From: tip-bot for Andrey Ryabinin <tipbot@zytor.com>
To: linux-tip-commits@vger.kernel.org
Cc: oleg@redhat.com, hpa@zytor.com, peterz@infradead.org,
luto@kernel.org, tglx@linutronix.de, dave.hansen@linux.intel.com,
dvlasenk@redhat.com, bp@alien8.de, mcgrof@suse.com,
brgerst@gmail.com, bp@suse.de, mingo@kernel.org,
akpm@linux-foundation.org, linux-kernel@vger.kernel.org,
luto@amacapital.net, toshi.kani@hp.com, aryabinin@virtuozzo.com,
torvalds@linux-foundation.org
Subject: [tip:x86/mm] x86/kasan: Clear kasan_zero_page after TLB flush
Date: Tue, 9 Feb 2016 08:06:41 -0800 [thread overview]
Message-ID: <tip-69e0210fd01ff157d332102219aaf5c26ca8069b@git.kernel.org> (raw)
In-Reply-To: <1452516679-32040-2-git-send-email-aryabinin@virtuozzo.com>
Commit-ID: 69e0210fd01ff157d332102219aaf5c26ca8069b
Gitweb: http://git.kernel.org/tip/69e0210fd01ff157d332102219aaf5c26ca8069b
Author: Andrey Ryabinin <aryabinin@virtuozzo.com>
AuthorDate: Mon, 11 Jan 2016 15:51:18 +0300
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Tue, 9 Feb 2016 13:33:14 +0100
x86/kasan: Clear kasan_zero_page after TLB flush
Currently we clear kasan_zero_page before __flush_tlb_all(). This
works with current implementation of native_flush_tlb[_global]()
because it doesn't cause do any writes to kasan shadow memory.
But any subtle change made in native_flush_tlb*() could break this.
Also current code seems doesn't work for paravirt guests (lguest).
Only after the TLB flush we can be sure that kasan_zero_page is not
used as early shadow anymore (instrumented code will not write to it).
So it should cleared it only after the TLB flush.
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Reviewed-by: Borislav Petkov <bp@suse.de>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Luis R. Rodriguez <mcgrof@suse.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Toshi Kani <toshi.kani@hp.com>
Cc: linux-mm@kvack.org
Link: http://lkml.kernel.org/r/1452516679-32040-2-git-send-email-aryabinin@virtuozzo.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/mm/kasan_init_64.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/arch/x86/mm/kasan_init_64.c b/arch/x86/mm/kasan_init_64.c
index d470cf2..303e470 100644
--- a/arch/x86/mm/kasan_init_64.c
+++ b/arch/x86/mm/kasan_init_64.c
@@ -120,11 +120,16 @@ void __init kasan_init(void)
kasan_populate_zero_shadow(kasan_mem_to_shadow((void *)MODULES_END),
(void *)KASAN_SHADOW_END);
- memset(kasan_zero_page, 0, PAGE_SIZE);
-
load_cr3(init_level4_pgt);
__flush_tlb_all();
- init_task.kasan_depth = 0;
+ /*
+ * kasan_zero_page has been used as early shadow memory, thus it may
+ * contain some garbage. Now we can clear it, since after the TLB flush
+ * no one should write to it.
