kvack.org (Postfix) with ESMTP id 3DDD86B0075
	for <linux-mm@kvack.org>; Thu, 18 Jan 2024 07:41:27 -0500 (EST)
Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay07.hostedemail.com (Postfix) with ESMTP id 0F5F8160C90
	for <linux-mm@kvack.org>; Thu, 18 Jan 2024 12:41:27 +0000 (UTC)
X-FDA: 81692392614.24.6FD9468
Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com
 [209.85.210.179])
	by imf18.hostedemail.com (Postfix) with ESMTP id 8310C1C0015
	for <linux-mm@kvack.org>; Thu, 18 Jan 2024 12:41:24 +0000 (UTC)
Authentication-Results: imf18.hostedemail.com;
	dkim=pass header.d=bytedance.com header.s=google header.b=dZluy91D;
	dmarc=pass (policy=quarantine) header.from=bytedance.com;
	spf=pass (imf18.hostedemail.com: domain of lizhe.67@bytedance.com designates
 209.85.210.179 as permitted sender) smtp.mailfrom=lizhe.67@bytedance.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1705581685;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:references:dkim-signature;
	bh=5Sj5Fokpddg/A5UFLhYpTg8LTiDQa2v0otIwtPzw540=;
	b=iAtiDhZtU9iTghYg/KnD/Mnn0fLTU7NcDKgCt7JKmfuQ8dkMYttTjwBxiYNqOXAyNuDO3B
	D/AnZjeKhJXiddosWyfmBRMRPzk8+rlt+zk0z8wrIGK5ee6NWnFH2ZigZFgMpJoJgf9lDD
	lzFYI7bqOaPFAqRW+k6ojBJur3xIfdc=
ARC-Authentication-Results: i=1;
	imf18.hostedemail.com;
	dkim=pass header.d=bytedance.com header.s=google header.b=dZluy91D;
	dmarc=pass (policy=quarantine) header.from=bytedance.com;
	spf=pass (imf18.hostedemail.com: domain of lizhe.67@bytedance.com designates
 209.85.210.179 as permitted sender) smtp.mailfrom=lizhe.67@bytedance.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1705581685; a=rsa-sha256;
	cv=none;
	b=qwfqaEN/IJQADcRporCfvKNUOr9rAGk119BP8/VXMbkKXyPX4AzkteqZNWUgUTW0/pI/7Z
	wCXj9sEERCmuFahXlLJ3Ryp95Q19EwltTuXPp+ryUp0NG1y/zYwUSv1Zqo0meJy3fy+6X2
	sOWx7OkZxH54p+BWe2hBryLIdeVmIYI=
Received: by mail-pf1-f179.google.com with SMTP id
 d2e1a72fcca58-6dac8955af0so7063215b3a.0
        for <linux-mm@kvack.org>; Thu, 18 Jan 2024 04:41:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=bytedance.com; s=google; t=1705581683; x=1706186483; darn=kvack.org;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:from:to:cc:subject:date:message-id:reply-to;
        bh=5Sj5Fokpddg/A5UFLhYpTg8LTiDQa2v0otIwtPzw540=;
        b=dZluy91DGKafbhMo9lHP7xn68dFfuQ6Qhw+z4roewcFjD15BrnZZ0W5LnRRypW4++C
         35JyeuUILTRhYu7Ggm26ebbEONgjrPH5Ipy5OWw1L/UuvpJhfc6qd06u1mV+2gKP6zif
         EIoXUUr5zyh62MLdWu2QosPpsBrhHhsYwRuB6mIEY5Pu1V7+z0wTSWxz4kU+sJUjLE8v
         u2VPjq5V2EQeoq8MzAxUKmfDokf3I4qhGfi6KMG3tAagOzB567vgGHRT7exaVNoazzjp
         HrphR7DQcn7EI9AWNNHF2gndtSGeutIGi8pZKLqZP8g7/NVvAGCktaiaTAvZNp3mv509
         wiqg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1705581683; x=1706186483;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=5Sj5Fokpddg/A5UFLhYpTg8LTiDQa2v0otIwtPzw540=;
        b=if47tIW/9o1Xn9ONymB5h0chd35jjE6O/1VjquH8SSZ/SJfHlCwDhKVClgE7nSngVy
         DfB5SsKJBN6xJauNHbScmwKFZlNGF+1soWhXcmF0siIhk3PXYCVRZYcC6HC0xxfesyqV
         onSPPHANc31xwwgsRnM4oEisuDLcE08V0r/cFgOIbD6wsfGzYC8pjLfhEjZJLFYSMkDA
