From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BAEF5C02194 for ; Wed, 5 Feb 2025 23:46:04 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5292E6B008A; Wed, 5 Feb 2025 18:46:04 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 4D96F6B008C; Wed, 5 Feb 2025 18:46:04 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3A1E36B0092; Wed, 5 Feb 2025 18:46:04 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 1BD146B008A for ; Wed, 5 Feb 2025 18:46:04 -0500 (EST) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id B93EC4A9F1 for ; Wed, 5 Feb 2025 23:46:03 +0000 (UTC) X-FDA: 83087526606.05.0F2BBC2 Received: from mail-wr1-f46.google.com (mail-wr1-f46.google.com [209.85.221.46]) by imf13.hostedemail.com (Postfix) with ESMTP id C791920006 for ; Wed, 5 Feb 2025 23:46:01 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=Uz2pMjKz; spf=pass (imf13.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.221.46 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1738799161; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Rz+V1fDyiTyTkm+6v9/Yshk0vlGrK4aQBew/N8UNm8o=; b=hr2a0BlSJer0BcEebttzE6tn/6FEhQ1fu8VcTA3Svg4kLw2hWQYLD0OIyRlCeVcjKWsZy6 MUMLrZ4Ta3eiNPuIegliNUOdrJonL0Cvjcd/1qZzTNGGzelfNrNMOQ15FUx0o7NLINQ06x DWP2jON6e2xmpGeEqZ1664PtW5VYUJw= ARC-Authentication-Results: i=1; imf13.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=Uz2pMjKz; spf=pass (imf13.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.221.46 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1738799161; a=rsa-sha256; cv=none; b=q5p76Jxn8/udXaBpRzuDyjzGI5haQRkggTHyhEUStUQ90zimumX8mB7Z5gSuIufQYzdyjM 0WdI7bCfm0N4GGwqcHBgtcwfQFxQAcewpggrrLhLyYoFVC4b1bcUXL96XjO6P4XCuXEsPj Qruf9JEKpuW9MDCSZhBOK1vRfkB+cOI= Received: by mail-wr1-f46.google.com with SMTP id ffacd0b85a97d-38db6e13947so223741f8f.2 for ; Wed, 05 Feb 2025 15:46:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738799160; x=1739403960; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=Rz+V1fDyiTyTkm+6v9/Yshk0vlGrK4aQBew/N8UNm8o=; b=Uz2pMjKzKKdegyG5ZZr5BDICm1RGKUE6pCpa/lvfR03NGN3i8mq/p4klZAAZPqwd5f 7Ywi3GZvfAlgIvf2RAleFaKaK82hX5SOtEI2BfJT5GE4EI7+lmcsfXaAh10ND0zbGltV cA1N0Rd0gVijSve6gzcOuAS48XbaPPe3xUjtog9+UrVLM+65au9SRRnwQaeF/EyeT6TR vyODFvD+6DrG86TkUqf1B5xXkGz5Ro5g0kVuGXSmUGhBg57C5aLEgCZ0OPsETBfhiOBa TBY5Joh+HtVSGiuquEJjLXGiuludUQlMKJujRclNAUAYtsyfgfHezAftFG+N2mcmJQQO lHcg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738799160; x=1739403960; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Rz+V1fDyiTyTkm+6v9/Yshk0vlGrK4aQBew/N8UNm8o=; b=ii5hDRB8M1uiZu/c0AUq1dAS1E06eBXdhij+dKf/O8o/nyuSRoMUSwnNf2oKI4mpkO gsFqaZ89zUWkz7LruD5ULxHw6vQx+RnBnOJHJr1RwB1dyeo/JUMSUTomPucROdBPPYx/ 8oj3YfARXVjzIW8/qusYVWQzCetpE2SRbUmUipKkncKbR1CgaFcpyJ/l8oPccwma5fVS sfU42GGgf1gdnO5V/524GEIM9WRdWNcZ8o+5+0XWZ7swAUkKEBO/RuZ/ec0imAgv7vOc 276puTnvc3zrP42Iy1o57J9tGu8VfmHvdthVwcjyYvOicPCyd4HNncM92aMloW5k7laY yPLg== X-Forwarded-Encrypted: i=1; AJvYcCV03iGHGFfW2BoLXzE1ReH1jWgXDGUzMImrWBMkdFgLn/eqzODk5C2qo5mdkvHeW5SetlLmPk12wg==@kvack.org X-Gm-Message-State: AOJu0YwoqqshtaKAEXeCpnFBV1cNoWg9gninr9g3cSSDGCKU2wDBzJ99 smWvV5IPdsfpvsPlkKlemAtYbwEZLwWrlVU7PQIcmX3kL/fE1gGpEpEvfq32k+qsjoCPY5LnK26 