From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 3EE7AC433F5
	for <linux-mm@archiver.kernel.org>; Sun, 20 Mar 2022 21:09:46 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 4479C6B0072; Sun, 20 Mar 2022 17:09:45 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 3F67C6B0073; Sun, 20 Mar 2022 17:09:45 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 2971F6B0074; Sun, 20 Mar 2022 17:09:45 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (relay.hostedemail.com [64.99.140.25])
	by kanga.kvack.org (Postfix) with ESMTP id 1813B6B0072
	for <linux-mm@kvack.org>; Sun, 20 Mar 2022 17:09:45 -0400 (EDT)
Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay02.hostedemail.com (Postfix) with ESMTP id CF43822AB4
	for <linux-mm@kvack.org>; Sun, 20 Mar 2022 21:09:44 +0000 (UTC)
X-FDA: 79266006288.05.651C938
Received: from mail-io1-f49.google.com (mail-io1-f49.google.com [209.85.166.49])
	by imf12.hostedemail.com (Postfix) with ESMTP id D902E40018
	for <linux-mm@kvack.org>; Sun, 20 Mar 2022 21:09:43 +0000 (UTC)
Received: by mail-io1-f49.google.com with SMTP id l18so14885345ioj.2
        for <linux-mm@kvack.org>; Sun, 20 Mar 2022 14:09:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=Uu3NPXS3YIK/joqnoO2dCxxZrdruyUVh70Rwb4NqWi8=;
        b=peCpeuakEvX6D9DkWAvoxRIedMD/39lVZWCnWMzXtri03y9r62H6zmrugVSd2V6Hnl
         yNgQlrRrkY5LOSfKIyB0mcQWaLclmNYbtS7Df8eBRfi86fUcUomspIvZeeMvSeYnj0in
         nDF7eZNpiFFCY/pjp6ygoxeX9KEC7hglQY1MN7LvMqX7SUur4xKzkWFvSSHIcgKt5CKK
         v6+ptK9uDU0LA9ECsg46r4NCs/Gxy4hQQtQ3XG5NJvScH196cq0hbQ7SE4TQYIBumZBV
         Vk/MJcmAZlhdSbuXePQoJqG7CWuQiogqYCmhdv574+F3DX+e+JE5bixYQtJtbH/UaKF1
         nvyA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=Uu3NPXS3YIK/joqnoO2dCxxZrdruyUVh70Rwb4NqWi8=;
        b=RecKFz22ArQpdjDLTYGziXgotgfjfLlmQM6YSkPECm6pe6Jyk5/bDgtxtwrziUSETG
         5K1+WCoLiHod6dkIgVsV7jzdeIubF0BOXnD6crr35HsiUPJSkK/XfJttTwYpTIbJ8Tht
         ZHWey08+WJAvi5tsmGVcwhhQ6GfjzJ5E4FBE1ZU/PlBOZciQB17kNePDrbzJ4vPmAM+c
         Ylvh6LQrYKU4/m4W+maw2mxXpZo47TDcxKddeJaHJb3nhoY/5ZOU0jSYYW6eYcgAQu/v
         ShHltNCmfXGL+bgPSlIOSouK9YqkRnpBt8R8UvT+5uDuwW499bfr2ZqUiyS+UbdwfBEA
         ll7A==
X-Gm-Message-State: AOAM531kn/0NCmvcyPRWtBRSAhOQ879huEsl6MlXVKING4PBZtHCnACc
	FSpMdwFzMzGxNQdQ1Nc9FjGRRR1OaR88t+aSARM=
X-Google-Smtp-Source: ABdhPJxtnQc5xK7BNvEj8B3gFxPHw3v/vJyiqBQB12KNZ11hRyLBynaAARBpB1/R7HnY+wIoLY5Ba/RGVkuYmR9jHi8=
X-Received: by 2002:a05:6638:210a:b0:31a:536e:4714 with SMTP id
 n10-20020a056638210a00b0031a536e4714mr10058666jaj.71.1647810583809; Sun, 20
 Mar 2022 14:09:43 -0700 (PDT)
MIME-Version: 1.0
References: <57133fafc4d74377a4a08d98e276d58fe4a127dc.1647115974.git.andreyknvl@google.com>
 <CANpmjNNBzVovK=N9b2Lv0VUqpE_4nU+6gqO91_ojVoEbR0C5hA@mail.gmail.com>
In-Reply-To: <CANpmjNNBzVovK=N9b2Lv0VUqpE_4nU+6gqO91_ojVoEbR0C5hA@mail.gmail.com>
From: Andrey Konovalov <andreyknvl@gmail.com>
Date: Sun, 20 Mar 2022 22:09:33 +0100
Message-ID: <CA+fCnZfYLZhjijPjp3Wd3ZeBQnKNiQCLNn7uuF=cpQi9wU50xA@mail.gmail.com>
Subject: Re: [PATCH] kasan, scs: collect stack traces from shadow stack
To: Marco Elver <elver@google.com>
Cc: andrey.konovalov@linux.dev, Alexander Potapenko <glider@google.com>, 
	Andrew Morton <akpm@linux-foundation.org>, Dmitry Vyukov <dvyukov@google.com>, 
	Andrey Ryabinin <ryabinin.a.a@gmail.com>, kasan-dev <kasan-dev@googlegroups.com>, 
	Vincenzo Frascino <vincenzo.frascino@arm.com>, Catalin Marinas <catalin.marinas@arm.com>, 
	Will Deacon <will@kernel.org>, Mark Rutland <mark.rutland@arm.com>, 
	Sami Tolvanen <samitolvanen@google.com>, Peter Collingbourne <pcc@google.com>, 
	Evgenii Stepanov <eugenis@google.com>, Linux Memory Management List <linux-mm@kvack.org>, 
	LKML <linux-kernel@vger.kernel.org>, Andrey Konovalov <andreyknvl@google.com>
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Server: rspam01
X-Rspamd-Queue-Id: D902E40018
X-Stat-Signature: owpndbhmbrdtnwb7oj7yj8zn6fbf7t47
Authentication-Results: imf12.hostedemail.com;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=peCpeuak;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (imf12.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.166.49 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com
X-Rspam-User: 
X-HE-Tag: 1647810583-867897
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Mon, Mar 14, 2022 at 8:01 AM Marco Elver <elver@google.com> wrote:
>
> > Instead of invoking the unwinder, collect the stack trace by copying
> > frames from the Shadow Call Stack whenever it is enabled. This reduces
> > boot time by 30% for all KASAN modes when Shadow Call Stack is enabled.
>
> This is impressive.

