From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 0F9E5C4167B
	for <linux-mm@archiver.kernel.org>; Wed, 29 Nov 2023 20:42:19 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 52C8A6B03D3; Wed, 29 Nov 2023 15:42:19 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 4DCB96B03DE; Wed, 29 Nov 2023 15:42:19 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 3A50E6B03E1; Wed, 29 Nov 2023 15:42:19 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13])
	by kanga.kvack.org (Postfix) with ESMTP id 28A946B03D3
	for <linux-mm@kvack.org>; Wed, 29 Nov 2023 15:42:19 -0500 (EST)
Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay09.hostedemail.com (Postfix) with ESMTP id EC89F804FE
	for <linux-mm@kvack.org>; Wed, 29 Nov 2023 20:42:18 +0000 (UTC)
X-FDA: 81512164356.15.9358F4F
Received: from mail-lj1-f179.google.com (mail-lj1-f179.google.com [209.85.208.179])
	by imf22.hostedemail.com (Postfix) with ESMTP id EF2C8C001B
	for <linux-mm@kvack.org>; Wed, 29 Nov 2023 20:42:16 +0000 (UTC)
Authentication-Results: imf22.hostedemail.com;
	dkim=pass header.d=chromium.org header.s=google header.b=iklgFSph;
	spf=pass (imf22.hostedemail.com: domain of swboyd@chromium.org designates 209.85.208.179 as permitted sender) smtp.mailfrom=swboyd@chromium.org;
	dmarc=pass (policy=none) header.from=chromium.org
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1701290537;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=SjyD2uy7rhiIwUguKMOS6O61vfhptuzTgpHO35Q0vkM=;
	b=dkBGu+/uWLPsiBRSKbVvFBWLKGfrZIaO9NTVwLK+dZNSkOHto7KPcS2wBMf0r3vzu6hqrQ
	uBLpWDv+uIpKkUv0CxVobQSV3c9ZF2Sy/M1NDbk4AOLYZikuwYPt2Cw+bW2Tka3Jaq1bps
	3Ctk67Hyg/OVHkSRB5md0XRbclFexhQ=
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1701290537; a=rsa-sha256;
	cv=none;
	b=dPTZ645pafUrEeafgYkl/sd2Q/TPwMn8HKBk/G2ovjFHmTMageJPIChV98Vbs2fWxSs1VK
	/XHjBFx4s9WrKa1fbARzUI9VTPyqqohJma8q8ImucvFAJt7CwKJFVDFZ4jYyqInRBeipGC
	SpGByViKpj+yFT2M1feLeHYx5jCiyBg=
ARC-Authentication-Results: i=1;
	imf22.hostedemail.com;
	dkim=pass header.d=chromium.org header.s=google header.b=iklgFSph;
	spf=pass (imf22.hostedemail.com: domain of swboyd@chromium.org designates 209.85.208.179 as permitted sender) smtp.mailfrom=swboyd@chromium.org;
	dmarc=pass (policy=none) header.from=chromium.org
Received: by mail-lj1-f179.google.com with SMTP id 38308e7fff4ca-2c50fbc218bso2893251fa.3
        for <linux-mm@kvack.org>; Wed, 29 Nov 2023 12:42:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google; t=1701290535; x=1701895335; darn=kvack.org;
        h=cc:to:subject:message-id:date:user-agent:from:references
         :in-reply-to:mime-version:from:to:cc:subject:date:message-id
         :reply-to;
        bh=SjyD2uy7rhiIwUguKMOS6O61vfhptuzTgpHO35Q0vkM=;
        b=iklgFSph7EVQh6V5YDvVIU9oWtnOX6BnWj5wmbtj9VvIR1MslZgEoLWwJbwWG4f3lM
         VH3gY6FCsGUMhQC/Ahq6HjC+H9ymv3JMJtTab+i8w6pmweS0sPyc+NZBoR+uLh0jbccj
         /WrakXgBvvP2eVYkE18vQ4sOwtZD7NzrfYLO4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1701290535; x=1701895335;
        h=cc:to:subject:message-id:date:user-agent:from:references
         :in-reply-to:mime-version:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=SjyD2uy7rhiIwUguKMOS6O61vfhptuzTgpHO35Q0vkM=;
        b=nljYr4P88XvaSEzMwTDgim4wAlgiCY2NUB0BLzxzN8k6ZTEMCNj2EA8lbavy+P3ka0
         Nc2oAHsmk/8zsXypo/Xx77hU3DnjJru+Us9vKtzw/VXShjqaIGJE3cSfq61f//9rd7Ea
         FZLufbRZQvCLXgC2OGNOn3GhtlKL2b5IXU7d4o/7fxCeJ0JoQHcnvmQUI44gK3VZOiqy
         JuahK7mzppRd2p04+i1k3S8x3GVJuAgrZYdVEKB/Ebz+xjry+ZVLIDnUBZOnOTVmL5NI
         gw6Wllg7kX8+vo+nqcSr35Ax265M2T8ydD6V5RtBrLk5bwEUMpq5nWipX5T+SdV3mIgr
         lojw==
X-Gm-Message-State: AOJu0YxZar00C7UWuk0lykqPu9taIFcIH1A8LONNXcM1qd3b9Cp1+c9U
	4NTP91Y3t27EzFhuFSFd2OLzp77Y3e0TLnTMtWbB4Q==
X-Google-Smtp-Source: AGHT+IGLtBi/LhsApUdsOPv/Q/7AseQ1qifIjVFc58wVFu+pFHvSnzJz7JInqQ9Npx4mSLCP14BLJFdwCOSfEaqh9eA=
X-Received: by 2002:a2e:9d8e:0:b0:2c9:c22e:31eb with SMTP id
 c14-20020a2e9d8e000000b002c9c22e31ebmr1958958ljj.22.1701290534275; Wed, 29
 Nov 2023 12:42:14 -0800 (PST)
Received: from 753933720722 named unknown by gmailapi.google.com with
 HTTPREST; Wed, 29 Nov 2023 12:42:13 -0800
MIME-Version: 1.0
In-Reply-To: <202311291219.A6E3E58@keescook>
References: <20231127234946.2514120-1-swboyd@chromium.org> <202311291219.A6E3E58@keescook>
From: Stephen Boyd <swboyd@chromium.org>
User-Agent: alot/0.10
Date: Wed, 29 Nov 2023 12:42:13 -0800
Message-ID: <CAE-0n53x8AXUPaq5_TaqF6PN5u5J6g5RYoNWALN-MnEJBa5syA@mail.gmail.com>
Subject: Re: [PATCH] lkdtm: Add kfence read after free crash type
To: Kees Cook <keescook@chromium.org>
Cc: linux-kernel@vger.kernel.org, patches@lists.linux.dev, 
	Arnd Bergmann <arnd@arndb.de>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, 
	Alexander Potapenko <glider@google.com>, Marco Elver <elver@google.com>, Dmitry Vyukov <dvyukov@google.com>, 
	kasan-dev@googlegroups.com, linux-mm@kvack.org
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Queue-Id: EF2C8C001B
X-Rspam-User: 
X-Stat-Signature: cd3hmobdsjta559crmgajs9uwo31d1g7
X-Rspamd-Server: rspam03
X-HE-Tag: 1701290536-855753
X-HE-Meta: U2FsdGVkX1/W1VfjS/boAnRTPSakVAPHcTIfaYfRvGL32GPS1yEOhJjKHyNQkoPbDUx9A57FS+WFhz7nPx1rnAJ+XLL7znpS1286VokUFSeLe+14LGWXTp727hlvbm5wuP0PewmbJoqeH30WTJqeLcZkb+oQaS5itKhZvlP/dNkAYsfCVLHnq2BYv3arS8lLztXUPYNDeqDklWFRrb6BdcPmzrd+o/gmCP6SdF6CIcpUlkHu+DOXq28fBiIg5AdJq9UO4gBgd7/PLoDiTOIGfDu/3BrN3Hy9/+5lfXGNO41gG82WXHjsurqsMnX1LJx8kAf9lA4mmqpGi7XSChQO4lJqTieuhD4eJxCOrGf2sMK3kApOMS+Vq2VwSFjsje4OWYr0VNgzfXUQPruRtdRpKsXBUjuw5K+k9HYThcJIq0JNMzFvDDXqpnfKkSKww8o4XgJI1lFMoze2C0CFwl27rlpEVAF1xIJRLX4ISNolRfgVqqLbt/c8/w1wGcE9t3UGEbcIxhap/j3Egd++gfssNu9EEv5w5YXqxCR7vQTBovuYVEl28TWsXosBYGR7ZxpDWX1pMzJO9djB0OMBO4Z7rUYQc5jyLxrX3+YVR1dr/SzJtys2kcrU/35HMzX9ypGrI43TUBunFZ/L8bPC8ZtWkk7t3F+EKtbw53BkYzJTfU+CWPX5tvh+h6Qd0X63QLOKnSwtvm2mZKsz5txRqe8tkbhIaZBQLVEWScPa7/rtz4z5DEjlDaKdkSUTq/HhGQqcmmR/VcOg52jSkqPktRCr2h1yihxMj4WjhJLaWbqCsKl1kFItv3oL2X7ZaQ/GOca0UcTqTAgOzo8SkTOs2TwCqopQHZGqQ3eY4Q3DoISgZ3IewmtRS2d6AlETKOR65uXBTTOrD8pkbw8w5VxcWn20t8wMDcr4JQwy/NF1HJXvoSsYhm7PPxqnf9G2c7Ugm27jvUXtQgxs9wHpzQL/5uA
 ScoXhQoL
 aGFHBzEifsDETb2Qi7PE0FbhYRd3cW5j9KSDoijUC+/UqVPJLfPLY5lXQHxTuIjOWZKAKL4gMaSSTvENeMdAvEmyurKywG1baDc99ohhJCS8xQ6q57w3leA36W8xtwQapXrhCBcfXLVs0yVHRJZjlbyKB18+FuQTP0+/1yUujlYkLtRMkSVswqvF2ssNWOUFZpHsQ9wHhSPvowmf/kL9zqGYP/942jRZNrjKEiI7KXQR/ufX2Ge/zxLaWY84pKVtI/3NSP4CQhPP+pe7IuBIpAxcCJvxU5WzpRlice7T38gl1K7JZBwEgMuFQIf0HszJldEil
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

Adding kfence folks (will add on v2).

Quoting Kees Cook (2023-11-29 12:22:27)
> On Mon, Nov 27, 2023 at 03:49:45PM -0800, Stephen Boyd wrote:
> > Add the ability to allocate memory from kfence and trigger a read after
> > free on that memory to validate that kfence is working properly. This is
> > used by ChromeOS integration tests to validate that kfence errors can be
> > collected on user devices and parsed properly.
>
> This looks really good; thanks for adding this!
>
> >
> > Signed-off-by: Stephen Boyd <swboyd@chromium.org>
> > ---
> >  drivers/misc/lkdtm/heap.c | 64 +++++++++++++++++++++++++++++++++++++++
> >  1 file changed, 64 insertions(+)
> >
> > diff --git a/drivers/misc/lkdtm/heap.c b/drivers/misc/lkdtm/heap.c
> > index 0ce4cbf6abda..608872bcc7e0 100644
> > --- a/drivers/misc/lkdtm/heap.c
> > +++ b/drivers/misc/lkdtm/heap.c
> > @@ -4,6 +4,7 @@
> >   * page allocation and slab allocations.
> >   */
> >  #include "lkdtm.h"
> > +#include <linux/kfence.h>
> >  #include <linux/slab.h>
> >  #include <linux/vmalloc.h>
> >  #include <linux/sched.h>
> > @@ -132,6 +133,66 @@ static void lkdtm_READ_AFTER_FREE(void)
> >       kfree(val);
> >  }
> >
> > +#if IS_ENABLED(CONFIG_KFENCE)
>
> I really try hard to avoid having tests disappear depending on configs,
> and instead report the expected failure case (as you have). Can this be
> built without the IS_ENABLED() tests?
>

We need IS_ENABLED() for the kfence_sample_interval variable. I suppose
if the config isn't set that variable can be assumed as zero and then
the timeout would hit immediately. We can either define the name
'kfence_sample_interval' as 0 in the header, or put an ifdef in the
function.

---8<---
diff --git a/drivers/misc/lkdtm/heap.c b/drivers/misc/lkdtm/heap.c
index 4f467d3972a6..574d0aa726dc 100644
--- a/drivers/misc/lkdtm/heap.c
+++ b/drivers/misc/lkdtm/heap.c
@@ -138,6 +138,14 @@ static void lkdtm_KFENCE_READ_AFTER_FREE(void)
 	int *base, val, saw;
 	unsigned long timeout, resched_after;
 	size_t len = 1024;
+	unsigned long interval;
+
+#ifdef CONFIG_KFENCE
+	interval = kfence_sample_interval;
+#else
+	interval = 0;
+#endif
+
 	/*
 	 * The slub allocator will use the either the first word or
 	 * the middle of the allocation to store the free pointer,
@@ -150,13 +158,13 @@ static void lkdtm_KFENCE_READ_AFTER_FREE(void)
 	 * 100x the sample interval should be more than enough to ensure we get
 	 * a KFENCE allocation eventually.
 	 */
-	timeout = jiffies + msecs_to_jiffies(100 * kfence_sample_interval);
+	timeout = jiffies + msecs_to_jiffies(100 * interval);
 	/*
 	 * Especially for non-preemption kernels, ensure the allocation-gate
 	 * timer can catch up: after @resched_after, every failed allocation
 	 * attempt yields, to ensure the allocation-gate timer is scheduled.
 	 */
-	resched_after = jiffies + msecs_to_jiffies(kfence_sample_interval);
+	resched_after = jiffies + msecs_to_jiffies(interval);
 	do {
 		base = kmalloc(len, GFP_KERNEL);
 		if (!base) {

---8<----
diff --git a/include/linux/kfence.h b/include/linux/kfence.h
index 401af4757514..88100cc9caba 100644
--- a/include/linux/kfence.h
+++ b/include/linux/kfence.h
@@ -223,6 +223,8 @@ bool __kfence_obj_info(struct kmem_obj_info *kpp,
void *object, struct slab *sla

 #else /* CONFIG_KFENCE */

+#define kfence_sample_interval	(0)
+
 static inline bool is_kfence_address(const void *addr) { return false; }
 static inline void kfence_alloc_pool_and_metadata(void) { }
 static inline void kfence_init(void) { }