From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3AFDCE77173 for ; Fri, 6 Dec 2024 19:03:42 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B946C6B02CC; Fri, 6 Dec 2024 14:03:41 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id B1CA06B02CD; Fri, 6 Dec 2024 14:03:41 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 996BB6B02CE; Fri, 6 Dec 2024 14:03:41 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 752D76B02CC for ; Fri, 6 Dec 2024 14:03:41 -0500 (EST) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 14CFD1412AA for ; Fri, 6 Dec 2024 19:03:41 +0000 (UTC) X-FDA: 82865456982.20.3DFB995 Received: from mail-qt1-f175.google.com (mail-qt1-f175.google.com [209.85.160.175]) by imf24.hostedemail.com (Postfix) with ESMTP id 0E022180007 for ; Fri, 6 Dec 2024 19:03:36 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=t3RTVGUv; spf=pass (imf24.hostedemail.com: domain of surenb@google.com designates 209.85.160.175 as permitted sender) smtp.mailfrom=surenb@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1733511811; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=/YX5vENod+T2504BLwhTU0GY18CRB3665KAzSJYvLbQ=; b=s/Tvjkd7VMmdJNOXtrCYI6Aw9j6iqzsuoE9XGV2u6Cw/5EQO5qZ+OKSUYy/7oyjvR64ocX UViwV03a02qx3F4dhf+8TfvUuWJnesuABsRMdF2J7lFgzBiyrW551dcVi8AjSpeeJAndHW bxcL9XnE3dgD5x/8Z19VRj3JyROv/4A= ARC-Authentication-Results: i=1; imf24.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=t3RTVGUv; spf=pass (imf24.hostedemail.com: domain of surenb@google.com designates 209.85.160.175 as permitted sender) smtp.mailfrom=surenb@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1733511811; a=rsa-sha256; cv=none; b=uIS8eGckpHYHbQPCGEV2aUv1owwzUbaC0I+CNIk1sMbX4YPR03qVy7ATtVenbMPVsuYf/I KnOUkvfTqafow3KPtAnLbl3X3ZB2SeKjGfd5beCqJAfg2tvNEndJ8En/BFGCwQR4cpqcvh xSYiRf+J3oLtzrR5Qp3Rn3ZidRqX/Cw= Received: by mail-qt1-f175.google.com with SMTP id d75a77b69052e-4668caacfb2so15751cf.0 for ; Fri, 06 Dec 2024 11:03:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1733511818; x=1734116618; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=/YX5vENod+T2504BLwhTU0GY18CRB3665KAzSJYvLbQ=; b=t3RTVGUvBR5X1eUI42yI2NgnGMXvIj9jF8VHeIEMPcHIyRM9XtNpIXD1LsrL7Hbpgq z8EhsFcH6zDnfJpjJyYlFmmN5LyPpyhuNERGStBqZpESrxbsphefUnKkl5R68sQShioc uXqGDP36Zzn0KvluJMdHj5+NgBDiNacw3rbPkMJCGWkaPbewMokzGF9NS4SLqyPIP0Uw Vjat7vhaZUc//94IJDromK9DRrQtWxMKyXKgCIfOc0HpUra704WsA00YKwxkGwXKzxpW AVVtO7tMvCQNgaxhH16Y7VQbsunExSRAoBJsFxGOgumKkOo51S23LUUnn6Upi5i1osJ2 yfPA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733511818; x=1734116618; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/YX5vENod+T2504BLwhTU0GY18CRB3665KAzSJYvLbQ=; b=O+GAjiVu18q4RkTmgEjKcwwD6RDx6LZazUz6SrLCwRhrHmFBteJiLGwwnGfjPZABsJ 9LI6Rha+G0VutLJPVrHut/e8Gjz7U/ZxZUZeigGmpd/8UHfLIBtY1npW3q25ZEllM+RU 4UxBpY5mTC5GtN7SLzinXBYClF8vLvxHS6cjuOY/w246/eKHlGQoUbdhjcAZcOnaUMmz i3B0llr5J44bXLNXCyxGRcKzqLysg9OGlhqVHnxLme5Y9HvcYNxrMEmcY41WdZfXFB2w NXNva4OksH+AGaUJeDXkzy/a/PXlPR5EjbDGZ9M0EaWBOjESMdlTMnn6DYIYpUIcTcXJ lVMQ== X-Forwarded-Encrypted: i=1; AJvYcCV46GCBTbMY5UwIR1kGrtUls9ywZeb6tML5bDleJPKpETAOxaDiXt/PL08NzbZzfPejDABv7iGJPg==@kvack.org X-Gm-Message-State: AOJu0YxID9wfl5GNDH98LNY8cqX1PAcp6qL3iL/qAOvbtiQ+gf2nK8RO /pwFi93tjyPyqh27F1Y8UwZBwzqnSxIogct+FjXrA0UOjOs/FUAw9e1+qqzrZWwU/EoaxdtE/1G XWOrzk4XyFaks1N8zuZg3V1fPQJ4aSWRghA1p X-Gm-Gg: ASbGncv9z9Tww6RHfvVzvtrxLtAooIBztcxY2HhJvYWI1+eoQk9pLtX2YDZTd0J6Xj9 SsmHrReIMQnNUuCmpHRaRGZsTHf0jCHA= X-Google-Smtp-Source: AGHT+IE7az5T85bqb0ZrEqUiq279W4MrSFYCCDOPPQ5tt2P1bmQGfOgbXDo7InMVxwIvzWVakAu/ZgfG/Rse6xCGg9w= X-Received: by 2002:a05:622a:2447:b0:466:9003:aae6 with SMTP id d75a77b69052e-46746f36854mr195891cf.2.1733511818094; Fri, 06 Dec 2024 11:03:38 -0800 (PST) MIME-Version: 1.0 References: <43bf216e-18f7-680c-ae75-773b03c8dc00@linux.dev> <20241205170528.81000-1-hao.ge@linux.dev> In-Reply-To: <20241205170528.81000-1-hao.ge@linux.dev> From: Suren Baghdasaryan Date: Fri, 6 Dec 2024 11:03:27 -0800 Message-ID: Subject: Re: [PATCH v3] mm/alloc_tag: fix vm_module_tags_populate's KASAN poisoning logic To: Hao Ge Cc: kent.overstreet@linux.dev, akpm@linux-foundation.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Hao Ge Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 0E022180007 X-Stat-Signature: 35s74sj8bqjxporzbr9fz91h3b6ztfyr X-Rspam-User: X-Rspamd-Server: rspam11 X-HE-Tag: 1733511816-343650 X-HE-Meta: U2FsdGVkX1+eHbOo71KlkMMEuOR1ANT6TPatwCjvMyhQnE1AKMywMYzvPsMJhNqRBAkjzlCa6Y9Dp965eBot1opbMCG+9JIWIZTWZegSqIGnpHnNzVdfVnV8dn/NBv8+lKPyYkuwlD1gYkg1wCrwKenGNfBhCgRbjZDhN3f1nn0y28AjwAeFiIXNOS3Ff+PaobR2lJdj77bR5BPnCPo78tFA42kb7b7f9fv0QJSS7WTWQr21ZKkDoK+e24RfAo5DyhqjfY8k8jbeGWwTTMuC6Sx37h0cHPDU28pWs6V5D6d/tTQkS7BZr3mEFY1dBLqypzMLp74Iqc/F7xJXff2xbY/czYqWMEiKBZDZyht66TQitQSDUqKk8K5svQJA7J2N3cYgH6JfYcertKvniNZKvMN+qFEyFaTMNU9YIXE50Q9ZMMdGBAlxxTvTyjJMSun8wXCK6rsR9z9Ara3N3zePMCFqL8Hk5QBVp5+Xu8fgGQXkVZ6QnDH5JoqTAK+YH0xq76tT15jqAfo0e+GwtKoH4/PUhElE0wpp68fKRzeKp5r5ZY3mF+w9rrxuiG9ONTRLWmjpKSphyybViwhUfDvt3Jcs52vDOYF0HwTKVdGt1CoDPEunXD9CY4K+hCLgIqzmK3jKuso50Ev15rcPCdUi9Kljh1nAJzOaleSV0h8FNQuj9//AvAep6xLc7R+lDWCh/JaHRI6iz1L48ZOZJvWgm9Qky/k40Z2kzluGP1H7uyYzPQ7hW2885KhlVIOMlEg8A/N0doZDezKU25xfiHRMl+CKCxlFYwJCvWWMnLeFdFGm0tdov4EmSnaWT23hlPSsVXJgF+2lVNxmRDtL5lTWjE7kruqdQl6L0RvCfDVFYBSAg0VrJHr/q6rmHptqMxbRVp6KmuZs/wmPLSlEQjJ4DJn/5dTs0A3GOXdAM5rRmpMrQLHCf5lEyTU8rv1pMX11E45gQg8w7gRHh0coD9h MIOVdMt9 ywhyQgmZLbnp2/h0ZrNbg+i8yYES9/A4xVJeitp2TFZIkfAywz7XxPa75P8YbQVKFwWmJ32dQCjcwbpRi+TvrA8+HfjbjJY8oJ1rQXcz4hIQlSwT1j+w0hr/K+/1oCvOjkQ0Furora1TjrikbJruaglkng2RqGGJ1mIPM0OPQ/X4Sl7yqjTvTsJj4Vv3qsqvUod9NKSHgTUoZZ/JzTUPUAICGIZz9qOWYWfi34WBZH8QkX36PpHCMLl06dlTpvBsGh6zecC1f9y4K1Ck= X-Bogosity: Ham, tests=bogofilter, spamicity=0.037051, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, Dec 5, 2024 at 9:05=E2=80=AFAM Hao Ge wrote: > > From: Hao Ge > > After merge commit 233e89322cbe ("alloc_tag: > fix module allocation tags populated area calculation"), > We still encountered a KASAN bug. > > This is because we have only actually performed > page allocation