From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 15EDAC38142 for ; Mon, 23 Jan 2023 16:46:10 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4D31D6B0072; Mon, 23 Jan 2023 11:46:10 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 483C46B0074; Mon, 23 Jan 2023 11:46:10 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 34ABD6B0078; Mon, 23 Jan 2023 11:46:10 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 2122C6B0072 for ; Mon, 23 Jan 2023 11:46:10 -0500 (EST) Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id E422B1A06E9 for ; Mon, 23 Jan 2023 16:46:09 +0000 (UTC) X-FDA: 80386641258.30.D9D63F1 Received: from mail-pg1-f182.google.com (mail-pg1-f182.google.com [209.85.215.182]) by imf07.hostedemail.com (Postfix) with ESMTP id 180CA40022 for ; Mon, 23 Jan 2023 16:46:07 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=FkGh1e+e; spf=pass (imf07.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.215.182 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1674492368; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=vWGUNu0aGu5ZM4nyV44fizskyQNi5DbrMxpX2Ig+Ym0=; b=eiC+Nx+rLKqCSK3viHdW9dFRkszEQqEOQYOwkEs21PpKrUwgAp3KELHxJNAUc+v/vfWtiF UWeRb78ncGA6zwvYGVqv8KKvXXH+iWOCLitBsoU7tuKtCBAZK6qOVfZUSOn/if4JLz5r1Y zCgnxJ92HDmryEo8veRI9/m/Hfd7Sd4= ARC-Authentication-Results: i=1; imf07.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=FkGh1e+e; spf=pass (imf07.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.215.182 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1674492368; a=rsa-sha256; cv=none; b=Wl7PZn0BssydnPqUp5PlRjYcVRXNz3zpR/XmTjNCFZt6+yG/98AqF+JtUbI6ipaQ16yeAA y0X+Jh2YXkbFZFrRSRz+wOIDH1O8ykHh0cPE292NlRZvKXrJ4wPuGyF/ZkpQs0pl0qz6qv ZaJnyVkKJ5oHR+i9fIOG0daH4W9W6j8= Received: by mail-pg1-f182.google.com with SMTP id 141so9455466pgc.0 for ; Mon, 23 Jan 2023 08:46:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=vWGUNu0aGu5ZM4nyV44fizskyQNi5DbrMxpX2Ig+Ym0=; b=FkGh1e+e+kjmYgxeHIOpPR0smd+Hn+zSiA4GrNpQusE8nr/j+vrFqzlYAfpQ7IW4hm 8WOzAQgge0j/Ut+H1FgBqptleHuq7+YN0+QlDFIbyDlUPni+mFzGIWcs0xzqP7iN3TBf kRXng9JNa+RTACtqP4Fca/6/zMwktjVlLgZr01aynq6KceUvpwV+mm2L7URcaxR+jS7k 9+TnwgRGhNmflN//ylTlNoSRZyuj8dQ8kDz+iTYZyNdBnunnNXoBF40vMxYN1GiuHti5 F6CsgLJRUFIfrXjjxYyGGaaDUVUAPUSLSaDEecu9U6eWHAdviJNM9cCOqtfTiUYdu9Qe NN2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=vWGUNu0aGu5ZM4nyV44fizskyQNi5DbrMxpX2Ig+Ym0=; b=r3fd4CGmnTlvNpTgMO9lOJ0s433OlV9+BFXt3EF/Bazd8G/qhqHttRudj0QDA0nCGX ABfSYtvDGSyc8z0s2LZO7Fy2rHrQl4dv54P1sSb/iveiMiExiSHufBC9X1a3VOGIPjk7 BQu/7FPKjoJXm9+E2GUJqfeq2KTWwLIbUUyDhd2/pUM/pAexBCGxtu8G7DoPcUSKKTDG 5LFC3t3Wf3gAQyqeC1bBa4En234oAfW/bJLBqhi4YIjU1ypLJ2/+DEFrq5vRoP8IPsv8 gGFdz7YDOuDtWt01q59xtsi5l30g+CWDn4+UCZvhMP+uYogKVPDvJbpLux/v1hQfQLKO zruw== X-Gm-Message-State: AFqh2koy8vZVd8jO/Zn2hbDWnOIZTtZpSD2v8nJlm14Z0K7etuoL+lr4 xVqXqp2R2J0IrQk7kcJ/7vO2GMn/eIxmoal3vhA= X-Google-Smtp-Source: AMrXdXtEqhov+LMDDloobzn/rd+ub4SI1+JMziNrVcRSofW/tbjs9MRtJuPnmrs4Yf4JQH3CrHN4qlTAqDPV024jDPk= X-Received: by 2002:aa7:8046:0:b0:58d:b5d2:fce1 with SMTP id y6-20020aa78046000000b0058db5d2fce1mr2622294pfm.21.1674492366745; Mon, 23 Jan 2023 08:46:06 -0800 (PST) MIME-Version: 1.0 References: <20230117163543.1049025-1-jannh@google.com> In-Reply-To: <20230117163543.1049025-1-jannh@google.com> From: Andrey Konovalov Date: Mon, 23 Jan 2023 17:45:55 +0100 Message-ID: Subject: Re: [PATCH] fork, vmalloc: KASAN-poison backing pages of vmapped stacks To: Jann Horn Cc: Andrew Morton , linux-mm@kvack.org, Uladzislau Rezki , Christoph Hellwig , Andy Lutomirski , linux-kernel@vger.kernel.org, Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Vincenzo Frascino , kasan-dev@googlegroups.com Content-Type: text/plain; charset="UTF-8" X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 180CA40022 X-Rspam-User: X-Stat-Signature: 46u6zxggwppd9fr3ww35y7neg1tysuw3 X-HE-Tag: 1674492367-912931 X-HE-Meta: U2FsdGVkX19tFOy2RR5hZkQH9t1tNWk0p0PoTwa3QPOSC6TofhVIY/kuDDKDV4/r4H/DFBvrujON15OTvjViA0UzG6ChnatifAKS73w14rFPNXnb+34Cx3uD/jkfCsYmGUbA8DwsXl8BJUGFAIVn2tbnpJQMtHEyAMdO9ed81T51/MfvlU07mfmOShQH4MhUBswdv3EIRSC0Wh2JO+oEzQc364A15q7ze53kbXJXXn6io/4gSk6vNW9jYyTkPXI+er4Mydmvl3IgXAJ2Cq4t4HMKSSgnQpmNGIdqXEUkJhEs+ypO+UMzoqBfnpPXerWexESx/ZNtT+ExhLwgoIfjHKVyKTOz3mBGRRtEd7ZHLd6HUxP51VqZCuR9ogQnKcj9cwhyu2u5jHPxR2KlHPvY6mL6kLQ1MgqbRE+1ly2q8Fze5GGXTFHANxII3X2vI19H3KB7lmpkzYQ5SomFBSOUbFodjf4ZTs+wWbGD1k7uJA/EVUBRGiMTY1SHBkmHEpBDDF99MavPTCTs4sTUvYqfywFkDEA0PuD9xnNKLM0RbMPKZrcj3RhHCM8aLHd9Ni7L6XFQbidsoCkGBns9rMhCKmbzJduyMFfuHa44R3VJQHDHHQigwZcAoOvg8HMMk5vAsYFCMhdH74hycBPEcsXEnHuTpMikNhSHOk4JFm1yqVEn6AaDeRWktKoOJWsEKyWaw+OU38gbIFMnTjM8B+Ak5gNc76qcjSjMbayD0slpAwK4EpSUkKhM8fqflRULENP6ar/CdcG1JhcNghaed5zrylVeT+rQSBriuwUU9itwrJ+h8t8EUiRtC/1R6YazkEXuqODV91/y5MZMD/u08INlFmDZ+19e/7hKLebT6vjVZOtPJtPO4jrlg2U2VA8PIIgX1PfYlMQUtdYL+BgMm9G9qULmKVMOcRibp9HG06bTSsg6gGflJTobdyLwnFXqizPG2OGa96g+JQ6MFxv1sN5 Hsdd02pG JLGwwEX3KZvt+Dv9+UmTWTsFvo7mzXvymLbVaMO24JOg2M7tfrBFoKaU9HDOTZIggAz2io0u+ZtWjpD1dFI8BSjnV/w1rifxUzJ02jEuntPEP7rLxhCDOUtIuW09bBd6ISSHDA7Dxsg4CGdzSRWAkVyzyhIpeMH41LecrdAN8TRx14O90YX1HYxo/s0ur6SZslUq88LY1XUEV3UIpdh5mj5fj1nuz+5yx42HoaUlETgLbOcieum6Js90g+InAzwbXa41LsYT1Edr58gTQZyXg6RPaSFKPJPBARj03IOz1fZG1YWdCSnFewF7rB1ejzpDdBZftFWxN/lTWcviYTcK7X680q0z/gC7LJfzdxWPr3akBK/p4KR8fuQv1rG2N/F5jOjj0441VpnkY3s4lMD3AX5Xa0uyI9k5WGS/BD9AJUsH0O6WFfraaQTOiPBnHF7P5wR/jxBpXWqihOpRYRT8O9CQpHjgdn34XKwwG1gSF5rlLf6RErTs5MoPcoQWgfi4XFRXbNUadCItt0rd+AmOyeWGY/quFvHfDhO7qSkHM1lDEKvpE6F3yREaZD5hKxqJqSVryA5OJVrfxO3k= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000354, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, Jan 17, 2023 at 5:35 PM Jann Horn wrote: > > KASAN (except in HW_TAGS mode) tracks memory state based on virtual > addresses. The mappings of kernel stack pages in the linear mapping are > currently marked as fully accessible. > Since stack corruption issues can cause some very gnarly errors, let's be > extra careful and tell KASAN to forbid accesses to stack memory through the > linear mapping. > > Signed-off-by: Jann Horn > --- > I wrote this after seeing > https://lore.kernel.org/all/Y8W5rjKdZ9erIF14@casper.infradead.org/ > and wondering about possible ways that this kind of stack corruption > could be sneaking past KASAN. > That's proooobably not the explanation, but still... Hi Jann, if you decide to keep KASAN poisoning after addressing Dmitry's comments, please add a KASAN KUnit test for this. Thank you!