YqswjLalaWDb848PGHPK11XuA99s= X-Gm-Gg: ASbGncuU8OYp87DInnCZ+UrCZ2feJ7+u5sH5n9gYU0fewb+q/1ZPAom0uCPWEM5M56W 06QjF+4SDPzojPm4d+6g4Jr2yKnerVsrRLxcO/3BXKwEsBURrivllFiXR/zoMOg3/Vg3XcGfyTQ == X-Google-Smtp-Source: AGHT+IGbg8frwCmtZh2Cq1mQ+7gcdTinnbG3Ybu+Qvbg9VC2A4roSQzA7Y8T7x0Do1hYoZdYgXjogJqzzmDtvH5wZas= X-Received: by 2002:a05:6000:1786:b0:385:f0dc:c9f4 with SMTP id ffacd0b85a97d-38db48bdaecmr3897521f8f.20.1738799160206; Wed, 05 Feb 2025 15:46:00 -0800 (PST) MIME-Version: 1.0 References: <28ddfb1694b19278405b4934f37d398794409749.1738686764.git.maciej.wieczor-retman@intel.com> In-Reply-To: <28ddfb1694b19278405b4934f37d398794409749.1738686764.git.maciej.wieczor-retman@intel.com> From: Andrey Konovalov Date: Thu, 6 Feb 2025 00:45:49 +0100 X-Gm-Features: AWEUYZm-2kNDPAYBLLDAqKKnZZXufvhPekieyoATWEHpiTcF4DB1S0LSkY8umDA Message-ID: Subject: Re: [PATCH 10/15] x86: KASAN raw shadow memory PTE init To: Maciej Wieczor-Retman Cc: luto@kernel.org, xin@zytor.com, kirill.shutemov@linux.intel.com, palmer@dabbelt.com, tj@kernel.org, brgerst@gmail.com, ardb@kernel.org, dave.hansen@linux.intel.com, jgross@suse.com, will@kernel.org, akpm@linux-foundation.org, arnd@arndb.de, corbet@lwn.net, dvyukov@google.com, richard.weiyang@gmail.com, ytcoode@gmail.com, tglx@linutronix.de, hpa@zytor.com, seanjc@google.com, paul.walmsley@sifive.com, aou@eecs.berkeley.edu, justinstitt@google.com, jason.andryuk@amd.com, glider@google.com, ubizjak@gmail.com, jannh@google.com, bhe@redhat.com, vincenzo.frascino@arm.com, rafael.j.wysocki@intel.com, ndesaulniers@google.com, mingo@redhat.com, catalin.marinas@arm.com, junichi.nomura@nec.com, nathan@kernel.org, ryabinin.a.a@gmail.com, dennis@kernel.org, bp@alien8.de, kevinloughlin@google.com, morbo@google.com, dan.j.williams@intel.com, julian.stecklina@cyberus-technology.de, peterz@infradead.org, cl@linux.com, kees@kernel.org, kasan-dev@googlegroups.com, x86@kernel.org, linux-arm-kernel@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, llvm@lists.linux.dev, linux-doc@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: C791920006 X-Stat-Signature: zg4dpauzonzjap1nb3oyk3je4bapnqyi X-Rspamd-Server: rspam08 X-Rspam-User: X-HE-Tag: 1738799161-224742 X-HE-Meta: U2FsdGVkX19ffZs+/a6RAHh/KE1LaFy2TeVktXtOKZrheObZoJydEhFtKbhetFcutBc+0R+xQlct8nviDELnwZWTur5tph/io3ekisfiVNknyns0SbMGw4umtjCNQzTcYhAFZ57i/pFAzJps61W+qaHQz0cIlNZSgg8mby+c13paD5Q/XxtoNd/VOHVO5stvFYAYutMXg1v2aW57jHEOjnwoHTQSqO72HQAnmg1qmNqZPxcGJZhgf53dPe9nL4NKsC80cPrGXt6pFFSiIeOJvDTSoVMVY7LV5RleQngI/PrhNfbODYZWEbZxeRlcNYpBFXcXlCMSztS3t4aUGPQUF9IyJJj9iMYzEHbh/2GKCXSE+2pVWtnyBFBJWpPZP/srydZ4xCEYd75MojBfx8+9VMjM0KdO6LyO+yTlvebDvWTSFu58XOaRcRGRIealBY8aSAZWBDKOjxWckL8mfnvGtD3Yc0cnfwM9+NDfMJOG/Bf7cAD7Ak1tkTMa+piHORS1FUhI6rBJ69c+1Np09xhSqao18vS3ze8g0WKV39R2SAK5XHpabmJtHFjlglDNwXCQzt3bUQ4VJYTsGIv297Q+dOgHOHP/+nCJ9UKU6mgOgI17499b/qHSN+sb4hPv+3kKZYgwpUfYKVWdcOUJhJ5qtgsGFlMZMZzNpHeIHMoWXe+kx5FC5yan6kHUdj2sXZuAD8cKewPaqqMlKqlnfcO789muNJiKoig81lEdDr+tNylQx/CDjEzxxUMSLYlRIrZn+6XQq1pjCh269PBgLJ+ti+GYtqANaRSjYnGnRVJJozJZkajjoKPOOPBgaJ3HY+53o4Xa7qItp7bN25gMgbzv6JkRuSXsLHJkiM34nSclnLeqi9UlJlsSb2+uBsFFWvVj1rWlap6P2jKpxWQx7qB7/LVjcVYcCuBEZLYx0wfxxbTy8v9fv71W97wcSnnbQ4lnsTYTbO8RpoGA5hcuvBW