From patchwork Fri Aug 26 15:08:03 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Alexander Potapenko <glider@google.com>
X-Patchwork-Id: 12956213
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 8EF2DECAAA3
	for <linux-mm@archiver.kernel.org>; Fri, 26 Aug 2022 15:10:07 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 32D91940014; Fri, 26 Aug 2022 11:10:07 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 2DCE6940007; Fri, 26 Aug 2022 11:10:07 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 12F72940014; Fri, 26 Aug 2022 11:10:07 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com
 [216.40.44.11])
	by kanga.kvack.org (Postfix) with ESMTP id 009C1940007
	for <linux-mm@kvack.org>; Fri, 26 Aug 2022 11:10:06 -0400 (EDT)
Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay08.hostedemail.com (Postfix) with ESMTP id CE4B2140F3F
	for <linux-mm@kvack.org>; Fri, 26 Aug 2022 15:10:06 +0000 (UTC)
X-FDA: 79842079212.07.7DA8217
Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com
 [209.85.128.73])
	by imf06.hostedemail.com (Postfix) with ESMTP id 7B858180011
	for <linux-mm@kvack.org>; Fri, 26 Aug 2022 15:10:06 +0000 (UTC)
Received: by mail-wm1-f73.google.com with SMTP id
 i7-20020a1c3b07000000b003a534ec2570so4189113wma.7
        for <linux-mm@kvack.org>; Fri, 26 Aug 2022 08:10:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc;
        bh=BglHskuQEcyUyCGOJUH508pmeGJAtuUxUacPJvhZbyk=;
        b=dLOEePxQJ3Q8NTUKaCKscxiPUndoB4UtDuE3c4k6e51Ijeopi1Q2jwY0fQKx91/gRV
         tjQCOKAvn8SFyX8Z/lnl+CXNB72GSSg2BB8Hq6Vt7SqvWnhLYEqRJylixp3qoaDTG2zm
         raV0B1FrZYeNKlh2L47/qDrSM5egy+WYAo9m1hFPEaFpdxuy6sh5qTqGIMfCAvjZyI9j
         3naaSJ5illmzgZ7ldkbeAiiQNTjVVsYNVEYdyNBLpQSwjzyRINT8fbPdzQGGY0zreFu8
         UWmcW7wtBNkjvMa2czQus+EuHAF96CwCURikCoYjx9Tb33q6CXTdGxIjYlAAIrQDAeMj
         IDGA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc;
        bh=BglHskuQEcyUyCGOJUH508pmeGJAtuUxUacPJvhZbyk=;
        b=sYuKmpnlZgbmJS1WIYTTmKJjVXxfNxezu52cpVumk745tHhK13I46y21jlNdTa4PgH
         W+F4BMf+OaqPB7Eohe8bJxJZlQI81G4VjLLzqzZ4ctcqqXL0y7XTYopXewsWaroYLE5S
         BJCg9YkVrohofcboseXd9HBLFTdmVGysTetgVHWYb8rhRv43kXAX2+SvVgbjUBVYrWhS
         /qYwkXPADJHlfKhQ64kM6+HQOntMJ/TMCT4Kxpiol8MS7NZnOzESP9kWndex6n9hPpAp
         9xdpBnb2AIwiPAKg7nnQCDxESH+U/gHIen2tD8LVrfq5+CzgJAwIxVCrK3ULoswNRZxA
         UPqQ==
X-Gm-Message-State: ACgBeo2LVrYzaExGx54Wd2wisOiyZfs/8LphLi07fes37Key0mnJ1cWn
	czorL/9cCKgT+LF4j7hmK9LMTDsZpgQ=
X-Google-Smtp-Source: 
 AA6agR6NknND7Ys7dLoaR0YpbVpHtssuPzgQY9WE+k93NXy2tjYdfG5ALV06XNy3sKThCmImd1fIcvZnQyg=
X-Received: from glider.muc.corp.google.com
 ([2a00:79e0:9c:201:5207:ac36:fdd3:502d])
 (user=glider job=sendgmr) by 2002:a5d:58d6:0:b0:226:cf81:f68d with SMTP id
 o22-20020a5d58d6000000b00226cf81f68dmr60412wrf.131.1661526605261; Fri, 26 Aug
 2022 08:10:05 -0700 (PDT)
Date: Fri, 26 Aug 2022 17:08:03 +0200
In-Reply-To: <20220826150807.723137-1-glider@google.com>
Mime-Version: 1.0
References: <20220826150807.723137-1-glider@google.com>
X-Mailer: git-send-email 2.37.2.672.g94769d06f0-goog
Message-ID: <20220826150807.723137-41-glider@google.com>
Subject: [PATCH v5 40/44] x86: kmsan: don't instrument stack walking functions
From: Alexander Potapenko <glider@google.com>
To: glider@google.com
Cc: Alexander Viro <viro@zeniv.linux.org.uk>,
 Alexei Starovoitov <ast@kernel.org>,
	Andrew Morton <akpm@linux-foundation.org>,
 Andrey Konovalov <andreyknvl@google.com>,
	Andy Lutomirski <luto@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
 Borislav Petkov <bp@alien8.de>,
	Christoph Hellwig <hch@lst.de>, Christoph Lameter <cl@linux.com>,
 David Rientjes <rientjes@google.com>,
	Dmitry Vyukov <dvyukov@google.com>, Eric Dumazet <edumazet@google.com>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
 Herbert Xu <herbert@gondor.apana.org.au>,
	Ilya Leoshkevich <iii@linux.ibm.com>, Ingo Molnar <mingo@redhat.com>,
 Jens Axboe <axboe@kernel.dk>,
	Joonsoo Kim <iamjoonsoo.kim@lge.com>, Kees Cook <keescook@chromium.org>,
	Marco Elver <elver@google.com>, Mark Rutland <mark.rutland@arm.com>,
	Matthew Wilcox <willy@infradead.org>, "Michael S. Tsirkin" <mst@redhat.com>,
 Pekka Enberg <penberg@kernel.org>,
	Peter Zijlstra <peterz@infradead.org>, Petr Mladek <pmladek@suse.com>,
	Steven Rostedt <rostedt@goodmis.org>, Thomas Gleixner <tglx@linutronix.de>,
	Vasily Gorbik <gor@linux.ibm.com>, Vegard Nossum <vegard.nossum@oracle.com>,
	Vlastimil Babka <vbabka@suse.cz>, kasan-dev@googlegroups.com,
 linux-mm@kvack.org,
	linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org
ARC-Authentication-Results: i=1;
	imf06.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=dLOEePxQ;
	spf=pass (imf06.hostedemail.com: domain of
 3TeIIYwYKCFQ274z0D2AA270.yA8749GJ-886Hwy6.AD2@flex--glider.bounces.google.com
 designates 209.85.128.73 as permitted sender)
 smtp.mailfrom=3TeIIYwYKCFQ274z0D2AA270.yA8749GJ-886Hwy6.AD2@flex--glider.bounces.google.com;
	dmarc=pass (policy=reject) header.from=google.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1661526606; a=rsa-sha256;
	cv=none;
	b=Sh9tiw56GqWaAKjiJl3Kz85W594tMr2/Os3xESw432zLce4wrrrh1LU9Wz+wxtgiJWQVz/
	blp/oYPkiNvCwLxL7ttHn5FQv6K0Wr0UmVAJ8ZPwBFxk0Emy4P30E9n8pvPNhTgH9KqMWD
	5lqM7ToIeqbU8CsFLj1Q7fohwG7a+/k=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1661526606;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=BglHskuQEcyUyCGOJUH508pmeGJAtuUxUacPJvhZbyk=;
	b=i953kYvS7jkbvJpwfl5onj8fg7S5AGV2RG08Xx0PmY2i7xhXJGKRDHc/z3xbOAK4WexhwJ
	DET8rZRH4pYrjgMXqC6QeJGo0EzWcWhZ6WJYCkiSTsIvvPgjXDL6K3aVzRxb3HVT+9LN2J
	guV6XDVu+8dsbMeX8uDE8LCIsBMWe0w=
X-Rspam-User: 
Authentication-Results: imf06.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=dLOEePxQ;
	spf=pass (imf06.hostedemail.com: domain of
 3TeIIYwYKCFQ274z0D2AA270.yA8749GJ-886Hwy6.AD2@flex--glider.bounces.google.com
 designates 209.85.128.73 as permitted sender)
 smtp.mailfrom=3TeIIYwYKCFQ274z0D2AA270.yA8749GJ-886Hwy6.AD2@flex--glider.bounces.google.com;
	dmarc=pass (policy=reject) header.from=google.com
X-Rspamd-Server: rspam07
X-Stat-Signature: ff9fhfxpsiapgcrwfhcd8y67jo1bw4ey
X-Rspamd-Queue-Id: 7B858180011
X-HE-Tag: 1661526606-728533
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

