From: Catalin Marinas <catalin.marinas@arm.com>
To: Breno Leitao <leitao@debian.org>
Cc: Will Deacon <will@kernel.org>,
usamaarif642@gmail.com, Ard Biesheuvel <ardb@kernel.org>,
rmikey@meta.com, andreyknvl@gmail.com,
kasan-dev@googlegroups.com, linux-efi@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, kernel-team@meta.com
Subject: Re: [PATCH] arm64: efi: Fix KASAN false positive for EFI runtime stack
Date: Thu, 3 Jul 2025 17:35:48 +0100 [thread overview]
Message-ID: <aGaxZHLnDQc_kSur@arm.com> (raw)
In-Reply-To: <20250624-arm_kasan-v1-1-21e80eab3d70@debian.org>
On Tue, Jun 24, 2025 at 05:55:53AM -0700, Breno Leitao wrote:
> KASAN reports invalid accesses during arch_stack_walk() for EFI runtime
> services due to vmalloc tagging[1]. The EFI runtime stack must be allocated
> with KASAN tags reset to avoid false positives.
>
> This patch uses arch_alloc_vmap_stack() instead of __vmalloc_node() for
> EFI stack allocation, which internally calls kasan_reset_tag()
>
> The changes ensure EFI runtime stacks are properly sanitized for KASAN
> while maintaining functional consistency.
>
> Link: https://lore.kernel.org/all/aFVVEgD0236LdrL6@gmail.com/ [1]
> Suggested-by: Andrey Konovalov <andreyknvl@gmail.com>
> Suggested-by: Catalin Marinas <catalin.marinas@arm.com>
> Signed-off-by: Breno Leitao <leitao@debian.org>
> ---
> arch/arm64/kernel/efi.c | 9 ++++++---
> 1 file changed, 6 insertions(+), 3 deletions(-)
>
> diff --git a/arch/arm64/kernel/efi.c b/arch/arm64/kernel/efi.c
> index 3857fd7ee8d46..d2af881a48290 100644
> --- a/arch/arm64/kernel/efi.c
> +++ b/arch/arm64/kernel/efi.c
> @@ -15,6 +15,7 @@
>
> #include <asm/efi.h>
> #include <asm/stacktrace.h>
> +#include <asm/vmap_stack.h>
>
> static bool region_is_misaligned(const efi_memory_desc_t *md)
> {
> @@ -214,9 +215,11 @@ static int __init arm64_efi_rt_init(void)
> if (!efi_enabled(EFI_RUNTIME_SERVICES))
> return 0;
>
> - p = __vmalloc_node(THREAD_SIZE, THREAD_ALIGN, GFP_KERNEL,
> - NUMA_NO_NODE, &&l);
> -l: if (!p) {
> + if (!IS_ENABLED(CONFIG_VMAP_STACK))
> + return -ENOMEM;
Mark Rutland pointed out in a private chat that this should probably
clear the EFI_RUNTIME_SERVICES flag as well.
> +
> + p = arch_alloc_vmap_stack(THREAD_SIZE, NUMA_NO_NODE);
> + if (!p) {
> pr_warn("Failed to allocate EFI runtime stack\n");
> clear_bit(EFI_RUNTIME_SERVICES, &efi.flags);
> return -ENOMEM;
>
With that:
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
(but let's see if Ard has a different opinion on the approach)
next prev parent reply other threads:[~2025-07-03 21:00 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-24 12:55 [PATCH] arm64: efi: Fix KASAN false positive for EFI runtime stack Breno Leitao
2025-07-03 16:35 ` Catalin Marinas [this message]
2025-07-04 8:26 ` Ard Biesheuvel
2025-07-04 12:36 ` Breno Leitao
2025-07-04 13:33 ` Will Deacon
2025-07-04 13:37 ` Ard Biesheuvel
2025-07-04 13:40 ` Mark Rutland
2025-07-07 0:45 ` Catalin Marinas
2025-07-07 16:08 ` Breno Leitao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aGaxZHLnDQc_kSur@arm.com \
--to=catalin.marinas@arm.com \
--cc=andreyknvl@gmail.com \
--cc=ardb@kernel.org \
--cc=kasan-dev@googlegroups.com \
--cc=kernel-team@meta.com \
--cc=leitao@debian.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=rmikey@meta.com \
--cc=usamaarif642@gmail.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.