U0h8LcSf ekUHQ1v7bVDWeJj79/8udRftYxPLWUuZ2srrkCxfAG8V91kAGCCU5mPt3NM0OGfSqH2ZWOtueczVOvNNdl47PSwvMuXXm1ZkBDpd2GOXzLkW9/oxbFuvoumVCsPmct80w+j4iOCCxd5Bhh5J5Nyb1R4x2yRKSSeFA+Ds9AZTG4wBWdFDB4oH+aoRE95ANY5xKgZdOpPXTCQDE5TE6EuF3zcyWA7UFl02aORQQNbcTgmfzO05f+a74hgq4trTu8ZUR/8QxqZ5eNK349/oGmjNqv8y+lnJC7Pz24ksjYw60LA/ZyxH4vJXC8x1+a6jutrrUqXXsvrtdpejvTbbMJhh3HzqqUBOC5pCtdlheqrBMmDvctFODSV48Lj3WVxSs2IzbFJHgUQu2jQHMMjteQ1pf3xf9e/ULNxaSEi3vktjjJ0zPMsO5UNxnV6Bu1KS8g6iplN2/ X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Feb 4, 2025 at 6:36=E2=80=AFPM Maciej Wieczor-Retman wrote: > > In KASAN's generic mode the default value in shadow memory is zero. > During initialization of shadow memory pages they are allocated and > zeroed. > > In KASAN's tag-based mode the default tag for the arm64 architecture is > 0xFE which corresponds to any memory that should not be accessed. On x86 > (where tags are 4-bit wide instead of 8-bit wide) that tag is 0xE so > during the initializations all the bytes in shadow memory pages should > be filled with 0xE or 0xEE if two tags should be packed in one shadow > byte. > > Use memblock_alloc_try_nid_raw() instead of memblock_alloc_try_nid() to > avoid zeroing out the memory so it can be set with the KASAN invalid > tag. > > Signed-off-by: Maciej Wieczor-Retman > --- > arch/x86/mm/kasan_init_64.c | 19 ++++++++++++++++--- > include/linux/kasan.h | 25 +++++++++++++++++++++++++ > mm/kasan/kasan.h | 19 ------------------- > 3 files changed, 41 insertions(+), 22 deletions(-) > > diff --git a/arch/x86/mm/kasan_init_64.c b/arch/x86/mm/kasan_init_64.c > index 9dddf19a5571..55d468d83682 100644 > --- a/arch/x86/mm/kasan_init_64.c > +++ b/arch/x86/mm/kasan_init_64.c > @@ -35,6 +35,18 @@ static __init void *early_alloc(size_t size, int nid, = bool should_panic) > return ptr; > } > > +static __init void *early_raw_alloc(size_t size, int nid, bool should_pa= nic) > +{ > + void *ptr =3D memblock_alloc_try_nid_raw(size, size, > + __pa(MAX_DMA_ADDRESS), MEMBLOCK_ALLOC_ACCESSIBLE,= nid); > + > + if (!ptr && should_panic) > + panic("%pS: Failed to allocate page, nid=3D%d from=3D%lx\= n", > + (void *)_RET_IP_, nid, __pa(MAX_DMA_ADDRESS)); > + > + return ptr; > +} > + > static void __init kasan_populate_pmd(pmd_t *pmd, unsigned long addr, > unsigned long end, int nid) > { > @@ -64,8 +76,9 @@ static void __init kasan_populate_pmd(pmd_t *pmd, unsig= ned long addr, > if (!pte_none(*pte)) > continue; > > - p =3D early_alloc(PAGE_SIZE, nid, true); > - entry =3D pfn_pte(PFN_DOWN(__pa(p)), PAGE_KERNEL); > + p =3D early_raw_alloc(PAGE_SIZE, nid, true); > + memset(p, PAGE_SIZE, kasan_dense_tag(KASAN_SHADOW_INIT)); > + entry =3D pfn_pte(PFN_DOWN(__pa_nodebug(p)), PAGE_KERNEL)= ; > set_pte_at(&init_mm, addr, pte, entry); > } while (pte++, addr +=3D PAGE_SIZE, addr !