From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id CDFEEC43334
	for <linux-mm@archiver.kernel.org>; Tue, 12 Jul 2022 14:17:51 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 622F7940091; Tue, 12 Jul 2022 10:17:51 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 5D268940063; Tue, 12 Jul 2022 10:17:51 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 49A63940091; Tue, 12 Jul 2022 10:17:51 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13])
	by kanga.kvack.org (Postfix) with ESMTP id 3B11F940063
	for <linux-mm@kvack.org>; Tue, 12 Jul 2022 10:17:51 -0400 (EDT)
Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay01.hostedemail.com (Postfix) with ESMTP id 12DEB60D43
	for <linux-mm@kvack.org>; Tue, 12 Jul 2022 14:17:51 +0000 (UTC)
X-FDA: 79678651542.07.2AE7907
Received: from mail-yw1-f176.google.com (mail-yw1-f176.google.com [209.85.128.176])
	by imf29.hostedemail.com (Postfix) with ESMTP id 9442012006B
	for <linux-mm@kvack.org>; Tue, 12 Jul 2022 14:17:50 +0000 (UTC)
Received: by mail-yw1-f176.google.com with SMTP id 00721157ae682-31caffa4a45so82543017b3.3
        for <linux-mm@kvack.org>; Tue, 12 Jul 2022 07:17:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=rAqtnQvHicJEwVtFwBWlT2ImbHkxNKwCydMf49aDhZw=;
        b=aiMgzeBmgUZ/65gwB7z3OTtsJK0m68bYi/4uF0m2lufr7mlmeVAZPQ0CgoETjNHwN9
         OR5ql/M5renBykTr5vdYLobTW0XAP/UTlosdoJx2ANZqwzs8BK3tQGb/yRGemqhOPTB5
         iK99Fjwli6AAsLPKMn8lRm5+/LpczLnXvRM5mdBg7X8PI1Rb0wb3vtXNmwxva/MoP8Y9
         f0pMS7Ab2OR6Rz5JjkDq0qesIKRAysU1yuWv5n+e039Y8V30n/O9aqVLUMKQNiHTpAvR
         iguPu8aE/PvAAvswibB+IxoRaR7YpLvASj0kcPA4lDVbjhZ/A8OlDVlXCq4Uy6Acnz0a
         GKhA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=rAqtnQvHicJEwVtFwBWlT2ImbHkxNKwCydMf49aDhZw=;
        b=2hiQRta0K6KM2aQfzncG7QBb3YaQb3ydKPvuOA/etYNk+xBzidaSqAmY53VEFSAxwz
         P2+At2CHb2mJhlfhxYJ4B7JZcUBde7dP42YEeZC8QacighMWU4/OFq2Gexf9TToE+QDp
         Vx2SMT+Mh5hm2XKONk5zcEHVmCemFWJlJYMOLdsEg01Uhvk0KadCz7FjMbDMqNhMD7FT
         /XsWLDuJ6Xkep86h+4cWVrRcaK8RZJd765KU6LwH1bK/epr+Zj7bNCgNyc0MfLLUcuhq
         2m+YfblkYOMHYMBszQCPkvJX9sKq7vw0NUJy4P2TLzQmrFz5WuNzR6gxQkjmaADngKFW
         lDrQ==
X-Gm-Message-State: AJIora/ECvIe9/1biclY3t18uauDQUH51GA34X2q9SHry+830FPWL5rL
	yFLJVsH3tpraCMXDt8fIrhL2XvttGsmr3OfhHSw6qw==
X-Google-Smtp-Source: AGRyM1tKjPPwFYnKg+0p6eGc1mlWK6G9zJMRPDOrTPORWMifQA9yBH9S1buboNSiyORVrmetN+LzTUSEuucVV4I4Qr8=
X-Received: by 2002:a81:98d:0:b0:31c:921c:9783 with SMTP id
 135-20020a81098d000000b0031c921c9783mr25429483ywj.316.1657635469677; Tue, 12
 Jul 2022 07:17:49 -0700 (PDT)
MIME-Version: 1.0
References: <20220701142310.2188015-1-glider@google.com> <20220701142310.2188015-8-glider@google.com>
In-Reply-To: <20220701142310.2188015-8-glider@google.com>
From: Marco Elver <elver@google.com>
Date: Tue, 12 Jul 2022 16:17:14 +0200
Message-ID: <CANpmjNPmp9J_2T8yw4oTBp_beywg_o=e-A3Y9nVvcHhTio4hDg@mail.gmail.com>
Subject: Re: [PATCH v4 07/45] kmsan: introduce __no_sanitize_memory and __no_kmsan_checks
To: Alexander Potapenko <glider@google.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>, Alexei Starovoitov <ast@kernel.org>, 
	Andrew Morton <akpm@linux-foundation.org>, Andrey Konovalov <andreyknvl@google.com>, 
	Andy Lutomirski <luto@kernel.org>, Arnd Bergmann <arnd@arndb.de>, Borislav Petkov <bp@alien8.de>, 
	Christoph Hellwig <hch@lst.de>, Christoph Lameter <cl@linux.com>, David Rientjes <rientjes@google.com>, 
	Dmitry Vyukov <dvyukov@google.com>, Eric Dumazet <edumazet@google.com>, 
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Herbert Xu <herbert@gondor.apana.org.au>, 
	Ilya Leoshkevich <iii@linux.ibm.com>, Ingo Molnar <mingo@redhat.com>, Jens Axboe <axboe@kernel.dk>, 
	Joonsoo Kim <iamjoonsoo.kim@lge.com>, Kees Cook <keescook@chromium.org>, 
	Mark Rutland <mark.rutland@arm.com>, Matthew Wilcox <willy@infradead.org>, 
	"Michael S. Tsirkin" <mst@redhat.com>, Pekka Enberg <penberg@kernel.org>, 
	Peter Zijlstra <peterz@infradead.org>, Petr Mladek <pmladek@suse.com>, 
	Steven Rostedt <rostedt@goodmis.org>, Thomas Gleixner <tglx@linutronix.de>, 
	Vasily Gorbik <gor@linux.ibm.com>, Vegard Nossum <vegard.nossum@oracle.com>, 
	Vlastimil Babka <vbabka@suse.cz>, kasan-dev@googlegroups.com, linux-mm@kvack.org, 
	linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
ARC-Authentication-Results: i=1;
