From: Catalin Marinas <catalin.marinas@arm.com>
To: Lecopzer Chen <lecopzer.chen@mediatek.com>
Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org,
kasan-dev@googlegroups.com, linux-arm-kernel@lists.infradead.org,
will@kernel.org, dan.j.williams@intel.com,
aryabinin@virtuozzo.com, glider@google.com, dvyukov@google.com,
akpm@linux-foundation.org, linux-mediatek@lists.infradead.org,
yj.chiang@mediatek.com, ardb@kernel.org, andreyknvl@google.com,
broonie@kernel.org, linux@roeck-us.net, rppt@kernel.org,
tyhicks@linux.microsoft.com, robin.murphy@arm.com,
vincenzo.frascino@arm.com, gustavoars@kernel.org,
lecopzer@gmail.com
Subject: Re: [PATCH v3 1/5] arm64: kasan: don't populate vmalloc area for CONFIG_KASAN_VMALLOC
Date: Fri, 19 Mar 2021 17:37:58 +0000 [thread overview]
Message-ID: <20210319173758.GC6832@arm.com> (raw)
In-Reply-To: <20210206083552.24394-2-lecopzer.chen@mediatek.com>
On Sat, Feb 06, 2021 at 04:35:48PM +0800, Lecopzer Chen wrote:
> Linux support KAsan for VMALLOC since commit 3c5c3cfb9ef4da9
> ("kasan: support backing vmalloc space with real shadow memory")
>
> Like how the MODULES_VADDR does now, just not to early populate
> the VMALLOC_START between VMALLOC_END.
>
> Before:
>
> MODULE_VADDR: no mapping, no zoreo shadow at init
> VMALLOC_VADDR: backed with zero shadow at init
>
> After:
>
> MODULE_VADDR: no mapping, no zoreo shadow at init
> VMALLOC_VADDR: no mapping, no zoreo shadow at init
s/zoreo/zero/
> Thus the mapping will get allocated on demand by the core function
> of KASAN_VMALLOC.
>
> ----------- vmalloc_shadow_start
> | |
> | |
> | | <= non-mapping
> | |
> | |
> |-----------|
> |///////////|<- kimage shadow with page table mapping.
> |-----------|
> | |
> | | <= non-mapping
> | |
> ------------- vmalloc_shadow_end
> |00000000000|
> |00000000000| <= Zero shadow
> |00000000000|
> ------------- KASAN_SHADOW_END
>
> Signed-off-by: Lecopzer Chen <lecopzer.chen@mediatek.com>
> ---
> arch/arm64/mm/kasan_init.c | 18 +++++++++++++-----
> 1 file changed, 13 insertions(+), 5 deletions(-)
>
> diff --git a/arch/arm64/mm/kasan_init.c b/arch/arm64/mm/kasan_init.c
> index d8e66c78440e..20d06008785f 100644
> --- a/arch/arm64/mm/kasan_init.c
> +++ b/arch/arm64/mm/kasan_init.c
> @@ -214,6 +214,7 @@ static void __init kasan_init_shadow(void)
> {
> u64 kimg_shadow_start, kimg_shadow_end;
> u64 mod_shadow_start, mod_shadow_end;
> + u64 vmalloc_shadow_end;
> phys_addr_t pa_start, pa_end;
> u64 i;
>
> @@ -223,6 +224,8 @@ static void __init kasan_init_shadow(void)
> mod_shadow_start = (u64)kasan_mem_to_shadow((void *)MODULES_VADDR);
> mod_shadow_end = (u64)kasan_mem_to_shadow((void *)MODULES_END);
>
> + vmalloc_shadow_end = (u64)kasan_mem_to_shadow((void *)VMALLOC_END);
> +
> /*
> * We are going to perform proper setup of shadow memory.
> * At first we should unmap early shadow (clear_pgds() call below).
