From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andrey Konovalov Subject: [RFC PATCH v3 00/15] khwasan: kernel hardware assisted address sanitizer Date: Fri, 20 Apr 2018 16:46:38 +0200 Message-ID: Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Return-path: Received: from localhost (localhost [127.0.0.1]) by mm01.cs.columbia.edu (Postfix) with ESMTP id 72A974A087 for ; Fri, 20 Apr 2018 10:38:09 -0400 (EDT) Received: from mm01.cs.columbia.edu ([127.0.0.1]) by localhost (mm01.cs.columbia.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dLYDDIYIetDu for ; Fri, 20 Apr 2018 10:37:47 -0400 (EDT) Received: from mail-wr0-f194.google.com (mail-wr0-f194.google.com [209.85.128.194]) by mm01.cs.columbia.edu (Postfix) with ESMTPS id 6AFC449FD8 for ; Fri, 20 Apr 2018 10:37:47 -0400 (EDT) Received: by mail-wr0-f194.google.com with SMTP id o15-v6so23685701wro.11 for ; Fri, 20 Apr 2018 07:46:59 -0700 (PDT) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kvmarm-bounces@lists.cs.columbia.edu Sender: kvmarm-bounces@lists.cs.columbia.edu To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Jonathan Corbet , Catalin Marinas , Will Deacon , Marc Zyngier , Christopher Li , Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , Masahiro Yamada , Michal Marek , "GitAuthor : Andrey Konovalov" , Mark Rutland , Ard Biesheuvel , Yury Norov , Nick Desaulniers , Suzuki K Poulose , Kristina Martsenko Cc: Kees Cook , Jacob Bramley , Jann Horn , Ruben Ayrapetyan , Lee Smith , Kostya Serebryany , Mark Brand , Ramana Radhakrishnan , Evgeniy Stepanov List-Id: kvmarm@lists.cs.columbia.edu SGkhIFRoaXMgaXMgdGhlIDNyZCBSRkMgdmVyc2lvbiBvZiB0aGUgcGF0Y2hzZXQuCgpUaGlzIHBh dGNoc2V0IGFkZHMgYSBuZXcgbW9kZSB0byBLQVNBTiBbMV0sIHdoaWNoIGlzIGNhbGxlZCBLSFdB U0FOCihLZXJuZWwgSGFyZFdhcmUgYXNzaXN0ZWQgQWRkcmVzcyBTQU5pdGl6ZXIpLiBUaGVyZSdz IHN0aWxsIHNvbWUgd29yayB0bwpkbyBhbmQgdGhlcmUgYXJlIGEgZmV3IFRPRE9zIGluIHRoZSBj b2RlLCBzbyBJJ20gcHVibGlzaGluZyB0aGlzIGFzIGFuIFJGQwp0byBjb2xsZWN0IHNvbWUgaW5p dGlhbCBmZWVkYmFjay4KClRoZSBwbGFuIGlzIHRvIGltcGxlbWVudCBIV0FTYW4gWzJdIGZvciB0 aGUga2VybmVsIHdpdGggdGhlIGluY2VudGl2ZSwKdGhhdCBpdCdzIGdvaW5nIHRvIGhhdmUgY29t cGFyYWJsZSB0byBLQVNBTiBwZXJmb3JtYW5jZSwgYnV0IGluIHRoZSBzYW1lCnRpbWUgY29uc3Vt ZSBtdWNoIGxlc3MgbWVtb3J5LCB0cmFkaW5nIHRoYXQgb2ZmIGZvciBzb21ld2hhdCBpbXByZWNp c2UKYnVnIGRldGVjdGlvbiBhbmQgYmVpbmcgc3VwcG9ydGVkIG9ubHkgZm9yIGFybTY0LgoKVGhl IG92ZXJhbGwgaWRlYSBvZiB0aGUgYXBwcm9hY2ggdXNlZCBieSBLSFdBU0FOIGlzIHRoZSBmb2xs b3dpbmc6CgoxLiBCeSB1c2luZyB0aGUgVG9wIEJ5dGUgSWdub3JlIGFybTY0IENQVSBmZWF0dXJl LCB3ZSBjYW4gc3RvcmUgcG9pbnRlcgogICB0YWdzIGluIHRoZSB0b3AgYnl0ZSBvZiBlYWNoIGtl cm5lbCBwb2ludGVyLgoKMi4gVXNpbmcgc2hhZG93IG1lbW9yeSwgd2UgY2FuIHN0b3JlIG1lbW9y eSB0YWdzIGZvciBlYWNoIGNodW5rIG9mIGtlcm5lbAogICBtZW1vcnkuCgozLiBPbiBlYWNoIG1l bW9yeSBhbGxvY2F0aW9uLCB3ZSBjYW4gZ2VuZXJhdGUgYSByYW5kb20gdGFnLCBlbWJlZCBpdCBp bnRvCiAgIHRoZSByZXR1cm5lZCBwb2ludGVyIGFuZCBzZXQgdGhlIG1lbW9yeSB0YWdzIHRoYXQg Y29ycmVzcG9uZCB0byB0aGlzCiAgIGNodW5rIG9mIG1lbW9yeSB0byB0aGUgc2FtZSB2YWx1ZS4K CjQuIEJ5IHVzaW5nIGNvbXBpbGVyIGluc3RydW1lbnRhdGlvbiwgYmVmb3JlIGVhY2ggbWVtb3J5 IGFjY2VzcyB3ZSBjYW4gYWRkCiAgIGEgY2hlY2sgdGhhdCB0aGUgcG9pbnRlciB0YWcgbWF0Y2hl cyB0aGUgdGFnIG9mIHRoZSBtZW1vcnkgdGhhdCBpcyBiZWluZwogICBhY2Nlc3NlZC4KCjUuIE9u IGEgdGFnIG1pc21hdGNoIHdlIHJlcG9ydCBhbiBlcnJvci4KClsxXSBodHRwczovL3d3dy5rZXJu ZWwub3JnL2RvYy9odG1sL2xhdGVzdC9kZXYtdG9vbHMva2FzYW4uaHRtbAoKWzJdIGh0dHA6Ly9j bGFuZy5sbHZtLm9yZy9kb2NzL0hhcmR3YXJlQXNzaXN0ZWRBZGRyZXNzU2FuaXRpemVyRGVzaWdu Lmh0bWwKCgo9PT09PT0gVGVjaG5pY2FsIGRldGFpbHMKCktIV0FTQU4gaXMgaW1wbGVtZW50ZWQg aW4gYSB2ZXJ5IHNpbWlsYXIgd2F5IHRvIEtBU0FOLiBUaGlzIHBhdGNoc2V0CmVzc2VudGlhbGx5 IGRvZXMgdGhlIGZvbGxvd2luZzoKCjEuIFRDUl9UQkkxIGlzIHNldCB0byBlbmFibGUgVG9wIEJ5 dGUgSWdub3JlLgoKMi4gU2hhZG93IG1lbW9yeSBpcyB1c2VkICh3aXRoIGEgZGlmZmVyZW50IHNj YWxlLCAxOjE2LCBzbyBlYWNoIHNoYWRvdwogICBieXRlIGNvcnJlc3BvbmRzIHRvIDE2IGJ5dGVz IG9mIGtlcm5lbCBtZW1vcnkpIHRvIHN0b3JlIG1lbW9yeSB0YWdzLgoKMy4gQWxsIHNsYWIgb2Jq ZWN0cyBhcmUgYWxpZ25lZCB0byBzaGFkb3cgc2NhbGUsIHdoaWNoIGlzIDE2IGJ5dGVzLgoKNC4g QWxsIHBvaW50ZXJzIHJldHVybmVkIGZyb20gdGhlIHNsYWIgYWxsb2NhdG9yIGFyZSB0YWdnZWQg