From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id EACCFECAAD5
	for <linux-mm@archiver.kernel.org>; Mon,  5 Sep 2022 12:26:49 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 82BE88D008F; Mon,  5 Sep 2022 08:26:49 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 7DAEE8D0076; Mon,  5 Sep 2022 08:26:49 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 6A3798D008F; Mon,  5 Sep 2022 08:26:49 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11])
	by kanga.kvack.org (Postfix) with ESMTP id 5C6208D0076
	for <linux-mm@kvack.org>; Mon,  5 Sep 2022 08:26:49 -0400 (EDT)
Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay01.hostedemail.com (Postfix) with ESMTP id 4271C1C5C74
	for <linux-mm@kvack.org>; Mon,  5 Sep 2022 12:26:49 +0000 (UTC)
X-FDA: 79877955738.13.2B3B55C
Received: from mail-ej1-f73.google.com (mail-ej1-f73.google.com [209.85.218.73])
	by imf28.hostedemail.com (Postfix) with ESMTP id D955BC0093
	for <linux-mm@kvack.org>; Mon,  5 Sep 2022 12:26:48 +0000 (UTC)
Received: by mail-ej1-f73.google.com with SMTP id he38-20020a1709073da600b0073d98728570so2284981ejc.11
        for <linux-mm@kvack.org>; Mon, 05 Sep 2022 05:26:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date;
        bh=Rbxz0iuc7RXxWgIfjeSrHOuiWEHvXH2VAJuclXEfLdg=;
        b=THOF30VtPA03HguE2vHQscvu4ZTBh5MWS0Wvqn4CdmFennnT2MwMnV9TcDZ3iHNp+s
         GIFt6P3re2Xo+37u/v00Y9DHfFIunA33ANa8bO9IuXi1k0z7jcjjiC1Qs1OqFW9GRw+H
         NE01mSjr6C9GGNwYYEPh7ZecXNqKtBXVTf5e4tlGS8oJ11WGhPU/7O8qaTlZ7kHXGZXr
         nv54U87Qubi0ceB7OERr7dnfX9ZRb6Ez6oDMpF+0xoUm5aualihiUUnnVv0ssiVkIzsf
         p/1s9yIn41sKfV1mVxEOL51ABsyyowCV9IdnoM8lSsY7waAb7T8vnpeJ9C3teWfyXNpp
         hOrA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date;
        bh=Rbxz0iuc7RXxWgIfjeSrHOuiWEHvXH2VAJuclXEfLdg=;
        b=0fRuukFSViNr7j6uZRIlflvWqhE5Owc8YZE2sTFavyqlupz4zF32PCIWIkbdtHdQYl
         nlMdFdaRcx7idxmTkbg8hfWmRT6DsSQN80Blujk5SGBkmXgzWI7+Lhu1vuiHMNQot0kC
         quc2B6eJIgjlyS1eGDIWPwaA2NzTx5vPri9HmDR+tB/3btyEOlRwzFcKfoFl/+hhNG6S
         X+EP9bnbZlXS0Id132gHyPLZckz24BrwI3b8Zwe6SggHrRyBePcbD7v4ZLfMTwIX8qpQ
         6g/EO+2gn5szXRQyPkoTq51FpENYwEbK5tPBtvsz4L5OTTsaFzV4GIFMuDoGfyIz1dRc
         vfTg==
X-Gm-Message-State: ACgBeo2wF6wQoks3/+9Vy8peGo8L8JXMG0q+JoVmYvSi38dPiFLg3lY6
	goIvuebtwZcD7FdVheJdS6eWGbP+GjY=
X-Google-Smtp-Source: AA6agR4vM0zsIKH75s7RCEaW6zrpgK+jiBpEwRdOSTxPxJ6LYkLuc7HHV+OetDykyKOVYyXQay+1ci6hfI4=
X-Received: from glider.muc.corp.google.com ([2a00:79e0:9c:201:b808:8d07:ab4a:554c])
 (user=glider job=sendgmr) by 2002:aa7:cb87:0:b0:43b:e650:6036 with SMTP id
 r7-20020aa7cb87000000b0043be6506036mr44091595edt.350.1662380807787; Mon, 05
 Sep 2022 05:26:47 -0700 (PDT)
Date: Mon,  5 Sep 2022 14:24:48 +0200
In-Reply-To: <20220905122452.2258262-1-glider@google.com>
Mime-Version: 1.0
References: <20220905122452.2258262-1-glider@google.com>
X-Mailer: git-send-email 2.37.2.789.g6183377224-goog
Message-ID: <20220905122452.2258262-41-glider@google.com>