> @@ -241,12 +244,17 @@ static void __init kasan_init_shadow(void)
>
> kasan_populate_early_shadow(kasan_mem_to_shadow((void *)PAGE_END),
> (void *)mod_shadow_start);
> - kasan_populate_early_shadow((void *)kimg_shadow_end,
> - (void *)KASAN_SHADOW_END);
>
> - if (kimg_shadow_start > mod_shadow_end)
> - kasan_populate_early_shadow((void *)mod_shadow_end,
> - (void *)kimg_shadow_start);
Not something introduced by this patch but what happens if this
condition is false? It means that kimg_shadow_end < mod_shadow_start and
the above kasan_populate_early_shadow(PAGE_END, mod_shadow_start)
overlaps with the earlier kasan_map_populate(kimg_shadow_start,
kimg_shadow_end).
> + if (IS_ENABLED(CONFIG_KASAN_VMALLOC))
> + kasan_populate_early_shadow((void *)vmalloc_shadow_end,
> + (void *)KASAN_SHADOW_END);
> + else {
> + kasan_populate_early_shadow((void *)kimg_shadow_end,
> + (void *)KASAN_SHADOW_END);
> + if (kimg_shadow_start > mod_shadow_end)
> + kasan_populate_early_shadow((void *)mod_shadow_end,
> + (void *)kimg_shadow_start);
> + }
>
> for_each_mem_range(i, &pa_start, &pa_end) {
> void *start = (void *)__phys_to_virt(pa_start);
> --
> 2.25.1
>
--
Catalin
_______________________________________________
Linux-mediatek mailing list
Linux-mediatek@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-mediatek
WARNING: multiple messages have this Message-ID (diff)
From: Catalin Marinas <catalin.marinas@arm.com>
To: Lecopzer Chen <lecopzer.chen@mediatek.com>
Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org,
kasan-dev@googlegroups.com, linux-arm-kernel@lists.infradead.org,
will@kernel.org, dan.j.williams@intel.com,
aryabinin@virtuozzo.com, glider@google.com, dvyukov@google.com,
akpm@linux-foundation.org, linux-mediatek@lists.infradead.org,
yj.chiang@mediatek.com, ardb@kernel.org, andreyknvl@google.com,
broonie@kernel.org, linux@roeck-us.net, rppt@kernel.org,
tyhicks@linux.microsoft.com, robin.murphy@arm.com,
vincenzo.frascino@arm.com, gustavoars@kernel.org,
lecopzer@gmail.com
Subject: Re: [PATCH v3 1/5] arm64: kasan: don't populate vmalloc area for CONFIG_KASAN_VMALLOC
Date: Fri, 19 Mar 2021 17:37:58 +0000 [thread overview]
Message-ID: <20210319173758.GC6832@arm.com> (raw)
In-Reply-To: <20210206083552.24394-2-lecopzer.chen@mediatek.com>
On Sat, Feb 06, 2021 at 04:35:48PM +0800, Lecopzer Chen wrote:
> Linux support KAsan for VMALLOC since commit 3c5c3cfb9ef4da9
> ("kasan: support backing vmalloc space with real shadow memory")
>
> Like how the MODULES_VADDR does now, just not to early populate
> the VMALLOC_START between VMALLOC_END.
>
> Before:
>
> MODULE_VADDR: no mapping, no zoreo shadow at init
> VMALLOC_VADDR: backed with zero shadow at init
>
> After:
>
> MODULE_VADDR: no mapping, no zoreo shadow at init
> VMALLOC_VADDR: no mapping, no zoreo shadow at init
s/zoreo/zero/
> Thus the mapping will get allocated on demand by the core function
> of KASAN_VMALLOC.
>
> ----------- vmalloc_shadow_start
> | |
> | |
> | | <= non-mapping
> | |
> | |
> |-----------|
> |///////////|<- kimage shadow with page table mapping.
