From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 61E3CC04FFE for ; Fri, 17 May 2024 19:50:44 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9D8176B007B; Fri, 17 May 2024 15:50:43 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 989D16B0083; Fri, 17 May 2024 15:50:43 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 829016B0085; Fri, 17 May 2024 15:50:43 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 5B9706B007B for ; Fri, 17 May 2024 15:50:43 -0400 (EDT) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id E0650A092C for ; Fri, 17 May 2024 19:50:42 +0000 (UTC) X-FDA: 82128930324.29.4BDF154 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by imf26.hostedemail.com (Postfix) with ESMTP id BEAA314000A for ; Fri, 17 May 2024 19:50:39 +0000 (UTC) Authentication-Results: imf26.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=Gr9jCqjK; spf=pass (imf26.hostedemail.com: domain of npache@redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=npache@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1715975439; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=1bxakr/BFBoeB5Z7JNvpJE420hX0IdbRkXcnTw/5V8o=; b=LSFD8RO+nEIYAbuPyfUsD88GXTz4Ul+QlCcLu7908fJNaVCmQdTmiTl26y7vX3TXLtca1V rmKDBBhymEzpKN7GYq+TTEdjDBZfAV1i7M/tUCw+YB+5+53f0XtXcK+VTfzLP+Tu+G0RD+ Sc8kdB8dYNy+Fr9nXxy9fULr53wQgnU= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1715975439; a=rsa-sha256; cv=none; b=XlbUpxXZgOhQUbTa3Lc8yJt0jftSGv/dq0RZG08FJSKTIgZJkUEiEgqK3TMlAZLLNVk5ER RErwi4gwUSOb9dF6f4fXnN0+idC4MD+qZRX1HliMc0of2yhzBvC/qxAMiI78+gFZkJk5sO YdGGDnjg/gWNG8F6k9KVZHUAsy9p8KI= ARC-Authentication-Results: i=1; imf26.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=Gr9jCqjK; spf=pass (imf26.hostedemail.com: domain of npache@redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=npache@redhat.com; dmarc=pass (policy=none) header.from=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1715975439; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=1bxakr/BFBoeB5Z7JNvpJE420hX0IdbRkXcnTw/5V8o=; b=Gr9jCqjKifWM9mMN5HXKXVoXQhvJ144mbxGEjIK2YFLhK9rey1zwcuIbrEb83A8jdsOMhW 3FlyYgnigTJtNglHkEKee7LI1UB2XHTAda7516xAw+hF1PB6P/hqhYQKIYi15/xGXI8SI/ vuRifMwLFvhatGCUSWzsx2MN2QQZi0U= Received: from mail-yw1-f197.google.com (mail-yw1-f197.google.com [209.85.128.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-86-gtqv3q_fNI-5FdrrpExuHQ-1; Fri, 17 May 2024 15:50:37 -0400 X-MC-Unique: gtqv3q_fNI-5FdrrpExuHQ-1 Received: by mail-yw1-f197.google.com with SMTP id 00721157ae682-61d21cf3d3bso166849207b3.3 for ; Fri, 17 May 2024 12:50:37 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715975437; x=1716580237; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1bxakr/BFBoeB5Z7JNvpJE420hX0IdbRkXcnTw/5V8o=; b=TYIfhcAQrrrP2o97NwsiBtyWkU7S8f03OxXzY8UmuZvHAUB+pRIGA2D+cRUW8ATmhk pOcqz8Z0/o7dENyIhn8gEM8/yoD+W6UBmk2QLAxfvsJ9aW7kpwft/hu9zY+jauy1+fwh NR8FZjOKaKpzTxtGbhVrNXbIiIPcf/OqPC8ub1imPavXy99qLLWRf/c61y6oJOygpCSS lj3MeZItn3XsvYrkQcO5wOz5cjdpXPk1dsSDQnGP9FqQ1U6srw1EzGhtIdABAKVoszJi B+gM7y86OU7k72YBYeN8CQ6rx4ZqfJqkE5DMIsnXRDtnLgcfrOUOWhg86DHKMl8gI7c/ WHzw== X-Forwarded-Encrypted: i=1; AJvYcCWbuHmGINTih/BYPPQeZrYZHemNzgiUId2VA79tFU9LuUF5TCly6jKFzoMwRSsYk548iR0ndAeCznCLp04hlt8O/wk= X-Gm-Message-State: AOJu0YzjEOlg1zvvDIHzDeyyQA9TLWiDnCHQpEniJRnhwUebvocLAYMl 6J/cx/OPA2MqL3KYOvsjgG5leWJhdGSVPF7eO2vKt251zObGnOw4ZSVDJDyvK/Uha13qNMeKcEl wRWcU+fWu/C3V178/e5n5BDXbdEDTs0cSu51e33aVocWGdze1hzeUs/ZAb2zRKMKI1OxfU2kCx6 YdgKKsRe/MfYL56IvQv+2kXDs= X-Received: by 2002:a05:690c:6401:b0:615:35e1:e512 with SMTP id 00721157ae682-622afdb76b9mr250824437b3.0.1715975437055; Fri, 17 May 2024 12:50:37 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGxZWsOAnMenqeD3LUnJgjbcNzOURcpVyRpjugF02QoP8oAeypq5/rysipjqCLig8Mwkfv+qKUEzIaY6M2epq0= X-Received: by 2002:a05:690c:6401:b0:615:35e1:e512 with SMTP id 00721157ae682-622afdb76b9mr250824237b3.0.1715975436677; Fri, 17 May 2024 12:50:36 -0700 (PDT) MIME-Version: 1.0 References: <20240517130118.759301-1-andrey.konovalov@linux.dev> In-Reply-To: <20240517130118.759301-1-andrey.konovalov@linux.dev> From: Nico Pache Date: Fri, 17 May 2024 13:50:10 -0600 Message-ID: Subject: Re: [PATCH] kasan, fortify: properly rename memintrinsics To: andrey.konovalov@linux.dev Cc: Marco Elver , Andrey Konovalov , Alexander Potapenko , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Andrew Morton , linux-mm@kvack.org, Erhard Furtner , Daniel Axtens , linux-kernel@vger.kernel.org X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam03 X-Rspamd-Queue-Id: BEAA314000A X-Rspam-User: X-Stat-Signature: betqnjd5ew8scwkwppb3937tks89zuxi X-HE-Tag: 1715975439-344647 X-HE-Meta: U2FsdGVkX1+wcG4AOEBQKEYW5qcWv1o0OajyC8dbQ6KOIY0xK/0iwG2ElSGFpOC0+oHXrzA47X3oAIGvcL9uker4qIzpL4xDAOrSyvqv2tUJgeifl06NcG1mvbf88I0e6jXl5Axfd8buG0rRqgeJeC+lpFhMl0nsBCsKtDT2tJBjg1HLsGyr8LrrTY6uHWN5zXK4TtZrZz5g+FuemkjGUkBz2dXw5TCbjfKgNkUriwGSDySayfOxwegxjQU3SOARhZJhThprSRsfKhi+NSv5KMn8sV1QBeXienJbnk9tNHrIl9Y2gPL2k1ZBoJwJSMN6X7AmJbMnuwy/fwB/NKX8CRa8UbXwsvx4zj8rSqU7/cBCSr6A0UQm7chuK5uhWjYrGDt7OK0inTxOo69ZZuTo/ch9yEsWfUkAakX2DeF8ImnMmc09cVSIjTNWjuqLpmBQPrnF3nrRe5SJac4TJXlpfANjCwTHx4G+pFKRiSO+erpd+2fqQqbrFNOY3x6h3AHhuWweCVr5Z2mR1Vf5dy/TtWhZnp7A8/G6+hAhRpZY6n3/Ly5x7HuRQMpT4RVbhralhNNHBfoserCCCVi4du5ZKGtp1ARUq8oXTpjekhQliZNBZ2Wb7+dz3aYxuOliGd4tW5C8zSaOr1SxXlrehoPPH6mcRc5xBhn/anejBmFjV6/AcaShVSCRmZ4NWI9afv5Ow0n3U25knOFMIX25wvX+EYqlGfE/eMxvLYgW3HIWPE2HeXKEGL6QU9bqp8z1zpXZg0KIKhn9/+INTbkkp0kYiA2eKAyMiBz8EEvwR+JtE/pvNJHulkyv9CW06u5oItcT9XEujhJzydRIfKmD0PAuXDIgGDhHQ8NP3bJTMa4+8TaygSawyCHD2dNRD0zwfAHs5V/xWf0XZ/RX0yjaRa+u5Q8QowG9BicVygI/IafQ36WWcgPyUPkrmzv1SlF8lSn0lEB1ad427PoR4XRK4lR 