Subject: [PATCH v6 40/44] x86: kmsan: don't instrument stack walking functions
From: Alexander Potapenko <glider@google.com>
To: glider@google.com
Cc: Alexander Viro <viro@zeniv.linux.org.uk>, Alexei Starovoitov <ast@kernel.org>, 
	Andrew Morton <akpm@linux-foundation.org>, Andrey Konovalov <andreyknvl@google.com>, 
	Andy Lutomirski <luto@kernel.org>, Arnd Bergmann <arnd@arndb.de>, Borislav Petkov <bp@alien8.de>, 
	Christoph Hellwig <hch@lst.de>, Christoph Lameter <cl@linux.com>, David Rientjes <rientjes@google.com>, 
	Dmitry Vyukov <dvyukov@google.com>, Eric Dumazet <edumazet@google.com>, 
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Herbert Xu <herbert@gondor.apana.org.au>, 
	Ilya Leoshkevich <iii@linux.ibm.com>, Ingo Molnar <mingo@redhat.com>, Jens Axboe <axboe@kernel.dk>, 
	Joonsoo Kim <iamjoonsoo.kim@lge.com>, Kees Cook <keescook@chromium.org>, 
	Marco Elver <elver@google.com>, Mark Rutland <mark.rutland@arm.com>, 
	Matthew Wilcox <willy@infradead.org>, "Michael S. Tsirkin" <mst@redhat.com>, Pekka Enberg <penberg@kernel.org>, 
	Peter Zijlstra <peterz@infradead.org>, Petr Mladek <pmladek@suse.com>, 
	Steven Rostedt <rostedt@goodmis.org>, Thomas Gleixner <tglx@linutronix.de>, 
	Vasily Gorbik <gor@linux.ibm.com>, Vegard Nossum <vegard.nossum@oracle.com>, 
	Vlastimil Babka <vbabka@suse.cz>, kasan-dev@googlegroups.com, linux-mm@kvack.org, 
	linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1662380808; a=rsa-sha256;
	cv=none;
	b=xPh0BnzIIKzkjOgTlctq8E+ZBVn0L0EwcAVp4S6l6yRC4JwlNyl48HLppH8CMmvG5e/t14
	ZjoL4QxiV8FAxVl7TLposX7+WpVXJx3UNyCPjsYsReooi+w+eX5g/yqER2k/Xq5PGsqjR2
	8ZVTCSGpO8Dr1X9LPTffjeUEjdIv1fQ=
ARC-Authentication-Results: i=1;
	imf28.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=THOF30Vt;
	spf=pass (imf28.hostedemail.com: domain of 3B-sVYwYKCFQ274z0D2AA270.yA8749GJ-886Hwy6.AD2@flex--glider.bounces.google.com designates 209.85.218.73 as permitted sender) smtp.mailfrom=3B-sVYwYKCFQ274z0D2AA270.yA8749GJ-886Hwy6.AD2@flex--glider.bounces.google.com;
	dmarc=pass (policy=reject) header.from=google.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1662380808;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=Rbxz0iuc7RXxWgIfjeSrHOuiWEHvXH2VAJuclXEfLdg=;
	b=N08UVcnu8k94hdje5Ba2D24zdLfV5u9upU94kK4RviQBU31X2khh+m0VxewWIlj3/7fRH9
	HRr7zE3BwTWFdIPC8V2/TAiw5b3lftjYzq5rzq5PxQAANkWrNtwFeKyvqHSeNWz30/EJLB
	qm3XeA2ZeZlwStHJrS6O8n+cYf6/4/M=
Authentication-Results: imf28.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=THOF30Vt;
	spf=pass (imf28.hostedemail.com: domain of 3B-sVYwYKCFQ274z0D2AA270.yA8749GJ-886Hwy6.AD2@flex--glider.bounces.google.com designates 209.85.218.73 as permitted sender) smtp.mailfrom=3B-sVYwYKCFQ274z0D2AA270.yA8749GJ-886Hwy6.AD2@flex--glider.bounces.google.com;
	dmarc=pass (policy=reject) header.from=google.com
X-Rspam-User: 
X-Rspamd-Server: rspam12
X-Stat-Signature: 547xr78piz9ht713cux3yojf95e8hngi
X-Rspamd-Queue-Id: D955BC0093
X-HE-Tag: 1662380808-125426
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