> |-----------|
> | |
> | | <= non-mapping
> | |
> ------------- vmalloc_shadow_end
> |00000000000|
> |00000000000| <= Zero shadow
> |00000000000|
> ------------- KASAN_SHADOW_END
>
> Signed-off-by: Lecopzer Chen <lecopzer.chen@mediatek.com>
> ---
> arch/arm64/mm/kasan_init.c | 18 +++++++++++++-----
> 1 file changed, 13 insertions(+), 5 deletions(-)
>
> diff --git a/arch/arm64/mm/kasan_init.c b/arch/arm64/mm/kasan_init.c
> index d8e66c78440e..20d06008785f 100644
> --- a/arch/arm64/mm/kasan_init.c
> +++ b/arch/arm64/mm/kasan_init.c
> @@ -214,6 +214,7 @@ static void __init kasan_init_shadow(void)
> {
> u64 kimg_shadow_start, kimg_shadow_end;
> u64 mod_shadow_start, mod_shadow_end;
> + u64 vmalloc_shadow_end;
> phys_addr_t pa_start, pa_end;
> u64 i;
>
> @@ -223,6 +224,8 @@ static void __init kasan_init_shadow(void)
> mod_shadow_start = (u64)kasan_mem_to_shadow((void *)MODULES_VADDR);
> mod_shadow_end = (u64)kasan_mem_to_shadow((void *)MODULES_END);
>
> + vmalloc_shadow_end = (u64)kasan_mem_to_shadow((void *)VMALLOC_END);
> +
> /*
> * We are going to perform proper setup of shadow memory.
> * At first we should unmap early shadow (clear_pgds() call below).
> @@ -241,12 +244,17 @@ static void __init kasan_init_shadow(void)
>
> kasan_populate_early_shadow(kasan_mem_to_shadow((void *)PAGE_END),
> (void *)mod_shadow_start);
> - kasan_populate_early_shadow((void *)kimg_shadow_end,
> - (void *)KASAN_SHADOW_END);
>
> - if (kimg_shadow_start > mod_shadow_end)
> - kasan_populate_early_shadow((void *)mod_shadow_end,
> - (void *)kimg_shadow_start);
Not something introduced by this patch but what happens if this
condition is false? It means that kimg_shadow_end < mod_shadow_start and
the above kasan_populate_early_shadow(PAGE_END, mod_shadow_start)
overlaps with the earlier kasan_map_populate(kimg_shadow_start,
kimg_shadow_end).
> + if (IS_ENABLED(CONFIG_KASAN_VMALLOC))
> + kasan_populate_early_shadow((void *)vmalloc_shadow_end,
> + (void *)KASAN_SHADOW_END);
> + else {
> + kasan_populate_early_shadow((void *)kimg_shadow_end,
> + (void *)KASAN_SHADOW_END);
> + if (kimg_shadow_start > mod_shadow_end)
> + kasan_populate_early_shadow((void *)mod_shadow_end,
> + (void *)kimg_shadow_start);
> + }
>
> for_each_mem_range(i, &pa_start, &pa_end) {
> void *start = (void *)__phys_to_virt(pa_start);
> --
> 2.25.1
>
--
Catalin
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
WARNING: multiple messages have this Message-ID (diff)
From: Catalin Marinas <catalin.marinas@arm.com>
To: Lecopzer Chen <lecopzer.chen@mediatek.com>
Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org,
kasan-dev@googlegroups.com, linux-arm-kernel@lists.infradead.org,
will@kernel.org, dan.j.williams@intel.com,
aryabinin@virtuozzo.com, glider@google.com, dvyukov@google.com,
akpm@linux-foundation.org, linux-mediatek@lists.infradead.org,
yj.chiang@mediatek.com, ardb@kernel.org, andreyknvl@google.com,
broonie@kernel.org, linux@roeck-us.net, rppt@kernel.org,
tyhicks@linux.microsoft.com, robin.murphy@arm.com,
vincenzo.frascino@arm.com, gustavoars@kernel.org,
lecopzer@gmail.com
Subject: Re: [PATCH v3 1/5] arm64: kasan: don't populate vmalloc area for CONFIG_KASAN_VMALLOC
Date: Fri, 19 Mar 2021 17:37:58 +0000 [thread overview]
Message-ID: <20210319173758.GC6832@arm.com> (raw)
In-Reply-To: <20210206083552.24394-2-lecopzer.chen@mediatek.com>
On Sat, Feb 06, 2021 at 04:35:48PM +0800, Lecopzer Chen wrote:
> Linux support KAsan for VMALLOC since commit 3c5c3cfb9ef4da9
> ("kasan: support backing vmalloc space with real shadow memory")
>
> Like how the MODULES_VADDR does now, just not to early populate
> the VMALLOC_START between VMALLOC_END.
