From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B02BDD3F29E for ; Fri, 18 Oct 2024 21:03:36 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 21C656B00A1; Fri, 18 Oct 2024 17:03:36 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 1CCD76B00A2; Fri, 18 Oct 2024 17:03:36 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 06C9C6B00A8; Fri, 18 Oct 2024 17:03:35 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id D5BC26B00A1 for ; Fri, 18 Oct 2024 17:03:35 -0400 (EDT) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id F2B59AB2F6 for ; Fri, 18 Oct 2024 21:03:10 +0000 (UTC) X-FDA: 82687948728.27.E6C9F8F Received: from mail-pj1-f52.google.com (mail-pj1-f52.google.com [209.85.216.52]) by imf10.hostedemail.com (Postfix) with ESMTP id AD7A9C001A for ; Fri, 18 Oct 2024 21:03:28 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=pVe9f2Ql; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf10.hostedemail.com: domain of elver@google.com designates 209.85.216.52 as permitted sender) smtp.mailfrom=elver@google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1729285365; a=rsa-sha256; cv=none; b=MpKsrFaBDGSQTPAlRmcDo2zAEBuUE1oNgmAfW7a8MGdIVHV/t1Q5JbI0N9lzeD0plrHN1/ mj71skkl19+YTrHR2mjKUk2clT2Ok3sfyRqsp705rD7L+llKJSLID/aoek7adOC103CeME SF3ctMwD7nL+4SPdu2LOfbW8fp0+7Aw= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=pVe9f2Ql; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf10.hostedemail.com: domain of elver@google.com designates 209.85.216.52 as permitted sender) smtp.mailfrom=elver@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1729285365; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=nt+dAjhuzZ5n+ygaPAn3gZpiBolEQtWHa7Naom0sNUY=; b=HZ+l+0PgBJoX/WX0f/UMu7rGQzzIBIoVj0a0QvPvKCUcDwun4lH9hw/IBDzMn/W4hbv48m C2muAmXMe015dc0gTl5JnpLh7ayi2VDYp9lPweXwpLG3MSTq8qI7VMilnXQHwcv91p5tNU wrdy/faknaY+APotjyd3c4GCKRkBqm0= Received: by mail-pj1-f52.google.com with SMTP id 98e67ed59e1d1-2e06acff261so1896848a91.2 for ; Fri, 18 Oct 2024 14:03:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1729285412; x=1729890212; darn=kvack.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=nt+dAjhuzZ5n+ygaPAn3gZpiBolEQtWHa7Naom0sNUY=; b=pVe9f2QlVo4wyy7vagg5cTVkej8absPbOwoI8BhkxSxMCiy4017encamNcPYO2DqWt qEdYRYvEbV4LK1gH56+DXmGNYmDm/6W6hyx4C7XKEaC2l25OvTAU58Tt3nWf8QTC93OU fR/W2WOmWOfqIaP2UNL573cxxt/8P362Yg9KPQ0Fphk8Uvw0SSLl0yXse/e+L/L8p/+f E/oWeNbnScOKuyvPWu3suzP0rBC8m9bFjRirbeoNi9VcpsJmYZLJeEUprrtr8PuBdEPF d9YH2ZCRRtuF9YBiqmlCHztT8etPYkeyUzqltDP/pi5qEQWSMZMuu9bHdwzw0fBVzzfF F0zg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1729285412; x=1729890212; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=nt+dAjhuzZ5n+ygaPAn3gZpiBolEQtWHa7Naom0sNUY=; b=YWDJ6C5n7THrtiARtPwFaTgkETrGdrOK2v/zzn3o6w/7k31oBTEFB5JuxkIoSKfVap QkzJ1PFzcMop0YRK8YzEx1d3Y62JMqp0gAy1zrbNevQJVm61JBan4x3NqZwNW7mX/orf 