d2l0aCBhIHJhbmRvbQogICB0YWcgYW5kIHRoZSBjb3JyZXNwb25kaW5nIHNoYWRvdyBtZW1vcnkg aXMgcG9pc29uZWQgd2l0aCB0aGUgc2FtZSB2YWx1ZS4KCjUuIENvbXBpbGVyIGluc3RydW1lbnRh dGlvbiBpcyB1c2VkIHRvIGluc2VydCB0YWcgY2hlY2tzLiBFaXRoZXIgYnkKICAgY2FsbGluZyBj YWxsYmFja3Mgb3IgYnkgaW5saW5pbmcgdGhlbSAoQ09ORklHX0tBU0FOX09VVExJTkUgYW5kCiAg IENPTkZJR19LQVNBTl9JTkxJTkUgZmxhZ3MgYXJlIHJldXNlZCkuCgo2LiBXaGVuIGEgdGFnIG1p c21hdGNoIGlzIGRldGVjdGVkIGluIGNhbGxiYWNrIGluc3RydW1lbnRhdGlvbiBtb2RlCiAgIEtI V0FTQU4gc2ltcGx5IHByaW50cyBhIGJ1ZyByZXBvcnQuIEluIGNhc2Ugb2YgaW5saW5lIGluc3Ry dW1lbnRhdGlvbiwKICAgY2xhbmcgaW5zZXJ0cyBhIGJyayBpbnN0cnVjdGlvbiwgYW5kIEtIV0FT QU4gaGFzIGl0J3Mgb3duIGJyayBoYW5kbGVyLAogICB3aGljaCByZXBvcnRzIHRoZSBidWcuCgo3 LiBUaGUgbWVtb3J5IGluIGJldHdlZW4gc2xhYiBvYmplY3RzIGlzIG1hcmtlZCB3aXRoIGEgcmVz ZXJ2ZWQgdGFnLCBhbmQKICAgYWN0cyBhcyBhIHJlZHpvbmUuCgo4LiBXaGVuIGEgc2xhYiBvYmpl Y3QgaXMgZnJlZWQgaXQncyBtYXJrZWQgd2l0aCBhIHJlc2VydmVkIHRhZy4KCkJ1ZyBkZXRlY3Rp b24gaXMgaW1wcmVjaXNlIGZvciB0d28gcmVhc29uczoKCjEuIFdlIHdvbid0IGNhdGNoIHNvbWUg c21hbGwgb3V0LW9mLWJvdW5kcyBhY2Nlc3NlcywgdGhhdCBmYWxsIGludG8gdGhlCiAgIHNhbWUg c2hhZG93IGNlbGwsIGFzIHRoZSBsYXN0IGJ5dGUgb2YgYSBzbGFiIG9iamVjdC4KCjIuIFdlIG9u bHkgaGF2ZSAxIGJ5dGUgdG8gc3RvcmUgdGFncywgd2hpY2ggbWVhbnMgd2UgaGF2ZSBhIDEvMjU2 CiAgIHByb2JhYmlsaXR5IG9mIGEgdGFnIG1hdGNoIGZvciBhbiBpbmNvcnJlY3QgYWNjZXNzIChh Y3R1YWxseSBldmVuCiAgIHNsaWdodGx5IGxlc3MgZHVlIHRvIHJlc2VydmVkIHRhZyB2YWx1ZXMp LgoKCj09PT09PSBCZW5jaG1hcmtzCgpUaGUgZm9sbG93aW5nIG51bWJlcnMgd2VyZSBjb2xsZWN0 ZWQgb24gT2Ryb2lkIEMyIGJvYXJkLiBCb3RoIEtBU0FOIGFuZApLSFdBU0FOIHdlcmUgdXNlZCBp biBpbmxpbmUgaW5zdHJ1bWVudGF0aW9uIG1vZGUuIFRoZXNlIGFyZSB0aGUgbnVtYmVycwpJIGdv dCB3aXRoIHRoZSBjdXJyZW50IHByb3RvdHlwZSBhbmQgdGhleSBtaWdodCBjaGFuZ2UuCgpCb290 IHRpbWUgWzFdOgoqIH40LjUgc2VjIGZvciBjbGVhbiBrZXJuZWwKKiB+NS4wIHNlYyBmb3IgS0FT QU4KKiB+NS4xIHNlYyBmb3IgS0hXQVNBTgoKU2xhYiBtZW1vcnkgdXNhZ2UgYWZ0ZXIgYm9vdCBb Ml06CiogfjMyIGtiIGZvciBjbGVhbiBrZXJuZWwKKiB+OTUga2IgKyAxLzh0aCBzaGFkb3cgfj0g MTA3IGtiIGZvciBLQVNBTgoqIH4zOCBrYiArIDEvMTZ0aCBzaGFkb3cgfj0gNDAga2IgZm9yIEtI V0FTQU4KCk5ldHdvcmsgcGVyZm9ybWFuY2UgWzNdOgoqIDExLjkgR2JpdHMvc2VjIGZvciBjbGVh biBrZXJuZWwKKiAzLjA4IEdiaXRzL3NlYyBmb3IgS0FTQU4KKiAzLjAyIEdiaXRzL3NlYyBmb3Ig S0hXQVNBTgoKTm90ZSwgdGhhdCBLSFdBU0FOIChjb21wYXJlZCB0byBLQVNBTikgZG9lc24ndCBy ZXF1aXJlIHF1YXJhbnRpbmUuCgpbMV0gVGltZSBiZWZvcmUgdGhlIGV4dDQgZHJpdmVyIGlzIGlu aXRpYWxpemVkLgpbMl0gTWVhc3VyZWQgYXMgYGNhdCAvcHJvYy9tZW1pbmZvIHwgZ3JlcCBTbGFi YC4KWzNdIE1lYXN1cmVkIGFzIGBpcGVyZiAtcyAmIGlwZXJmIC1jIDEyNy4wLjAuMSAtdCAzMGAu CgoKPT09PT09IFNvbWUgbm90ZXMKCkEgZmV3IG5vdGVzOgoKMS4gVGhlIHBhdGNoc2V0IGNhbiBi ZSBmb3VuZCBoZXJlOgogICBodHRwczovL2dpdGh1Yi5jb20veGFpcnkva2FzYW4tcHJvdG90eXBl L3RyZWUva2h3YXNhbgoKMi4gQnVpbGRpbmcgcmVxdWlyZXMgYSByZWNlbnQgTExWTSB2ZXJzaW9u IChyMzMwMDQ0IG9yIGxhdGVyKS4KCjMuIFN0YWNrIGluc3RydW1lbnRhdGlvbiBpcyBub3Qgc3Vw cG9ydGVkIHlldCAoaW4gcHJvZ3Jlc3MpLgoKNC4gVGhlcmUgYXJlIHN0aWxsIGEgZmV3IFRPRE9z IGluIHRoZSBjb2RlLCB0aGF0IG5lZWQgdG8gYmUgYWRkcmVzc2VkLgoKCj09PT09PSBDaGFuZ2Vz CgpDaGFuZ2VzIGluIFJGQyB2MzoKLSBSZW5hbWVkIENPTkZJR19LQVNBTl9DTEFTU0lDIGFuZCBD T05GSUdfS0FTQU5fVEFHUyB0bwogIENPTkZJR19LQVNBTl9HRU5FUklDIGFuZCBDT05GSUdfS0FT QU5fSFcgcmVzcGVjdGl2ZWx5LgotIFN3aXRjaCB0byAtZnNhbml0aXplPWtlcm5lbC1od2FkZHJl c3MgaW5zdGVhZCBvZiAtZnNhbml0aXplPWh3YWRkcmVzcy4KLSBSZW1vdmVkIHVubmVjZXNzYXJ5 IGV4Y2Vzc2l2ZSBzaGFkb3cgaW5pdGlhbGl6YXRpb24uCi0gUmVtb3ZlZCBraHdhc2FuX2VuYWJs ZWQgZmxhZyAoaXTigJlzIG5vdCBuZWVkZWQgc2luY2UgS0hXQVNBTiBpcwogIGluaXRpYWxpemVk IGJlZm9yZSBhbnkgc2xhYiBjYWNoZXMgYXJlIHVzZWQpLgotIFNwbGl0IG91dCBrYXNhbl9yZXBv cnQuYyBhbmQga2h3YXNhbl9yZXBvcnQuYyBmcm9tIHJlcG9ydC5jLgotIE1vdmVkIG1vcmUgY29t bW9uIEtBU0FOIGFuZCBLSFdBU0FOIGZ1bmN0aW9ucyB0byBjb21tb24uYy4KLSBBZGRlZCB0YWdn aW5nIHRvIHBhZ2VhbGxvYy4KLSBSZWJhc2VkIG9udG8gNC4xNy1yYzEuCi0gVGVtcG9yYXJpbHkg ZHJvcHBlZCBwYXRjaCB0aGF0IGFkZHMga3ZtIHN1cHBvcnQgKGFybTY0ICsga3ZtICsgY2xhbmcK ICBjb21ibyBpcyBicm9rZW4gcmlnaHQgbm93IChodHRwczovL2xrbWwub3JnL2xrbWwvMjAxOC80 LzE5Lzc3NSkpLgoKQ2hhbmdlcyBpbiBSRkMgdjI6Ci0gUmVtb3ZlZCBleHBsaWNpdCBjYXN0cyB0 byB1OCAqIGZvciBrYXNhbl9tZW1fdG9fc2hhZG93KCkgY2FsbHMuCi0gSW50cm9kdWNlZCBLQVNB