>
> Before:
>
> MODULE_VADDR: no mapping, no zoreo shadow at init
> VMALLOC_VADDR: backed with zero shadow at init
>
> After:
>
> MODULE_VADDR: no mapping, no zoreo shadow at init
> VMALLOC_VADDR: no mapping, no zoreo shadow at init
s/zoreo/zero/
> Thus the mapping will get allocated on demand by the core function
> of KASAN_VMALLOC.
>
> ----------- vmalloc_shadow_start
> | |
> | |
> | | <= non-mapping
> | |
> | |
> |-----------|
> |///////////|<- kimage shadow with page table mapping.
> |-----------|
> | |
> | | <= non-mapping
> | |
> ------------- vmalloc_shadow_end
> |00000000000|
> |00000000000| <= Zero shadow
> |00000000000|
> ------------- KASAN_SHADOW_END
>
> Signed-off-by: Lecopzer Chen <lecopzer.chen@mediatek.com>
> ---
> arch/arm64/mm/kasan_init.c | 18 +++++++++++++-----
> 1 file changed, 13 insertions(+), 5 deletions(-)
>
> diff --git a/arch/arm64/mm/kasan_init.c b/arch/arm64/mm/kasan_init.c
> index d8e66c78440e..20d06008785f 100644
> --- a/arch/arm64/mm/kasan_init.c
> +++ b/arch/arm64/mm/kasan_init.c
> @@ -214,6 +214,7 @@ static void __init kasan_init_shadow(void)
> {
> u64 kimg_shadow_start, kimg_shadow_end;
> u64 mod_shadow_start, mod_shadow_end;
> + u64 vmalloc_shadow_end;
> phys_addr_t pa_start, pa_end;
> u64 i;
>
> @@ -223,6 +224,8 @@ static void __init kasan_init_shadow(void)
> mod_shadow_start = (u64)kasan_mem_to_shadow((void *)MODULES_VADDR);
> mod_shadow_end = (u64)kasan_mem_to_shadow((void *)MODULES_END);
>
> + vmalloc_shadow_end = (u64)kasan_mem_to_shadow((void *)VMALLOC_END);
> +
> /*
> * We are going to perform proper setup of shadow memory.
> * At first we should unmap early shadow (clear_pgds() call below).
> @@ -241,12 +244,17 @@ static void __init kasan_init_shadow(void)
>
> kasan_populate_early_shadow(kasan_mem_to_shadow((void *)PAGE_END),
> (void *)mod_shadow_start);
> - kasan_populate_early_shadow((void *)kimg_shadow_end,
> - (void *)KASAN_SHADOW_END);
>
> - if (kimg_shadow_start > mod_shadow_end)
> - kasan_populate_early_shadow((void *)mod_shadow_end,
> - (void *)kimg_shadow_start);
Not something introduced by this patch but what happens if this
condition is false? It means that kimg_shadow_end < mod_shadow_start and
the above kasan_populate_early_shadow(PAGE_END, mod_shadow_start)
overlaps with the earlier kasan_map_populate(kimg_shadow_start,
kimg_shadow_end).
