From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B4A62C07E9D for ; Sat, 24 Sep 2022 18:23:53 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C9CE88E000F; Sat, 24 Sep 2022 14:23:52 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C4AC88E0007; Sat, 24 Sep 2022 14:23:52 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B12768E000F; Sat, 24 Sep 2022 14:23:52 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id A153B8E0007 for ; Sat, 24 Sep 2022 14:23:52 -0400 (EDT) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 702AA12024F for ; Sat, 24 Sep 2022 18:23:52 +0000 (UTC) X-FDA: 79947802704.12.B1D7C3D Received: from mail-qt1-f176.google.com (mail-qt1-f176.google.com [209.85.160.176]) by imf09.hostedemail.com (Postfix) with ESMTP id 2604A140002 for ; Sat, 24 Sep 2022 18:23:51 +0000 (UTC) Received: by mail-qt1-f176.google.com with SMTP id c11so1907252qtw.8 for ; Sat, 24 Sep 2022 11:23:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date; bh=/xbnrBG4oL9dWuD2fAga6eZYd+IqJp16vFuKkeWlnK0=; b=bTCoA4312F9BrnQ/RwBJEKz+mXv31t77vE7feZ5p7C5XW9eobkI+i684gPWePL5P0r kTRkzmr6bVuQfakCOy8hTN82DNlQfZf5YF79xhup8npF9mzMPrnubiAcQG78GAu+chLf v6i6sW29SOQ3BSRNAlsVQZCK5yMaj2ew8xitJIpEhZaKeIOZBi9SBn/CHHX6eSavNPod sISQijUPH5UNRs4pkOam6duV79kXE2Hz00U9RdkrJfLgctF8DV3bHI2OyBnwPd6P7U2O 7yc5KWMX3U3j7h9vQRz/8MEPfmUb8QxmJMoU7/zxnZol6jAeCcVxFGr5WWzM9GP5oV4c dW7w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=/xbnrBG4oL9dWuD2fAga6eZYd+IqJp16vFuKkeWlnK0=; b=Hi8dJLk3aoxD4KEemhPQiAD8k5ZZ2+VZIMRUKBnNz1VtslnRZvzrxpsnR9TQbxgh2Z mYIAOziaPjcUYeWI2LsBl2LCvB8dDJxfGfaBCIV1qmg+NlOlbZeRxqOZvrWLqGGGWCf9 plxYjrBTi36OXoMqYaqPtQr1dxvnqbMNo/qsH+OHFb9Vzz/tR4EvnG6KQFBRtKzEGaIL qDbfrDaLPAio0kFjAboqwFv5t5Wmlp3mmF24ndFhPqF8HgHP1nquTDRfqW3TjGr5t0kk 2pSATfZqiO7p8zX4ZJeGY31TA7jKeWMKPdP1brlzQzay0KZdkWy5qyao2kPqvzP6JNTM +aVQ== X-Gm-Message-State: ACrzQf2CpzZ0rG/sd64+Way84EHMO3JO3P//k+MtMuX3diPKZ2iZsOGt XqwVskMgKFU0VPHXV8tqxXqiDO3TAj4vzF72O0g= X-Google-Smtp-Source: AMsMyM4bnA+St2WKukm1PEcsCvYYtRXl/ClP2LNirt2ltxSSPOsQaxK7+jFA0lY42nzGriEaMsaDRn0UG0h0x9anF/k= X-Received: by 2002:a05:622a:34f:b0:35d:10ce:a72 with SMTP id r15-20020a05622a034f00b0035d10ce0a72mr12244010qtw.391.1664043831367; Sat, 24 Sep 2022 11:23:51 -0700 (PDT) MIME-Version: 1.0 References: <20220910052426.943376-1-pcc@google.com> In-Reply-To: From: Andrey Konovalov Date: Sat, 24 Sep 2022 20:23:40 +0200 Message-ID: Subject: Re: [PATCH] kasan: also display registers for reports from HW exceptions To: Peter Collingbourne Cc: Catalin Marinas , Vincenzo Frascino , Andrew Morton , Linux ARM , kasan-dev , Linux Memory Management List Content-Type: text/plain; charset="UTF-8" ARC-Authentication-Results: i=1; imf09.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=bTCoA431; spf=pass (imf09.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.160.176 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1664043832; a=rsa-sha256; cv=none; b=75xYUYYylSYw7lUQNRjBDm/2+vJ4vbUrHKtftjikptvTYAwdKLcLTleHNdzY508PYmudLk 2FK3jJYP0lHoNh2YzYo8690T+b2MOEIun48BIGSokTSgeHX0o6W+20PCsIa8GXn/7kHPXZ gBO2lARl1BI6Q3LBwzdt3sF9Bj1zeAw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1664043832; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=/xbnrBG4oL9dWuD2fAga6eZYd+IqJp16vFuKkeWlnK0=; b=yIcVIdsDCQzsVQ83mtv+z6BOwrvJFPWuXEJQ6I7FVtN3MwXtsGNUcjAv6QHPVe4So/LYNa 9dYHgaRuUW57/w/ZVmcTmGqenL8ld/socZPfRSKp1IJhpPsj9R2l4XN74bwmxiulK2vn/B P+R1UI2IHp/xLw/fh5vZDlxgqAHBRys= X-Stat-Signature: 9w159emqoou9eytg4cbymtqxswgst9hy X-Rspamd-Queue-Id: 2604A140002 Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=bTCoA431; spf=pass (imf09.