         Z18jpkJ2tg59ER8JLl0YifU+//aTl9SmM9vxyiV5jf7BxFhHQy07mFsxUtLohL0ufe5m
         SG70T+pDENyKNOhv0mLv+X9xjWgERgN3kA6RwzHOVb8LFByILX/w/+l/dWUcsN/NvDJg
         ILoQ==
X-Gm-Message-State: AOJu0YzSKqaIrxu3LhU2DLqtxU89jeETezb8adfz7r//e7K0x+m3LOU0
	Q9QS58WXRPddKPwUzQZxKsPvBENFFSYb/ZH3Z+qyiEPBrbaT+xChRNdqLdLcyXU=
X-Google-Smtp-Source: 
 AGHT+IGE2A5fk9f5Snh82x89ysddeyfZsJZewesF1nLwSRkkQgLWXcDOOQa0lKqFAKprcDICceSoDA==
X-Received: by 2002:a05:6a00:2d81:b0:6db:8b3a:ec0d with SMTP id
 fb1-20020a056a002d8100b006db8b3aec0dmr737515pfb.9.1705581683085;
        Thu, 18 Jan 2024 04:41:23 -0800 (PST)
Received: from GQ6QX3JCW2.bytedance.net ([203.208.189.13])
        by smtp.gmail.com with ESMTPSA id
 y17-20020a056a00191100b006d977f70cd5sm3199744pfi.23.2024.01.18.04.41.19
        (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256);
        Thu, 18 Jan 2024 04:41:22 -0800 (PST)
From: lizhe.67@bytedance.com
To: ryabinin.a.a@gmail.com,
	glider@google.com,
	andreyknvl@gmail.com,
	dvyukov@google.com,
	vincenzo.frascino@arm.com,
	akpm@linux-foundation.org
Cc: kasan-dev@googlegroups.com,
	linux-mm@kvack.org,
	lizefan.x@bytedance.com,
	lizhe.67@bytedance.com
Subject: [RFC 0/2] kasan: introduce mem track feature
Date: Thu, 18 Jan 2024 20:41:07 +0800
Message-ID: <20240118124109.37324-1-lizhe.67@bytedance.com>
X-Mailer: git-send-email 2.43.0
MIME-Version: 1.0
X-Rspam-User: 
X-Stat-Signature: 6g6134zhjp1xfbu3tebywwgqhg7yz4wd
X-Rspamd-Server: rspam07
X-Rspamd-Queue-Id: 8310C1C0015
X-HE-Tag: 1705581684-594017
X-HE-Meta: 
 U2FsdGVkX18+z31UgObwnWjCPcXCtmc7+PdnUFTx0XwOHcbo9kGy5YZNTOs6HIKofMOCxh4d1+EoNOi14TNE1ivyc8qopf36rMW3FGiz8iYS5IvEEO1aTltETX1MBaHIozXRFNtLzKev+4RmikZbmgkiq6TqfcU+KRbOUPMOBI2IDL9Y7FfsoBbm4oWpwHj/79t0VirDfVboU/bNwD7enHy1sfvreYS1Z/PIY71rEm/TTXpeiLiwono7GvLqCGxKE1YIJ8NPDjy8hch/j9cZx8TKp/4BTCns07E2yNl9JndQWTZm3b0GaK/63tmL4ib56usdTrmy1Clq4P9M4gd6ZpIQF8rZL8pWrF93TvkBjrJcja6V9FPDXt5Om5/+p8iBY2bIDmmv8UR6N97cRipK/bnF/h1PJSDtnA/+kJ5gSzkftNiDvVBtv4e/TmOksH2AtCG2HQ1rIzq8DpOqTIxtvkFD+Yb0h/YRRvgT42ZvKzLGhmTUmXsf7MNDYr9gZWerR7gRYab+qxcttOk4DOc4gLPGPnr8nxdqpdqSftlMF94O1wOqlcCnpyDCbk3x3uVnErPpfugzi6p1tFzftfXnyVk7T64SyrF62YW7SsNfm6+dMiqV9L6ERoLjzRZh9Ja2ZgeKpedp7kpF0jqf2GWhDsguEZePQ65BVpk9Xzx18pUKxgm17/hLrVQfd8Lt8KBBr6fu1zKUsdVGtOw853gIEQKcvwtwT7c3N3HX/pVBHmRr+RfHbNNQRsPDnsqytbNzweRwYS7KwvlEkL+JFlWNJChL/Flt8UbQk+VesKng8vPoKS3hTyWUT7oA2ZO6dzpVDrgfvM5c6C8eOTx9bIfWWomAk9j/HM+2lTzJlH7K/ovCsdORtFiybmQ8134CjdaHV/O7+cy3K1P1HPnvBGnpcgkE7TnKNBICSjd2xlcjROnz8089hZoK9kbRYZJ4dmVzJYNgq40w3tsLF8BLcjD
 JZLy6AJA
 aNud//608JR3cauyXjtzwDgmiaqDPzOTU+mI5GhOGD6jNcOGw3aa6rmMOZ/448h5laqAjVA5bbdf/50luF0RpHwHSaF//SjTbyoH1Glg4ambRzZo66UXGA4XccZN4T3ZrcmogfgNkMavUZ4R8kRNnvYWHPPDqvPoZQxAcRfOZ0wZO7vMHK8IKENKgl2DH3dewphFuIPp6OvrqNK4VfbGkobwGT+Va0lQ3Ma1Wb3Pgl1+4H5Esf5ODWZKLylQfqCj6XETEy2AZNFnr4q73k3UZA4bXo15Vvt5HxlkhkAmz4k3a6v082fJurkoDOIr39glU23xNYxVz1DUejerubcBm7IRNsnXR2+4zGzvfKn5I5OW7nNzblufpXy84sH1ia9bwvp/v7iigzgpjENCjhYg49e3VuKt5/WGgj6cfyeyS48gOu9xs7uk88OsiWBuazFyPxFkJB/3DF8YuA2dQOxWpWCQQloElrxkGSXhavW12SaYg++k=
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000001, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

