[v5,10/38] kmsan: define READ_ONCE_NOCHECK()

Message ID	20200325161249.55095-11-glider@google.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=qMZt=5K=kvack.org=owner-linux-mm@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 109AA2073E Date: Wed, 25 Mar 2020 17:12:21 +0100 In-Reply-To: <20200325161249.55095-1-glider@google.com> Message-Id: <20200325161249.55095-11-glider@google.com> Mime-Version: 1.0 References: <20200325161249.55095-1-glider@google.com> Subject: [PATCH v5 10/38] kmsan: define READ_ONCE_NOCHECK() From: glider@google.com To: Mark Rutland <mark.rutland@arm.com>, Vegard Nossum <vegard.nossum@oracle.com>, Dmitry Vyukov <dvyukov@google.com>, Marco Elver <elver@google.com>, Andrey Konovalov <andreyknvl@google.com>, linux-mm@kvack.org Cc: glider@google.com, viro@zeniv.linux.org.uk, adilger.kernel@dilger.ca, akpm@linux-foundation.org, aryabinin@virtuozzo.com, luto@kernel.org, ard.biesheuvel@linaro.org, arnd@arndb.de, hch@infradead.org, hch@lst.de, darrick.wong@oracle.com, davem@davemloft.net, dmitry.torokhov@gmail.com, ebiggers@google.com, edumazet@google.com, ericvh@gmail.com, gregkh@linuxfoundation.org, harry.wentland@amd.com, herbert@gondor.apana.org.au, iii@linux.ibm.com, mingo@elte.hu, jasowang@redhat.com, axboe@kernel.dk, m.szyprowski@samsung.com, martin.petersen@oracle.com, schwidefsky@de.ibm.com, willy@infradead.org, mst@redhat.com, mhocko@suse.com, monstr@monstr.eu, pmladek@suse.com, cai@lca.pw, rdunlap@infradead.org, robin.murphy@arm.com, sergey.senozhatsky@gmail.com, rostedt@goodmis.org, tiwai@suse.com, tytso@mit.edu, tglx@linutronix.de, gor@linux.ibm.com, wsa@the-dreams.de Content-Type: text/plain; charset="UTF-8" Sender: owner-linux-mm@kvack.org Precedence: bulk
Series	Add KernelMemorySanitizer infrastructure \| expand [v5,00/38] Add KernelMemorySanitizer infrastructure [v5,01/38] stackdepot: reserve 5 extra bits in depot_stack_handle_t [v5,02/38] kmsan: add ReST documentation [v5,03/38] kmsan: gfp: introduce __GFP_NO_KMSAN_SHADOW [v5,04/38] kmsan: introduce __no_sanitize_memory and __SANITIZE_MEMORY__ [v5,05/38] kmsan: reduce vmalloc space [v5,06/38] kmsan: add KMSAN runtime core [v5,07/38] kmsan: KMSAN compiler API implementation [v5,08/38] kmsan: add KMSAN hooks for kernel subsystems [v5,09/38] kmsan: stackdepot: don't allocate KMSAN metadata for stackdepot [v5,10/38] kmsan: define READ_ONCE_NOCHECK() [v5,11/38] kmsan: make READ_ONCE_TASK_STACK() return initialized values [v5,12/38] kmsan: x86: sync metadata pages on page fault [v5,13/38] kmsan: add tests for KMSAN [v5,14/38] crypto: kmsan: disable accelerated configs under KMSAN [v5,15/38] kmsan: x86: disable UNWINDER_ORC under KMSAN [v5,16/38] kmsan: x86/asm: softirq: add KMSAN IRQ entry hooks [v5,17/38] kmsan: disable KMSAN instrumentation for certain kernel parts [v5,18/38] kmsan: mm: call KMSAN hooks from SLUB code [v5,19/38] kmsan: mm: maintain KMSAN metadata for page operations [v5,20/38] kmsan: handle memory sent to/from USB [v5,21/38] kmsan: handle task creation and exiting [v5,22/38] kmsan: net: check the value of skb before sending it to the network [v5,23/38] kmsan: printk: treat the result of vscnprintf() as initialized [v5,24/38] kmsan: disable instrumentation of certain functions [v5,25/38] kmsan: unpoison \|tlb\| in arch_tlb_gather_mmu() [v5,26/38] kmsan: use __msan_ string functions where possible. [v5,27/38] kmsan: hooks for copy_to_user() and friends [v5,28/38] kmsan: init: call KMSAN initialization routines [v5,29/38] kmsan: enable KMSAN builds [v5,30/38] kmsan: handle /dev/[u]random [v5,31/38] kmsan: virtio: check/unpoison scatterlist in vring_map_one_sg() [v5,32/38] kmsan: disable strscpy() optimization under KMSAN [v5,33/38] kmsan: add iomap support [v5,34/38] kmsan: dma: unpoison memory mapped by dma_direct_map_page() [v5,35/38] kmsan: disable physical page merging in biovec [v5,36/38] x86: kasan: kmsan: support CONFIG_GENERIC_CSUM on x86, enable it for KASAN/KMSAN [v5,37/38] kmsan: x86/uprobes: unpoison regs in arch_uprobe_exception_notify() [v5,38/38] kmsan: block: skip bio block merging logic for KMSAN

