From: Dave Hansen <dave.hansen@intel.com>
To: Maciej Wieczor-Retman <maciej.wieczor-retman@intel.com>,
hpa@zytor.com, hch@infradead.org,
nick.desaulniers+lkml@gmail.com, kuan-ying.lee@canonical.com,
masahiroy@kernel.org, samuel.holland@sifive.com,
mingo@redhat.com, corbet@lwn.net, ryabinin.a.a@gmail.com,
guoweikang.kernel@gmail.com, jpoimboe@kernel.org,
ardb@kernel.org, vincenzo.frascino@arm.com, glider@google.com,
kirill.shutemov@linux.intel.com, apopple@nvidia.com,
samitolvanen@google.com, kaleshsingh@google.com, jgross@suse.com,
andreyknvl@gmail.com, scott@os.amperecomputing.com,
tony.luck@intel.com, dvyukov@google.com,
pasha.tatashin@soleen.com, ziy@nvidia.com, broonie@kernel.org,
gatlin.newhouse@gmail.com, jackmanb@google.com,
wangkefeng.wang@huawei.com, thiago.bauermann@linaro.org,
tglx@linutronix.de, kees@kernel.org, akpm@linux-foundation.org,
jason.andryuk@amd.com, snovitoll@gmail.com, xin@zytor.com,
jan.kiszka@siemens.com, bp@alien8.de, rppt@kernel.org,
peterz@infradead.org, pankaj.gupta@amd.com, thuth@redhat.com,
andriy.shevchenko@linux.intel.com, joel.granados@kernel.org,
kbingham@kernel.org, nicolas@fjasle.eu, mark.rutland@arm.com,
surenb@google.com, catalin.marinas@arm.com, morbo@google.com,
justinstitt@google.com, ubizjak@gmail.com, jhubbard@nvidia.com,
urezki@gmail.com, dave.hansen@linux.intel.com, bhe@redhat.com,
luto@kernel.org, baohua@kernel.org, nathan@kernel.org,
will@kernel.org, brgerst@gmail.com
Cc: llvm@lists.linux.dev, linux-mm@kvack.org,
linux-doc@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
linux-kbuild@vger.kernel.org, linux-kernel@vger.kernel.org,
kasan-dev@googlegroups.com, x86@kernel.org
Subject: Re: [PATCH v3 13/14] mm: Unpoison pcpu chunks with base address tag
Date: Fri, 4 Apr 2025 11:08:12 -0700 [thread overview]
Message-ID: <fb0d5f33-4636-4de0-82f4-93a9def63a26@intel.com> (raw)
In-Reply-To: <61033ef5b70277039ceeb8f6173e8b3fbc271c08.1743772053.git.maciej.wieczor-retman@intel.com>
On 4/4/25 06:14, Maciej Wieczor-Retman wrote:
> The problem presented here is related to NUMA systems and tag-based
> KASAN mode. Getting to it can be explained in the following points:
>
> 1. A new chunk is created with pcpu_create_chunk() and
> vm_structs are allocated. On systems with one NUMA node only
> one is allocated, but with more NUMA nodes at least a second
> one will be allocated too.
>
> 2. chunk->base_addr is assigned the modified value of
> vms[0]->addr and thus inherits the tag of this allocated
> structure.
>
> 3. In pcpu_alloc() for each possible cpu pcpu_chunk_addr() is
> executed which calculates per cpu pointers that correspond to
> the vms structure addresses. The calculations are based on
> adding an offset from a table to chunk->base_addr.
>
> Here the problem presents itself since for addresses based on vms[1] and
> up, the tag will be different than the ones based on vms[0] (base_addr).
> The tag mismatch happens and an error is reported.
>
> Unpoison all the vms[]->addr with the same tag to resolve the mismatch.
I think there's a bit too much superfluous information in there. For
instance, it's not important to talk about how or why there can be more
than one chunk, just say there _can_ be more than one.
1. There can be more than one chunk
2. The chunks are virtually contiguous
3. Since they are virtually contiguous, the chunks are all
addressed from a single base address
4. The base address has a tag
5. The base address points at the first chunk and thus inherits
the tag of the first chunk
6. The subsequent chunks will be accessed with the tag from the
first chunk
7. Thus, the subsequent chunks need to have their tag set to
match that of the first chunk.
Right?
