From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4FDFCD597C5 for ; Wed, 13 Nov 2024 01:57:33 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id AB6DE6B0088; Tue, 12 Nov 2024 20:57:32 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id A3FC26B00B8; Tue, 12 Nov 2024 20:57:32 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8BA0F6B00B9; Tue, 12 Nov 2024 20:57:32 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 688606B0088 for ; Tue, 12 Nov 2024 20:57:32 -0500 (EST) Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id DCCED140624 for ; Wed, 13 Nov 2024 01:57:31 +0000 (UTC) X-FDA: 82779408684.22.E4AB801 Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) by imf25.hostedemail.com (Postfix) with ESMTP id 83AAAA0005 for ; Wed, 13 Nov 2024 01:56:59 +0000 (UTC) Authentication-Results: imf25.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=eNJA7iiK; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf25.hostedemail.com: domain of ritesh.list@gmail.com designates 209.85.214.171 as permitted sender) smtp.mailfrom=ritesh.list@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1731462874; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references:dkim-signature; bh=N61dRP0zCZ5yj3jghYT9YKlYmR07EvPApdhNG3AAtvE=; b=lB5qXT7JDSlfK0FfKypm7Awo0YaEn52J57zV+rXcWygu5AUUm9eFaK6iNWelwELDm5I0XM 7+jfIP0u2LSMkVhE4HNfLXQbf0yyT8R0XsMv7KnnN/rkRk3i9neZou22GpixKfqsvs7YcC JEnynfBE+teRvIvXBVTNVy83KKyc1Bc= ARC-Authentication-Results: i=1; imf25.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=eNJA7iiK; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf25.hostedemail.com: domain of ritesh.list@gmail.com designates 209.85.214.171 as permitted sender) smtp.mailfrom=ritesh.list@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1731462874; a=rsa-sha256; cv=none; b=Ok0QSlUO46iDpDjtcsR0XOfltD3f4sGGEOOSZC63f+Yf0Vq9NkE9pDST64LwyYcHyhElbm XonBqA4KPYXMDPL6HivvWBfOms5a5hyoJZGLfiN7btO4/qSEcZKVJOGDn5T1QQUuITd8Bt td1UWtWXOA+POSBdqUZ8XKU58VuqQLI= Received: by mail-pl1-f171.google.com with SMTP id d9443c01a7336-20cd76c513cso54135605ad.3 for ; Tue, 12 Nov 2024 17:57:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1731463049; x=1732067849; darn=kvack.org; h=references:message-id:date:in-reply-to:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=N61dRP0zCZ5yj3jghYT9YKlYmR07EvPApdhNG3AAtvE=; b=eNJA7iiKn5tvhyjP9xM3QfMElcyoCW04r8L3QfE9XJ8Ry4MLg1kzHQYSMvGhaX41gR lJaqMXk62lPUmptci8pLmBCwHIQd22bVeqhkArzGqAgGGYaJrutJVqHnd8OfpOIT1jVb LMYp8XrPiZOXjqVqyScXxMLc32kBfK17co7hXL/M/06y+kC/KKCENHJt3PhpYx2yvrox ajm1bCIoiK90Xb3/bsL2h377PLNzaqDJ8mV6ZoUJvxlsJR9JVHsW+L7aLRUJ95g6Jv+B u2oNHjaP75bmQjsGB5IcIKuHZQmtQiY8Lwdm9c/S8XaI6i+9kwmL0n4zUGn9quL9UQba Rmjg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731463049; x=1732067849; h=references:message-id:date:in-reply-to:subject:cc:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=N61dRP0zCZ5yj3jghYT9YKlYmR07EvPApdhNG3AAtvE=; b=qRm6vkhjn4I4SMrbTOcYG+htqGyGU7D72DfjVyjxgwRwgU7sJ+O50e6DoMwn0IBlWs JSMsGacAqmEJE7eXn+o6ZwoAWq3qJht6VLtf9Jpu4RJb/D7d9fPZ1lIo2pyRY00JtD93 