From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pl0-f72.google.com (mail-pl0-f72.google.com [209.85.160.72]) by kanga.kvack.org (Postfix) with ESMTP id 586556B0003 for ; Thu, 15 Mar 2018 12:51:39 -0400 (EDT) Received: by mail-pl0-f72.google.com with SMTP id w20-v6so2266114plp.13 for ; Thu, 15 Mar 2018 09:51:39 -0700 (PDT) Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00092.outbound.protection.outlook.com. [40.107.0.92]) by mx.google.com with ESMTPS id g1si1251734pgq.219.2018.03.15.09.51.37 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 15 Mar 2018 09:51:38 -0700 (PDT) Subject: Re: [RFC PATCH 09/14] khwasan: add hooks implementation References: <06a4d0c483fba8babd01fe23727fe4a79482d309.1520017438.git.andreyknvl@google.com> From: Andrey Ryabinin Message-ID: <7f8e8f46-791e-7e8f-551b-f93aa64bcf6e@virtuozzo.com> Date: Thu, 15 Mar 2018 19:52:07 +0300 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: owner-linux-mm@kvack.org List-ID: To: Andrey Konovalov , Alexander Potapenko Cc: Dmitry Vyukov , Jonathan Corbet , Catalin Marinas , Will Deacon , Theodore Ts'o , Jan Kara , Christopher Li , Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , Masahiro Yamada , Michal Marek , Mark Rutland , Ard Biesheuvel , Yury Norov , Nick Desaulniers , Marc Zyngier , Bob Picco , Suzuki K Poulose , Kristina Martsenko , Punit Agrawal , Dave Martin , James Morse , Julien Thierry , Michael Weiser , Steve Capper , Ingo Molnar , Thomas Gleixner , Sandipan Das , Paul Lawrence , David Woodhouse , Kees Cook , Geert Uytterhoeven , Josh Poimboeuf , Arnd Bergmann , kasan-dev , linux-doc@vger.kernel.org, LKML , Linux ARM , linux-ext4@vger.kernel.org, linux-sparse@vger.kernel.org, Linux Memory Management List , Linux Kbuild mailing list , Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Kees Cook , Jann Horn , Mark Brand On 03/13/2018 08:00 PM, Andrey Konovalov wrote: > On Tue, Mar 13, 2018 at 4:05 PM, 'Alexander Potapenko' via kasan-dev > wrote: >> On Fri, Mar 2, 2018 at 8:44 PM, Andrey Konovalov wrote: >>> void *kasan_kmalloc_large(const void *ptr, size_t size, gfp_t flags) >>> { >>> - return (void *)ptr; >>> + unsigned long redzone_start, redzone_end; >>> + u8 tag; >>> + struct page *page; >>> + >>> + if (!READ_ONCE(khwasan_enabled)) >>> + return (void *)ptr; >>> + >>> + if (unlikely(ptr == NULL)) >>> + return NULL; >>> + >>> + page = virt_to_page(ptr); >>> + redzone_start = round_up((unsigned long)(ptr + size), >>> + KASAN_SHADOW_SCALE_SIZE); >>> + redzone_end = (unsigned long)ptr + (PAGE_SIZE << compound_order(page)); >>> + >>> + tag = khwasan_random_tag(); >>> + kasan_poison_shadow(ptr, redzone_start - (unsigned long)ptr, tag); >>> + kasan_poison_shadow((void *)redzone_start, redzone_end - redzone_start, >>> + khwasan_random_tag()); > >> Am I understanding right that the object and the redzone may receive >> identical tags here? > > Correct. > >> Does it make sense to generate the redzone tag from the object tag >> (e.g. by addding 1 to it)? > > Yes, I think so, will do! > Wouldn't be better to have some reserved tag value for invalid memory (redzones/free), so that we catch access to such memory with 100% probability?