Tl9UQ1JfRkxBR1MgZm9yIHNldHRpbmcgdGhlIFRDUl9UQkkxIGZsYWcuCi0gQWRkZWQgYSBjb21t ZW50IHJlZ2FyZGluZyB0aGUgbm9uLWF0b21pYyBSTVcgc2VxdWVuY2UgaW4KICBraHdhc2FuX3Jh bmRvbV90YWcoKS4KLSBNYWRlIGFsbCB0YWcgcmVsYXRlZCBmdW5jdGlvbnMgYWNjZXB0IGNvbnN0 IHZvaWQgKi4KLSBVbnRhZ2dlZCBwb2ludGVycyBpbiBfX2tpbWdfdG9fcGh5cywgd2hpY2ggaXMg dXNlZCBieSB2aXJ0X3RvX3BoeXMuCi0gVW50YWdnZWQgcG9pbnRlcnMgaW4gc2hvd19wdHIgaW4g ZmF1bHQgaGFuZGxpbmcgbG9naWMuCi0gVW50YWdnZWQgcG9pbnRlcnMgcGFzc2VkIHRvIEtWTS4K LSBBZGRlZCB0d28gcmVzZXJ2ZWQgdGFnIHZhbHVlczogMHhGRiBhbmQgMHhGRS4KLSBVc2VkIHRo ZSByZXNlcnZlZCB0YWcgMHhGRiB0byBkaXNhYmxlIHZhbGlkaXR5IGNoZWNraW5nICh0byByZXNv bHZlIHRoZQogIGlzc3VlIHdpdGggcG9pbnRlciB0YWcgYmVpbmcgbG9zdCBhZnRlciBwYWdlX2Fk ZHJlc3MgKyBrbWFwIHVzYWdlKS4KLSBVc2VkIHRoZSByZXNlcnZlZCB0YWcgMHhGRSB0byBtYXJr IHJlZHpvbmVzIGFuZCBmcmVlZCBvYmplY3RzLgotIEFkZGVkIG1uZW1vbmljcyBmb3IgZXNyIG1h bmlwdWxhdGlvbiBpbiBLSFdBU0FOIGJyayBoYW5kbGVyLgotIEFkZGVkIGEgY29tbWVudCBhYm91 dCB0aGUgLXJlY292ZXIgZmxhZy4KLSBTb21lIG1pbm9yIGNsZWFudXBzIGFuZCBmaXhlcy4KLSBS ZWJhc2VkIG9udG8gMzIxNWI5ZDUgKDQuMTYtcmM2KykuCi0gVGVzdGVkIG9uIHJlYWwgaGFyZHdh cmUgKE9kcm9pZCBDMiBib2FyZCkuCi0gQWRkZWQgYmV0dGVyIGJlbmNobWFya3MuCgpBbmRyZXkg S29ub3ZhbG92ICgxNSk6CiAga2h3YXNhbjogbW92ZSBjb21tb24ga2FzYW4gYW5kIGtod2FzYW4g Y29kZSB0byBjb21tb24uYwogIGtod2FzYW46IGFkZCBDT05GSUdfS0FTQU5fR0VORVJJQyBhbmQg Q09ORklHX0tBU0FOX0hXCiAga2h3YXNhbiwgYXJtNjQ6IGFkanVzdCBzaGFkb3cgc2l6ZSBmb3Ig Q09ORklHX0tBU0FOX0hXCiAga2h3YXNhbjogaW5pdGlhbGl6ZSBzaGFkb3cgdG8gMHhmZgogIGto d2FzYW4sIGFybTY0OiB1bnRhZyB2aXJ0IGFkZHJlc3MgaW4gX19raW1nX3RvX3BoeXMKICBraHdh c2FuLCBhcm02NDogZml4IHVwIGZhdWx0IGhhbmRsaW5nIGxvZ2ljCiAga2h3YXNhbjogYWRkIHRh ZyByZWxhdGVkIGhlbHBlciBmdW5jdGlvbnMKICBraHdhc2FuLCBhcm02NDogZW5hYmxlIHRvcCBi eXRlIGlnbm9yZSBmb3IgdGhlIGtlcm5lbAogIGtod2FzYW4sIG1tOiBwZXJmb3JtIHVudGFnZ2Vk IHBvaW50ZXJzIGNvbXBhcmlzb24gaW4ga3JlYWxsb2MKICBraHdhc2FuOiBzcGxpdCBvdXQga2Fz YW5fcmVwb3J0LmMgZnJvbSByZXBvcnQuYwogIGtod2FzYW46IGFkZCBidWcgcmVwb3J0aW5nIHJv dXRpbmVzCiAga2h3YXNhbjogYWRkIGhvb2tzIGltcGxlbWVudGF0aW9uCiAga2h3YXNhbiwgYXJt NjQ6IGFkZCBicmsgaGFuZGxlciBmb3IgaW5saW5lIGluc3RydW1lbnRhdGlvbgogIGtod2FzYW4s IG1tLCBhcm02NDogdGFnIG5vbiBzbGFiIG1lbW9yeSBhbGxvY2F0ZWQgdmlhIHBhZ2VhbGxvYwog IGtod2FzYW46IHVwZGF0ZSBrYXNhbiBkb2N1bWVudGF0aW9uCgogRG9jdW1lbnRhdGlvbi9kZXYt dG9vbHMva2FzYW4ucnN0ICAgICAgfCAyMTIgKysrKystLS0tCiBhcmNoL2FybTY0L0tjb25maWcg ICAgICAgICAgICAgICAgICAgICB8ICAgMSArCiBhcmNoL2FybTY0L01ha2VmaWxlICAgICAgICAg ICAgICAgICAgICB8ICAgMiArLQogYXJjaC9hcm02NC9pbmNsdWRlL2FzbS9icmstaW1tLmggICAg ICAgfCAgIDIgKwogYXJjaC9hcm02NC9pbmNsdWRlL2FzbS9tZW1vcnkuaCAgICAgICAgfCAgMzUg Ky0KIGFyY2gvYXJtNjQvaW5jbHVkZS9hc20vcGd0YWJsZS1od2RlZi5oIHwgICAxICsKIGFyY2gv YXJtNjQva2VybmVsL3RyYXBzLmMgICAgICAgICAgICAgIHwgIDY5ICsrLQogYXJjaC9hcm02NC9t bS9mYXVsdC5jICAgICAgICAgICAgICAgICAgfCAgIDMgKwogYXJjaC9hcm02NC9tbS9rYXNhbl9p bml0LmMgICAgICAgICAgICAgfCAgMTggKy0KIGFyY2gvYXJtNjQvbW0vcHJvYy5TICAgICAgICAg ICAgICAgICAgIHwgICA4ICstCiBpbmNsdWRlL2xpbnV4L2NvbXBpbGVyLWNsYW5nLmggICAgICAg ICB8ICAgNSArLQogaW5jbHVkZS9saW51eC9jb21waWxlci1nY2MuaCAgICAgICAgICAgfCAgIDQg KwogaW5jbHVkZS9saW51eC9jb21waWxlci5oICAgICAgICAgICAgICAgfCAgIDMgKy0KIGluY2x1 ZGUvbGludXgva2FzYW4uaCAgICAgICAgICAgICAgICAgIHwgIDUwICsrLQogaW5jbHVkZS9saW51 eC9tbS5oICAgICAgICAgICAgICAgICAgICAgfCAgMjkgKysKIGluY2x1ZGUvbGludXgvcGFnZS1m bGFncy1sYXlvdXQuaCAgICAgIHwgIDEwICsKIGxpYi9LY29uZmlnLmthc2FuICAgICAgICAgICAg ICAgICAgICAgIHwgIDY4ICsrLQogbW0vY21hLmMgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgfCAgIDEgKwogbW0va2FzYW4vTWFrZWZpbGUgICAgICAgICAgICAgICAgICAgICAgfCAgIDkg Ky0KIG1tL2thc2FuL2NvbW1vbi5jICAgICAgICAgICAgICAgICAgICAgIHwgNTc2ICsrKysrKysr KysrKysrKysrKysrKysrKysKIG1tL2thc2FuL2thc2FuLmMgICAgICAgICAgICAgICAgICAgICAg IHwgNDkzICstLS0tLS0tLS0tLS0tLS0tLS0tLQogbW0va2FzYW4va2FzYW4uaCAgICAgICAgICAg ICAgICAgICAgICAgfCAgOTQgKysrLQogbW0va2FzYW4va2FzYW5fcmVwb3J0LmMgICAgICAgICAg ICAgICAgfCAxNTUgKysrKysrKwogbW0va2FzYW4va2h3YXNhbi5jICAgICAgICAgICAgICAgICAg ICAgfCAxNjMgKysrKysrKwogbW0va2FzYW4va2h3YXNhbl9yZXBvcnQuYyAgICAgICAgICAgICAg fCAgNjAgKysrCiBtbS9rYXNhbi9yZXBvcnQuYyAgICAgICAgICAgICAgICAgICAgICB8IDI3MSAr KysrLS0tLS0tLS0KIG1tL3BhZ2VfYWxsb2MuYyAgICAgICAgICAgICAgICAgICAgICAgIHwgICAx ICsKIG1tL3NsYWJfY29tbW9uLmMgICAgICAgICAgICAgICAgICAgICAgIHwgICAyICstCiBtbS9z bHViLmMgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB8ICAgMiArLQogc2NyaXB0cy9NYWtl ZmlsZS5rYXNhbiAgICAgICAgICAgICAgICAgfCAgMjcgKy0KIDMwIGZpbGVzIGNoYW5nZWQsIDE1 NTggaW5zZXJ0aW9ucygrKSwgODE2IGRlbGV0aW9ucygtKQogY3JlYXRlIG1vZGUgMTAwNjQ0IG1t L2thc2FuL2NvbW1vbi5jCiBjcmVhdGUgbW9kZSAxMDA2NDQgbW0va2FzYW4va2FzYW5fcmVwb3J0 LmMKIGNyZWF0ZSBtb2RlIDEwMDY0NCBtbS9rYXNhbi9raHdhc2FuLmMKIGNyZWF0ZSBtb2RlIDEw MDY0NCBtbS9rYXNhbi9raHdhc2FuX3JlcG9ydC5jCgotLSAKMi4xNy4wLjQ4NC5nMGM4NzI2MzE4 Yy1nb29nCgpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXwpr dm1hcm0gbWFpbGluZyBsaXN0Cmt2bWFybUBsaXN0cy5jcy5jb2x1bWJpYS5lZHUKaHR0cHM6Ly9s aXN0cy5jcy5jb2x1bWJpYS5lZHUvbWFpbG1hbi9saXN0aW5mby9rdm1hcm0K From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wr0-f197.google.com (mail-wr0-f197.google.com [209.85.128.197]) by kanga.kvack.org (Postfix) with ESMTP id 7B9DE6B0005 for ; Fri, 20 Apr 2018 10:47:00 -0400 (EDT) Received: by mail-wr0-f197.google.com with SMTP id 31-v6so9120369wrr.2 for ; Fri, 20 Apr 2018 07:47:00 -0700 (PDT) Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id v184sor464074wmd.3.2018.04.20.07.46.58 for (Google Transport Security); Fri, 20 Apr 2018 07:46:58 -0700 (PDT) From: Andrey Konovalov Subject: [RFC PATCH v3 00/15] khwasan: kernel hardware assisted address sanitizer Date: Fri, 20 Apr 2018 16:46:38 +0200 Message-Id: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: owner-linux-mm@kvack.org List-ID: To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Jonathan Corbet , Catalin Marinas , Will Deacon , Marc Zyngier , Christopher Li , Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , Masahiro Yamada , Michal Marek , "GitAuthor : Andrey Konovalov" , Mark Rutland , Ard Biesheuvel , Yury Norov , Nick Desaulniers , Suzuki K Poulose , Kristina Martsenko , Punit Agrawal , Dave Martin , Michael Weiser , James Morse , Julien Thierry , Steve Capper , Tyler Baicar , "Eric W . Biederman" , Thomas Gleixner , Ingo Molnar , Paul Lawrence , Greg Kroah-Hartman , David Woodhouse , Sandipan Das , Kees Cook , Herbert Xu , Geert Uytterhoeven , Josh Poimboeuf , Arnd Bergmann , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Kees Cook , Jann Horn , Mark Brand Hi! This is the 3rd RFC version of the patchset. This patchset adds a new mode to KASAN [1], which is called KHWASAN (Kernel HardWare assisted Address SANitizer). There's still some work to do and there are a few TODOs in the code, so I'm publishing this as an RFC to collect some initial feedback. The plan is to implement HWASan [2] for the kernel with the incentive, that it's going to have comparable to KASAN performance, but in the same time consume much less memory, trading that off for somewhat imprecise bug detection and being supported only for arm64. The overall idea of the approach used by KHWASAN is the following: 1. By using the Top Byte Ignore arm64 CPU feature, we can store pointer tags in the top byte of each kernel pointer. 2. Using shadow memory, we can store memory tags for each chunk of kernel memory. 3. On each memory allocation, we can generate a random tag, embed it into the returned pointer and set the memory tags that correspond to this chunk of memory to the same value. 4. By using compiler instrumentation, before each memory access we can add a check that the pointer tag matches the tag of the memory that is being accessed. 5. On a tag mismatch we report an error. [1] https://www.kernel.org/doc/html/latest/dev-tools/kasan.html [2] http://clang.llvm.org/docs/HardwareAssistedAddressSanitizerDesign.html ====== Technical details KHWASAN is implemented in a very similar way to KASAN. This patchset essentially does the following: 1. TCR_TBI1 is set to enable Top Byte Ignore. 2. Shadow memory is used (with a different scale, 1:16, so each shadow byte corresponds to 16 bytes of kernel memory) to store memory tags. 3. All slab objects are aligned to shadow scale, which is 16 bytes. 4. All pointers returned from the slab allocator are tagged with a random tag and the corresponding shadow memory is poisoned with the same value. 5. Compiler instrumentation is used to insert tag checks. Either by calling callbacks or by inlining them (CONFIG_KASAN_OUTLINE and CONFIG_KASAN_INLINE flags are reused). 6. When a tag mismatch is detected in callback instrumentation mode KHWASAN simply prints a bug report. In case of inline instrumentation, clang inserts a brk instruction, and KHWASAN has it's own brk handler, which reports the bug. 7. The memory in between slab objects is marked with a reserved tag, and acts as a redzone. 8. When a slab object is freed it's marked with a reserved tag. Bug detection is imprecise for two reasons: 1. We won't catch some small out-of-bounds accesses, that fall into the same shadow cell, as the last byte of a slab object. 2. We only have 1 byte to store tags, which means we have a 1/256 probability of a tag match for an incorrect access (actually even slightly less due to reserved tag values). ====== Benchmarks The following numbers were collected on Odroid C2 board. Both KASAN and KHWASAN were used in inline instrumentation mode. These are the numbers I got with the current prototype and they might change. Boot time [1]: * ~4.5 sec for clean kernel * ~5.0 sec for KASAN * ~5.1 sec for KHWASAN Slab memory usage after boot [2]: * ~32 kb for clean kernel * ~95 kb + 1/8th shadow ~= 107 kb for KASAN * ~38 kb + 1/16th shadow ~= 40 kb for KHWASAN Network performance [3]: * 11.9 Gbits/sec for clean kernel * 3.08 Gbits/sec for KASAN * 3.02 Gbits/sec for KHWASAN Note, that KHWASAN (compared to KASAN) doesn't require quarantine. [1] Time before the ext4 driver is initialized. [2] Measured as `cat /proc/meminfo | grep Slab`. [3] Measured as `iperf -s & iperf -c 127.0.0.1 -t 30`. ====== Some notes A few notes: 1. The patchset can be found here: https://github.com/xairy/kasan-prototype/tree/khwasan 2. Building requires a recent LLVM version (r330044 or later). 3. Stack instrumentation is not supported yet (in progress). 4. There are still a few TODOs in the code, that need to be addressed. ====== Changes Changes in RFC v3: - Renamed CONFIG_KASAN_CLASSIC and CONFIG_KASAN_TAGS to CONFIG_KASAN_GENERIC and CONFIG_KASAN_HW respectively. - Switch to -fsanitize=kernel-hwaddress instead of -fsanitize=hwaddress. - Removed unnecessary excessive shadow initialization. - Removed khwasan_enabled flag (ita??s not needed since KHWASAN is initialized before any slab caches are used). - Split out kasan_report.c and khwasan_report.c from report.c. - Moved more common KASAN and KHWASAN functions to common.c. - Added tagging to pagealloc. - Rebased onto 4.17-rc1. - Temporarily dropped patch that adds kvm support (arm64 + kvm + clang combo is broken right now (https://lkml.org/lkml/2018/4/19/775)). Changes in RFC v2: - Removed explicit casts to u8 * for kasan_mem_to_shadow() calls. - Introduced KASAN_TCR_FLAGS for setting the TCR_TBI1 flag. - Added a comment regarding the non-atomic RMW sequence in khwasan_random_tag(). - Made all tag related functions accept const void *. - Untagged pointers in __kimg_to_phys, which is used by virt_to_phys. - Untagged pointers in show_ptr in fault handling logic. - Untagged pointers passed to KVM. - Added two reserved tag values: 0xFF and 0xFE. - Used the reserved tag 0xFF to disable validity checking (to resolve the issue with pointer tag being lost after page_address + kmap usage). - Used the reserved tag 0xFE to mark redzones and freed objects. - Added mnemonics for esr manipulation in KHWASAN brk handler. - Added a comment about the -recover flag. - Some minor cleanups and fixes. - Rebased onto 3215b9d5 (4.16-rc6+). - Tested on real hardware (Odroid C2 board). - Added better benchmarks. Andrey Konovalov (15): khwasan: move common kasan and khwasan code to common.c khwasan: add CONFIG_KASAN_GENERIC and CONFIG_KASAN_HW khwasan, arm64: adjust shadow size for