I was surprised too.

> > We could integrate shadow stack trace collection into kernel/stacktrace.c
> > as e.g. stack_trace_save_shadow(). However, using stack_trace_consume_fn
> > leads to invoking a callback on each saved from, which is undesirable.
> > The plain copy loop is faster.
>
> Why is stack_trace_consume_fn required? This is an internal detail of
> arch_stack_walk(), but to implement stack_trace_save_shadow() that's
> not used at all.
>
> I think having stack_trace_save_shadow() as you have implemented in
> kernel/stacktrace.c or simply in kernel/scs.c itself would be
> appropriate.

The other stack trace routines consistently use on
stack_trace_consume_fn. But I think you're right, we don't need it.
Will do in v2.

> > We could add a command line flag to switch between stack trace collection
> > modes. I noticed that Shadow Call Stack might be missing certain frames
> > in stacks originating from a fault that happens in the middle of a
> > function. I am not sure if this case is important to handle though.
>
> I think SCS should just work - and if it doesn't, can we fix it? It is
> unclear to me what would be a deciding factor to choose between stack
> trace collection modes, since it is hard to quantify when and if SCS
> doesn't work as intended. So I fear it'd just be an option that's
> never used because we don't understand when it's required to be used.

Let's just rely on SCS for now and reconsider in case any significant
limitations are discovered.

> > +#ifdef CONFIG_SHADOW_CALL_STACK
> > +
> > +#ifdef CONFIG_ARM64_PTR_AUTH
> > +#define PAC_TAG_RESET(x) (x | GENMASK(63, CONFIG_ARM64_VA_BITS))
>
> This should go into arch/arm64/include/asm/kasan.h, and here it should
> then just do
>
> #ifndef PAC_TAG_RESET
> #define ...
>
>
> > +#else
> > +#define PAC_TAG_RESET(x) (x)
> > +#endif
>
> But perhaps there's a better, more generic location for this macro?

Will move in v2.

Thanks!