7X9eZaNA6OcRapSPbKOliGjQ0fDp4BKgQmuAvvCPwOW9+KYSCLVPHyKAF2yAOWRlJXVl n2npQb4hXeC/BGmOZU4pdb7z4yrIP+O1InLt+BKIZBYVwsTgovikhiWwdc4rk33nthxT scqsaQHEP8U6D0ovkASZIIBZqSRMtHu2TrEsZjmau7vUI+ePYuUePQsUo0riczjQv6As RdVA== X-Forwarded-Encrypted: i=1; AJvYcCViwMFz6BMdCTss5Fy9pxx87YolaWSu8UOKAB2117w/GKoa77oyEYqriw2B3wnW5LfK60+1BFVBMQ==@kvack.org X-Gm-Message-State: AOJu0YwJp7yQkw69wUrbCsb3/ocAfTseBu9jx5GPLk8ddqxFEdvrLka2 HcfsmkmPjEZ2anTEPwbe0/tenpRXzPtzvgqQIZ+hEU7JBByBTirpZDcXVFfLunloVoIFttrxudZ W18eMCxdVIB04jNmY7RNXeGQ1aYe/W0j298F9 X-Google-Smtp-Source: AGHT+IEqtDiQGQ2m97dC1U/b6tmKS9G4+mhtsocnFyilcn7/D2jeuhNf+cYw3AyGzhurPX7BfICfIrDLSl6qK1QdU/s= X-Received: by 2002:a17:90b:f87:b0:2e2:d821:1b77 with SMTP id 98e67ed59e1d1-2e5616509b4mr4435772a91.24.1729285412125; Fri, 18 Oct 2024 14:03:32 -0700 (PDT) MIME-Version: 1.0 References: <210e561f7845697a32de44b643393890f180069f.1729272697.git.ritesh.list@gmail.com> In-Reply-To: <210e561f7845697a32de44b643393890f180069f.1729272697.git.ritesh.list@gmail.com> From: Marco Elver Date: Fri, 18 Oct 2024 23:02:51 +0200 Message-ID: Subject: Re: [PATCH v3] mm/kfence: Add a new kunit test test_use_after_free_read_nofault() To: "Ritesh Harjani (IBM)" Cc: kasan-dev@googlegroups.com, linuxppc-dev@lists.ozlabs.org, linux-mm@kvack.org, Dmitry Vyukov , Alexander Potapenko , Heiko Carstens , Nirjhar Roy Content-Type: text/plain; charset="UTF-8" X-Rspam-User: X-Rspamd-Queue-Id: AD7A9C001A X-Rspamd-Server: rspam01 X-Stat-Signature: fmucf8wqgmj8kju17jdg4h3qacnys5pd X-HE-Tag: 1729285408-903053 X-HE-Meta: U2FsdGVkX18y+rEXqRnvyw+sgRVGMNkE6SQrOm0D0aqEmHaAPzNmgQet/yFkS5rgWLw93xfKVvjr+rdX2sM8j0D8J7lO2guxd8O9qbjsCdGUO28N4Eig6ib5WUFzl0c2RaSNwnzCWEXnCtHAdezT0+FZYUIkuJhepodPMRpMzMHlkWzHuI+Lc0sLyXSRWV4pIrY+XoJPyJ1wWr7VBAbMa2gOO1BxCPDjHeC8GUbXnKEIUKBEgWkBorZeHXvpYYZDhEvAlreICR1hLoHbwDeXXZdNVV0ZB3o9TXfrO4Jb++UQhxUbBdjrfyG++cMAgPWaXb9vmT0HlI8AzQ/vp+R7hE7qg0WlllXcCmbtHAcfcK6H4i5J8f+5rmUmIHqloEZ7/TECfqtpskN2mHn7tVN7a357lG34ztARPI5d79Uq5M892qp+WZc6KU8p/1SvYrGSeH6hc2LDOb7cItXo+qm1bdAMlvVSWXqtNS/My1CIQLqXM2awYiQQJZbKtq853lOP8XEbHHlwfaPgXFadZx5oVVzhjRBSghb8yimapXy8TWJmLpgqaL1T3+UAySvsEeYRpnSw9WhI3/P/hQgbPabJZ/7UUxfQDFqNumfG89a3u8OPQdOOxJkbr1UNS5rwXXg2aTRdrHXNuMwZeTX0I+dejN+Y5nfxag8UH+t6x3L0TnJVrLou8moBHtzURb5qRc9p0d3wV3cRw6sbwXNLCEDYtpEnN/t7l9igYA3BEuwJyUXWZE+uCVFR2otipdSIN1PCDfvIWAfeR2+7eVVVOvV0sx+iNQXzvXrm8UEUxqsLfNFMdAVIeAS7S30+lteaw6Rxf0Qne7vEE2/bOuyRn2JBa09LyL7PnkeTm0LJW8ghM0d6jIh+Ygw4EIvGRj1ILyarh7VWGqV3wy1iw5vOBDlUPcCJDc3VSa4j0zwxKzv7UW6kHBGx9r/PPJ6Q8mOH8/Ju5ULZKGPRSMGGC04lOMo GE2db0Li +5Fv3FQqbS/dCHVa5k/eruGoEq7TbR6gX3KSMi6++ONLJBDYsG82JPBCAo6ivD+sSrnc2f1i0pj058IDLLSEBtA62FiedyuzB6Q6JuDZmxL5BUB1+Ey2Tra4TiZFwAlsrE+99JqeOazQ2m1id4U2rzE5itBQ97mOYocWnO72Aa9p7q8tkJEBIK8OpgNTdNS/YT3XzN/oNaY5byOiy/v+NeGCmFZAfTmWJGoO5MquPgZmKVx887zf0NzBqx5xRxNlVRGhuNri65Z7HW/S+Nh+2pP7RshrW0q+QxCw0kZ1LmhWr86KrV3JOMuq+sRAqU/f8vMbckhZhDAsguhAzMb55zJBcsvbM9ZfMeb8zYansvyDiaZXeQY2Gks6si3LsuEMdndECpuURtk5QJMxR/pJLkpt62w== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000008, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, 