Message ID

20200325161249.55095-11-glider@google.com (mailing list archive)

State

New, archived

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 109AA2073E
Date: Wed, 25 Mar 2020 17:12:21 +0100
In-Reply-To: <20200325161249.55095-1-glider@google.com>
Message-Id: <20200325161249.55095-11-glider@google.com>
Mime-Version: 1.0
References: <20200325161249.55095-1-glider@google.com>
Subject: [PATCH v5 10/38] kmsan: define READ_ONCE_NOCHECK()
From: glider@google.com
To: Mark Rutland <mark.rutland@arm.com>,
 Vegard Nossum <vegard.nossum@oracle.com>,
	Dmitry Vyukov <dvyukov@google.com>, Marco Elver <elver@google.com>,
	Andrey Konovalov <andreyknvl@google.com>, linux-mm@kvack.org
Cc: glider@google.com, viro@zeniv.linux.org.uk, adilger.kernel@dilger.ca,
	akpm@linux-foundation.org, aryabinin@virtuozzo.com, luto@kernel.org,
	ard.biesheuvel@linaro.org, arnd@arndb.de, hch@infradead.org, hch@lst.de,
	darrick.wong@oracle.com, davem@davemloft.net, dmitry.torokhov@gmail.com,
	ebiggers@google.com, edumazet@google.com, ericvh@gmail.com,
	gregkh@linuxfoundation.org, harry.wentland@amd.com,
	herbert@gondor.apana.org.au, iii@linux.ibm.com, mingo@elte.hu,
	jasowang@redhat.com, axboe@kernel.dk, m.szyprowski@samsung.com,
	martin.petersen@oracle.com, schwidefsky@de.ibm.com, willy@infradead.org,
	mst@redhat.com, mhocko@suse.com, monstr@monstr.eu, pmladek@suse.com,
	cai@lca.pw, rdunlap@infradead.org, robin.murphy@arm.com,
	sergey.senozhatsky@gmail.com, rostedt@goodmis.org, tiwai@suse.com,
	tytso@mit.edu, tglx@linutronix.de, gor@linux.ibm.com, wsa@the-dreams.de
Content-Type: text/plain; charset="UTF-8"
Sender: owner-linux-mm@kvack.org
Precedence: bulk

Series

Add KernelMemorySanitizer infrastructure | expand

Commit Message

Alexander Potapenko March 25, 2020, 4:12 p.m. UTC

READ_ONCE_NOCHECK() is already used by KASAN to ignore memory accesses
from e.g. stack unwinders.
Define READ_ONCE_NOCHECK() for KMSAN so that it returns initialized
values. This helps defeat false positives from leftover stack contents.