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.160.176 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com; dmarc=pass (policy=none) header.from=gmail.com X-Rspam-User: X-Rspamd-Server: rspam05 X-HE-Tag: 1664043831-983928 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, Sep 13, 2022 at 6:00 AM Peter Collingbourne wrote: > > Hi Andrey, > > The most useful case would be for tag check faults with HW tags based > KASAN where the errant instruction would result in an immediate > exception which gives the kernel the opportunity to save all of the > registers to the struct pt_regs. Right. > For SW tags based KASAN with inline > checks it is less useful because some registers will have been used to > perform the check but I imagine that in some cases even that could be > better than nothing. Let's not print the registers for the SW_TAGS mode then. I think sometimes-irrelevant values might confuse people. > Peter > > > > We can do this easily for reports that resulted from > > > a hardware exception by passing the struct pt_regs from the exception into > > > the report function; do so. > > > > > > Signed-off-by: Peter Collingbourne > > > --- > > > Applies to -next. > > > > > > arch/arm64/kernel/traps.c | 3 +-- > > > arch/arm64/mm/fault.c | 2 +- > > > include/linux/kasan.h | 10 ++++++++++ > > > mm/kasan/kasan.h | 1 + > > > mm/kasan/report.c | 27 ++++++++++++++++++++++----- > > > 5 files changed, 35 insertions(+), 8 deletions(-) > > > > > > diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c > > > index b7fed33981f7..42f05f38c90a 100644 > > > --- a/arch/arm64/kernel/traps.c > > > +++ b/arch/arm64/kernel/traps.c > > > @@ -1019,9 +1019,8 @@ static int kasan_handler(struct pt_regs *regs, unsigned long esr) > > > bool write = esr & KASAN_ESR_WRITE; > > > size_t size = KASAN_ESR_SIZE(esr); > > > u64 addr = regs->regs[0]; > > > - u64 pc = regs->pc; > > > > > > - kasan_report(addr, size, write, pc); > > > + kasan_report_regs(addr, size, write, regs); > > > > > > /* > > > * The instrumentation allows to control whether we can proceed after > > > diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c > > > index 5b391490e045..c4b91f5d8cc8 100644 > > > --- a/arch/arm64/mm/fault.c > > > +++ b/arch/arm64/mm/fault.c > > > @@ -316,7 +316,7 @@ static void report_tag_fault(unsigned long addr, unsigned long esr, > > > * find out access size. > > > */ > > > bool is_write = !!(esr & ESR_ELx_WNR); > > > - kasan_report(addr, 0, is_write, regs->pc); > > > + kasan_report_regs(addr, 0, is_write, regs); > > > } > > > #else > > > /* Tag faults aren't enabled without CONFIG_KASAN_HW_TAGS. */ > > > diff --git a/include/linux/kasan.h b/include/linux/kasan.h > > > index d811b3d7d2a1..381aea149353 100644 > > > --- a/include/linux/kasan.h > > > +++ b/include/linux/kasan.h > > > @@ -353,6 +353,16 @@ static inline void *kasan_reset_tag(const void *addr) > > > bool kasan_report(unsigned long addr, size_t size, > > > bool is_write, unsigned long ip); > > > > > > +/** > > > + * kasan_report_regs - print a report about a bad memory access detected by KASAN > > > + * @addr: address of the bad access > > > + * @size: size of the bad access > > > + * @is_write: whether the bad access is a write or a read > > > + * @regs: register values at the point of the bad memory access > > > + */ > > > +bool kasan_report_regs(unsigned long addr, size_t size, bool is_write, > > > + struct pt_regs *regs); > > > + > > > #else /* CONFIG_KASAN_SW_TAGS || CONFIG_KASAN_HW_TAGS */ > > > > > > static inline void *kasan_reset_tag(const void *addr) > > > diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h > > > index abbcc1b0eec5..39772c21a8ae 100644 > > > --- a/mm/kasan/kasan.h > > > +++ b/mm/kasan/kasan.h > > > @@ -175,6 +175,7 @@ struct kasan_report_info { > > > size_t access_size; > > > bool is_write; > > > unsigned long ip; > > > + struct pt_regs *regs; > > > > > > /* Filled in by the common reporting code. */ > > > void *first_bad_addr; > > > diff --git a/mm/kasan/report.c b/mm/kasan/report.c > > > index 39e8e5a80b82..eac9cd45b4a1 100644 > > > --- a/mm/kasan/report.c > > > +++ b/mm/kasan/report.c > > > @@ -24,6 +24,7 @@ > > > #include > > > #include > > > #include > > > +#include > > > #include > > > #include > > > #include > > > @@ -284,7 +285,6 @@ static void print_address_description(void *addr, u8 tag, > > > { > > > struct page *page = addr_to_page(addr); > > > > > > - dump_stack_lvl(KERN_ERR); > > > pr_err("\n"); Please pull this pr_err out of this function and put right before the function is called. > > > > > > if (info->cache && info->object) { > > > @@ -394,11 +394,14 @@ static void print_report(struct kasan_report_info *info) > > > kasan_print_tags(tag, info->first_bad_addr); > > > pr_err("\n"); > > > > > > + if (info->regs) > > > + show_regs(info->regs); Looks like show_regs prints with KERN_DEFAULT. Inconsistent with KERN_ERR used for the rest of the report, but looks like there's no easy way to fix this. Let's leave as is. > > > + else > > > + dump_stack_lvl(KERN_ERR); > > > + > > > if (addr_has_metadata(addr)) { > > > print_address_description(addr, tag, info); > > > print_memory_metadata(info->first_bad_addr); > > > - } else { > > > - dump_stack_lvl(KERN_ERR); > > > } > > > } > > > > > > @@ -458,8 +461,8 @@ void kasan_report_invalid_free(void *ptr, unsigned long ip, enum kasan_report_ty > > > * user_access_save/restore(): kasan_report_invalid_free() cannot be called > > > * from a UACCESS region, and kasan_report_async() is not used on x86. > > > */ > > > -bool kasan_report(unsigned long addr, size_t size, bool is_write, > > > - unsigned long ip) > > > +static bool __kasan_report(unsigned long addr, size_t size, bool is_write, > > > + unsigned long ip, struct pt_regs *regs) > > > { > > > bool ret = true; > > > void *ptr = (void *)addr; > > > @@ -480,6 +483,7 @@ bool kasan_report(unsigned long addr, size_t size, bool is_write, > > > info.access_size = size; > > > info.is_write = is_write; > > > info.ip = ip; > > > + info.regs = regs; > > > > > > complete_report_info(&info); > > > > > > @@ -493,6 +497,19 @@ bool kasan_report(unsigned long addr, size_t size, bool is_write, > > > return ret; > > > } > > > > > > +bool kasan_report(unsigned long addr, size_t size, bool is_write, > > > + unsigned long ip) > > > +{ > > > + return __kasan_report(addr, size, is_write, ip, NULL); > > > +} > > > + > > > +bool kasan_report_regs(unsigned long addr, size_t size, bool is_write, > > > + struct pt_regs *regs) > > > +{ > > > + return __kasan_report(addr, size, is_write, instruction_pointer(regs), > > > + regs); > > > +} > > > + > > > #ifdef CONFIG_KASAN_HW_TAGS > > > void kasan_report_async(void) > > > { > > > -- > > > 2.37.2.789.g6183377224-goog > > >