From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752101AbbJFHih (ORCPT ); Tue, 6 Oct 2015 03:38:37 -0400 Received: from mx2.parallels.com ([199.115.105.18]:39851 "EHLO mx2.parallels.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751579AbbJFHif (ORCPT ); Tue, 6 Oct 2015 03:38:35 -0400 Subject: Re: [PATCH] x86/process: Silence KASAN warnings in get_wchan() To: Ingo Molnar References: <1444040906-6788-1-git-send-email-aryabinin@virtuozzo.com> <20151005112341.GA1101@gmail.com> <56126316.3030901@virtuozzo.com> <20151005163906.GE26924@tassilo.jf.intel.com> <5612AC7A.9080502@virtuozzo.com> <20151006072655.GB10672@gmail.com> CC: Andi Kleen , Dmitry Vyukov , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , "x86@kernel.org" , LKML , Andy Lutomirski , Andrey Konovalov , Kostya Serebryany , Alexander Potapenko , kasan-dev , Borislav Petkov , Denys Vlasenko , Sasha Levin , Wolfram Gloger , Linus Torvalds , Andrew Morton From: Andrey Ryabinin Message-ID: <56137A6C.3090109@virtuozzo.com> Date: Tue, 6 Oct 2015 10:38:20 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 MIME-Version: 1.0 In-Reply-To: <20151006072655.GB10672@gmail.com> Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: 7bit X-ClientProxiedBy: US-EXCH2.sw.swsoft.com (10.255.249.46) To US-EXCH2.sw.swsoft.com (10.255.249.46) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 10/06/2015 10:26 AM, Ingo Molnar wrote: > > * Andrey Ryabinin wrote: > >> On 10/05/2015 07:39 PM, Andi Kleen wrote: >>>> But, I think I have the solution. >>>> We could have some blacklist - list of function names which we should be ignored. >>>> In kasan_report() we could resolve return address to function name and compare it with name in list. >>>> If name in list -> ignore report. >>> >>> I think annotating statements is cleaner than functions, even if it >>> is more code. Much better documentation >>> >> >> I agree with that, that's why I suggested to add READ_ONCE_NOCHECK(): >> READ_ONCE_NOCHECK() >> { >> kasan_disable_current(); >> READ_ONCE(); >> kasan_enable_current(); >> } >> >> Anywone objects? > > Sounds good to me! As long as it's hidden from plain .c files I'm a happy camper. > > This should probably also be faster for KASAN than triggering a warning and having > to parse a blacklist, right? > Sure. >>> If disabling with an attribute doesn't work, you could put it into a special >>> section with __attribute__((section ...)) and check the start/end symbol >>> before reporting. That's how kprobes solves similar issues. It also has the >>> advantage that it stops inlining. >> >> Yes, it might be better. Although, because of broken -fconserve-stack, this may >> not work in some cases - https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63533 >> Function splitter may split original function into two parts and it always puts >> one split part in default .text section. > > We do a _ton_ of such section tricks in the kernel (all of exception handling is > based on that) - if that's broken by -fconserve-stack then the kernel is broken > much more widely. > I'm mistaken here. It was broken once, at some point of development of gcc 5, but this was fixed eventually. I just checked gcc 5.2, 4.9.2, 4.8.4, all of them are ok. > So unless KASAN wants to do something special here you can rely on sections just > fine. > > Thanks, > > Ingo >