18 Oct 2024 at 19:46, Ritesh Harjani (IBM) wrote: > > From: Nirjhar Roy > > Faults from copy_from_kernel_nofault() needs to be handled by fixup > table and should not be handled by kfence. Otherwise while reading > /proc/kcore which uses copy_from_kernel_nofault(), kfence can generate > false negatives. This can happen when /proc/kcore ends up reading an > unmapped address from kfence pool. > > Let's add a testcase to cover this case. > > Co-developed-by: Ritesh Harjani (IBM) > Signed-off-by: Nirjhar Roy > Signed-off-by: Ritesh Harjani (IBM) > --- > > Will be nice if we can get some feedback on this. There was some discussion recently how sanitizers should behave around these nofault helpers when accessing invalid memory (including freed memory): https://lore.kernel.org/all/CANpmjNMAVFzqnCZhEity9cjiqQ9CVN1X7qeeeAp_6yKjwKo8iw@mail.gmail.com/ It should be similar for KFENCE, i.e. no report should be generated. Definitely a good thing to test. Tested-by: Marco Elver Reviewed-by: Marco Elver > v2 -> v3: > ========= > 1. Separated out this kfence kunit test from the larger powerpc+kfence+v3 series. > 2. Dropped RFC tag > > [v2]: https://lore.kernel.org/linuxppc-dev/cover.1728954719.git.ritesh.list@gmail.com > [powerpc+kfence+v3]: https://lore.kernel.org/linuxppc-dev/cover.1729271995.git.ritesh.list@gmail.com > > mm/kfence/kfence_test.c | 17 +++++++++++++++++ > 1 file changed, 17 insertions(+) > > diff --git a/mm/kfence/kfence_test.c b/mm/kfence/kfence_test.c > index 00fd17285285..f65fb182466d 100644 > --- a/mm/kfence/kfence_test.c > +++ b/mm/kfence/kfence_test.c > @@ -383,6 +383,22 @@ static void test_use_after_free_read(struct kunit *test) > KUNIT_EXPECT_TRUE(test, report_matches(&expect)); > } > > +static void test_use_after_free_read_nofault(struct kunit *test) > +{ > + const size_t size = 32; > + char *addr; > + char dst; > + int ret; > + > + setup_test_cache(test, size, 0, NULL); > + addr = test_alloc(test, size, GFP_KERNEL, ALLOCATE_ANY); > + test_free(addr); > + /* Use after free with *_nofault() */ > + ret = copy_from_kernel_nofault(&dst, addr, 1); > + KUNIT_EXPECT_EQ(test, ret, -EFAULT); > + KUNIT_EXPECT_FALSE(test, report_available()); > +} > + > static void test_double_free(struct kunit *test) > { > const size_t size = 32; > @@ -780,6 +796,7 @@ static struct kunit_case kfence_test_cases[] = { > KFENCE_KUNIT_CASE(test_out_of_bounds_read), > KFENCE_KUNIT_CASE(test_out_of_bounds_write), > KFENCE_KUNIT_CASE(test_use_after_free_read), > + KFENCE_KUNIT_CASE(test_use_after_free_read_nofault), > KFENCE_KUNIT_CASE(test_double_free), > KFENCE_KUNIT_CASE(test_invalid_addr_free), > KFENCE_KUNIT_CASE(test_corruption), > -- > 2.46.0 >