Upon function exit, KMSAN marks local variables as uninitialized.
Further function calls may result in the compiler creating the stack
frame where these local variables resided. This results in frame
pointers being marked as uninitialized data, which is normally correct,
because they are not stack-allocated.

However stack unwinding functions are supposed to read and dereference
the frame pointers, in which case KMSAN might be reporting uses of
uninitialized values.

To work around that, we mark update_stack_state(), unwind_next_frame()
and show_trace_log_lvl() with __no_kmsan_checks, preventing all KMSAN
reports inside those functions and making them return initialized
values.

Signed-off-by: Alexander Potapenko <glider@google.com>
---
Link: https://linux-review.googlesource.com/id/I6550563768fbb08aa60b2a96803675dcba93d802
---
 arch/x86/kernel/dumpstack.c    |  6 ++++++
 arch/x86/kernel/unwind_frame.c | 11 +++++++++++
 2 files changed, 17 insertions(+)

diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c
index afae4dd774951..476eb504084e4 100644
--- a/arch/x86/kernel/dumpstack.c
+++ b/arch/x86/kernel/dumpstack.c
@@ -177,6 +177,12 @@ static void show_regs_if_on_stack(struct stack_info *info, struct pt_regs *regs,
 	}
 }
 
+/*
+ * This function reads pointers from the stack and dereferences them. The
+ * pointers may not have their KMSAN shadow set up properly, which may result
+ * in false positive reports. Disable instrumentation to avoid those.
+ */
+__no_kmsan_checks
 static void show_trace_log_lvl(struct task_struct *task, struct pt_regs *regs,
 			unsigned long *stack, const char *log_lvl)
 {
diff --git a/arch/x86/kernel/unwind_frame.c b/arch/x86/kernel/unwind_frame.c
index 8e1c50c86e5db..d8ba93778ae32 100644
--- a/arch/x86/kernel/unwind_frame.c
+++ b/arch/x86/kernel/unwind_frame.c
@@ -183,6 +183,16 @@ static struct pt_regs *decode_frame_pointer(unsigned long *bp)
 }
 #endif
 
+/*
+ * While walking the stack, KMSAN may stomp on stale locals from other
+ * functions that were marked as uninitialized upon function exit, and
+ * now hold the call frame information for the current function (e.g. the frame
+ * pointer). Because KMSAN does not specifically mark call frames as
+ * initialized, false positive reports are possible. To prevent such reports,
+ * we mark the functions scanning the stack (here and below) with
+ * __no_kmsan_checks.
+ */
+__no_kmsan_checks
 static bool update_stack_state(struct unwind_state *state,
 			       unsigned long *next_bp)
 {
@@ -250,6 +260,7 @@ static bool update_stack_state(struct unwind_state *state,
 	return true;
 }
 
+__no_kmsan_checks
 bool unwind_next_frame(struct unwind_state *state)
 {
 	struct pt_regs *regs;