From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=3xAm=F2=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,
	INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED
	autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6EF90C433E0
	for <linux-mm@archiver.kernel.org>; Tue, 22 Dec 2020 20:00:55 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 1C52A20705
	for <linux-mm@archiver.kernel.org>; Tue, 22 Dec 2020 20:00:55 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1C52A20705
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 6E79E6B00B4; Tue, 22 Dec 2020 15:00:50 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 66FD86B00B6; Tue, 22 Dec 2020 15:00:50 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 5378B6B00B7; Tue, 22 Dec 2020 15:00:50 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0196.hostedemail.com [216.40.44.196])
	by kanga.kvack.org (Postfix) with ESMTP id 37E6C6B00B4
	for <linux-mm@kvack.org>; Tue, 22 Dec 2020 15:00:50 -0500 (EST)
Received: from smtpin25.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay03.hostedemail.com (Postfix) with ESMTP id F14F48249980
	for <linux-mm@kvack.org>; Tue, 22 Dec 2020 20:00:49 +0000 (UTC)
X-FDA: 77621986218.25.boot79_0307f0227462
Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251])
	by smtpin25.hostedemail.com (Postfix) with ESMTP id 02EA41804E3AF
	for <linux-mm@kvack.org>; Tue, 22 Dec 2020 20:00:48 +0000 (UTC)
X-HE-Tag: boot79_0307f0227462
X-Filterd-Recvd-Size: 5543
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by imf04.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Tue, 22 Dec 2020 20:00:48 +0000 (UTC)
Received: by mail.kernel.org (Postfix) with ESMTPSA id BA93723137;
	Tue, 22 Dec 2020 20:00:46 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org;
	s=korg; t=1608667247;
	bh=l3lg1QHfWNiKhxkb3gVgUjhwfevdtIV2NAFdxq0ggH0=;
	h=Date:From:To:Subject:In-Reply-To:From;
	b=Ncc0R+aq8vmgNfHAZFO1XEy5auFNqVHgPYh8uoDovmfWKriBDu9CUWniCd1UhVYxT
	 pUuqm6+Xpy/NFJuU/SIiuNWAcw3O4qrSc7smLSlAH03ge9AS+unM2QVWOfURw/iaPO
	 dlm9Sm0CklkptV7lkgHOGRMKAvACitzMjsAmDuRI=
Date: Tue, 22 Dec 2020 12:00:46 -0800
From: Andrew Morton <akpm@linux-foundation.org>
To: akpm@linux-foundation.org, andreyknvl@google.com,
 aryabinin@virtuozzo.com, Branislav.Rankov@arm.com,
 catalin.marinas@arm.com, dvyukov@google.com, elver@google.com,
 eugenis@google.com, glider@google.com, gor@linux.ibm.com,
 kevin.brodsky@arm.com, linux-mm@kvack.org, mm-commits@vger.kernel.org,
 torvalds@linux-foundation.org, vincenzo.frascino@arm.com,
 will.deacon@arm.com
Subject:  [patch 12/60] kasan: hide invalid free check
 implementation
Message-ID: <20201222200046.skGG0SPl-%akpm@linux-foundation.org>
In-Reply-To: <20201222115844.d30aaef7df6f5b120d3e0c3d@linux-foundation.org>
User-Agent: s-nail v14.8.16
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000008, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

From: Andrey Konovalov <andreyknvl@google.com>
Subject: kasan: hide invalid free check implementation

This is a preparatory commit for the upcoming addition of a new hardware
tag-based (MTE-based) KASAN mode.

For software KASAN modes the check is based on the value in the shadow
memory.  Hardware tag-based KASAN won't be using shadow, so hide the
implementation of the check in check_invalid_free().

Also simplify the code for software tag-based mode.

No functional changes for software modes.