From: Li Zhe <lizhe.67@bytedance.com>

1. Problem
==========
KASAN is a tools for detecting memory bugs like out-of-bounds and
use-after-free. In Generic KASAN mode, it use shadow memory to record
the accessible information of the memory. After we allocate a memory
from kernel, the shadow memory corresponding to this memory will be
marked as accessible.
In our daily development, memory problems often occur. If a task
accidentally modifies memory that does not belong to itself but has
been allocated, some strange phenomena may occur. This kind of problem
brings a lot of trouble to our development, and unluckily, this kind of
problem cannot be captured by KASAN. This is because as long as the
accessible information in shadow memory shows that the corresponding
memory can be accessed, KASAN considers the memory access to be legal.

2. Solution
===========
We solve this problem by introducing mem track feature base on KASAN
with Generic KASAN mode. In the current kernel implementation, we use
bits 0-2 of each shadow memory byte to store how many bytes in the 8
byte memory corresponding to the shadow memory byte can be accessed.
When a 8-byte-memory is inaccessible, the highest bit of its
corresponding shadow memory value is 1. Therefore, the key idea is that
we can use the currently unused four bits 3-6 in the shadow memory to
record relevant track information. Which means, we can use one bit to
track 2 bytes of memory. If the track bit of the shadow mem corresponding
to a certain memory is 1, it means that the corresponding 2-byte memory
is tracked. By adding this check logic to KASAN's callback function, we
can use KASAN's ability to capture allocated memory corruption.

3. Simple usage
===========
The first step is to mark the memory as tracked after the allocation is
completed.
The second step is to remove the tracked mark of the memory before the
legal access process and re-mark the memory as tracked after finishing
the legal access process.

The first patch completes the implementation of the mem track, and the
second patch provides an interface for using this facility, as well as
a testcase for the interface.

Li Zhe (2):
  kasan: introduce mem track feature base on kasan
  kasan: add mem track interface and its test cases

 include/linux/kasan.h        |   5 +
 lib/Kconfig.kasan            |   9 +
 mm/kasan/generic.c           | 437 +++++++++++++++++++++++++++++++++--
 mm/kasan/kasan_test_module.c |  26 +++
 mm/kasan/report_generic.c    |   6 +
 5 files changed, 467 insertions(+), 16 deletions(-)