> diff --git a/include/linux/kasan.h b/include/linux/kasan.h
> index 54481f8c30c5..bd033b2ba383 100644
> --- a/include/linux/kasan.h
> +++ b/include/linux/kasan.h
> @@ -613,6 +613,13 @@ static __always_inline void kasan_poison_vmalloc(const void *start,
> __kasan_poison_vmalloc(start, size);
> }
>
> +void __kasan_unpoison_vmap_areas(struct vm_struct **vms, int nr_vms);
> +static __always_inline void kasan_unpoison_vmap_areas(struct vm_struct **vms, int nr_vms)
> +{
> + if (kasan_enabled())
> + __kasan_unpoison_vmap_areas(vms, nr_vms);
> +}
> +
> #else /* CONFIG_KASAN_VMALLOC */
>
> static inline void kasan_populate_early_vm_area_shadow(void *start,
> @@ -637,6 +644,9 @@ static inline void *kasan_unpoison_vmalloc(const void *start,
> static inline void kasan_poison_vmalloc(const void *start, unsigned long size)
> { }
>
> +static inline void kasan_unpoison_vmap_areas(struct vm_struct **vms, int nr_vms)
> +{ }
> +
> #endif /* CONFIG_KASAN_VMALLOC */
>
> #if (defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)) && \
> diff --git a/mm/kasan/shadow.c b/mm/kasan/shadow.c
> index 88d1c9dcb507..9496f256bc0f 100644
> --- a/mm/kasan/shadow.c
> +++ b/mm/kasan/shadow.c
> @@ -582,6 +582,17 @@ void __kasan_poison_vmalloc(const void *start, unsigned long size)
> kasan_poison(start, size, KASAN_VMALLOC_INVALID, false);
> }
>
> +void __kasan_unpoison_vmap_areas(struct vm_struct **vms, int nr_vms)
> +{
> + int area;
> +
> + for (area = 0 ; area < nr_vms ; area++) {
> + kasan_poison(vms[area]->addr, vms[area]->size,
> + arch_kasan_get_tag(vms[0]->addr), false);
> + arch_kasan_set_tag(vms[area]->addr, arch_kasan_get_tag(vms[0]->addr));
> + }
> +}
-ENOCOMMENTS
> #else /* CONFIG_KASAN_VMALLOC */
>
> int kasan_alloc_module_shadow(void *addr, size_t size, gfp_t gfp_mask)
> diff --git a/mm/vmalloc.c b/mm/vmalloc.c
> index 61981ee1c9d2..fbd56bf8aeb2 100644
> --- a/mm/vmalloc.c
> +++ b/mm/vmalloc.c
> @@ -4783,8 +4783,7 @@ struct vm_struct **pcpu_get_vm_areas(const unsigned long *offsets,
> * non-VM_ALLOC mappings, see __kasan_unpoison_vmalloc().
> */
> for (area = 0; area < nr_vms; area++)
> - vms[area]->addr = kasan_unpoison_vmalloc(vms[area]->addr,
> - vms[area]->size, KASAN_VMALLOC_PROT_NORMAL);
> + kasan_unpoison_vmap_areas(vms, nr_vms);
>
> kfree(vas);
> return vms;
So, the right way to do this is refactor, first, then add your changes
after. This really wants to be two patches.