7Qms42SZ QIVyZIc7N7/Ih+qfVXt+Dnl1DOrzXVCv3YYmVRxEF5JmUJ98BGS6ig+FCKdmBtGAZAmY49qn5nKB7w5mpBnfVkn+KMR4zL9dQUYTuOnqLXLGz5wFXHwQydWm3txKUCqTeRkHmXPAUQouD7g0Mo3qUrnXtZTu2+qeP7ZvHJR7wPmatRtN/hu5fBmsyC/ID1J2ALJeuAj/TD6rXt4E+4CHfC6znc5upX/OFFt+maM8Hv3b6k7R4MscZL5RXHDAsC8m0T/5fAVw2elE3xqdVwOOoSzsULtV9DSQjHwK0vMmIxC/xKaZj+Fsc+APJX88/3c7Miysc+rBHw0jAK0seLob4vzMp6PR867L8EHL1B04lao9ZnOwc79W/WO7QTV+3Zhp3Wv6cWg6XHoir5s982Lnjv5z8xWhPA7L9BDhPMwo/Aba/KOOXJgWlHselWlww1L2fC9IpygOM94oQ4OoDkbIaHrw/HOXhFKxJuM7UwVaKms1FkKBKEVYTY4xm612K+dU2BxtyiBKJeJVb7GE9jso18Z+61P7296JuC1U4WVx/2xV+gk/fK/WNARnxnUhl/hKUc5nHs8S8Mv12SYw= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, May 17, 2024 at 7:02=E2=80=AFAM wrote: > > From: Andrey Konovalov > > After commit 69d4c0d32186 ("entry, kasan, x86: Disallow overriding mem*() > functions") and the follow-up fixes, with CONFIG_FORTIFY_SOURCE enabled, > even though the compiler instruments meminstrinsics by generating calls > to __asan/__hwasan_ prefixed functions, FORTIFY_SOURCE still uses > uninstrumented memset/memmove/memcpy as the underlying functions. > > As a result, KASAN cannot detect bad accesses in memset/memmove/memcpy. > This also makes KASAN tests corrupt kernel memory and cause crashes. > > To fix this, use __asan_/__hwasan_memset/memmove/memcpy as the underlying > functions whenever appropriate. Do this only for the instrumented code > (as indicated by __SANITIZE_ADDRESS__). > > Reported-by: Erhard Furtner > Reported-by: Nico Pache > Closes: https://lore.kernel.org/all/20240501144156.17e65021@outsider.home= / > Fixes: 69d4c0d32186 ("entry, kasan, x86: Disallow overriding mem*() funct= ions") > Fixes: 51287dcb00cc ("kasan: emit different calls for instrumentable memi= ntrinsics") > Fixes: 36be5cba99f6 ("kasan: treat meminstrinsic as builtins in uninstrum= ented files") > Signed-off-by: Andrey Konovalov Thank you for fixing this !! The test no longer panics :) Now that the test progresses I also see rcu_uaf failing. # rcu_uaf: EXPECTATION FAILED at mm/kasan/kasan_test.c:870 KASAN failure expected in "call_rcu(&global_rcu_ptr->rcu, rcu_uaf_reclaim); rcu_barrier()", but none occurred not ok 31 rcu_uaf I can open a new thread for that if you'd like. Tested-by: Nico Pache Acked-by: Nico Pache > --- > include/linux/fortify-string.h | 22 ++++++++++++++++++---- > 1 file changed, 18 insertions(+), 4 deletions(-) > > diff --git a/include/linux/fortify-string.h b/include/linux/fortify-strin= g.h > index 85fc0e6f0f7f..bac010cfc42f 100644 > --- a/include/linux/fortify-string.h > +++ b/include/linux/fortify-string.h > @@ -75,17 +75,30 @@ void __write_overflow_field(size_t avail, size_t want= ed) __compiletime_warning(" > __ret; \ > }) > > -#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) > +#if defined(__SANITIZE_ADDRESS__) > + > +#if !defined(CONFIG_CC_HAS_KASAN_MEMINTRINSIC_PREFIX) && !defined(CONFIG= _GENERIC_ENTRY) > +extern void *__underlying_memset(void *p, int c, __kernel_size_t size) _= _RENAME(memset); > +extern void *__underlying_memmove(void *p, const void *q, __kernel_size_= t size) __RENAME(memmove); > +extern void *__underlying_memcpy(void *p, const void *q, __kernel_size_t= size) __RENAME(memcpy); > +#elif defined(CONFIG_KASAN_GENERIC) > +extern void *__underlying_memset(void *p, int c, __kernel_size_t size) _= _RENAME(__asan_memset); > +extern void *__underlying_memmove(void *p, const void *q, __kernel_size_= t size) __RENAME(__asan_memmove); > +extern void *__underlying_memcpy(void *p, const void *q, __kernel_size_t= size) __RENAME(__asan_memcpy); > +#else /* CONFIG_KASAN_SW_TAGS */ > +extern void *__underlying_memset(void *p, int c, __kernel_size_t size) _= _RENAME(__hwasan_memset); > +extern void *__underlying_memmove(void *p, const void *q, __kernel_size_= t size) __RENAME(__hwasan_memmove); > +extern void *__underlying_memcpy(void *p, const void *q, __kernel_size_t= size) __RENAME(__hwasan_memcpy); > +#endif > + > extern void *__underlying_memchr(const void *p, int c, __kernel_size_t s= ize) __RENAME(memchr); > extern int __underlying_memcmp(const void *p, const void *q, __kernel_si= ze_t size) __RENAME(memcmp); > -extern void *__underlying_memcpy(void *p, const void *q, __kernel_size_t= size) __RENAME(memcpy); > -extern void *__underlying_memmove(void *p, const void *q, __kernel_size_= t size) __RENAME(memmove); > -extern void *__underlying_memset(void *p, int c, __kernel_size_t size) _= _RENAME(memset); > extern char *__underlying_strcat(char *p, const char *q) __RENAME(strcat= ); > extern char *__underlying_strcpy(char *p, const char *q) __RENAME(strcpy= ); > extern __kernel_size_t __underlying_strlen(const char *p) __RENAME(strle= n); > extern char *__underlying_strncat(char *p, const char *q, __kernel_size_= t count) __RENAME(strncat); > extern char *__underlying_strncpy(char *p, const char *q, __kernel_size_= t size) __RENAME(strncpy); > + > #else > > #if defined(__SANITIZE_MEMORY__) > @@ -110,6 +123,7 @@ extern char *__underlying_strncpy(char *p, const char= *q, __kernel_size_t size) > #define __underlying_strlen __builtin_strlen > #define __underlying_strncat __builtin_strncat > #define __underlying_strncpy __builtin_strncpy > + > #endif > > /** > -- > 2.25.1 >