Signed-off-by: Alexander Potapenko <glider@google.com>
To: Alexander Potapenko <glider@google.com>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Vegard Nossum <vegard.nossum@oracle.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Marco Elver <elver@google.com>
Cc: Andrey Konovalov <andreyknvl@google.com>
Cc: linux-mm@kvack.org
---
v3:
 - removed unnecessary #ifdef as requested by Mark Rutland
v4:
 - added an #include as requested by Marco Elver

Change-Id: Ib38369ba038ab3b581d8e45b81036c3304fb79cb
---
 include/linux/compiler.h | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

Comments

Andrey Konovalov April 23, 2020, 7:20 p.m. UTC | #1

On Wed, Mar 25, 2020 at 5:13 PM <glider@google.com> wrote:
>
> READ_ONCE_NOCHECK() is already used by KASAN to ignore memory accesses
> from e.g. stack unwinders.
> Define READ_ONCE_NOCHECK() for KMSAN so that it returns initialized
> values. This helps defeat false positives from leftover stack contents.
>
> Signed-off-by: Alexander Potapenko <glider@google.com>
> To: Alexander Potapenko <glider@google.com>
> Cc: Mark Rutland <mark.rutland@arm.com>
> Cc: Vegard Nossum <vegard.nossum@oracle.com>
> Cc: Dmitry Vyukov <dvyukov@google.com>
> Cc: Marco Elver <elver@google.com>
> Cc: Andrey Konovalov <andreyknvl@google.com>
> Cc: linux-mm@kvack.org

Reviewed-by: Andrey Konovalov <andreyknvl@google.com>

> ---
> v3:
>  - removed unnecessary #ifdef as requested by Mark Rutland
> v4:
>  - added an #include as requested by Marco Elver
>
> Change-Id: Ib38369ba038ab3b581d8e45b81036c3304fb79cb
> ---
>  include/linux/compiler.h | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/include/linux/compiler.h b/include/linux/compiler.h
> index f504edebd5d71..c6c67729729e3 100644
> --- a/include/linux/compiler.h
> +++ b/include/linux/compiler.h
> @@ -279,6 +279,7 @@ void __write_once_size(volatile void *p, void *res, int size)
>   */
>  #include <asm/barrier.h>
>  #include <linux/kasan-checks.h>
> +#include <linux/kmsan-checks.h>
>
>  #define __READ_ONCE(x, check)                                          \
>  ({                                                                     \
> @@ -294,9 +295,9 @@ void __write_once_size(volatile void *p, void *res, int size)
>
>  /*
>   * Use READ_ONCE_NOCHECK() instead of READ_ONCE() if you need
> - * to hide memory access from KASAN.
> + * to hide memory access from KASAN or KMSAN.
>   */
> -#define READ_ONCE_NOCHECK(x) __READ_ONCE(x, 0)
> +#define READ_ONCE_NOCHECK(x) KMSAN_INIT_VALUE(__READ_ONCE(x, 0))
>
>  static __no_kasan_or_inline
>  unsigned long read_word_at_a_time(const void *addr)
> --
> 2.25.1.696.g5e7596f4ac-goog
>

diff --git a/include/linux/compiler.h b/include/linux/compiler.h
index f504edebd5d71..c6c67729729e3 100644
--- a/include/linux/compiler.h
+++ b/include/linux/compiler.h
@@ -279,6 +279,7 @@  void __write_once_size(volatile void *p, void *res, int size)
  */
 #include <asm/barrier.h>
 #include <linux/kasan-checks.h>
+#include <linux/kmsan-checks.h>
 
 #define __READ_ONCE(x, check)						\
 ({									\
@@ -294,9 +295,9 @@  void __write_once_size(volatile void *p, void *res, int size)
 
 /*
  * Use READ_ONCE_NOCHECK() instead of READ_ONCE() if you need
- * to hide memory access from KASAN.
+ * to hide memory access from KASAN or KMSAN.
  */
-#define READ_ONCE_NOCHECK(x) __READ_ONCE(x, 0)
+#define READ_ONCE_NOCHECK(x) KMSAN_INIT_VALUE(__READ_ONCE(x, 0))
 
 static __no_kasan_or_inline
 unsigned long read_word_at_a_time(const void *addr)

[v5,10/38] kmsan: define READ_ONCE_NOCHECK()

Commit Message

Comments

Patch