next prev parent reply other threads:[~2025-04-04 18:08 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-04 13:14 [PATCH v3 00/14] kasan: x86: arm64: KASAN tag-based mode for x86 Maciej Wieczor-Retman
2025-04-04 13:14 ` [PATCH v3 01/14] kasan: sw_tags: Use arithmetic shift for shadow computation Maciej Wieczor-Retman
2025-04-04 13:14 ` [PATCH v3 02/14] kasan: sw_tags: Support tag widths less than 8 bits Maciej Wieczor-Retman
2025-04-04 13:14 ` [PATCH v3 03/14] x86: Add arch specific kasan functions Maciej Wieczor-Retman
2025-04-04 16:06 ` Dave Hansen
2025-04-09 7:16 ` Maciej Wieczor-Retman
2025-04-04 13:14 ` [PATCH v3 04/14] kasan: arm64: x86: Make special tags arch specific Maciej Wieczor-Retman
2025-04-04 13:14 ` [PATCH v3 05/14] x86: Reset tag for virtual to physical address conversions Maciej Wieczor-Retman
2025-04-04 16:42 ` Dave Hansen
2025-04-09 7:36 ` Maciej Wieczor-Retman
2025-04-04 13:14 ` [PATCH v3 06/14] x86: Physical address comparisons in fill_p*d/pte Maciej Wieczor-Retman
2025-04-04 16:56 ` Dave Hansen
2025-04-09 7:49 ` Maciej Wieczor-Retman
2025-04-04 13:14 ` [PATCH v3 07/14] x86: KASAN raw shadow memory PTE init Maciej Wieczor-Retman
2025-04-04 13:14 ` [PATCH v3 08/14] x86: LAM initialization Maciej Wieczor-Retman
2025-04-04 13:14 ` [PATCH v3 09/14] x86: Minimal SLAB alignment Maciej Wieczor-Retman
2025-04-04 16:59 ` Dave Hansen
2025-04-09 12:49 ` Maciej Wieczor-Retman
2025-04-09 15:24 ` Dave Hansen
2025-04-04 13:14 ` [PATCH v3 10/14] x86: Update the KASAN non-canonical hook Maciej Wieczor-Retman
2025-04-04 17:37 ` Dave Hansen
2025-04-09 14:34 ` Maciej Wieczor-Retman
2025-04-09 18:29 ` Dave Hansen
2025-04-04 13:14 ` [PATCH v3 11/14] x86: Handle int3 for inline KASAN reports Maciej Wieczor-Retman
2025-04-04 17:55 ` Dave Hansen
2025-04-09 14:48 ` Maciej Wieczor-Retman
2025-04-04 13:14 ` [PATCH v3 12/14] kasan: Fix inline mode for x86 tag-based mode Maciej Wieczor-Retman
2025-04-04 13:14 ` [PATCH v3 13/14] mm: Unpoison pcpu chunks with base address tag Maciej Wieczor-Retman
2025-04-04 18:08 ` Dave Hansen [this message]
2025-04-09 16:32 ` Maciej Wieczor-Retman
2025-04-09 17:12 ` Dave Hansen
2025-04-04 13:14 ` [PATCH v3 14/14] x86: Make software tag-based kasan available Maciej Wieczor-Retman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=fb0d5f33-4636-4de0-82f4-93a9def63a26@intel.com \
--to=dave.hansen@intel.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@gmail.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=apopple@nvidia.com \
--cc=ardb@kernel.org \
--cc=baohua@kernel.org \
--cc=bhe@redhat.com \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=dvyukov@google.com \
--cc=gatlin.newhouse@gmail.com \
--cc=glider@google.com \
--cc=guoweikang.kernel@gmail.com \
--cc=hch@infradead.org \
--cc=hpa@zytor.com \
--cc=jackmanb@google.com \
--cc=jan.kiszka@siemens.com \
--cc=jason.andryuk@amd.com \
--cc=jgross@suse.com \
--cc=jhubbard@nvidia.com \
--cc=joel.granados@kernel.org \
--cc=jpoimboe@kernel.org \
--cc=justinstitt@google.com \
--cc=kaleshsingh@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=kbingham@kernel.org \
--cc=kees@kernel.org \
--cc=kirill.shutemov@linux.intel.com \
--cc=kuan-ying.lee@canonical.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=llvm@lists.linux.dev \
--cc=luto@kernel.org \
--cc=maciej.wieczor-retman@intel.com \
--cc=mark.rutland@arm.com \
--cc=masahiroy@kernel.org \
--cc=mingo@redhat.com \
--cc=morbo@google.com \
--cc=nathan@kernel.org \
--cc=nick.desaulniers+lkml@gmail.com \
--cc=nicolas@fjasle.eu \
--cc=pankaj.gupta@amd.com \
--cc=pasha.tatashin@soleen.com \
--cc=peterz@infradead.org \
--cc=rppt@kernel.org \
--cc=ryabinin.a.a@gmail.com \
--cc=samitolvanen@google.com \
--cc=samuel.holland@sifive.com \
--cc=scott@os.amperecomputing.com \
--cc=snovitoll@gmail.com \
--cc=surenb@google.com \
--cc=tglx@linutronix.de \
--cc=thiago.bauermann@linaro.org \
--cc=thuth@redhat.com \
--cc=tony.luck@intel.com \
--cc=ubizjak@gmail.com \
--cc=urezki@gmail.com \
--cc=vincenzo.frascino@arm.com \
--cc=wangkefeng.wang@huawei.com \
--cc=will@kernel.org \
--cc=x86@kernel.org \
--cc=xin@zytor.com \
--cc=ziy@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox