From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0587FCAC5AC for ; Tue, 17 Sep 2024 22:51:27 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1BE036B007B; Tue, 17 Sep 2024 18:51:27 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 16F276B0082; Tue, 17 Sep 2024 18:51:27 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 036766B0089; Tue, 17 Sep 2024 18:51:26 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id D915B6B007B for ; Tue, 17 Sep 2024 18:51:26 -0400 (EDT) Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 881031A0115 for ; Tue, 17 Sep 2024 22:51:26 +0000 (UTC) X-FDA: 82575728172.22.A52B219 Received: from mail-wr1-f53.google.com (mail-wr1-f53.google.com [209.85.221.53]) by imf18.hostedemail.com (Postfix) with ESMTP id 9C4FD1C0007 for ; Tue, 17 Sep 2024 22:51:24 +0000 (UTC) Authentication-Results: imf18.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b="A2RtsF/v"; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf18.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.221.53 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1726613394; a=rsa-sha256; cv=none; b=beVF0yT8MLyibk4AkNwofPYyElmlk9ms8LOZkcFgMiIA3hLZuE7Ck/WHU7Pwy0b5z9i+5b qiKHG9tf8kAqcX950o8g7APrVjqkwteooa/29f5wjjbrXSWHM55SVgemaCsqIxOzlDiM0g Xbshb50CmcL1fRj2lJy5vLjRMUpLTuY= ARC-Authentication-Results: i=1; imf18.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b="A2RtsF/v"; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf18.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.221.53 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1726613394; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=zGebus8PHpfHDtzBPw4HHyxPsRzXQn85I2IG0X1v/b4=; b=GsHqpsN4juvApb5X6GMmyrNMo0Oqynm04XM/LcSFUzpYd1R7Tmww38llXweIBjbPAXev/v /SAYylYVdMJdiydca/j9gbQLshOK4cXhBTEZZLDIOZc5QCmR5KLSTBwwZYCrxMMpWOznb/ L5Jw4M4f+EWGhl3u9OfUncgoVyuCCxE= Received: by mail-wr1-f53.google.com with SMTP id ffacd0b85a97d-3787e067230so4301315f8f.1 for ; Tue, 17 Sep 2024 15:51:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1726613483; x=1727218283; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=zGebus8PHpfHDtzBPw4HHyxPsRzXQn85I2IG0X1v/b4=; b=A2RtsF/vGJKO1wHF6nBIIt4xgeLUZUi0vw3ikETkcOqdqI9v3A4r+hEFpMRmtn00rR Egnv6lukwmQcMyHCsAm3fk8F5vuI2KQh8wl2loKxt8Znh46SeOlUb7DwF0n124uKVnSQ BmokUXsQxKzTJHA0Iv9kTYSOKw6cGcdHTvSLc6Fb9WEnn4c5LHu/wqzJJ4HUEfYdLE5j sv/Q2yQ64fnojAlD3a9PgRV5Xd6FXETp07JXTiAhFe8RPrITCFBAYbVVt+2f616np3Xk heZVoufijN869F0D01Bc3xPV72C+NN5MPit+mjyyPBpxH0Ukhl8AbRQYL5BfEVPdEjcF LI2w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1726613483; x=1727218283; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=zGebus8PHpfHDtzBPw4HHyxPsRzXQn85I2IG0X1v/b4=; b=u3YPNqKfeWl6RJgaBXZDaFHuF537zhZul8YCpoNveI+X+VKCd0hY6t+F6Z93vtGxFS 