Upon function exit, KMSAN marks local variables as uninitialized.
Further function calls may result in the compiler creating the stack
frame where these local variables resided. This results in frame
pointers being marked as uninitialized data, which is normally correct,
because they are not stack-allocated.

However stack unwinding functions are supposed to read and dereference
the frame pointers, in which case KMSAN might be reporting uses of
uninitialized values.

To work around that, we mark update_stack_state(), unwind_next_frame()
and show_trace_log_lvl() with __no_kmsan_checks, preventing all KMSAN
reports inside those functions and making them return initialized
values.

Signed-off-by: Alexander Potapenko <glider@google.com>
---
Link: https://linux-review.googlesource.com/id/I6550563768fbb08aa60b2a96803675dcba93d802
---
 arch/x86/kernel/dumpstack.c    |  6 ++++++
 arch/x86/kernel/unwind_frame.c | 11 +++++++++++
 2 files changed, 17 insertions(+)

diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c
index afae4dd774951..476eb504084e4 100644
--- a/arch/x86/kernel/dumpstack.c
+++ b/arch/x86/kernel/dumpstack.c
@@ -177,6 +177,12 @@ static void show_regs_if_on_stack(struct stack_info *info, struct pt_regs *regs,
 	}
 }
 
+/*
+ * This function reads pointers from the stack and dereferences them. The
+ * pointers may not have their KMSAN shadow set up properly, which may result
+ * in false positive reports. Disable instrumentation to avoid those.
+ */
+__no_kmsan_checks
 static void show_trace_log_lvl(struct task_struct *task, struct pt_regs *regs,
 			unsigned long *stack, const char *log_lvl)
 {
diff --git a/arch/x86/kernel/unwind_frame.c b/arch/x86/kernel/unwind_frame.c
index 8e1c50c86e5db..d8ba93778ae32 100644
--- a/arch/x86/kernel/unwind_frame.c
+++ b/arch/x86/kernel/unwind_frame.c
@@ -183,6 +183,16 @@ static struct pt_regs *decode_frame_pointer(unsigned long *bp)
 }
 #endif
 
+/*
+ * While walking the stack, KMSAN may stomp on stale locals from other
+ * functions that were marked as uninitialized upon function exit, and
+ * now hold the call frame information for the current function (e.g. the frame
+ * pointer). Because KMSAN does not specifically mark call frames as
+ * initialized, false positive reports are possible. To prevent such reports,
+ * we mark the functions scanning the stack (here and below) with
+ * __no_kmsan_checks.
+ */
+__no_kmsan_checks
 static bool update_stack_state(struct unwind_state *state,
 			       unsigned long *next_bp)
 {
@@ -250,6 +260,7 @@ static bool update_stack_state(struct unwind_state *state,
 	return true;
 }
 
+__no_kmsan_checks
 bool unwind_next_frame(struct unwind_state *state)
 {
 	struct pt_regs *regs;
-- 
2.37.2.789.g6183377224-goog