and address mapping here. > we need to unpoisoned portions of underlying memory. > > Here is the log for KASAN: > > [ 5.041171][ T1] =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > [ 5.042047][ T1] BUG: KASAN: vmalloc-out-of-bounds in move_module+0= x2c0/0x708 > [ 5.042723][ T1] Write of size 240 at addr ffff80007e510000 by task= systemd/1 > [ 5.043412][ T1] > [ 5.043523][ T72] input: QEMU QEMU USB Tablet as /devices/pci0000:00= /0000:00:01.1/0000:02:001 > [ 5.043614][ T1] CPU: 0 UID: 0 PID: 1 Comm: systemd Not tainted 6.1= 3.0-rc1+ #28 > [ 5.045560][ T1] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.= 0 02/06/2015 > [ 5.046328][ T1] Call trace: > [ 5.046670][ T1] show_stack+0x20/0x38 (C) > [ 5.047127][ T1] dump_stack_lvl+0x80/0xf8 > [ 5.047533][ T1] print_address_description.constprop.0+0x58/0x358 > [ 5.048092][ T72] hid-generic 0003:0627:0001.0001: input,hidraw0: US= B HID v0.01 Mouse [QEMU 0 > [ 5.048126][ T1] print_report+0xb0/0x280 > [ 5.049682][ T1] kasan_report+0xb8/0x108 > [ 5.050170][ T1] kasan_check_range+0xe8/0x190 > [ 5.050685][ T1] memcpy+0x58/0xa0 > [ 5.051135][ T1] move_module+0x2c0/0x708 > [ 5.051586][ T1] layout_and_allocate.constprop.0+0x308/0x5b8 > [ 5.052219][ T1] load_module+0x134/0x16c8 > [ 5.052671][ T1] init_module_from_file+0xdc/0x138 > [ 5.053193][ T1] idempotent_init_module+0x344/0x600 > [ 5.053742][ T1] __arm64_sys_finit_module+0xbc/0x150 > [ 5.054289][ T1] invoke_syscall+0xd4/0x258 > [ 5.054749][ T1] el0_svc_common.constprop.0+0xb4/0x240 > [ 5.055319][ T1] do_el0_svc+0x48/0x68 > [ 5.055743][ T1] el0_svc+0x40/0xe0 > [ 5.056142][ T1] el0t_64_sync_handler+0x10c/0x138 > [ 5.056658][ T1] el0t_64_sync+0x1ac/0x1b0 > > Fixes: 233e89322cbe ("alloc_tag: fix module allocation tags populated are= a calculation") > Signed-off-by: Hao Ge Acked-by: Suren Baghdasaryan > --- > v3: Based on Suren's suggestion, I modified the code,Thank you for Suren. > I realized that the 'poisoned' is actually not needed, so I removed i= t > Due to these changes, update the commit message. > > v2: Add comments to kasan_unpoison_vmalloc like other places. > > commit 233e89322cbe ("alloc_tag: fix module allocation > tags populated area calculation") is currently in the > mm-hotfixes-unstable branch, so this patch is > developed based on the mm-hotfixes-unstable branch. > --- > lib/alloc_tag.c | 9 +++++++++ > 1 file changed, 9 insertions(+) > > diff --git a/lib/alloc_tag.c b/lib/alloc_tag.c > index 4ee6caa6d2da..f942408b53ef 100644 > --- a/lib/alloc_tag.c > +++ b/lib/alloc_tag.c > @@ -424,6 +424,15 @@ static int vm_module_tags_populate(void) > vm_module_tags->nr_pages +=3D nr; > } > > + /* > + * Mark the pages as accessible, now that they are mapped. > + * With hardware tag-based KASAN, marking is skipped for > + * non-VM_ALLOC mappings, see __kasan_unpoison_vmalloc(). > + */ > + kasan_unpoison_vmalloc((void *)module_tags.start_addr, > + new_end - module_tags.start_addr, > + KASAN_VMALLOC_PROT_NORMAL); > + > return 0; > } > > -- > 2.25.1 >