From: Andrey Konovalov <andreyknvl@gmail.com>
To: Marco Elver <elver@google.com>
Cc: andrey.konovalov@linux.dev,
Alexander Potapenko <glider@google.com>,
Vincenzo Frascino <vincenzo.frascino@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Peter Collingbourne <pcc@google.com>,
Dmitry Vyukov <dvyukov@google.com>,
kasan-dev <kasan-dev@googlegroups.com>,
Andrew Morton <akpm@linux-foundation.org>,
Linux Memory Management List <linux-mm@kvack.org>,
Will Deacon <will@kernel.org>,
Linux ARM <linux-arm-kernel@lists.infradead.org>,
Evgenii Stepanov <eugenis@google.com>,
LKML <linux-kernel@vger.kernel.org>,
Andrey Konovalov <andreyknvl@google.com>
Subject: Re: [PATCH 21/31] kasan, fork: don't tag stacks allocated with vmalloc
Date: Mon, 6 Dec 2021 22:08:59 +0100 [thread overview]
Message-ID: <CA+fCnZdWhnSDqtQ+q1RUV1U1uVtGpr0oxVK5jtUZUn=W+5rSjw@mail.gmail.com> (raw)
In-Reply-To: <YajX7pyIK27Gd+IE@elver.google.com>
On Thu, Dec 2, 2021 at 3:28 PM Marco Elver <elver@google.com> wrote:
>
> On Tue, Nov 30, 2021 at 11:07PM +0100, andrey.konovalov@linux.dev wrote:
> > From: Andrey Konovalov <andreyknvl@google.com>
> >
> > Once tag-based KASAN modes start tagging vmalloc() allocations,
> > kernel stacks will start getting tagged if CONFIG_VMAP_STACK is enabled.
> >
> > Reset the tag of kernel stack pointers after allocation.
> >
> > For SW_TAGS KASAN, when CONFIG_KASAN_STACK is enabled, the
> > instrumentation can't handle the sp register being tagged.
> >
> > For HW_TAGS KASAN, there's no instrumentation-related issues. However,
> > the impact of having a tagged SP pointer needs to be properly evaluated,
> > so keep it non-tagged for now.
>
> Don't VMAP_STACK stacks have guards? So some out-of-bounds would already
> be caught.
True, linear out-of-bounds accesses are already caught.
> What would be the hypothetical benefit of using a tagged stack pointer?
> Perhaps wildly out-of-bounds accesses derived from stack pointers?
Yes, that's the case that comes to mind.
> I agree that unless we understand the impact of using a tagged stack
> pointers, it should remain non-tagged for now.
Ack. I'll file a KASAN bug for this when the series is merged.
> > Note, that the memory for the stack allocation still gets tagged to
> > catch vmalloc-into-stack out-of-bounds accesses.
>
> Will the fact it's tagged cause issues for other code? I think kmemleak
> already untags all addresses it scans for pointers. Anything else?
Tagging stack memory shouldn't cause any stability issues like
conflicts with kmemleak. Tagging memory but not the pointers is not
worse than leaving memory tags uninitialized/random with regards to
this kind of issues.
Thanks!
next prev parent reply other threads:[~2021-12-06 21:09 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-30 21:39 [PATCH 00/31] kasan, vmalloc, arm64: add vmalloc tagging support for SW/HW_TAGS andrey.konovalov
2021-11-30 21:39 ` [PATCH 01/31] kasan, page_alloc: deduplicate should_skip_kasan_poison andrey.konovalov
2021-11-30 21:39 ` [PATCH 02/31] kasan, page_alloc: move tag_clear_highpage out of kernel_init_free_pages andrey.konovalov
2021-12-02 15:24 ` Alexander Potapenko
2021-11-30 21:39 ` [PATCH 03/31] kasan, page_alloc: merge kasan_free_pages into free_pages_prepare andrey.konovalov
2021-12-02 15:32 ` Alexander Potapenko
2021-11-30 21:39 ` [PATCH 04/31] kasan, page_alloc: simplify kasan_poison_pages call site andrey.konovalov
2021-12-01 14:09 ` Marco Elver
2021-12-06 21:07 ` Andrey Konovalov
2021-11-30 21:39 ` [PATCH 05/31] kasan, page_alloc: init memory of skipped pages on free andrey.konovalov
2021-11-30 21:41 ` [PATCH 06/31] mm: clarify __GFP_ZEROTAGS comment andrey.konovalov
