From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-23.6 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 020F4C433DB for ; Fri, 8 Jan 2021 18:25:57 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 885D323A79 for ; Fri, 8 Jan 2021 18:25:56 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 885D323A79 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 1BC858D0191; Fri, 8 Jan 2021 13:25:56 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 147828D0156; Fri, 8 Jan 2021 13:25:56 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 035368D0191; Fri, 8 Jan 2021 13:25:55 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0153.hostedemail.com [216.40.44.153]) by kanga.kvack.org (Postfix) with ESMTP id DEAF08D0156 for ; Fri, 8 Jan 2021 13:25:55 -0500 (EST) Received: from smtpin06.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id ACB75181AEF21 for ; Fri, 8 Jan 2021 18:25:55 +0000 (UTC) X-FDA: 77683436670.06.mouth39_3a00db1274f5 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin06.hostedemail.com (Postfix) with ESMTP id 7905A1003C39D for ; Fri, 8 Jan 2021 18:25:55 +0000 (UTC) X-HE-Tag: mouth39_3a00db1274f5 X-Filterd-Recvd-Size: 6882 Received: from mail-pg1-f181.google.com (mail-pg1-f181.google.com [209.85.215.181]) by imf01.hostedemail.com (Postfix) with ESMTP for ; Fri, 8 Jan 2021 18:25:54 +0000 (UTC) Received: by mail-pg1-f181.google.com with SMTP id q7so6231796pgm.5 for ; Fri, 08 Jan 2021 10:25:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=0EAbk42/5hnLn57GbgtjDwqdHR3jfIYT2uMLmHPvJts=; b=GmQA0TK1/fTvWRYlbX8p4NPq4WB22Wg7Ywbvgze/EhfVQshxKbzRchG+vtkcGQuoef R1n3DPD6AwLpB0NZ6vsDh6tsbfOQdqPWqWbwLhZ2z9NFT2R93LSkpRXtt9ixq6WY6ZRM 1WyDPU8zCGq4TLif15/bk4JUs6ujHJ25HFJydxDHv63V+iRTHSRGHeXVCB7uQH8q0+l1 sopBNNW0T04cFEroSGKOLkgAjG/QP80skKIH3DiMsBocEd6MmwUik3QEgj51blSfLrw+ kxI2d3CDwr0ony4tio4VgC0RbmYV7iTNwGvdKwsTV9hTMcXKx6gvb5g6x3Ne4JR787kN Iunw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=0EAbk42/5hnLn57GbgtjDwqdHR3jfIYT2uMLmHPvJts=; b=ZiHiH3KdoQN/H7ODS3qs292hh8VIfPxxZ4Ydhh7tEXhVP4WQXo6qI09DSziym350Ut /4QTL5gpzljcx7tXeoKFnu7krUS694V5Et8bpIc/MQ5gw/vzfKXG3rSuhnJMa86s6MoD ccAReUFNxBj2ZvyHOfzvO+B2Jo1Y+aXvnWfOblmA3O4wFJOmJYkZk3g1sBndnr1fuFSK kms8RV9N6rQJXSK+VRD3cNNbwY7KMuzihXJ1N4Aih24sSQITyVDCtgjcRdKarRJSC3bj z1sUotMf0p4Crt8bfX3yqYdbg6pYGjH6sW0IlmsYylTM5XnwLNzDlDkRZYFwv9YdZ5a3 zTTw== X-Gm-Message-State: AOAM530AC4uxxy8aLTpiJ/uoyhJ03bGJKhikbj6QqQcvNO1cSoWUHPEF R1nlVg19NdSsu43lti9cHNg7GSpbLtdaTbekV2vbEg== X-Google-Smtp-Source: ABdhPJyIbSeQV6YmcwWirU9XjduVAgHbx7V4PDlg5rOhCznobe6ijBKgyvJ9t3YwNnsM4pixotFS5VtXnV7o52yaQTg= X-Received: by 2002:a62:2585:0:b029:1ab:7fb7:b965 with SMTP id l127-20020a6225850000b02901ab7fb7b965mr4980449pfl.2.1610130353786; Fri, 08 Jan 2021 10:25:53 -0800 (PST) MIME-Version: 1.0 References: <20210103135621.83129-1-lecopzer@gmail.com> In-Reply-To: <20210103135621.83129-1-lecopzer@gmail.com> From: Andrey Konovalov Date: Fri, 8 Jan 2021 19:25:42 +0100 Message-ID: Subject: Re: [PATCH] kasan: fix unaligned address is unhandled in kasan_remove_zero_shadow To: Andrey Ryabinin Cc: LKML , Linux Memory Management List , kasan-dev , Dan Williams , Alexander Potapenko , Dmitry Vyukov , Andrew Morton , linux-mediatek@lists.infradead.org, yj.chiang@mediatek.com, Lecopzer Chen , Lecopzer Chen Content-Type: text/plain; charset="UTF-8" X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Sun, Jan 3, 2021 at 2:56 PM Lecopzer Chen wrote: > > During testing kasan_populate_early_shadow and kasan_remove_zero_shadow, > if the shadow start and end address in kasan_remove_zero_shadow() is > not aligned to PMD_SIZE, the remain unaligned PTE won't be removed. > > In the test case for kasan_remove_zero_shadow(): > shadow_start: 0xffffffb802000000, shadow end: 0xffffffbfbe000000 > 3-level page table: > PUD_SIZE: 0x40000000 PMD_SIZE: 0x200000 PAGE_SIZE: 4K > 0xffffffbf80000000 ~ 0xffffffbfbdf80000 will not be removed because > in kasan_remove_pud_table(), kasan_pmd_table(*pud) is true but the > next address is 0xffffffbfbdf80000 which is not aligned to PUD_SIZE. > > In the correct condition, this should fallback to the next level > kasan_remove_pmd_table() but the condition flow always continue to skip > the unaligned part. > > Fix by correcting the condition when next and addr are neither aligned. > > Fixes: 0207df4fa1a86 ("kernel/memremap, kasan: make ZONE_DEVICE with work with KASAN") > Signed-off-by: Lecopzer Chen > --- > mm/kasan/init.c | 20 ++++++++++++-------- > 1 file changed, 12 insertions(+), 8 deletions(-) > > diff --git a/mm/kasan/init.c b/mm/kasan/init.c > index 67051cfae41c..ae9158f7501f 100644 > --- a/mm/kasan/init.c > +++ b/mm/kasan/init.c > @@ -372,9 +372,10 @@ static void kasan_remove_pmd_table(pmd_t *pmd, unsigned long addr, > > if (kasan_pte_table(*pmd)) { > if (IS_ALIGNED(addr, PMD_SIZE) && > - IS_ALIGNED(next, PMD_SIZE)) > + IS_ALIGNED(next, PMD_SIZE)) { > pmd_clear(pmd); > - continue; > + continue; > + } > } > pte = pte_offset_kernel(pmd, addr); > kasan_remove_pte_table(pte, addr, next); > @@ -397,9 +398,10 @@ static void kasan_remove_pud_table(pud_t *pud, unsigned long addr, > > if (kasan_pmd_table(*pud)) { > if (IS_ALIGNED(addr, PUD_SIZE) && > - IS_ALIGNED(next, PUD_SIZE)) > + IS_ALIGNED(next, PUD_SIZE)) { > pud_clear(pud); > - continue; > + continue; > + } > } > pmd = pmd_offset(pud, addr); > pmd_base = pmd_offset(pud, 0); > @@ -423,9 +425,10 @@ static void kasan_remove_p4d_table(p4d_t *p4d, unsigned long addr, > > if (kasan_pud_table(*p4d)) { > if (IS_ALIGNED(addr, P4D_SIZE) && > - IS_ALIGNED(next, P4D_SIZE)) > + IS_ALIGNED(next, P4D_SIZE)) { > p4d_clear(p4d); > - continue; > + continue; > + } > } > pud = pud_offset(p4d, addr); > kasan_remove_pud_table(pud, addr, next); > @@ -456,9 +459,10 @@ void kasan_remove_zero_shadow(void *start, unsigned long size) > > if (kasan_p4d_table(*pgd)) { > if (IS_ALIGNED(addr, PGDIR_SIZE) && > - IS_ALIGNED(next, PGDIR_SIZE)) > + IS_ALIGNED(next, PGDIR_SIZE)) { > pgd_clear(pgd); > - continue; > + continue; > + } > } > > p4d = p4d_offset(pgd, addr); > -- > 2.25.1 Andrey, could you please take a look at this change? Thanks!