From patchwork Thu Sep 15 15:04:07 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Potapenko X-Patchwork-Id: 12977551 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E5DCEC6FA89 for ; Thu, 15 Sep 2022 15:06:10 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 566D08D0008; Thu, 15 Sep 2022 11:06:10 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4EE5A8D0001; Thu, 15 Sep 2022 11:06:10 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 38D598D0008; Thu, 15 Sep 2022 11:06:10 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 2BE408D0001 for ; Thu, 15 Sep 2022 11:06:10 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id D7C13409CB for ; Thu, 15 Sep 2022 15:06:09 +0000 (UTC) X-FDA: 79914645258.24.6DBA018 Received: from mail-ed1-f74.google.com (mail-ed1-f74.google.com [209.85.208.74]) by imf21.hostedemail.com (Postfix) with ESMTP id 4F31E1C00BF for ; Thu, 15 Sep 2022 15:06:09 +0000 (UTC) Received: by mail-ed1-f74.google.com with SMTP id z9-20020a05640235c900b0044f0575e9ddso13212207edc.1 for ; Thu, 15 Sep 2022 08:06:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date; bh=VswCSWA+rV4PC5eDv8SsttMbBbTb1fmAEKvfw1RwEtM=; b=qfYRjxVXvUP5x+DcPXm3cMpN29PKGbNCTHYBFMXzeLDQrOVXXcI7lnw1mKbLyfQDyf zl3gs2m3r+JCNAr/TDs0bhFO5u7OCk1B7yPDbCbyn/nyJ8moWGvVbwEJ8b/NTADuA2hu GVJM48X6WPcJX77xHjwdMXCTk2TzlmcM2WmbJN+Tb7cJYZ8ZMxb4lsDwYDszYJI7C8rM 1v90JwvujpMn91tjws4xJKu3q+aRZi4qRprrXtU3qcvqWjX+oI7M0nFmjrmJqS8Xks0S V+NPLDQXzcvw7OagUuNKL/XuXS9vYYBVB/CqPRy/mO0mjIB75a2Iuvk5eZtREaBUnGAd /+pw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date; bh=VswCSWA+rV4PC5eDv8SsttMbBbTb1fmAEKvfw1RwEtM=; b=59FfpD2OrYWKua2peQjmATlxb/dmAKmINDu04XxT0sK0dexh+d0TxPCjmHb/raRXPf LkLpymF8Ndh1YkvQWh3OGGeiNSa3MKImMAyQGzRkoT/SPcyc3/kYST+LqIfCWA37lXEC Uaz2Q01xm2JyuBPBUQHepUuHTzwDDu8K4mLXowfMTN0Atxeqe2s2Zslp4tUZJoL5zZ0z U0BXsRYoU0PNT7hNpEPuuzjKKVWnF/yC5kSn/3RkKPlDu7T5tdzepVDfXrbKAw6ylGJ5 7OroFeHpS1bmb5n8Vm1xTfX0tm0Ngp7C2kDV6WEEHzTD6lwuwIzQv/bELP6OlvRrqwv1 E7hA== X-Gm-Message-State: ACrzQf1ylf38g/HTjm06vhZwF7AN1/y5wXgB0Bql9j6GbdicIlU/nmQd Cxc49OWHevoglMITF5XtAiku2oJsc/U= X-Google-Smtp-Source: AMsMyM40+Qmw8A7AGwDvjdL9jpgt8Lg9YP9jjEB7Zsvzh23DArp5ev7LtXtgv12tVm2rdXsgBXwpmJSl8vI= X-Received: from glider.muc.corp.google.com ([2a00:79e0:9c:201:686d:27b5:495:85b7]) (user=glider job=sendgmr) by 2002:a05:6402:1655:b0:44e:b208:746d with SMTP id s21-20020a056402165500b0044eb208746dmr253604edx.229.1663254368151; Thu, 15 Sep 2022 08:06:08 -0700 (PDT) Date: Thu, 15 Sep 2022 17:04:07 +0200 In-Reply-To: <20220915150417.722975-1-glider@google.com> Mime-Version: 1.0 References: <20220915150417.722975-1-glider@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220915150417.722975-34-glider@google.com> Subject: [PATCH v7 33/43] x86: kmsan: skip shadow checks in __switch_to() From: Alexander Potapenko To: glider@google.com Cc: Alexander Viro , Alexei Starovoitov , Andrew Morton , Andrey Konovalov , Andy Lutomirski , Arnd Bergmann , Borislav Petkov , Christoph Hellwig , Christoph Lameter , David Rientjes , Dmitry Vyukov , Eric Biggers , Eric Dumazet , Greg Kroah-Hartman , Herbert Xu , Ilya Leoshkevich , Ingo Molnar , Jens Axboe , Joonsoo Kim , Kees Cook , Marco Elver , Mark Rutland , Matthew Wilcox , "Michael S. Tsirkin" , Pekka Enberg , Peter Zijlstra , Petr Mladek , Stephen Rothwell , Steven Rostedt , Thomas Gleixner , Vasily Gorbik , Vegard Nossum , Vlastimil Babka , kasan-dev@googlegroups.com, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org ARC-Authentication-Results: i=1; imf21.