CONFIG_KASAN_HW khwasan: initialize shadow to 0xff khwasan, arm64: untag virt address in __kimg_to_phys khwasan, arm64: fix up fault handling logic khwasan: add tag related helper functions khwasan, arm64: enable top byte ignore for the kernel khwasan, mm: perform untagged pointers comparison in krealloc khwasan: split out kasan_report.c from report.c khwasan: add bug reporting routines khwasan: add hooks implementation khwasan, arm64: add brk handler for inline instrumentation khwasan, mm, arm64: tag non slab memory allocated via pagealloc khwasan: update kasan documentation Documentation/dev-tools/kasan.rst | 212 +++++---- arch/arm64/Kconfig | 1 + arch/arm64/Makefile | 2 +- arch/arm64/include/asm/brk-imm.h | 2 + arch/arm64/include/asm/memory.h | 35 +- arch/arm64/include/asm/pgtable-hwdef.h | 1 + arch/arm64/kernel/traps.c | 69 ++- arch/arm64/mm/fault.c | 3 + arch/arm64/mm/kasan_init.c | 18 +- arch/arm64/mm/proc.S | 8 +- include/linux/compiler-clang.h | 5 +- include/linux/compiler-gcc.h | 4 + include/linux/compiler.h | 3 +- include/linux/kasan.h | 50 ++- include/linux/mm.h | 29 ++ include/linux/page-flags-layout.h | 10 + lib/Kconfig.kasan | 68 ++- mm/cma.c | 1 + mm/kasan/Makefile | 9 +- mm/kasan/common.c | 576 +++++++++++++++++++++++++ mm/kasan/kasan.c | 493 +-------------------- mm/kasan/kasan.h | 94 +++- mm/kasan/kasan_report.c | 155 +++++++ mm/kasan/khwasan.c | 163 +++++++ mm/kasan/khwasan_report.c | 60 +++ mm/kasan/report.c | 271 ++++-------- mm/page_alloc.c | 1 + mm/slab_common.c | 2 +- mm/slub.c | 2 +- scripts/Makefile.kasan | 27 +- 30 files changed, 1558 insertions(+), 816 deletions(-) create mode 100644 mm/kasan/common.c create mode 100644 mm/kasan/kasan_report.c create mode 100644 mm/kasan/khwasan.c create mode 100644 mm/kasan/khwasan_report.c -- 2.17.0.484.g0c8726318c-goog From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: ARC-Seal: i=1; a=rsa-sha256; t=1524235618; cv=none; d=google.com; s=arc-20160816; b=xoPfYg1uvrdu3J209at7RqyPzEijSJRtIO/MPPBWj4puFLCsbPMtay8gnM1aCVDYIQ 7WSbYT4uFU2+teT2WlwFpTT7FDOgUogV0krk5Z2uAC+pX8KpYq7py+kQ+4eo2Ha3wPHN f7DkkGztPxuawkL6euFLVXrzYl9TIjw0aIMmojL5isZkQEKlWQVogzoLsoYPjHyrNwSo KeYTitksQlpQxHO4W78NnC4j4GVBENfjMj9HT+nasa35ypkQU6rnNmDVOPa8axx1a8LH 5De/ZEgkizgKyHCfo1u/T01pq8o9r8KujKzhBoqo25GZG4XaCnQ/OjZCsl8BdbDYieV0 dG8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:dkim-signature:arc-authentication-results; bh=NtzTP0dmCSWftUbuZICEy16/3bd8ZJKark0qbFSWaBU=; b=a8kRtGA+Agwli+HUUfpmVDHsfDw8/bslFjmXC7o+6+2HL2AmJSXXIdZvIhQZgtG6Q8 87kTjzrcxdWKg89+EZ92z1hg9D3kraYQNX2GIYVbCisPdzXQxQatE8e06OQKe2jg9gTu Z7SrY+mXyZQN8v3J/cMrAmCnDG4e7gIp0DXA6X/9oV2UQ69UvjJ7oyQwGBAA6XcF4LbN 9qLJFCadtQobHiHh5mw57hGMl47vHHtOuA0mti2BAEVndxMBFK+g208wmYBg9WcnDkOX 5sqQgmwm4Db4GOdytI28EP6akytZa/yh8kdNdUsmTfXrJekqRwdTZXeko1dP7ORw7Gt4 3PCA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=AEwpvRrO; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=AEwpvRrO; spf=pass (google.com: domain of andreyknvl@google.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=andreyknvl@google.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com X-Google-Smtp-Source: AB8JxZo/uluWVoU6SPN5N11pP2ntr6IWiEgvzqTkAsa53jWSRv8q4hOvnXLeggD14pU4ogCMv8sXJQ== From: Andrey Konovalov To: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Jonathan Corbet , Catalin Marinas , Will Deacon , Marc Zyngier , Christopher Li , Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , Masahiro Yamada , Michal Marek , "GitAuthor : Andrey Konovalov" , Mark Rutland , Ard Biesheuvel , Yury Norov , Nick Desaulniers , Suzuki K Poulose , Kristina Martsenko , Punit Agrawal , Dave Martin , Michael Weiser , James Morse , Julien Thierry , Steve Capper , Tyler Baicar , "Eric W . Biederman" , Thomas Gleixner , Ingo Molnar , Paul Lawrence , Greg Kroah-Hartman , David Woodhouse , Sandipan Das , Kees Cook , Herbert Xu , Geert Uytterhoeven , Josh Poimboeuf , Arnd Bergmann , kasan-dev@googlegroups.