> + if (IS_ENABLED(CONFIG_KASAN_VMALLOC))
> + kasan_populate_early_shadow((void *)vmalloc_shadow_end,
> + (void *)KASAN_SHADOW_END);
> + else {
> + kasan_populate_early_shadow((void *)kimg_shadow_end,
> + (void *)KASAN_SHADOW_END);
> + if (kimg_shadow_start > mod_shadow_end)
> + kasan_populate_early_shadow((void *)mod_shadow_end,
> + (void *)kimg_shadow_start);
> + }
>
> for_each_mem_range(i, &pa_start, &pa_end) {
> void *start = (void *)__phys_to_virt(pa_start);
> --
> 2.25.1
>
--
Catalin
next prev parent reply other threads:[~2021-03-19 17:38 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-06 8:35 [PATCH v3 0/5] arm64: kasan: support CONFIG_KASAN_VMALLOC Lecopzer Chen
2021-02-06 8:35 ` Lecopzer Chen
2021-02-06 8:35 ` Lecopzer Chen
2021-02-06 8:35 ` [PATCH v3 1/5] arm64: kasan: don't populate vmalloc area for CONFIG_KASAN_VMALLOC Lecopzer Chen
2021-02-06 8:35 ` Lecopzer Chen
2021-02-06 8:35 ` Lecopzer Chen
2021-03-19 17:37 ` Catalin Marinas [this message]
2021-03-19 17:37 ` Catalin Marinas
2021-03-19 17:37 ` Catalin Marinas
2021-03-20 13:01 ` Lecopzer Chen
2021-03-20 13:01 ` Lecopzer Chen
2021-03-20 13:01 ` Lecopzer Chen
2021-02-06 8:35 ` [PATCH v3 2/5] arm64: kasan: abstract _text and _end to KERNEL_START/END Lecopzer Chen
2021-02-06 8:35 ` Lecopzer Chen
2021-02-06 8:35 ` Lecopzer Chen
2021-02-06 8:35 ` [PATCH v3 3/5] arm64: Kconfig: support CONFIG_KASAN_VMALLOC Lecopzer Chen
2021-02-06 8:35 ` Lecopzer Chen
2021-02-06 8:35 ` Lecopzer Chen
2021-02-06 8:35 ` [PATCH v3 4/5] arm64: kaslr: support randomized module area with KASAN_VMALLOC Lecopzer Chen
2021-02-06 8:35 ` Lecopzer Chen
2021-02-06 8:35 ` Lecopzer Chen
2021-02-06 8:35 ` [PATCH v3 5/5] arm64: Kconfig: select KASAN_VMALLOC if KANSAN_GENERIC is enabled Lecopzer Chen
2021-02-06 8:35 ` Lecopzer Chen
2021-02-06 8:35 ` Lecopzer Chen
2021-03-19 17:41 ` [PATCH v3 0/5] arm64: kasan: support CONFIG_KASAN_VMALLOC Catalin Marinas
2021-03-19 17:41 ` Catalin Marinas
2021-03-19 17:41 ` Catalin Marinas
2021-03-20 10:58 ` Lecopzer Chen
2021-03-20 10:58 ` Lecopzer Chen
2021-03-20 10:58 ` Lecopzer Chen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210319173758.GC6832@arm.com \
--to=catalin.marinas@arm.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@google.com \
--cc=ardb@kernel.org \
--cc=aryabinin@virtuozzo.com \
--cc=broonie@kernel.org \
--cc=dan.j.williams@intel.com \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=gustavoars@kernel.org \
--cc=kasan-dev@googlegroups.com \
--cc=lecopzer.chen@mediatek.com \
--cc=lecopzer@gmail.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mediatek@lists.infradead.org \
--cc=linux-mm@kvack.org \
--cc=linux@roeck-us.net \
--cc=robin.murphy@arm.com \
--cc=rppt@kernel.org \
--cc=tyhicks@linux.microsoft.com \
--cc=vincenzo.frascino@arm.com \
--cc=will@kernel.org \
--cc=yj.chiang@mediatek.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.