	imf29.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=aiMgzeBm;
	spf=pass (imf29.hostedemail.com: domain of elver@google.com designates 209.85.128.176 as permitted sender) smtp.mailfrom=elver@google.com;
	dmarc=pass (policy=reject) header.from=google.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1657635470; a=rsa-sha256;
	cv=none;
	b=4ldqG6Tk8PTdQrfAhY6xQvItLtuTysspgp/0O+pcET2mnhRens5RHA9zRs0eyTBhbAQOIw
	snSUqCSkHGHY6NDPmCoqUpulv5u35QNjZ+zQNmEzVTDrXjJnw24D9j57ZVwWsuhdNCG78q
	wSqmHUViqE1D6UxOOe3bH2sZ/Z3MiJE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1657635470;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=rAqtnQvHicJEwVtFwBWlT2ImbHkxNKwCydMf49aDhZw=;
	b=nqQNUqD9TTRzrptx5gorpvqxNkD6aw9rPlpMKdsogQpDvUseV39/uF5pEfPbX7XYbq06J0
	e/ZwUVGCwCZa/RxB+BCWFjNYKUL0i+Cx3W4Jr3bCdSCCHZYLTKxeLuVlmIdNug5Dqxy8zf
	iNOAwgmwvQtKp4r7bLzoBTctk3LYxZE=
X-Rspamd-Queue-Id: 9442012006B
Authentication-Results: imf29.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=aiMgzeBm;
	spf=pass (imf29.hostedemail.com: domain of elver@google.com designates 209.85.128.176 as permitted sender) smtp.mailfrom=elver@google.com;
	dmarc=pass (policy=reject) header.from=google.com
X-Rspam-User: 
X-Rspamd-Server: rspam11
X-Stat-Signature: o4t9winnk3xwffffxm788d5r1dt3wfd5
X-HE-Tag: 1657635470-639849
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Fri, 1 Jul 2022 at 16:23, Alexander Potapenko <glider@google.com> wrote:
>
> __no_sanitize_memory is a function attribute that instructs KMSAN to
> skip a function during instrumentation. This is needed to e.g. implement
> the noinstr functions.
>
> __no_kmsan_checks is a function attribute that makes KMSAN
> ignore the uninitialized values coming from the function's
> inputs, and initialize the function's outputs.
>
> Functions marked with this attribute can't be inlined into functions
> not marked with it, and vice versa. This behavior is overridden by
> __always_inline.
>
> __SANITIZE_MEMORY__ is a macro that's defined iff the file is
> instrumented with KMSAN. This is not the same as CONFIG_KMSAN, which is
> defined for every file.
>
> Signed-off-by: Alexander Potapenko <glider@google.com>

Reviewed-by: Marco Elver <elver@google.com>



> ---
> Link: https://linux-review.googlesource.com/id/I004ff0360c918d3cd8b18767ddd1381c6d3281be
> ---
>  include/linux/compiler-clang.h | 23 +++++++++++++++++++++++
>  include/linux/compiler-gcc.h   |  6 ++++++
>  2 files changed, 29 insertions(+)
>
> diff --git a/include/linux/compiler-clang.h b/include/linux/compiler-clang.h
> index c84fec767445d..4fa0cc4cbd2c8 100644
> --- a/include/linux/compiler-clang.h
> +++ b/include/linux/compiler-clang.h
> @@ -51,6 +51,29 @@
>  #define __no_sanitize_undefined
>  #endif
>
> +#if __has_feature(memory_sanitizer)
> +#define __SANITIZE_MEMORY__
> +/*
> + * Unlike other sanitizers, KMSAN still inserts code into functions marked with
> + * no_sanitize("kernel-memory"). Using disable_sanitizer_instrumentation
> + * provides the behavior consistent with other __no_sanitize_ attributes,
> + * guaranteeing that __no_sanitize_memory functions remain uninstrumented.
> + */
> +#define __no_sanitize_memory __disable_sanitizer_instrumentation
> +
> +/*
> + * The __no_kmsan_checks attribute ensures that a function does not produce
> + * false positive reports by:
> + *  - initializing all local variables and memory stores in this function;
> + *  - skipping all shadow checks;
> + *  - passing initialized arguments to this function's callees.
> + */
> +#define __no_kmsan_checks __attribute__((no_sanitize("kernel-memory")))
> +#else
> +#define __no_sanitize_memory
> +#define __no_kmsan_checks
> +#endif
> +
>  /*
>   * Support for __has_feature(coverage_sanitizer) was added in Clang 13 together
>   * with no_sanitize("coverage"). Prior versions of Clang support coverage
> diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h
> index a0c55eeaeaf16..63eb90eddad77 100644
> --- a/include/linux/compiler-gcc.h
> +++ b/include/linux/compiler-gcc.h
> @@ -125,6 +125,12 @@
>  #define __SANITIZE_ADDRESS__
>  #endif
>
> +/*
> + * GCC does not support KMSAN.
> + */
> +#define __no_sanitize_memory
> +#define __no_kmsan_checks
> +
>  /*
>   * Turn individual warnings and errors on and off locally, depending
>   * on version.
> --
> 2.37.0.rc0.161.g10f37bed90-goog
>