From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=uWr4=3F=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,
	MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS autolearn=unavailable
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A92A5C3F68F
	for <linux-mm@archiver.kernel.org>; Thu, 16 Jan 2020 23:49:44 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 6C0422064C
	for <linux-mm@archiver.kernel.org>; Thu, 16 Jan 2020 23:49:44 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="KwvjQE6K"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6C0422064C
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=chromium.org
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id F1B118E0095; Thu, 16 Jan 2020 18:49:43 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id ECC4D8E0089; Thu, 16 Jan 2020 18:49:43 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id D94458E0095; Thu, 16 Jan 2020 18:49:43 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11])
	by kanga.kvack.org (Postfix) with ESMTP id C36398E0089
	for <linux-mm@kvack.org>; Thu, 16 Jan 2020 18:49:43 -0500 (EST)
Received: from smtpin24.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay01.hostedemail.com (Postfix) with SMTP id 619F4180AD815
	for <linux-mm@kvack.org>; Thu, 16 Jan 2020 23:49:43 +0000 (UTC)
X-FDA: 76385142246.24.trail17_54d2c9713dc63
X-HE-Tag: trail17_54d2c9713dc63
X-Filterd-Recvd-Size: 5394
Received: from mail-pf1-f194.google.com (mail-pf1-f194.google.com [209.85.210.194])
	by imf29.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Thu, 16 Jan 2020 23:49:42 +0000 (UTC)
Received: by mail-pf1-f194.google.com with SMTP id n9so11005834pff.13
        for <linux-mm@kvack.org>; Thu, 16 Jan 2020 15:49:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to;
        bh=OBxWYYcj5NPKpHkfAvk0D+yaQt02q3V7O1jMrLi++8s=;
        b=KwvjQE6Km2etTVhaE8nM7iQgSseVckSPoFXS9z+61asz/2ydl2l/LbosucQ6amtpmp
         fWlc71/0KBd52vPDs17gTauBeKCkWZCnvN84QFS8KBmhRwyICKbV5BfsSMnxRla368u5
         tAw1bQ/sDNosVbDntEEHkjhH9DLmKgsfCIQJw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to;
        bh=OBxWYYcj5NPKpHkfAvk0D+yaQt02q3V7O1jMrLi++8s=;
        b=Ke6Wkf4dBGmRnS59d1F8h+VMqHNVXIXSC+W6ACZCInSud/OF+M8yC/14wyBjPgMLdw
         /NvEiBeS9V3FL8fl+lO6Qda+eu1/u0smZkE+6BUz8h3jttNjyAdMEmDo5zFTWSYqzcHe
         X3z/hwrmJDmsIPq+h4Zir+8gnQcqbjygHErSGIC3hZPUDUVfwX9B0VuLDdFTE1AHrkSA
         E3c0xONWJ1LwxPJDKDGqpL8bvJfnQgNCnAvIRlh3PSB7KbLx0ZtWKc4Z9jAtT7Lo5GOt
         svXspMOiCQr5FHCZm8EdB00cDQUUq40BdfQ9URusSMk6HsQK++hddgC6pt353Dh30iGL
         vKvQ==
X-Gm-Message-State: APjAAAXmFwA2DddfRXK3XqUOet8v9SdI7Wz6dpaxZn8aXRcauT4XAqWI
	YaATxLyrDRu7GBybGKS+hh0+7g==
X-Google-Smtp-Source: APXvYqyTkCmgC2RjcsZ0Ylbb4YhfLljHgWOdH3ZZOWEWWwjqeDUK0+AGE5a35VIRuk7qsju46ToEZg==
X-Received: by 2002:a62:158c:: with SMTP id 134mr44301pfv.81.1579218581788;
        Thu, 16 Jan 2020 15:49:41 -0800 (PST)
Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163])
        by smtp.gmail.com with ESMTPSA id p5sm25618874pgs.28.2020.01.16.15.49.40
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 16 Jan 2020 15:49:40 -0800 (PST)
Date: Thu, 16 Jan 2020 15:49:39 -0800
From: Kees Cook <keescook@chromium.org>
To: Dmitry Vyukov <dvyukov@google.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
	Andrey Ryabinin <aryabinin@virtuozzo.com>,
	Elena Petrova <lenaptr@google.com>,
	Alexander Potapenko <glider@google.com>,
	Dan Carpenter <dan.carpenter@oracle.com>,
	"Gustavo A. R. Silva" <gustavo@embeddedor.com>,
	Arnd Bergmann <arnd@arndb.de>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	kasan-dev <kasan-dev@googlegroups.com>,
	Linux-MM <linux-mm@kvack.org>, LKML <linux-kernel@vger.kernel.org>,
	kernel-hardening@lists.openwall.com,
	syzkaller <syzkaller@googlegroups.com>
Subject: Re: [PATCH v3 5/6] kasan: Unset panic_on_warn before calling panic()
Message-ID: <202001161548.9E126B774F@keescook>
References: <20200116012321.26254-1-keescook@chromium.org>
 <20200116012321.26254-6-keescook@chromium.org>
 <CACT4Y+batRaj_PaDnfzLjpLDOCChhpiayKeab-rNLx5LAj1sSQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CACT4Y+batRaj_PaDnfzLjpLDOCChhpiayKeab-rNLx5LAj1sSQ@mail.gmail.com>
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Thu, Jan 16, 2020 at 06:23:01AM +0100, Dmitry Vyukov wrote:
> On Thu, Jan 16, 2020 at 2:24 AM Kees Cook <keescook@chromium.org> wrote:
> >
> > As done in the full WARN() handler, panic_on_warn needs to be cleared
> > before calling panic() to avoid recursive panics.
> >
> > Signed-off-by: Kees Cook <keescook@chromium.org>
> > ---
> >  mm/kasan/report.c | 10 +++++++++-
> >  1 file changed, 9 insertions(+), 1 deletion(-)
> >
> > diff --git a/mm/kasan/report.c b/mm/kasan/report.c
> > index 621782100eaa..844554e78893 100644
> > --- a/mm/kasan/report.c
> > +++ b/mm/kasan/report.c
> > @@ -92,8 +92,16 @@ static void end_report(unsigned long *flags)
> >         pr_err("==================================================================\n");
> >         add_taint(TAINT_BAD_PAGE, LOCKDEP_NOW_UNRELIABLE);
> >         spin_unlock_irqrestore(&report_lock, *flags);
> > -       if (panic_on_warn)
> > +       if (panic_on_warn) {
> > +               /*
> > +                * This thread may hit another WARN() in the panic path.
> > +                * Resetting this prevents additional WARN() from panicking the
> > +                * system on this thread.  Other threads are blocked by the
> > +                * panic_mutex in panic().
> 
> I don't understand part about other threads.
> Other threads are not necessary inside of panic(). And in fact since
> we reset panic_on_warn, they will not get there even if they should.
> If I am reading this correctly, once one thread prints a warning and
> is going to panic, other threads may now print infinite amounts of
> warning and proceed past them freely. Why is this the behavior we
> want?

AIUI, the issue is the current thread hitting another WARN and blocking
on trying to call panic again. WARNs encountered during the execution of
panic() need to not attempt to call panic() again.

-Kees

> 
> > +                */
> > +               panic_on_warn = 0;
> >                 panic("panic_on_warn set ...\n");
> > +       }
> >         kasan_enable_current();
> >  }

-- 
Kees Cook