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=qfYRjxVX; spf=pass (imf21.hostedemail.com: domain of 3YD8jYwYKCIsv0xst6v33v0t.r310x29C-11zAprz.36v@flex--glider.bounces.google.com designates 209.85.208.74 as permitted sender) smtp.mailfrom=3YD8jYwYKCIsv0xst6v33v0t.r310x29C-11zAprz.36v@flex--glider.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1663254369; a=rsa-sha256; cv=none; b=aDL5WGieLfxDwtUCLo9hYpDj/w31Fu+j8nz2M98+34wraa6q8MZxe5iZzEfOzaPwvkvCfR ym1VBlmkHQGQIaLa5T1TjcbzYtQDRkge4qRUXKxvTTVu0Nsk3/QBNmquBnmlEg/gBEaGXh J2wBFwnJ341/MLEZdsyxzo7bMlx9JnY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1663254369; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=VswCSWA+rV4PC5eDv8SsttMbBbTb1fmAEKvfw1RwEtM=; b=Vvy0qPVlWlnDpV4m1p1GOL0SJEKwpWic9sxwQ1e4QQIby0TXX6YtKLKfXhgxkcY3jK5QD0 Eg4ZVmiXCKVhMZ03f4qpZCnv3rsNbFaqHgazj+qhRomy9JDtOYnm8gUH2arbs8rFCpFi3b 6C79adfKz1Gv8QTIl0W6B63K8nGj+8c= X-Rspam-User: X-Rspamd-Server: rspam11 X-Rspamd-Queue-Id: 4F31E1C00BF Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=qfYRjxVX; spf=pass (imf21.hostedemail.com: domain of 3YD8jYwYKCIsv0xst6v33v0t.r310x29C-11zAprz.36v@flex--glider.bounces.google.com designates 209.85.208.74 as permitted sender) smtp.mailfrom=3YD8jYwYKCIsv0xst6v33v0t.r310x29C-11zAprz.36v@flex--glider.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com X-Stat-Signature: s1m8annnpaw9n8qorjimdu7h67sfsjs5 X-HE-Tag: 1663254369-338704 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: When instrumenting functions, KMSAN obtains the per-task state (mostly pointers to metadata for function arguments and return values) once per function at its beginning, using the `current` pointer. Every time the instrumented function calls another function, this state (`struct kmsan_context_state`) is updated with shadow/origin data of the passed and returned values. When `current` changes in the low-level arch code, instrumented code can not notice that, and will still refer to the old state, possibly corrupting it or using stale data. This may result in false positive reports. To deal with that, we need to apply __no_kmsan_checks to the functions performing context switching - this will result in skipping all KMSAN shadow checks and marking newly created values as initialized, preventing all false positive reports in those functions. False negatives are still possible, but we expect them to be rare and impersistent. Suggested-by: Marco Elver Signed-off-by: Alexander Potapenko --- v2: -- This patch was previously called "kmsan: skip shadow checks in files doing context switches". Per Mark Rutland's suggestion, we now only skip checks in low-level arch-specific code, as context switches in common code should be invisible to KMSAN. We also apply the checks to precisely the functions performing the context switch instead of the whole file. v5: -- Replace KMSAN_ENABLE_CHECKS_process_64.o with __no_kmsan_checks Link: https://linux-review.googlesource.com/id/I45e3ed9c5f66ee79b0409d1673d66ae419029bcb --- arch/x86/kernel/process_64.c | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c index 1962008fe7437..6b3418bff3261 100644 --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c @@ -553,6 +553,7 @@ void compat_start_thread(struct pt_regs *regs, u32 new_ip, u32 new_sp, bool x32) * Kprobes not supported here. Set the probe on schedule instead. * Function graph tracer not supported too. */ +__no_kmsan_checks __visible __notrace_funcgraph struct task_struct * __switch_to(struct task_struct *prev_p, struct task_struct *next_p) {