From: Andrey Ryabinin <ryabinin.a.a@gmail.com>
To: Mark Rutland <mark.rutland@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
"linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>,
Arnd Bergmann <arnd@arndb.de>, Yury <yury.norov@gmail.com>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
Linus Walleij <linus.walleij@linaro.org>,
Mark Salter <msalter@redhat.com>,
Will Deacon <will.deacon@arm.com>,
LKML <linux-kernel@vger.kernel.org>,
Alexey Klimov <klimov.linux@gmail.com>,
Alexander Potapenko <glider@google.com>,
Dmitry Vyukov <dvyukov@google.com>,
Andrey Konovalov <andreyknvl@google.com>,
David Keitel <dkeitel@codeaurora.org>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
Matt Fleming <matt.fleming@intel.com>
Subject: Re: [PATCH v6 0/6] KASAN for arm64
Date: Fri, 9 Oct 2015 17:34:42 +0300 [thread overview]
Message-ID: <CAPAsAGzjNyMjFaFc4zzhjpRFi0=v7-HSAzDje7O195UGkAE8LA@mail.gmail.com> (raw)
In-Reply-To: <20151009124253.GA21629@leverpostej>
2015-10-09 15:42 GMT+03:00 Mark Rutland <mark.rutland@arm.com>:
> On Fri, Oct 09, 2015 at 01:18:09PM +0300, Andrey Ryabinin wrote:
>> 2015-10-09 12:48 GMT+03:00 Mark Rutland <mark.rutland@arm.com>:
>> > On Fri, Oct 09, 2015 at 12:32:18PM +0300, Andrey Ryabinin wrote:
>> > [...]
>> >
>> >> I thought the EFI stub isolation patches create a copy of mem*() functions in the stub,
>> >> but they are just create aliases with __efistub_ prefix.
>> >>
>> >> We only need to create some more aliases for KASAN.
>> >> The following patch on top of the EFI stub isolation series works for me.
>> >>
>> >>
>> >> Signed-off-by: Andrey Ryabinin <ryabinin.a.a@gmail.com>
>> >> ---
>> >> arch/arm64/kernel/image.h | 6 ++++++
>> >> 1 file changed, 6 insertions(+)
>> >>
>> >> diff --git a/arch/arm64/kernel/image.h b/arch/arm64/kernel/image.h
>> >> index e083af0..6eb8fee 100644
>> >> --- a/arch/arm64/kernel/image.h
>> >> +++ b/arch/arm64/kernel/image.h
>> >> @@ -80,6 +80,12 @@ __efistub_strcmp = __pi_strcmp;
>> >> __efistub_strncmp = __pi_strncmp;
>> >> __efistub___flush_dcache_area = __pi___flush_dcache_area;
>> >>
>> >> +#ifdef CONFIG_KASAN
>> >> +__efistub___memcpy = __pi_memcpy;
>> >> +__efistub___memmove = __pi_memmove;
>> >> +__efistub___memset = __pi_memset;
>> >> +#endif
>> >
>> > Ard's v4 stub isolation series has these aliases [1], as the stub
>> > requires these aliases regardless of KASAN in order to link.
>>
>> Stub isolation series has __efistub_memcpy, not __efistub___memcpy
>> (two additional '_').
>
> Ah, I see, sorry for my sloppy reading.
>
>> The thing is, KASAN provides own implementation of memcpy() which
>> checks memory before access.
>> The original 'memcpy()' becomes __memcpy(), so we could still use it.
>
> Ok.
>
>> In code that not instrumented by KASAN (like the EFI stub) we replace
>> KASAN's memcpy() with the original __mempcy():
>> #define memcpy() __memcpy()
>
> I'm a little confused by this. Surely that doesn't override implicit
> calls generated by the compiler, leaving us with a mixture of calls to
> memcpy and __memcpy?
>
> That doesn't matter for the stub, as both __efistub_mem* and
> __efistub___mem* would point at __pe_mem*, but doesn't that matter for
> other users that shouldn't be instrumented?
>
> Is that not a problem, or do we inhibit/override that somehow?
>
You are right, GCC could emit memcpy() call. It's just not a problem so far.
The amount of not instrumented code is fairly small (some low-level
x86 code, kasan internals and slub allocator).
The purpose of these defines is to not spread kasan-specific details
across unrelated code.
E.g. there are a lot of memcpy()/memset() calls in slub that used to
access object's redzone or
freed objects. So it simpler to redefine memset, rather then somehow
mangle that code.
>> So with CONFIG_KASAN=y the EFI stub uses __memcpy, thus we need to
>> create the __efistub___memcpy alias.
>
> Ok, that makes sense to me.
>
> Thanks,
> Mark.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
prev parent reply other threads:[~2015-10-09 14:34 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-09-17 9:38 Andrey Ryabinin
2015-09-17 9:38 ` [PATCH v6 1/6] arm64: introduce VA_START macro - the first kernel virtual address Andrey Ryabinin
2015-09-17 9:38 ` [PATCH v6 2/6] arm64: move PGD_SIZE definition to pgalloc.h Andrey Ryabinin
2015-09-17 9:38 ` [PATCH v6 3/6] x86, efi, kasan: #undef memset/memcpy/memmove per arch Andrey Ryabinin
2015-09-29 8:38 ` Ingo Molnar
2015-09-29 15:34 ` Andrey Ryabinin
2015-09-17 9:38 ` [PATCH v6 4/6] arm64: add KASAN support Andrey Ryabinin
2015-09-17 9:38 ` [PATCH v6 5/6] ARM64: kasan: print memory assignment Andrey Ryabinin
2015-09-17 9:38 ` [PATCH v6 6/6] Documentation/features/KASAN: arm64 supports KASAN now Andrey Ryabinin
2015-10-07 10:04 ` [PATCH v6 0/6] KASAN for arm64 Catalin Marinas
2015-10-08 10:36 ` Andrey Ryabinin
2015-10-08 11:06 ` Mark Rutland
2015-10-08 11:11 ` Mark Rutland
2015-10-08 11:23 ` Andrey Ryabinin
2015-10-08 12:09 ` Ard Biesheuvel
2015-10-08 15:11 ` Catalin Marinas
2015-10-08 16:01 ` Ard Biesheuvel
2015-10-08 16:07 ` Andrey Ryabinin
2015-10-09 9:32 ` Andrey Ryabinin
2015-10-09 9:48 ` Mark Rutland
2015-10-09 10:18 ` Andrey Ryabinin
2015-10-09 12:42 ` Mark Rutland
2015-10-09 14:34 ` Andrey Ryabinin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAPAsAGzjNyMjFaFc4zzhjpRFi0=v7-HSAzDje7O195UGkAE8LA@mail.gmail.com' \
--to=ryabinin.a.a@gmail.com \
--cc=andreyknvl@google.com \
--cc=ard.biesheuvel@linaro.org \
--cc=arnd@arndb.de \
--cc=catalin.marinas@arm.com \
--cc=dkeitel@codeaurora.org \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=klimov.linux@gmail.com \
--cc=linus.walleij@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mark.rutland@arm.com \
--cc=matt.fleming@intel.com \
--cc=msalter@redhat.com \
--cc=will.deacon@arm.com \
--cc=yury.norov@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox