From: Andrey Ryabinin <aryabinin@virtuozzo.com>
To: Daniel Axtens <dja@axtens.net>,
kasan-dev@googlegroups.com, linux-mm@kvack.org, x86@kernel.org,
glider@google.com, luto@kernel.org, linux-kernel@vger.kernel.org,
mark.rutland@arm.com, dvyukov@google.com,
christophe.leroy@c-s.fr
Cc: linuxppc-dev@lists.ozlabs.org, gor@linux.ibm.com,
Andrew Morton <akpm@linux-foundation.org>
Subject: Re: [PATCH v10 3/5] fork: support VMAP_STACK with KASAN_VMALLOC
Date: Tue, 29 Oct 2019 20:07:09 +0300 [thread overview]
Message-ID: <6dd97cbd-b3ac-3f53-36d6-489c45ddaf92@virtuozzo.com> (raw)
In-Reply-To: <20191029042059.28541-4-dja@axtens.net>
On 10/29/19 7:20 AM, Daniel Axtens wrote:
> Supporting VMAP_STACK with KASAN_VMALLOC is straightforward:
>
> - clear the shadow region of vmapped stacks when swapping them in
> - tweak Kconfig to allow VMAP_STACK to be turned on with KASAN
>
> Reviewed-by: Dmitry Vyukov <dvyukov@google.com>
> Signed-off-by: Daniel Axtens <dja@axtens.net>
> ---
Reviewed-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
>
> diff --git a/kernel/fork.c b/kernel/fork.c
> index 954e875e72b1..a6e5249ad74b 100644
> --- a/kernel/fork.c
> +++ b/kernel/fork.c
> @@ -94,6 +94,7 @@
> #include <linux/livepatch.h>
> #include <linux/thread_info.h>
> #include <linux/stackleak.h>
> +#include <linux/kasan.h>
>
> #include <asm/pgtable.h>
> #include <asm/pgalloc.h>
> @@ -224,6 +225,9 @@ static unsigned long *alloc_thread_stack_node(struct task_struct *tsk, int node)
> if (!s)
> continue;
>
> + /* Clear the KASAN shadow of the stack. */
> + kasan_unpoison_shadow(s->addr, THREAD_SIZE);
> +
Just sharing the thought. We could possibly add poisoning in free_thread_stack()
to catch possible usage of freed cached stack. But it might be a bad idea because cached
stacks supposed to be reused very quickly. So it might just add overhead without much gain.
> /* Clear stale pointers from reused stack. */
> memset(s->addr, 0, THREAD_SIZE);
>
>
next prev parent reply other threads:[~2019-10-29 17:07 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-29 4:20 [PATCH v10 0/5] kasan: support backing vmalloc space with real shadow memory Daniel Axtens
2019-10-29 4:20 ` [PATCH v10 1/5] " Daniel Axtens
2019-10-29 16:42 ` Andrey Ryabinin
2019-10-30 14:29 ` Uladzislau Rezki
2019-10-31 9:36 ` Daniel Axtens
2019-10-29 4:20 ` [PATCH v10 2/5] kasan: add test for vmalloc Daniel Axtens
2019-10-29 16:43 ` Andrey Ryabinin
2019-10-29 4:20 ` [PATCH v10 3/5] fork: support VMAP_STACK with KASAN_VMALLOC Daniel Axtens
2019-10-29 17:07 ` Andrey Ryabinin [this message]
2019-10-29 4:20 ` [PATCH v10 4/5] x86/kasan: support KASAN_VMALLOC Daniel Axtens
2019-10-29 17:21 ` Andrey Ryabinin
2019-10-30 13:50 ` Daniel Axtens
2019-10-30 14:12 ` Andrey Ryabinin
2019-10-30 14:21 ` Daniel Axtens
2019-10-29 4:20 ` [PATCH v10 5/5] kasan debug: track pages allocated for vmalloc shadow Daniel Axtens
2019-10-29 17:34 ` Andrey Ryabinin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6dd97cbd-b3ac-3f53-36d6-489c45ddaf92@virtuozzo.com \
--to=aryabinin@virtuozzo.com \
--cc=akpm@linux-foundation.org \
--cc=christophe.leroy@c-s.fr \
--cc=dja@axtens.net \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=gor@linux.ibm.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=luto@kernel.org \
--cc=mark.rutland@arm.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox