From: Kefeng Wang <wangkefeng.wang@huawei.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>,
Dmitry Vyukov <dvyukov@google.com>,
<linux-arm-kernel@lists.infradead.org>,
<linux-kernel@vger.kernel.org>, <linux-s390@vger.kernel.org>,
<kasan-dev@googlegroups.com>, <linux-mm@kvack.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>, Heiko Carstens <hca@linux.ibm.com>,
Vasily Gorbik <gor@linux.ibm.com>,
Christian Borntraeger <borntraeger@linux.ibm.com>,
Alexander Gordeev <agordeev@linux.ibm.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
Alexander Potapenko <glider@google.com>,
Yongqiang Liu <liuyongqiang13@huawei.com>
Subject: Re: [PATCH v3] mm: Defer kmemleak object creation of module_alloc()
Date: Thu, 25 Nov 2021 09:08:59 +0800 [thread overview]
Message-ID: <356d857b-1813-6132-d4ae-5bb41190a1a7@huawei.com> (raw)
In-Reply-To: <20211124135014.665649a0bcb872367b248cef@linux-foundation.org>
On 2021/11/25 5:50, Andrew Morton wrote:
> On Wed, 24 Nov 2021 22:20:34 +0800 Kefeng Wang <wangkefeng.wang@huawei.com> wrote:
>
>> Yongqiang reports a kmemleak panic when module insmod/rmmod
>> with KASAN enabled(without KASAN_VMALLOC) on x86[1].
>>
>> When the module area allocates memory, it's kmemleak_object
>> is created successfully, but the KASAN shadow memory of module
>> allocation is not ready, so when kmemleak scan the module's
>> pointer, it will panic due to no shadow memory with KASAN check.
>>
>> module_alloc
>> __vmalloc_node_range
>> kmemleak_vmalloc
>> kmemleak_scan
>> update_checksum
>> kasan_module_alloc
>> kmemleak_ignore
>>
>> Note, there is no problem if KASAN_VMALLOC enabled, the modules
>> area entire shadow memory is preallocated. Thus, the bug only
>> exits on ARCH which supports dynamic allocation of module area
>> per module load, for now, only x86/arm64/s390 are involved.
>>
>> Add a VM_DEFER_KMEMLEAK flags, defer vmalloc'ed object register
>> of kmemleak in module_alloc() to fix this issue.
>>
> I guess this is worth backporting into -stable kernels? If so, what
> would be a suitable Fixes: target? I suspect it goes back to the
> initial KASAN merge date?
The kasan_module_alloc() was introduced from v4.0,
s390: v4.20
793213a82de4 s390/kasan: dynamic shadow mem allocation for modules
arm64: v4.4
39d114ddc682 arm64: add KASAN support
x86: v4.0
bebf56a1b176 kasan: enable instrumentation of global variables
> .
prev parent reply other threads:[~2021-11-25 1:09 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-24 14:20 Kefeng Wang
2021-11-24 21:50 ` Andrew Morton
2021-11-25 1:08 ` Kefeng Wang [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=356d857b-1813-6132-d4ae-5bb41190a1a7@huawei.com \
--to=wangkefeng.wang@huawei.com \
--cc=agordeev@linux.ibm.com \
--cc=akpm@linux-foundation.org \
--cc=borntraeger@linux.ibm.com \
--cc=bp@alien8.de \
--cc=catalin.marinas@arm.com \
--cc=dave.hansen@linux.intel.com \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=gor@linux.ibm.com \
--cc=hca@linux.ibm.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-s390@vger.kernel.org \
--cc=liuyongqiang13@huawei.com \
--cc=mingo@redhat.com \
--cc=ryabinin.a.a@gmail.com \
--cc=tglx@linutronix.de \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox