| Message ID | cdb119dcade0cea25745c920aba8434c27e4c93b.1738686764.git.maciej.wieczor-retman@intel.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | kasan: x86: arm64: risc-v: KASAN tag-based mode for x86 | expand |
On Tue, 04 Feb 2025 09:33:45 PST (-0800), maciej.wieczor-retman@intel.com wrote: > KASAN's tag-based mode defines multiple special tag values. They're > reserved for: > - Native kernel value. On arm64 it's 0xFF and it causes an early return > in the tag checking function. > - Invalid value. 0xFE marks an area as freed / unallocated. It's also > the value that is used to initialize regions of shadow memory. > - Max value. 0xFD is the highest value that can be randomly generated > for a new tag. > > Metadata macro is also defined: > - Tag width equal to 8. > > Tag-based mode on x86 is going to use 4 bit wide tags so all the above > values need to be changed accordingly. > > Make tags arch specific for x86, risc-v and arm64. On x86 the values > just lose the top 4 bits. > > Replace hardcoded kernel tag value and tag width with macros in KASAN's > non-arch specific code. > > Signed-off-by: Maciej Wieczor-Retman <maciej.wieczor-retman@intel.com> > --- > MAINTAINERS | 2 +- > arch/arm64/include/asm/kasan-tags.h | 9 +++++++++ > arch/riscv/include/asm/kasan-tags.h | 12 ++++++++++++ > arch/riscv/include/asm/kasan.h | 4 ---- > arch/x86/include/asm/kasan-tags.h | 9 +++++++++ > include/linux/kasan-tags.h | 12 +++++++++++- > include/linux/kasan.h | 4 +++- > include/linux/mm.h | 6 +++--- > include/linux/page-flags-layout.h | 7 +------ > 9 files changed, 49 insertions(+), 16 deletions(-) > create mode 100644 arch/arm64/include/asm/kasan-tags.h > create mode 100644 arch/riscv/include/asm/kasan-tags.h > create mode 100644 arch/x86/include/asm/kasan-tags.h > > diff --git a/MAINTAINERS b/MAINTAINERS > index b878ddc99f94..45671faa3b6f 100644 > --- a/MAINTAINERS > +++ b/MAINTAINERS > @@ -12227,7 +12227,7 @@ L: kasan-dev@googlegroups.com > S: Maintained > B: https://bugzilla.kernel.org/buglist.cgi?component=Sanitizers&product=Memory%20Management > F: Documentation/dev-tools/kasan.rst > -F: arch/*/include/asm/*kasan.h > +F: arch/*/include/asm/*kasan*.h > F: arch/*/mm/kasan_init* > F: include/linux/kasan*.h > F: lib/Kconfig.kasan > diff --git a/arch/arm64/include/asm/kasan-tags.h b/arch/arm64/include/asm/kasan-tags.h > new file mode 100644 > index 000000000000..9e835da95f6b > --- /dev/null > +++ b/arch/arm64/include/asm/kasan-tags.h > @@ -0,0 +1,9 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > +#ifndef __ASM_KASAN_TAGS_H > +#define __ASM_KASAN_TAGS_H > + > +#define KASAN_TAG_KERNEL 0xFF /* native kernel pointers tag */ > + > +#define KASAN_TAG_WIDTH 8 > + > +#endif /* ASM_KASAN_TAGS_H */ > diff --git a/arch/riscv/include/asm/kasan-tags.h b/arch/riscv/include/asm/kasan-tags.h > new file mode 100644 > index 000000000000..83d7dcc8af74 > --- /dev/null > +++ b/arch/riscv/include/asm/kasan-tags.h > @@ -0,0 +1,12 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > +#ifndef __ASM_KASAN_TAGS_H > +#define __ASM_KASAN_TAGS_H > + > +#ifdef CONFIG_KASAN_SW_TAGS > +#define KASAN_TAG_KERNEL 0x7f /* native kernel pointers tag */ > +#endif > + > +#define KASAN_TAG_WIDTH 8 > + > +#endif /* ASM_KASAN_TAGS_H */ > + > diff --git a/arch/riscv/include/asm/kasan.h b/arch/riscv/include/asm/kasan.h > index f6b378ba936d..27938e0d5233 100644 > --- a/arch/riscv/include/asm/kasan.h > +++ b/arch/riscv/include/asm/kasan.h > @@ -41,10 +41,6 @@ > > #define KASAN_SHADOW_OFFSET _AC(CONFIG_KASAN_SHADOW_OFFSET, UL) > > -#ifdef CONFIG_KASAN_SW_TAGS > -#define KASAN_TAG_KERNEL 0x7f /* native kernel pointers tag */ > -#endif > - > #define arch_kasan_set_tag(addr, tag) __tag_set(addr, tag) > #define arch_kasan_reset_tag(addr) __tag_reset(addr) > #define arch_kasan_get_tag(addr) __tag_get(addr) > diff --git a/arch/x86/include/asm/kasan-tags.h b/arch/x86/include/asm/kasan-tags.h > new file mode 100644 > index 000000000000..68ba385bc75c > --- /dev/null > +++ b/arch/x86/include/asm/kasan-tags.h > @@ -0,0 +1,9 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > +#ifndef __ASM_KASAN_TAGS_H > +#define __ASM_KASAN_TAGS_H > + > +#define KASAN_TAG_KERNEL 0xF /* native kernel pointers tag */ > + > +#define KASAN_TAG_WIDTH 4 > + > +#endif /* ASM_KASAN_TAGS_H */ > diff --git a/include/linux/kasan-tags.h b/include/linux/kasan-tags.h > index e07c896f95d3..b4aacfa8709b 100644 > --- a/include/linux/kasan-tags.h > +++ b/include/linux/kasan-tags.h > @@ -2,7 +2,17 @@ > #ifndef _LINUX_KASAN_TAGS_H > #define _LINUX_KASAN_TAGS_H > > -#include <asm/kasan.h> > +#if defined(CONFIG_KASAN_SW_TAGS) || defined(CONFIG_KASAN_HW_TAGS) > +#include <asm/kasan-tags.h> > +#endif > + > +#ifdef CONFIG_KASAN_SW_TAGS_DENSE > +#define KASAN_TAG_WIDTH 4 > +#endif > + > +#ifndef KASAN_TAG_WIDTH > +#define KASAN_TAG_WIDTH 0 > +#endif > > #ifndef KASAN_TAG_KERNEL > #define KASAN_TAG_KERNEL 0xFF /* native kernel pointers tag */ > diff --git a/include/linux/kasan.h b/include/linux/kasan.h > index 5a3e9bec21c2..83146367170a 100644 > --- a/include/linux/kasan.h > +++ b/include/linux/kasan.h > @@ -88,7 +88,9 @@ static inline u8 kasan_get_shadow_tag(const void *addr) > > #ifdef CONFIG_KASAN_SW_TAGS > /* This matches KASAN_TAG_INVALID. */ > -#define KASAN_SHADOW_INIT 0xFE > +#ifndef KASAN_SHADOW_INIT > +#define KASAN_SHADOW_INIT KASAN_TAG_INVALID > +#endif > #else > #define KASAN_SHADOW_INIT 0 > #endif > diff --git a/include/linux/mm.h b/include/linux/mm.h > index 61fff5d34ed5..ddca2f63a5f6 100644 > --- a/include/linux/mm.h > +++ b/include/linux/mm.h > @@ -1813,7 +1813,7 @@ static inline u8 page_kasan_tag(const struct page *page) > > if (kasan_enabled()) { > tag = (page->flags >> KASAN_TAG_PGSHIFT) & KASAN_TAG_MASK; > - tag ^= 0xff; > + tag ^= KASAN_TAG_KERNEL; > } > > return tag; > @@ -1826,7 +1826,7 @@ static inline void page_kasan_tag_set(struct page *page, u8 tag) > if (!kasan_enabled()) > return; > > - tag ^= 0xff; > + tag ^= KASAN_TAG_KERNEL; > old_flags = READ_ONCE(page->flags); > do { > flags = old_flags; > @@ -1845,7 +1845,7 @@ static inline void page_kasan_tag_reset(struct page *page) > > static inline u8 page_kasan_tag(const struct page *page) > { > - return 0xff; > + return KASAN_TAG_KERNEL; > } > > static inline void page_kasan_tag_set(struct page *page, u8 tag) { } > diff --git a/include/linux/page-flags-layout.h b/include/linux/page-flags-layout.h > index 7d79818dc065..ac3576f409ad 100644 > --- a/include/linux/page-flags-layout.h > +++ b/include/linux/page-flags-layout.h > @@ -3,6 +3,7 @@ > #define PAGE_FLAGS_LAYOUT_H > > #include <linux/numa.h> > +#include <linux/kasan-tags.h> > #include <generated/bounds.h> > > /* > @@ -72,12 +73,6 @@ > #define NODE_NOT_IN_PAGE_FLAGS 1 > #endif > > -#if defined(CONFIG_KASAN_SW_TAGS) || defined(CONFIG_KASAN_HW_TAGS) > -#define KASAN_TAG_WIDTH 8 > -#else > -#define KASAN_TAG_WIDTH 0 > -#endif > - > #ifdef CONFIG_NUMA_BALANCING > #define LAST__PID_SHIFT 8 > #define LAST__PID_MASK ((1 << LAST__PID_SHIFT)-1) Acked-by: Palmer Dabbelt <palmer@rivosinc.com> # RISC-V Probably best to keep this along with the rest of the patches, but LMK if you want me to point something at the RISC-V tree.
Hi! On 2025-02-05 at 12:20:10 -0800, Palmer Dabbelt wrote: >On Tue, 04 Feb 2025 09:33:45 PST (-0800), maciej.wieczor-retman@intel.com wrote: ... > >Acked-by: Palmer Dabbelt <palmer@rivosinc.com> # RISC-V > >Probably best to keep this along with the rest of the patches, but LMK if you >want me to point something at the RISC-V tree. Thanks for looking at the patches! As Andrey suggested since the risc-v KASAN series doesn't get updated much I'll try not to base this series on the risc-v one. I hope it's okay if I pick up the first patch/few patches that are not risc-v related and try to upstream them along this series? They were really helpful to my efforts here. >_______________________________________________ >linux-riscv mailing list >linux-riscv@lists.infradead.org >http://lists.infradead.org/mailman/listinfo/linux-riscv
diff --git a/MAINTAINERS b/MAINTAINERS index b878ddc99f94..45671faa3b6f 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -12227,7 +12227,7 @@ L: kasan-dev@googlegroups.com S: Maintained B: https://bugzilla.kernel.org/buglist.cgi?component=Sanitizers&product=Memory%20Management F: Documentation/dev-tools/kasan.rst -F: arch/*/include/asm/*kasan.h +F: arch/*/include/asm/*kasan*.h F: arch/*/mm/kasan_init* F: include/linux/kasan*.h F: lib/Kconfig.kasan diff --git a/arch/arm64/include/asm/kasan-tags.h b/arch/arm64/include/asm/kasan-tags.h new file mode 100644 index 000000000000..9e835da95f6b --- /dev/null +++ b/arch/arm64/include/asm/kasan-tags.h @@ -0,0 +1,9 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef __ASM_KASAN_TAGS_H +#define __ASM_KASAN_TAGS_H + +#define KASAN_TAG_KERNEL 0xFF /* native kernel pointers tag */ + +#define KASAN_TAG_WIDTH 8 + +#endif /* ASM_KASAN_TAGS_H */ diff --git a/arch/riscv/include/asm/kasan-tags.h b/arch/riscv/include/asm/kasan-tags.h new file mode 100644 index 000000000000..83d7dcc8af74 --- /dev/null +++ b/arch/riscv/include/asm/kasan-tags.h @@ -0,0 +1,12 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef __ASM_KASAN_TAGS_H +#define __ASM_KASAN_TAGS_H + +#ifdef CONFIG_KASAN_SW_TAGS +#define KASAN_TAG_KERNEL 0x7f /* native kernel pointers tag */ +#endif + +#define KASAN_TAG_WIDTH 8 + +#endif /* ASM_KASAN_TAGS_H */ + diff --git a/arch/riscv/include/asm/kasan.h b/arch/riscv/include/asm/kasan.h index f6b378ba936d..27938e0d5233 100644 --- a/arch/riscv/include/asm/kasan.h +++ b/arch/riscv/include/asm/kasan.h @@ -41,10 +41,6 @@ #define KASAN_SHADOW_OFFSET _AC(CONFIG_KASAN_SHADOW_OFFSET, UL) -#ifdef CONFIG_KASAN_SW_TAGS -#define KASAN_TAG_KERNEL 0x7f /* native kernel pointers tag */ -#endif - #define arch_kasan_set_tag(addr, tag) __tag_set(addr, tag) #define arch_kasan_reset_tag(addr) __tag_reset(addr) #define arch_kasan_get_tag(addr) __tag_get(addr) diff --git a/arch/x86/include/asm/kasan-tags.h b/arch/x86/include/asm/kasan-tags.h new file mode 100644 index 000000000000..68ba385bc75c --- /dev/null +++ b/arch/x86/include/asm/kasan-tags.h @@ -0,0 +1,9 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef __ASM_KASAN_TAGS_H +#define __ASM_KASAN_TAGS_H + +#define KASAN_TAG_KERNEL 0xF /* native kernel pointers tag */ + +#define KASAN_TAG_WIDTH 4 + +#endif /* ASM_KASAN_TAGS_H */ diff --git a/include/linux/kasan-tags.h b/include/linux/kasan-tags.h index e07c896f95d3..b4aacfa8709b 100644 --- a/include/linux/kasan-tags.h +++ b/include/linux/kasan-tags.h @@ -2,7 +2,17 @@ #ifndef _LINUX_KASAN_TAGS_H #define _LINUX_KASAN_TAGS_H -#include <asm/kasan.h> +#if defined(CONFIG_KASAN_SW_TAGS) || defined(CONFIG_KASAN_HW_TAGS) +#include <asm/kasan-tags.h> +#endif + +#ifdef CONFIG_KASAN_SW_TAGS_DENSE +#define KASAN_TAG_WIDTH 4 +#endif + +#ifndef KASAN_TAG_WIDTH +#define KASAN_TAG_WIDTH 0 +#endif #ifndef KASAN_TAG_KERNEL #define KASAN_TAG_KERNEL 0xFF /* native kernel pointers tag */ diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 5a3e9bec21c2..83146367170a 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -88,7 +88,9 @@ static inline u8 kasan_get_shadow_tag(const void *addr) #ifdef CONFIG_KASAN_SW_TAGS /* This matches KASAN_TAG_INVALID. */ -#define KASAN_SHADOW_INIT 0xFE +#ifndef KASAN_SHADOW_INIT +#define KASAN_SHADOW_INIT KASAN_TAG_INVALID +#endif #else #define KASAN_SHADOW_INIT 0 #endif diff --git a/include/linux/mm.h b/include/linux/mm.h index 61fff5d34ed5..ddca2f63a5f6 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -1813,7 +1813,7 @@ static inline u8 page_kasan_tag(const struct page *page) if (kasan_enabled()) { tag = (page->flags >> KASAN_TAG_PGSHIFT) & KASAN_TAG_MASK; - tag ^= 0xff; + tag ^= KASAN_TAG_KERNEL; } return tag; @@ -1826,7 +1826,7 @@ static inline void page_kasan_tag_set(struct page *page, u8 tag) if (!kasan_enabled()) return; - tag ^= 0xff; + tag ^= KASAN_TAG_KERNEL; old_flags = READ_ONCE(page->flags); do { flags = old_flags; @@ -1845,7 +1845,7 @@ static inline void page_kasan_tag_reset(struct page *page) static inline u8 page_kasan_tag(const struct page *page) { - return 0xff; + return KASAN_TAG_KERNEL; } static inline void page_kasan_tag_set(struct page *page, u8 tag) { } diff --git a/include/linux/page-flags-layout.h b/include/linux/page-flags-layout.h index 7d79818dc065..ac3576f409ad 100644 --- a/include/linux/page-flags-layout.h +++ b/include/linux/page-flags-layout.h @@ -3,6 +3,7 @@ #define PAGE_FLAGS_LAYOUT_H #include <linux/numa.h> +#include <linux/kasan-tags.h> #include <generated/bounds.h> /* @@ -72,12 +73,6 @@ #define NODE_NOT_IN_PAGE_FLAGS 1 #endif -#if defined(CONFIG_KASAN_SW_TAGS) || defined(CONFIG_KASAN_HW_TAGS) -#define KASAN_TAG_WIDTH 8 -#else -#define KASAN_TAG_WIDTH 0 -#endif - #ifdef CONFIG_NUMA_BALANCING #define LAST__PID_SHIFT 8 #define LAST__PID_MASK ((1 << LAST__PID_SHIFT)-1)
KASAN's tag-based mode defines multiple special tag values. They're reserved for: - Native kernel value. On arm64 it's 0xFF and it causes an early return in the tag checking function. - Invalid value. 0xFE marks an area as freed / unallocated. It's also the value that is used to initialize regions of shadow memory. - Max value. 0xFD is the highest value that can be randomly generated for a new tag. Metadata macro is also defined: - Tag width equal to 8. Tag-based mode on x86 is going to use 4 bit wide tags so all the above values need to be changed accordingly. Make tags arch specific for x86, risc-v and arm64. On x86 the values just lose the top 4 bits. Replace hardcoded kernel tag value and tag width with macros in KASAN's non-arch specific code. Signed-off-by: Maciej Wieczor-Retman <maciej.wieczor-retman@intel.com> --- MAINTAINERS | 2 +- arch/arm64/include/asm/kasan-tags.h | 9 +++++++++ arch/riscv/include/asm/kasan-tags.h | 12 ++++++++++++ arch/riscv/include/asm/kasan.h | 4 ---- arch/x86/include/asm/kasan-tags.h | 9 +++++++++ include/linux/kasan-tags.h | 12 +++++++++++- include/linux/kasan.h | 4 +++- include/linux/mm.h | 6 +++--- include/linux/page-flags-layout.h | 7 +------ 9 files changed, 49 insertions(+), 16 deletions(-) create mode 100644 arch/arm64/include/asm/kasan-tags.h create mode 100644 arch/riscv/include/asm/kasan-tags.h create mode 100644 arch/x86/include/asm/kasan-tags.h