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-sparse@vger.kernel.org, linux-mm@kvack.org, linux-kbuild@vger.kernel.org Cc: Kostya Serebryany , Evgeniy Stepanov , Lee Smith , Ramana Radhakrishnan , Jacob Bramley , Ruben Ayrapetyan , Kees Cook , Jann Horn , Mark Brand Subject: [RFC PATCH v3 00/15] khwasan: kernel hardware assisted address sanitizer Date: Fri, 20 Apr 2018 16:46:38 +0200 Message-Id: X-Mailer: git-send-email 2.17.0.484.g0c8726318c-goog MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1598276887487693799?= X-GMAIL-MSGID: =?utf-8?q?1598276887487693799?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: Hi! This is the 3rd RFC version of the patchset. This patchset adds a new mode to KASAN [1], which is called KHWASAN (Kernel HardWare assisted Address SANitizer). There's still some work to do and there are a few TODOs in the code, so I'm publishing this as an RFC to collect some initial feedback. The plan is to implement HWASan [2] for the kernel with the incentive, that it's going to have comparable to KASAN performance, but in the same time consume much less memory, trading that off for somewhat imprecise bug detection and being supported only for arm64. The overall idea of the approach used by KHWASAN is the following: 1. By using the Top Byte Ignore arm64 CPU feature, we can store pointer tags in the top byte of each kernel pointer. 2. Using shadow memory, we can store memory tags for each chunk of kernel memory. 3. On each memory allocation, we can generate a random tag, embed it into the returned pointer and set the memory tags that correspond to this chunk of memory to the same value. 4. By using compiler instrumentation, before each memory access we can add a check that the pointer tag matches the tag of the memory that is being accessed. 5. On a tag mismatch we report an error. [1] https://www.kernel.org/doc/html/latest/dev-tools/kasan.html [2] http://clang.llvm.org/docs/HardwareAssistedAddressSanitizerDesign.html ====== Technical details KHWASAN is implemented in a very similar way to KASAN. This patchset essentially does the following: 1. TCR_TBI1 is set to enable Top Byte Ignore. 2. Shadow memory is used (with a different scale, 1:16, so each shadow byte corresponds to 16 bytes of kernel memory) to store memory tags. 3. All slab objects are aligned to shadow scale, which is 16 bytes. 4. All pointers returned from the slab allocator are tagged with a random tag and the corresponding shadow memory is poisoned with the same value. 5. Compiler instrumentation is used to insert tag checks. Either by calling callbacks or by inlining them (CONFIG_KASAN_OUTLINE and CONFIG_KASAN_INLINE flags are reused). 6. When a tag mismatch is detected in callback instrumentation mode KHWASAN simply prints a bug report. In case of inline instrumentation, clang inserts a brk instruction, and KHWASAN has it's own brk handler, which reports the bug. 7. The memory in between slab objects is marked with a reserved tag, and acts as a redzone. 8. When a slab object is freed it's marked with a reserved tag. Bug detection is imprecise for two reasons: 1. We won't catch some small out-of-bounds accesses, that fall into the same shadow cell, as the last byte of a slab object. 2. We only have 1 byte to store tags, which means we have a 1/256 probability of a tag match for an incorrect access (actually even slightly less due to reserved tag values). ====== Benchmarks The following numbers were collected on Odroid C2 board. Both KASAN and KHWASAN were used in inline instrumentation mode. These are the numbers I got with the current prototype and they might change. Boot time [1]: * ~4.5 sec for clean kernel * ~5.0 sec for KASAN * ~5.1 sec for KHWASAN Slab memory usage after boot [2]: * ~32 kb for clean kernel * ~95 kb + 1/8th shadow ~= 107 kb for KASAN * ~38 kb + 1/16th shadow ~= 40 kb for KHWASAN Network performance [3]: * 11.9 Gbits/sec for clean kernel * 3.08 Gbits/sec for KASAN * 3.02 Gbits/sec for KHWASAN Note, that KHWASAN (compared to KASAN) doesn't require quarantine. [1] Time before the ext4 driver is initialized. [2] Measured as `cat /proc/meminfo | grep Slab`. [3] Measured as `iperf -s & iperf -c 127.0.0.1 -t 30`. ====== Some notes A few notes: 1. The patchset can be found here: https://github.com/xairy/kasan-prototype/tree/khwasan 2. Building requires a recent LLVM version (r330044 or later). 