Link: https://lkml.kernel.org/r/d01534a4b977f97d87515dc590e6348e1406de81.1606161801.git.andreyknvl@google.com
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
Reviewed-by: Marco Elver <elver@google.com>
Reviewed-by: Alexander Potapenko <glider@google.com>
Tested-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: Branislav Rankov <Branislav.Rankov@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Evgenii Stepanov <eugenis@google.com>
Cc: Kevin Brodsky <kevin.brodsky@arm.com>
Cc: Vasily Gorbik <gor@linux.ibm.com>
Cc: Will Deacon <will.deacon@arm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---

 mm/kasan/common.c  |   19 +------------------
 mm/kasan/generic.c |    7 +++++++
 mm/kasan/kasan.h   |    2 ++
 mm/kasan/sw_tags.c |    9 +++++++++
 4 files changed, 19 insertions(+), 18 deletions(-)

--- a/mm/kasan/common.c~kasan-hide-invalid-free-check-implementation
+++ a/mm/kasan/common.c
@@ -277,25 +277,9 @@ void * __must_check kasan_init_slab_obj(
 	return (void *)object;
 }
 
-static inline bool shadow_invalid(u8 tag, s8 shadow_byte)
-{
-	if (IS_ENABLED(CONFIG_KASAN_GENERIC))
-		return shadow_byte < 0 ||
-			shadow_byte >= KASAN_GRANULE_SIZE;
-
-	/* else CONFIG_KASAN_SW_TAGS: */
-	if ((u8)shadow_byte == KASAN_TAG_INVALID)
-		return true;
-	if ((tag != KASAN_TAG_KERNEL) && (tag != (u8)shadow_byte))
-		return true;
-
-	return false;
-}
-
 static bool __kasan_slab_free(struct kmem_cache *cache, void *object,
 			      unsigned long ip, bool quarantine)
 {
-	s8 shadow_byte;
 	u8 tag;
 	void *tagged_object;
 	unsigned long rounded_up_size;
@@ -314,8 +298,7 @@ static bool __kasan_slab_free(struct kme
 	if (unlikely(cache->flags & SLAB_TYPESAFE_BY_RCU))
 		return false;
 
-	shadow_byte = READ_ONCE(*(s8 *)kasan_mem_to_shadow(object));
-	if (shadow_invalid(tag, shadow_byte)) {
+	if (check_invalid_free(tagged_object)) {
 		kasan_report_invalid_free(tagged_object, ip);
 		return true;
 	}
--- a/mm/kasan/generic.c~kasan-hide-invalid-free-check-implementation
+++ a/mm/kasan/generic.c
@@ -187,6 +187,13 @@ bool check_memory_region(unsigned long a
 	return check_memory_region_inline(addr, size, write, ret_ip);
 }
 
+bool check_invalid_free(void *addr)
+{
+	s8 shadow_byte = READ_ONCE(*(s8 *)kasan_mem_to_shadow(addr));
+
+	return shadow_byte < 0 || shadow_byte >= KASAN_GRANULE_SIZE;
+}
+
 void kasan_cache_shrink(struct kmem_cache *cache)
 {
 	quarantine_remove_cache(cache);
--- a/mm/kasan/kasan.h~kasan-hide-invalid-free-check-implementation
+++ a/mm/kasan/kasan.h
@@ -166,6 +166,8 @@ void unpoison_range(const void *address,
 bool check_memory_region(unsigned long addr, size_t size, bool write,
 				unsigned long ret_ip);
 
+bool check_invalid_free(void *addr);
+
 void *find_first_bad_addr(void *addr, size_t size);
 const char *get_bug_type(struct kasan_access_info *info);
 
--- a/mm/kasan/sw_tags.c~kasan-hide-invalid-free-check-implementation
+++ a/mm/kasan/sw_tags.c
@@ -121,6 +121,15 @@ bool check_memory_region(unsigned long a
 	return true;
 }
 
+bool check_invalid_free(void *addr)
+{
+	u8 tag = get_tag(addr);
+	u8 shadow_byte = READ_ONCE(*(u8 *)kasan_mem_to_shadow(reset_tag(addr)));
+
+	return (shadow_byte == KASAN_TAG_INVALID) ||
+		(tag != KASAN_TAG_KERNEL && tag != shadow_byte);
+}
+
 #define DEFINE_HWASAN_LOAD_STORE(size)					\
 	void __hwasan_load##size##_noabort(unsigned long addr)		\
 	{								\
_