YJ1gK220plOkyyKF71PWALWkqMpIgkK/6aXm3Cxn2e6OM8OrUw25CVBXxYmWYBl7tVtS FfVgW8IXf089XPrrppjoQn4RNb4rZe5tskvUDxZljdvW2aearDWTwEFawDamtu/9p6pY IeE+Y1HgIr5qO8r68sKj68aLPuOSXHQkbBQa5w+LNRX/tbXdEeCSF891Gz82CuxeGKVC LLvw== X-Forwarded-Encrypted: i=1; AJvYcCVlP5hBJMKLw3FlX1r6Q4pqkWl9UD3bDUdqp5CNiBveGM5v9MViCxDX/nhlt304OvF0eVuLMhDBaA==@kvack.org X-Gm-Message-State: AOJu0Yy1HBP73iWuf7z4IX/PSsaj1B2Pwb7nKS20KU7oz8AcJXsUQpl9 bToQ+psInXW9HYB7o49B2YcfOyk+ZQwuviCrVwCatH2e1k2gkf/UlwMgtg== X-Google-Smtp-Source: AGHT+IFeKPp1A0NyOhpaXktmGDd/OEl+DxH4cN9vIkIT18flyn+V4BUfhg3AcxVyXBhzufQZ9fl2pQ== X-Received: by 2002:a17:902:d2cf:b0:20b:6a57:bf3a with SMTP id d9443c01a7336-211ab90a59emr66341285ad.1.1731463048726; Tue, 12 Nov 2024 17:57:28 -0800 (PST) Received: from dw-tp ([171.76.87.84]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-21177e6c352sm101286045ad.253.2024.11.12.17.57.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Nov 2024 17:57:28 -0800 (PST) From: Ritesh Harjani (IBM) To: Marco Elver Cc: kasan-dev@googlegroups.com, linuxppc-dev@lists.ozlabs.org, linux-mm@kvack.org, Dmitry Vyukov , Alexander Potapenko , Heiko Carstens , Nirjhar Roy , Andrew Morton Subject: Re: [PATCH v3] mm/kfence: Add a new kunit test test_use_after_free_read_nofault() In-Reply-To: Date: Wed, 13 Nov 2024 07:26:26 +0530 Message-ID: <87frnvnbg5.fsf@gmail.com> References: <210e561f7845697a32de44b643393890f180069f.1729272697.git.ritesh.list@gmail.com> X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 83AAAA0005 X-Stat-Signature: 4swqu4bqtjxf5k3bg5445ocica9frstc X-Rspam-User: X-HE-Tag: 1731463019-846962 X-HE-Meta: U2FsdGVkX19eGuYhXgEZv4mFXnwKFhNYJbqJrJqN/6SljTfkJDWpuz3zjsDPObprCziqY6nfsG+jzLFmXmWFV3/8SEEpEPYvI0aNLpljymbynlgwEBfTq3F0ZQ6F3pvL+WT53BF+tXXozup42qAk88LuOABgj8K2ygaYzbH7+gTowS65dlnPtfFkdML0eNyZLZJMJ8erQ6mG2AhLyOktcBCB/GQeQabcX7yTTCG6HYjPm42jS95xT/Mg/Cn8+u6evq3L1EsQYGPE83wcZuV5H9wymYNMAPATGbMBNbxFRnEATHoNDhmAiWppbelkq7lhmrJYAmM8buvXBInAcYc1Vz6C1K8q2z3weE8ymroKLHEX4PFAWrSDiyJrpcnznK7D5YylzsT/yNPLS9zuVMpCrX+cTd8du/wnXAvBAKHdT0KP/QDGbBfDW7nh+Ay9BEum55nAiLO6tkh+EwaRSeqllIRHs1itHg1r3Dornz4qtieA4WYPJdytcbKQVXsGxVzDlFP/wktUuK6j4ab3um7yvz5gtHA/k2Bt7Gtq9aRvVSqnQHKgfkadzzYMdZzCjbaQ3ck9G92I0fJ8IMNyL55zEO6y4SKe+b4yI1jn9Rh4ijg+L+yiYjXUYcDRJR4k+5tqkFmBQyMChcKxY26nOm0pAdX2lSMkADWWTlEUGKtCec6lbD+eUKqF0R/kwDbPRhW/fyU2DNRmWIuniI0KyTt43t+8ZV89RyT1Ci1mLgPzBFGve/cgwZiXz0LlQf17LKI6n7/VpPmwIPEK8i6xKyJtiY7eVJKMHAgtwXyjlf3fMCub0HYvQmCZ0+CfTHcV2gz/nkPtsJTPm98d/piX+ShzoE6MyouV65bjYp5SeRtDfxt6PFC2OhzU8T4vAqKeYJLMWX73wo2ZYJ6NfIv5O1ty1By8KR3YyKBpD6psDfl1XdKjW6wtbFq3v2SWkw2rXxC6aSwKaP4NCEOILPosX0H cXo5Tniv IByOwAO5EZcmxfUNWED6qvpctZMhqZNM8B3zDf3X0IftMZxbwL31htua/oMRL9ihbcElDMp5iOx9AFhBTDpDGle1VPaKEMSR8AYX7a0DctpUIheynGrGNeigz44wq9W+YEO+iAakMvwG27rlCd0H2LFCz2v89Afkqv5MamGPNKxZ2ouWDTinD/PfX4Ig5CX8tBCpt/RvwB55J+iGch6C/DXyt/G7gbSb1f49A2d/p9Kd0tPwLTmURESFZeuQdq5QWeYSkl5Z1UKmVNOc2y8YUHf8PUGsq/PWw9SGRHvn7PLq3Qy/XA22ji+pLmwsbNHVpzM0CiGOxjBkQEclKVv8OJSBt70z412K5vAUJ6Wz25VSjtf0jJZ9tLB6GN1DwCmG8xSfTVxEZMZjHQR8kt59sXsHzRPSS+8f0J5pmFoQfJpSST8NOcST1nIaVGmuqXrR3VjGaTCz7eH32MTSedtg+zlJrvef/LirzBXCQFgGfyYPNXQldxvh05+VTAncW95XwQYG/LfLlePFNcbI= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000332, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Marco