3. Stack instrumentation is not supported yet (in progress). 4. There are still a few TODOs in the code, that need to be addressed. ====== Changes Changes in RFC v3: - Renamed CONFIG_KASAN_CLASSIC and CONFIG_KASAN_TAGS to CONFIG_KASAN_GENERIC and CONFIG_KASAN_HW respectively. - Switch to -fsanitize=kernel-hwaddress instead of -fsanitize=hwaddress. - Removed unnecessary excessive shadow initialization. - Removed khwasan_enabled flag (it’s not needed since KHWASAN is initialized before any slab caches are used). - Split out kasan_report.c and khwasan_report.c from report.c. - Moved more common KASAN and KHWASAN functions to common.c. - Added tagging to pagealloc. - Rebased onto 4.17-rc1. - Temporarily dropped patch that adds kvm support (arm64 + kvm + clang combo is broken right now (https://lkml.org/lkml/2018/4/19/775)). Changes in RFC v2: - Removed explicit casts to u8 * for kasan_mem_to_shadow() calls. - Introduced KASAN_TCR_FLAGS for setting the TCR_TBI1 flag. - Added a comment regarding the non-atomic RMW sequence in khwasan_random_tag(). - Made all tag related functions accept const void *. - Untagged pointers in __kimg_to_phys, which is used by virt_to_phys. - Untagged pointers in show_ptr in fault handling logic. - Untagged pointers passed to KVM. - Added two reserved tag values: 0xFF and 0xFE. - Used the reserved tag 0xFF to disable validity checking (to resolve the issue with pointer tag being lost after page_address + kmap usage). - Used the reserved tag 0xFE to mark redzones and freed objects. - Added mnemonics for esr manipulation in KHWASAN brk handler. - Added a comment about the -recover flag. - Some minor cleanups and fixes. - Rebased onto 3215b9d5 (4.16-rc6+). - Tested on real hardware (Odroid C2 board). - Added better benchmarks. Andrey Konovalov (15): khwasan: move common kasan and khwasan code to common.c khwasan: add CONFIG_KASAN_GENERIC and CONFIG_KASAN_HW khwasan, arm64: adjust shadow size for CONFIG_KASAN_HW khwasan: initialize shadow to 0xff khwasan, arm64: untag virt address in __kimg_to_phys khwasan, arm64: fix up fault handling logic khwasan: add tag related helper functions khwasan, arm64: enable top byte ignore for the kernel khwasan, mm: perform untagged pointers comparison in krealloc khwasan: split out kasan_report.c from report.c khwasan: add bug reporting routines khwasan: add hooks implementation khwasan, arm64: add brk handler for inline instrumentation khwasan, mm, arm64: tag non slab memory allocated via pagealloc khwasan: update kasan documentation Documentation/dev-tools/kasan.rst | 212 +++++---- arch/arm64/Kconfig | 1 + arch/arm64/Makefile | 2 +- arch/arm64/include/asm/brk-imm.h | 2 + arch/arm64/include/asm/memory.h | 35 +- arch/arm64/include/asm/pgtable-hwdef.h | 1 + arch/arm64/kernel/traps.c | 69 ++- arch/arm64/mm/fault.c | 3 + arch/arm64/mm/kasan_init.c | 18 +- arch/arm64/mm/proc.S | 8 +- include/linux/compiler-clang.h | 5 +- include/linux/compiler-gcc.h | 4 + include/linux/compiler.h | 3 +- include/linux/kasan.h | 50 ++- include/linux/mm.h | 29 ++ include/linux/page-flags-layout.h | 10 + lib/Kconfig.kasan | 68 ++- mm/cma.c | 1 + mm/kasan/Makefile | 9 +- mm/kasan/common.c | 576 +++++++++++++++++++++++++ mm/kasan/kasan.c | 493 +-------------------- mm/kasan/kasan.h | 94 +++- mm/kasan/kasan_report.c | 155 +++++++ mm/kasan/khwasan.c | 163 +++++++ mm/kasan/khwasan_report.c | 60 +++ mm/kasan/report.c | 271 ++++-------- mm/page_alloc.c | 1 + mm/slab_common.c | 2 +- mm/slub.c | 2 +- scripts/Makefile.kasan | 27 +- 30 files changed, 1558 insertions(+), 816 deletions(-) create mode 100644 mm/kasan/common.c create mode 100644 mm/kasan/kasan_report.c create mode 100644 mm/kasan/khwasan.c create mode 100644 mm/kasan/khwasan_report.c -- 2.17.0.484.g0c8726318c-goog