6COWp+hglMFAdiozixRaazckAJU2TLq24mey49DmTnXyShUVgXKxAmZ5auD2eyfSaBnC X3UsFW3GSzL0/UAOB4i0n06uCpuGNnEdUTTzpG8I9H7Cj+H6wpQx6e3D94iN9NAFrA3Z SCal4h2ZUqC34SrEQzBiGniln9XayzNLFzW+nfcv3sUSwuP0Cz9QI3MzjCC6VSmVyM7Q qsj/MNA5t8Ua2ydlPRAhUd/e7B1bF5zCVaJkrnYOhz7Lw4b33vXy4OJ+jOtiE1kkvmN0 3xLQ== X-Forwarded-Encrypted: i=1; AJvYcCVnXDHEMwyU4B7Yk2g2PSR3k98MJ8euz0fcZlEdKjignIqISB3TCvMH0Sw9OuVkvWHH6Xu2okiu3g==@kvack.org X-Gm-Message-State: AOJu0YwmDc/m1qnP4ehGWE1G3T23Ul2+Gzd+5TP4qBqk6gILGt2MiCW2 HUT9lLrtbJAJ/5G+9y5zJc35POHIEd0I6R5Re/xkgwf6g6tKFUt2XTSPJ9fFKb3MNzfUkpiStgD ZRwVIvq7/QRzAm8ck1EsWVM22/dM= X-Google-Smtp-Source: AGHT+IEIj1iostf4S16nmDYG7+icMYmHU8ht1VPE1al+T0XL9oODcC3B+8iY7hCPMsMcRBCyoeX8Q1KIuhw8eE/nrnY= X-Received: by 2002:a5d:4811:0:b0:374:b9a7:5ed6 with SMTP id ffacd0b85a97d-378c2d064c2mr12804597f8f.22.1726613482785; Tue, 17 Sep 2024 15:51:22 -0700 (PDT) MIME-Version: 1.0 References: <20240917201817.657490-1-snovitoll@gmail.com> In-Reply-To: <20240917201817.657490-1-snovitoll@gmail.com> From: Andrey Konovalov Date: Wed, 18 Sep 2024 00:51:11 +0200 Message-ID: Subject: Re: [PATCH] mm: x86: instrument __get/__put_kernel_nofault To: Sabyrzhan Tasbolatov Cc: tglx@linutronix.de, bp@alien8.de, glider@google.com, akpm@linux-foundation.org, mingo@redhat.com, dave.hansen@linux.intel.com, ryabinin.a.a@gmail.com, x86@kernel.org, hpa@zytor.com, dvyukov@google.com, vincenzo.frascino@arm.com, brauner@kernel.org, dhowells@redhat.com, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 9C4FD1C0007 X-Stat-Signature: oaeczxego7hp798jna7cocxz97pfxnij X-Rspam-User: X-HE-Tag: 1726613484-841810 X-HE-Meta: U2FsdGVkX18WN1qQ2tQah2xPS6zxKgVVoLj2inzQGczlIXR79zXhSwQIOrkWh4x8nR0xQrhrwP1dyFu+VguQiNY+nQ0vRxpGpUWkhBBp4H537pegVnYjjCqiY1asI0BtGYLnHbVGVlZbQDCG9Eua2QY6Wf38Dp9Wp7W44LP9JTrZz8McUTZlOsPYznGMG3COC8XtnREjlHSyj5egpIsPuA/FeTwQdoc9YjYdX7+acgADLZoJ8RXUan6V43zN8iINZwtrC5JmZhehpTydG5y7kHnfIp3I4zVfSNYDkqYR65cd1Ab5QED9FJHhtMcP8zFyx+6folNKaEhBSGgH8GQGjJeXIfxcJGFIus71RK0GRp2lIPgPkSqyUTeKca4HYW0yFHu/qgFroGJz70mZuj1AtHaSUqxHX9XMuqyv8JV/hZpCXPanfjCU8X9CH0SegdE1VYiTp4XQyxPYvDaylvHZLz6L3mk1FRGQHFQz5EyTcw+omfSPgMAVXig92yd+FZA1s/g+zllQUy9/NFVSpLWLgbIc9mhjle6rLnmFj7cgF/BP/GIMINb4IX4wVdxOXrWioRzjc0B1UtdJtJIujbZPcgNe9cDqTtisxwAOC2Lxp0S7T8Ix1scoY8oZwVhb/vpcD87ZX4iYHGIISg3M5yYqndA06mBKE0aZYK6tXmjqh3YJgP/v+FEeIo08zG2tMYHqnPtCtkdkQ6kb4gqg43cMDIUR6g+P1YySRYXsZm6nWM1TYfFpXgXiwEUvW0xDEyGNIGrCQ9FwHGbyskqOkelVDy0A02+PRwnBIu+DDnCF80djrQkQMbPJ7g7ZbVBWuMm95B/Tv4axuZ85BuOdGBVcu7ENK1QEmUGnYrplku/AVfnITjDRfHpCA5UEWPrIF/93nLzZCNFn5cj0t64v6wGvLHA3mh28kQcWERxDdQTDYL5mT+Btdr6QxH295mgcoV1qAwfEw3uSIdNI2gmqn4/ tonarlwL VO5wGtXCUolPnO4iu9F4EJiTLMfc84cXAPLg7Z7E3v3mPPGbqs8Nap5EmJLHBUkDT+GGDfWqTIr5/A6jYdwOjkm00avU4X0MHPgerRrjqvx71bw40hYjKZdvFZDfOCon014rjiCjGm0kehbyJQc3bQLoqIYwmN8D7VrFzcYDyZFX5NKVErfGx4E1OaIenMMSRxbUTjXNs1sGxGi+JFSRLY5Mf7Hn/hATBjlhs3UCCQpJsnqN6PMKjhcL+73oyOYggc5W/AwvBq2dj74dFky2C0KZxps/7Zi9Kuc+v75982QYU0RBrEjtMwXhYy+F4A+sftF1bN6ncRIKe79V2BjFKXb0punfuPZSq1m0nIMoXWZPneiQFdLghz8McSAQURJHMNejqB+sISm0F9gO+epHwaUL9GcBuWjqP4jx/T2cKhFCgwMsoBykktbAjn2OnW1jWSsiJjkK7fUNIlIZNaDTzl5Rs9MTOctV3+PGZj798NA5QX9A= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Sep 17, 2024 at 10:18=E2=80=AFPM Sabyrzhan Tasbolatov wrote: > > Instrument copy_from_kernel_nofault(), copy_to_kernel_nofault(), > strncpy_from_kernel_nofault() where __put_kernel_nofault, > __get_kernel_nofault macros are used. > > Regular instrument_read() and instrument_write() handles KASAN, KCSAN > checks for the access address, though instrument_memcpy_before() might > be considered as well for both src and dst address validation. > > __get_user_size was appended with instrument_get_user() for KMSAN check i= n > commit 888f84a6da4d("x86: asm: instrument usercopy in get_user() and > put_user()") but only for CONFIG_CC_HAS_ASM_GOTO_OUTPUT. > > Reported-by: Andrey Konovalov > Closes: https://bugzilla.kernel.org/show_bug.cgi?id=3D210505 > Signed-off-by: Sabyrzhan Tasbolatov Hi Sabyrzhan, Thanks for working on this! > diff --git a/mm/kasan/kasan_test.c b/mm/kasan/kasan_test.c > index 7b32be2a3cf0..f5086c86e0bd 100644 > --- a/mm/kasan/kasan_test.c > +++ b/mm/kasan/kasan_test.c > @@ -1899,6 +1899,22 @@ static void match_all_mem_tag(struct kunit *test) > kfree(ptr); > } > > +static void copy_from_to_kernel_nofault(struct kunit *test) > +{ > + char *ptr; > + char buf[16]; > + size_t size =3D sizeof(buf); > + > + ptr =3D kmalloc(size, GFP_KERNEL); > + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); > + kfree(ptr); > + > + KUNIT_EXPECT_KASAN_FAIL(test, > + copy_from_kernel_nofault(&buf[0], ptr, size)); > + KUNIT_EXPECT_KASAN_FAIL(test, > + copy_to_kernel_nofault(ptr, &buf[0], size)); I just realized that the test I wrote in the bug report is not good. This call will overwrite the object's contents and thus corrupt the freelist pointer. This might cause crashes in further tests. KASAN tests try to avoid harmfully corrupting memory to avoid crashes. I think the easiest fix would be to allocate e.g. 128 - KASAN_GRANULE_SIZE bytes and do an out-of-bounds up to 128 bytes via copy_to/from_kernel_nofault. This will only corrupt the in-object kmalloc redzone, which is not harmful. Also, I think we need to test all 4 calls that I had in the bug report to check both arguments of both functions. Not only the 2 you included. > +} Thank you!