Elver writes: > On Fri, 18 Oct 2024 at 19:46, Ritesh Harjani (IBM) > wrote: >> >> From: Nirjhar Roy >> >> Faults from copy_from_kernel_nofault() needs to be handled by fixup >> table and should not be handled by kfence. Otherwise while reading >> /proc/kcore which uses copy_from_kernel_nofault(), kfence can generate >> false negatives. This can happen when /proc/kcore ends up reading an >> unmapped address from kfence pool. >> >> Let's add a testcase to cover this case. >> >> Co-developed-by: Ritesh Harjani (IBM) >> Signed-off-by: Nirjhar Roy >> Signed-off-by: Ritesh Harjani (IBM) >> --- >> >> Will be nice if we can get some feedback on this. > > There was some discussion recently how sanitizers should behave around > these nofault helpers when accessing invalid memory (including freed > memory): > https://lore.kernel.org/all/CANpmjNMAVFzqnCZhEity9cjiqQ9CVN1X7qeeeAp_6yKjwKo8iw@mail.gmail.com/ > > It should be similar for KFENCE, i.e. no report should be generated. > Definitely a good thing to test. > > Tested-by: Marco Elver > Reviewed-by: Marco Elver > Gentle ping. Is this going into -next? -ritesh >> v2 -> v3: >> ========= >> 1. Separated out this kfence kunit test from the larger powerpc+kfence+v3 series. >> 2. Dropped RFC tag >> >> [v2]: https://lore.kernel.org/linuxppc-dev/cover.1728954719.git.ritesh.list@gmail.com >> [powerpc+kfence+v3]: https://lore.kernel.org/linuxppc-dev/cover.1729271995.git.ritesh.list@gmail.com >> >> mm/kfence/kfence_test.c | 17 +++++++++++++++++ >> 1 file changed, 17 insertions(+) >> >> diff --git a/mm/kfence/kfence_test.c b/mm/kfence/kfence_test.c >> index 00fd17285285..f65fb182466d 100644 >> --- a/mm/kfence/kfence_test.c >> +++ b/mm/kfence/kfence_test.c >> @@ -383,6 +383,22 @@ static void test_use_after_free_read(struct kunit *test) >> KUNIT_EXPECT_TRUE(test, report_matches(&expect)); >> } >> >> +static void test_use_after_free_read_nofault(struct kunit *test) >> +{ >> + const size_t size = 32; >> + char *addr; >> + char dst; >> + int ret; >> + >> + setup_test_cache(test, size, 0, NULL); >> + addr = test_alloc(test, size, GFP_KERNEL, ALLOCATE_ANY); >> + test_free(addr); >> + /* Use after free with *_nofault() */ >> + ret = copy_from_kernel_nofault(&dst, addr, 1); >> + KUNIT_EXPECT_EQ(test, ret, -EFAULT); >> + KUNIT_EXPECT_FALSE(test, report_available()); >> +} >> + >> static void test_double_free(struct kunit *test) >> { >> const size_t size = 32; >> @@ -780,6 +796,7 @@ static struct kunit_case kfence_test_cases[] = { >> KFENCE_KUNIT_CASE(test_out_of_bounds_read), >> KFENCE_KUNIT_CASE(test_out_of_bounds_write), >> KFENCE_KUNIT_CASE(test_use_after_free_read), >> + KFENCE_KUNIT_CASE(test_use_after_free_read_nofault), >> KFENCE_KUNIT_CASE(test_double_free), >> KFENCE_KUNIT_CASE(test_invalid_addr_free), >> KFENCE_KUNIT_CASE(test_corruption), >> -- >> 2.46.0 >>