| Message ID | 20220426164315.625149-40-glider@google.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
by smtp.lore.kernel.org (Postfix) with ESMTP id 42B43C43217
for <linux-mm@archiver.kernel.org>; Tue, 26 Apr 2022 16:46:04 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
id D73E86B00A8; Tue, 26 Apr 2022 12:46:03 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
id D249E6B00A9; Tue, 26 Apr 2022 12:46:03 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
id C3ABF6B00AA; Tue, 26 Apr 2022 12:46:03 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (relay.hostedemail.com [64.99.140.25])
by kanga.kvack.org (Postfix) with ESMTP id B595C6B00A8
for <linux-mm@kvack.org>; Tue, 26 Apr 2022 12:46:03 -0400 (EDT)
Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1])
by unirelay07.hostedemail.com (Postfix) with ESMTP id 4945020D49
for <linux-mm@kvack.org>; Tue, 26 Apr 2022 16:46:03 +0000 (UTC)
X-FDA: 79399607406.05.BEFFAB6
Received: from mail-ed1-f74.google.com (mail-ed1-f74.google.com
[209.85.208.74])
by imf26.hostedemail.com (Postfix) with ESMTP id 36776140042
for <linux-mm@kvack.org>; Tue, 26 Apr 2022 16:46:01 +0000 (UTC)
Received: by mail-ed1-f74.google.com with SMTP id
w8-20020a50d788000000b00418e6810364so10519673edi.13
for <linux-mm@kvack.org>; Tue, 26 Apr 2022 09:46:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=20210112;
h=date:in-reply-to:message-id:mime-version:references:subject:from:to
:cc;
bh=XLE4dDKZQivTtEUon/Tj4SL+cxx+nqfawlbFCYGovJc=;
b=JMsNnrgA3RJaeGbSFsIbMJk1WKHAyC9mHh9w+Ezp2I0AryPzMo0hvP3hFHcM3Fes/j
0Od6aTn5hLCVFSLoC+QEN/Y51yJ/k3To1PPqp71oGx9SidpVIg7W/FFigKzrWKt5pZNf
ObR3IfkU591CrM0QCB8Yyv69AzGBOduai/CQ5ZELgXkxhQBpzhytZFiVH0+MwZEQnsa3
V3yvl4lBVXMYXdY61XOr/QmKRJgkZHWIaUhgcwCtzjh2gZfAxHgEOuB8kzeynle/cRhb
dXMQ2W1fkb0VB8Nx+GeffYe9rusz/mxzvp3Q0HOhGVl2s14bRkzEjCgm6Hi/UlxZ9QPZ
fd4A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=x-gm-message-state:date:in-reply-to:message-id:mime-version
:references:subject:from:to:cc;
bh=XLE4dDKZQivTtEUon/Tj4SL+cxx+nqfawlbFCYGovJc=;
b=5kzGqQx6VoInym7UvBFyu7OGQ0RTXsyWtVwZnHIEmSCUltHxX5ZZwxNytKRUxqVlbA
ffw2nIlAKRZjCA9RoqFF6lREhqPMCTaOr9ZVMz3jU+8V7z3t9MtuaMxd7o3fxL4hzD4N
OAeQOkmcyPPfWbBAtp2imHSHl0WPm4h3ID73WrM/x40GGNGbXHzQWz7QtJt9hgMrx6+V
D8unZrFrnFpjgnr9umQI5Nabhu5W/MTDelbmPMJQd6kTz6VkR6tQ1lksAhL372f660pR
Z7vwOPDc4xlyP3k86IMhZVMOljq5S65fJAtz8JQCf/EArro2gdS6YFBfqkycPpFjl9FF
19VQ==
X-Gm-Message-State: AOAM531UWlWJftnAmZEWSuGr/oni83nZ9KR43OqV5iNMT97M0B6v4vBF
EjPS6LKUC+Fl+B97ZPkKOf51WZIAq8c=
X-Google-Smtp-Source:
ABdhPJw2dp1WxDXIXbxKtYrp2TPHwfmzrgTwJgDoJzBSZTqGhvOW8ABWyU8M8nHDx8YckvsgOVfYsGY3TJA=
X-Received: from glider.muc.corp.google.com
([2a00:79e0:15:13:d580:abeb:bf6d:5726])
(user=glider job=sendgmr) by 2002:a17:907:3e21:b0:6f3:bd59:1aa0 with SMTP id
hp33-20020a1709073e2100b006f3bd591aa0mr1461947ejc.682.1650991561485; Tue, 26
Apr 2022 09:46:01 -0700 (PDT)
Date: Tue, 26 Apr 2022 18:43:08 +0200
In-Reply-To: <20220426164315.625149-1-glider@google.com>
Message-Id: <20220426164315.625149-40-glider@google.com>
Mime-Version: 1.0
References: <20220426164315.625149-1-glider@google.com>
X-Mailer: git-send-email 2.36.0.rc2.479.g8af0fa9b8e-goog
Subject: [PATCH v3 39/46] x86: kmsan: skip shadow checks in __switch_to()
From: Alexander Potapenko <glider@google.com>
To: glider@google.com
Cc: Alexander Viro <viro@zeniv.linux.org.uk>,
Andrew Morton <akpm@linux-foundation.org>,
Andrey Konovalov <andreyknvl@google.com>, Andy Lutomirski <luto@kernel.org>,
Arnd Bergmann <arnd@arndb.de>,
Borislav Petkov <bp@alien8.de>, Christoph Hellwig <hch@lst.de>,
Christoph Lameter <cl@linux.com>,
David Rientjes <rientjes@google.com>, Dmitry Vyukov <dvyukov@google.com>,
Eric Dumazet <edumazet@google.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Herbert Xu <herbert@gondor.apana.org.au>,
Ilya Leoshkevich <iii@linux.ibm.com>,
Ingo Molnar <mingo@redhat.com>, Jens Axboe <axboe@kernel.dk>,
Joonsoo Kim <iamjoonsoo.kim@lge.com>,
Kees Cook <keescook@chromium.org>, Marco Elver <elver@google.com>,
Mark Rutland <mark.rutland@arm.com>, Matthew Wilcox <willy@infradead.org>,
"Michael S. Tsirkin" <mst@redhat.com>, Pekka Enberg <penberg@kernel.org>,
Peter Zijlstra <peterz@infradead.org>, Petr Mladek <pmladek@suse.com>,
Steven Rostedt <rostedt@goodmis.org>, Thomas Gleixner <tglx@linutronix.de>,
Vasily Gorbik <gor@linux.ibm.com>, Vegard Nossum <vegard.nossum@oracle.com>,
Vlastimil Babka <vbabka@suse.cz>, kasan-dev@googlegroups.com,
linux-mm@kvack.org,
linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
X-Rspam-User:
X-Rspamd-Server: rspam11
X-Rspamd-Queue-Id: 36776140042
X-Stat-Signature: 3auideqbkoc9c6yyw9s7t9ah9y1w5w3i
Authentication-Results: imf26.hostedemail.com;
dkim=pass header.d=google.com header.s=20210112 header.b=JMsNnrgA;
spf=pass (imf26.hostedemail.com: domain of
3ySFoYgYKCMYsxupq3s00sxq.o0yxuz69-yyw7mow.03s@flex--glider.bounces.google.com
designates 209.85.208.74 as permitted sender)
smtp.mailfrom=3ySFoYgYKCMYsxupq3s00sxq.o0yxuz69-yyw7mow.03s@flex--glider.bounces.google.com;
dmarc=pass (policy=reject) header.from=google.com
X-HE-Tag: 1650991561-266796
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
|
| Series |
Add KernelMemorySanitizer infrastructure
|
expand
|
diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c index e459253649be2..9952a4c7e1d20 100644 --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c @@ -553,6 +553,7 @@ void compat_start_thread(struct pt_regs *regs, u32 new_ip, u32 new_sp, bool x32) * Kprobes not supported here. Set the probe on schedule instead. * Function graph tracer not supported too. */ +__no_kmsan_checks __visible __notrace_funcgraph struct task_struct * __switch_to(struct task_struct *prev_p, struct task_struct *next_p) {
When instrumenting functions, KMSAN obtains the per-task state (mostly pointers to metadata for function arguments and return values) once per function at its beginning, using the `current` pointer. Every time the instrumented function calls another function, this state (`struct kmsan_context_state`) is updated with shadow/origin data of the passed and returned values. When `current` changes in the low-level arch code, instrumented code can not notice that, and will still refer to the old state, possibly corrupting it or using stale data. This may result in false positive reports. To deal with that, we need to apply __no_kmsan_checks to the functions performing context switching - this will result in skipping all KMSAN shadow checks and marking newly created values as initialized, preventing all false positive reports in those functions. False negatives are still possible, but we expect them to be rare and impersistent. Suggested-by: Marco Elver <elver@google.com> Signed-off-by: Alexander Potapenko <glider@google.com> --- v2: -- This patch was previously called "kmsan: skip shadow checks in files doing context switches". Per Mark Rutland's suggestion, we now only skip checks in low-level arch-specific code, as context switches in common code should be invisible to KMSAN. We also apply the checks to precisely the functions performing the context switch instead of the whole file. Link: https://linux-review.googlesource.com/id/I45e3ed9c5f66ee79b0409d1673d66ae419029bcb Replace KMSAN_ENABLE_CHECKS_process_64.o with __no_kmsan_checks --- arch/x86/kernel/process_64.c | 1 + 1 file changed, 1 insertion(+)