=3D end); > } > @@ -437,7 +450,7 @@ void __init kasan_init(void) > * it may contain some garbage. Now we can clear and write protec= t it, > * since after the TLB flush no one should write to it. > */ > - memset(kasan_early_shadow_page, 0, PAGE_SIZE); > + kasan_poison(kasan_early_shadow_page, PAGE_SIZE, KASAN_SHADOW_INI= T, false); > for (i =3D 0; i < PTRS_PER_PTE; i++) { > pte_t pte; > pgprot_t prot; > diff --git a/include/linux/kasan.h b/include/linux/kasan.h > index 83146367170a..af8272c74409 100644 > --- a/include/linux/kasan.h > +++ b/include/linux/kasan.h > @@ -151,6 +151,31 @@ static __always_inline void kasan_unpoison_range(con= st void *addr, size_t size) > __kasan_unpoison_range(addr, size); > } > > +#ifdef CONFIG_KASAN_HW_TAGS > + > +static inline void kasan_poison(const void *addr, size_t size, u8 value,= bool init) > +{ > + if (WARN_ON((unsigned long)addr & KASAN_GRANULE_MASK)) > + return; > + if (WARN_ON(size & KASAN_GRANULE_MASK)) > + return; > + > + hw_set_mem_tag_range(kasan_reset_tag(addr), size, value, init); > +} > + > +#else /* CONFIG_KASAN_HW_TAGS */ > + > +/** > + * kasan_poison - mark the memory range as inaccessible > + * @addr - range start address, must be aligned to KASAN_GRANULE_SIZE > + * @size - range size, must be aligned to KASAN_GRANULE_SIZE > + * @value - value that's written to metadata for the range > + * @init - whether to initialize the memory range (only for hardware tag= -based) > + */ > +void kasan_poison(const void *addr, size_t size, u8 value, bool init); > + > +#endif /* CONFIG_KASAN_HW_TAGS */ Please keep kasan_poison() and kasan_unpoison() in mm/kasan/kasan.h: these are intended as internal-only functions (perhaps, we should add this into the comment). Instead, add a purpose-specific wrapper similar to the ones in include/linux/kasan.h. > + > void __kasan_poison_pages(struct page *page, unsigned int order, bool in= it); > static __always_inline void kasan_poison_pages(struct page *page, > unsigned int order, bool = init) > diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h > index a56aadd51485..2405477c5899 100644 > --- a/mm/kasan/kasan.h > +++ b/mm/kasan/kasan.h > @@ -466,16 +466,6 @@ static inline u8 kasan_random_tag(void) { return 0; = } > > #ifdef CONFIG_KASAN_HW_TAGS > > -static inline void kasan_poison(const void *addr, size_t size, u8 value,= bool init) > -{ > - if (WARN_ON((unsigned long)addr & KASAN_GRANULE_MASK)) > - return; > - if (WARN_ON(size & KASAN_GRANULE_MASK)) > - return; > - > - hw_set_mem_tag_range(kasan_reset_tag(addr), size, value, init); > -} > - > static inline void kasan_unpoison(const void *addr, size_t size, bool in= it) > { > u8 tag =3D get_tag(addr); > @@ -497,15 +487,6 @@ static inline bool kasan_byte_accessible(const void = *addr) > > #else /* CONFIG_KASAN_HW_TAGS */ > > -/** > - * kasan_poison - mark the memory range as inaccessible > - * @addr - range start address, must be aligned to KASAN_GRANULE_SIZE > - * @size - range size, must be aligned to KASAN_GRANULE_SIZE > - * @value - value that's written to metadata for the range > - * @init - whether to initialize the memory range (only for hardware tag= -based) > - */ > -void kasan_poison(const void *addr, size_t size, u8 value, bool init); > - > /** > * kasan_unpoison - mark the memory range as accessible > * @addr - range start address, must be aligned to KASAN_GRANULE_SIZE > -- > 2.47.1 >