2021-11-30 21:41 ` [PATCH 07/31] kasan: only apply __GFP_ZEROTAGS when memory is zeroed andrey.konovalov
2021-12-02 15:40 ` Alexander Potapenko
2021-11-30 21:41 ` [PATCH 08/31] kasan, page_alloc: refactor init checks in post_alloc_hook andrey.konovalov
2021-12-02 16:13 ` Alexander Potapenko
2021-12-06 21:09 ` Andrey Konovalov
2021-12-16 10:59 ` Alexander Potapenko
2021-11-30 21:42 ` [PATCH 09/31] kasan, page_alloc: merge kasan_alloc_pages into post_alloc_hook andrey.konovalov
2021-11-30 21:52 ` [PATCH 10/31] kasan, page_alloc: combine tag_clear_highpage calls in post_alloc_hook andrey.konovalov
2021-11-30 22:05 ` [PATCH 11/31] kasan, page_alloc: move SetPageSkipKASanPoison " andrey.konovalov
2021-11-30 22:05 ` [PATCH 12/31] kasan, page_alloc: move kernel_init_free_pages " andrey.konovalov
2021-11-30 22:05 ` [PATCH 13/31] kasan, page_alloc: simplify kasan_unpoison_pages call site andrey.konovalov
2021-11-30 22:06 ` [PATCH 14/31] kasan: clean up metadata byte definitions andrey.konovalov
2021-11-30 22:06 ` [PATCH 15/31] kasan: define KASAN_VMALLOC_INVALID for SW_TAGS andrey.konovalov
2021-11-30 22:06 ` [PATCH 16/31] kasan, x86, arm64, s390: rename functions for modules shadow andrey.konovalov
2021-11-30 22:06 ` [PATCH 17/31] kasan, vmalloc: drop outdated VM_KASAN comment andrey.konovalov
2021-11-30 22:07 ` [PATCH 18/31] kasan: reorder vmalloc hooks andrey.konovalov
2021-11-30 22:07 ` [PATCH 19/31] kasan: add wrappers for " andrey.konovalov
2021-11-30 22:07 ` [PATCH 20/31] kasan, vmalloc: reset tags in vmalloc functions andrey.konovalov
2021-12-02 14:17 ` Marco Elver
2021-12-06 21:08 ` Andrey Konovalov
2021-11-30 22:07 ` [PATCH 21/31] kasan, fork: don't tag stacks allocated with vmalloc andrey.konovalov
2021-12-02 14:27 ` Marco Elver
2021-12-06 21:08 ` Andrey Konovalov [this message]
2021-11-30 22:07 ` [PATCH 22/31] kasan, vmalloc: add vmalloc support to SW_TAGS andrey.konovalov
2021-11-30 22:07 ` [PATCH 23/31] kasan, arm64: allow KASAN_VMALLOC with SW_TAGS andrey.konovalov
2021-12-03 12:37 ` Marco Elver
2021-12-06 21:10 ` Andrey Konovalov
2021-11-30 22:07 ` [PATCH 24/31] kasan, vmalloc, arm64: mark vmalloc mappings as pgprot_tagged andrey.konovalov
2021-12-03 12:42 ` Marco Elver
2021-12-06 21:12 ` Andrey Konovalov
2021-11-30 22:08 ` [PATCH 25/31] kasan, vmalloc: don't unpoison VM_ALLOC pages before mapping andrey.konovalov
2021-11-30 22:08 ` [PATCH 26/31] kasan, page_alloc: allow skipping unpoisoning for HW_TAGS andrey.konovalov
2021-11-30 22:08 ` [PATCH 27/31] kasan, vmalloc: add vmalloc support to HW_TAGS andrey.konovalov
2021-12-03 12:41 ` Marco Elver
2021-12-06 21:12 ` Andrey Konovalov
2021-11-30 22:08 ` [PATCH 28/31] kasan: add kasan.vmalloc command line flag andrey.konovalov
2021-12-03 12:09 ` Marco Elver
2021-12-06 21:09 ` Andrey Konovalov
2021-11-30 22:08 ` [PATCH 29/31] kasan, arm64: allow KASAN_VMALLOC with HW_TAGS andrey.konovalov
2021-12-01 11:35 ` Marco Elver
2021-12-06 21:10 ` Andrey Konovalov
2021-12-03 12:40 ` Marco Elver
2021-12-06 21:10 ` Andrey Konovalov
2021-11-30 22:08 ` [PATCH 30/31] kasan: documentation updates andrey.konovalov
2021-11-30 22:08 ` [PATCH 31/31] kasan: improve vmalloc tests andrey.konovalov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CA+fCnZdWhnSDqtQ+q1RUV1U1uVtGpr0oxVK5jtUZUn=W+5rSjw@mail.gmail.com' \
--to=andreyknvl@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=andrey.konovalov@linux.dev \
--cc=andreyknvl@google.com \
--cc=catalin.marinas@arm.com \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=eugenis@google.com \
--cc=glider@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=pcc@google.com \
--cc=vincenzo.frascino@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox