From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8344FC27C79 for ; Thu, 20 Jun 2024 14:59:22 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id EEEEC8D00BB; Thu, 20 Jun 2024 10:59:21 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E9D078D00AF; Thu, 20 Jun 2024 10:59:21 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D3CF68D00BB; Thu, 20 Jun 2024 10:59:21 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id AF7EF8D00AF for ; Thu, 20 Jun 2024 10:59:21 -0400 (EDT) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 388C4801E1 for ; Thu, 20 Jun 2024 14:59:21 +0000 (UTC) X-FDA: 82251575322.20.E59F4AB Received: from mail-qv1-f48.google.com (mail-qv1-f48.google.com [209.85.219.48]) by imf18.hostedemail.com (Postfix) with ESMTP id 668DA1C0013 for ; Thu, 20 Jun 2024 14:59:19 +0000 (UTC) Authentication-Results: imf18.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=LzOtRCYf; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf18.hostedemail.com: domain of glider@google.com designates 209.85.219.48 as permitted sender) smtp.mailfrom=glider@google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1718895551; a=rsa-sha256; cv=none; b=HvbmnBdS/uQyNOPxWYhMLtg+2mY3rEXZg8iZw127Wx+XqpmC2WzfYv0mSeA2yPEEHGRqCZ Kvr9urM8vY26SRfHxnerYdA9nwXPZ6sh6FqZj9hIgsJ6IDvqIipobfzRnkUkwi+t8KNmCE DVKLTMC3plwmjZchvCEVS5uMHlQvsMA= ARC-Authentication-Results: i=1; imf18.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=LzOtRCYf; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf18.hostedemail.com: domain of glider@google.com designates 209.85.219.48 as permitted sender) smtp.mailfrom=glider@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1718895551; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=wQFe7+FoQAQ/Ej8PGtCjqCQeTZhNJNzpwjveIE3kwow=; b=c7kpdM6T8pfQw5lB0mCUOu9A2t40CQ0v2TQi4uQJhmYYX0UPEjvty5sb0WSDUuBvvu8SfH +lQM2Atd2kdXrPVzJ1X5USAB/lRcrHn/u3b7OaBD0Hz/NUZ8nqa2H/oP3acMw78rc3QNez eIVucmXWmuXKrMHFAog3krG0JPi2Ghc= Received: by mail-qv1-f48.google.com with SMTP id 6a1803df08f44-6b50aeb2424so5133036d6.0 for ; Thu, 20 Jun 2024 07:59:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1718895558; x=1719500358; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=wQFe7+FoQAQ/Ej8PGtCjqCQeTZhNJNzpwjveIE3kwow=; b=LzOtRCYfIMMt32uNZC+0Ey4IxuSWq5EmFGV90SSKuMC05GzGitqjDdD/tqVq0bOvVL inKUS3qj+0rvbQ66rG0/CVPSnHhIs81VEXDilYfvlNcIjhyG3eOORt1xLSmhutw5HHDw saS+YcyGpkoN9kBazH5SDB7ftC2eYNq2mup1n4Xw8neDE1DeBN8mWGyAfLbEntOQBzZu YrnQSm7dKBEPj3bKF72+eiEcr5oH9zO+YGTtxNP0KRX+blZtb+LqHt29cn4YHx1MptnW z5uGm1YABqychIHI4xyxI0PPfR1zbdMTb1eM2O+j/UtitY1j09AXcc7G+Rg9YWxUOAIk gqXA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718895558; x=1719500358; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=wQFe7+FoQAQ/Ej8PGtCjqCQeTZhNJNzpwjveIE3kwow=; b=w9JgsTJy1B4rvKYqd7j1RrF3ZFgBwn+fSxiRrfutngRLAbOBkFVTJ9ypiiOLZvHwuR UNGvErhHyAX8IIKa/L31BiHFDwAjmsz/ky2Gc6n48z8JlPqamBMgKXILSBP9kMmE6y9U 0WDUbUlp5A/sXMSLbfURjOQbI7zI8LmyYX/8RCfL1lkufIU3xhw9Hd7P9NjZqa0DmiZ7 3ka+lYXbebB047qOhD+Nz63aPAE80nJlN76kVZg3WPCnNETFh79kuIsBPJDR31l2lz9s cHUwv3gnfNMwHQDhBhw863BUtW2Tf667DAvqHdTLqhMos7/BVQIrzCGSha1ETaG5zpMo TR0A== X-Forwarded-Encrypted: i=1; AJvYcCVZN40BBFylRqnJvNxkbjzLYa3HNazqaXBNFSXeRSUWqxZiRbo5x/2zEUV2yk7Z02Lg7W6b2iz/EBmfxsapb1UGVvo= X-Gm-Message-State: AOJu0YyvGPcoLD+5a7I2/9u0V+WLN0bv7V3M8G5La17VhMxYgnrc5E47 G/eROFbxfnHJrQLAB50cQA2LzOKp8sVcvjakQYyVLBhnkjjY0zqkPXNfre3o2vgU4PGTJ/F72Cz aqP/t8JXqC2fFR4gcAVi3y/Mqc2NYulwX/FV4 X-Google-Smtp-Source: AGHT+IGeRuqV+cE/BwKBYEq3GJ1OZf5EGVZmjN41sQI94tB6oOMgdyEKTDLMRa7DT6aOW38eJ9+FxzAOQmbOR+cC/uI= X-Received: by 2002:a05:6214:14e3:b0:6b0:914d:4a56 with SMTP id 6a1803df08f44-6b501e9f7e5mr56738086d6.40.1718895558286; Thu, 20 Jun 2024 07:59:18 -0700 (PDT) MIME-Version: 1.0 References: <20240619154530.163232-1-iii@linux.ibm.com> <20240619154530.163232-14-iii@linux.ibm.com> In-Reply-To: <20240619154530.163232-14-iii@linux.ibm.com> From: Alexander Potapenko Date: Thu, 20 Jun 2024 16:58:37 +0200 Message-ID: Subject: Re: [PATCH v5 13/37] kmsan: Support SLAB_POISON To: Ilya Leoshkevich Cc: Alexander Gordeev , Andrew Morton , Christoph Lameter , David Rientjes , Heiko Carstens , Joonsoo Kim , Marco Elver , Masami Hiramatsu , Pekka Enberg , Steven Rostedt , Vasily Gorbik , Vlastimil Babka , Christian Borntraeger , Dmitry Vyukov , Hyeonggon Yoo <42.hyeyoo@gmail.com>, kasan-dev@googlegroups.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-s390@vger.kernel.org, linux-trace-kernel@vger.kernel.org, Mark Rutland , Roman Gushchin , Sven Schnelle Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 668DA1C0013 X-Stat-Signature: 1jsh5a6kbkeqchfmiipm6igcfdgp97gr X-Rspam-User: X-HE-Tag: 1718895559-81548 X-HE-Meta: U2FsdGVkX1/kOi7HYkmAigcFr3EYhk3rjZe3Qe4euJw78h1s/9jtaqoyh0AX+PE+z1uQhy6RlNC+aAyBnXAcQZJBdwnUDK4C+GFZ/BJgop7/+dV+arbmCmqDvuXnpE8FaLk6SvAaPFzuoBPnJckaS3zXFokK/gVLOlyr9I5/s1T+mALHMgOdKYTxL/QVdxfX2mm46FMia6Y7XL2DbePyfyfQDzf4A6d3Ug6qIuXAlpCQ9E8qZvFjTYy4Rrm1HoxHHDfh0FDi4GeMK5NLdGj6ZlRVlp7lyesskGbvcjK0g+vYWGtMKT/A2Zb5Pxo2TXUst2HZfemqi+qCQY9BQDMONwtZYSWShGpmRXpwWtRp6SYuUUXqQPGv4QvKCXeguANWagQjWpf/2i4Y6eNugqc+cDhctluDsTZAgP4RpXTODY4SgT8DR5ksF42A9/4Wfqw6izfXwaiCmHlg39D7IhS+9JD2syket2LJNDyWjEnZCE9v9xgyK4XUrXA7o2/SYqibmFHQdhdwu14aOGJCHyVQ6kpCQPogHu/g5z4mMpg/rsQLLBXKOb9M9VVsuRpZnF4W/mZr55gL8+ZQ3AH4E4qIfSgq/2XDJk7i1PIY1RHHo6p4qijcutjDE/vnHrfTrnk3CX1vqWUo5a9G+/3q/he0rRdozlfV/K2EzgL0g4Zl5IHx5pEoIScllgOIG+472AbpdVAV9Sw7Fg1HRjKO/WPWJvmni5Jkio2pkq44a2xEIUKkS0J1MpnGLeMJrw5i2kBiyLgviBkJ3KbUzKQ5vUrkbtKy/0FIuJXWdBs5s4C3di3tHv6jPADAmrEI7E9RWmq0gQBaOKGZg/hCfryD/SuEGW8u5FMADlHuhynNrsZVML/FerXbRV5W6Liwnl2cyo6W3FRY/de0CgciExSEaajrx5SRHFou4Sc/1HrLdeas2rb4L/HBQahrIHMUYKSbfTXBqx5i43KcD1eQcybfXCY ZWDdPIez S0Dq24qqPkHMgQQy49FPqQcu5l7ELieRVaI/U9lec7ltzenIgf0gh1l43cZMXUmV7lHKlRtyy/hv3mXaAo8qIehY2m20pOf3lpxTg4jNRezgYXIY0SmteznlC9+JLnnPPb33MwOY3Mz0lkv6BGFXOP0tfK8oyyXU3zlgeciy3wCn23AxiK4aXryYBoSd1IJf3E4xXKGzR7qYDJlbcDf3p/FHzNefm9UHbA8rUD6SKHidwgwRWOqvE6jd6xXExEvQdZoj9s3QGcTH9rFqwQw4DkSZkiuAiIakyEObjFXH6l943a0+sd1ZZeO9GO6ixeDD6wMMMsgRa8Dxq3lSJ8u9VtQsuDg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.011672, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Wed, Jun 19, 2024 at 5:45=E2=80=AFPM Ilya Leoshkevich wrote: > > Avoid false KMSAN negatives with SLUB_DEBUG by allowing > kmsan_slab_free() to poison the freed memory, and by preventing > init_object() from unpoisoning new allocations by using __memset(). > > There are two alternatives to this approach. First, init_object() > can be marked with __no_sanitize_memory. This annotation should be used > with great care, because it drops all instrumentation from the > function, and any shadow writes will be lost. Even though this is not a > concern with the current init_object() implementation, this may change > in the future. > > Second, kmsan_poison_memory() calls may be added after memset() calls. > The downside is that init_object() is called from > free_debug_processing(), in which case poisoning will erase the > distinction between simply uninitialized memory and UAF. > > Signed-off-by: Ilya Leoshkevich Reviewed-by: Alexander Potapenko