+ */
+ memset(kasan_zero_page, 0, PAGE_SIZE);
+
+ init_task.kasan_depth = 0;
pr_info("KernelAddressSanitizer initialized\n");
}
next prev parent reply other threads:[~2016-02-09 16:08 UTC|newest]
Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-08 23:15 [RFC 00/13] x86/mm: PCID and INVPCID Andy Lutomirski
2016-01-08 23:15 ` Andy Lutomirski
2016-01-08 23:15 ` [RFC 01/13] x86/paravirt: Turn KASAN off for parvirt.o Andy Lutomirski
2016-01-08 23:15 ` Andy Lutomirski
2016-01-10 18:59 ` Borislav Petkov
2016-01-10 18:59 ` Borislav Petkov
2016-01-11 12:51 ` Andrey Ryabinin
2016-01-11 12:51 ` Andrey Ryabinin
2016-01-11 12:51 ` [PATCH 1/2] x86/kasan: clear kasan_zero_page after TLB flush Andrey Ryabinin
2016-01-11 12:51 ` Andrey Ryabinin
2016-01-18 22:24 ` Andy Lutomirski
2016-01-18 22:24 ` Andy Lutomirski
2016-02-09 16:06 ` tip-bot for Andrey Ryabinin [this message]
2016-01-11 12:51 ` [PATCH 2/2] x86/kasan: write protect kasan zero shadow Andrey Ryabinin
2016-01-11 12:51 ` Andrey Ryabinin
2016-01-18 22:24 ` Andy Lutomirski
2016-01-18 22:24 ` Andy Lutomirski
2016-02-09 16:07 ` [tip:x86/mm] x86/kasan: Write " tip-bot for Andrey Ryabinin
2016-01-29 10:35 ` [RFC 01/13] x86/paravirt: Turn KASAN off for parvirt.o Borislav Petkov
2016-01-29 10:35 ` Borislav Petkov
2016-01-08 23:15 ` [RFC 02/13] x86/mm: Add INVPCID helpers Andy Lutomirski
2016-01-08 23:15 ` Andy Lutomirski
2016-01-08 23:15 ` [RFC 03/13] x86/mm: Add a noinvpcid option to turn off INVPCID Andy Lutomirski
2016-01-08 23:15 ` Andy Lutomirski
2016-01-08 23:15 ` [RFC 04/13] x86/mm: If INVPCID is available, use it to flush global mappings Andy Lutomirski
2016-01-08 23:15 ` Andy Lutomirski
2016-01-08 23:15 ` [RFC 05/13] x86/mm: Add barriers and document switch_mm-vs-flush synchronization Andy Lutomirski
2016-01-08 23:15 ` Andy Lutomirski
2016-06-03 17:42 ` Nadav Amit
2016-06-03 17:42 ` Nadav Amit
2016-06-09 17:24 ` Andy Lutomirski
2016-06-09 17:24 ` Andy Lutomirski
2016-06-09 19:45 ` Nadav Amit
2016-06-09 19:45 ` Nadav Amit
2016-09-06 1:22 ` Wanpeng Li
2016-09-06 1:22 ` Wanpeng Li
2016-01-08 23:15 ` [RFC 06/13] x86/mm: Disable PCID on 32-bit kernels Andy Lutomirski
2016-01-08 23:15 ` Andy Lutomirski
2016-01-08 23:15 ` [RFC 07/13] x86/mm: Add nopcid to turn off PCID Andy Lutomirski
2016-01-08 23:15 ` Andy Lutomirski
2016-01-08 23:15 ` [RFC 08/13] x86/mm: Teach CR3 readers about PCID Andy Lutomirski
2016-01-08 23:15 ` Andy Lutomirski
2016-01-08 23:15 ` [RFC 09/13] x86/mm: Disable interrupts when flushing the TLB using CR3 Andy Lutomirski
2016-01-08 23:15 ` Andy Lutomirski
2016-01-08 23:41 ` Linus Torvalds
2016-01-08 23:41 ` Linus Torvalds
2016-01-09 0:18 ` Andy Lutomirski
2016-01-09 0:18 ` Andy Lutomirski
2016-01-09 2:20 ` Linus Torvalds
2016-01-09 2:20 ` Linus Torvalds
2016-01-11 10:51 ` Ingo Molnar
2016-01-11 10:51 ` Ingo Molnar
2016-01-13 23:32 ` Andy Lutomirski
2016-01-13 23:32 ` Andy Lutomirski
2016-01-13 23:35 ` Andy Lutomirski
2016-01-13 23:35 ` Andy Lutomirski
2016-01-13 23:43 ` Dave Hansen
2016-01-13 23:43 ` Dave Hansen
2016-01-13 23:51 ` Andy Lutomirski
2016-01-13 23:51 ` Andy Lutomirski
2016-01-13 23:56 ` Dave Hansen
2016-01-13 23:56 ` Dave Hansen
2016-01-14 0:34 ` Andy Lutomirski
2016-01-14 0:34 ` Andy Lutomirski
2016-01-08 23:15 ` [RFC 10/13] x86/mm: Factor out remote TLB flushing Andy Lutomirski
2016-01-08 23:15 ` Andy Lutomirski
2016-01-08 23:15 ` [RFC 11/13] x86/mm: Build arch/x86/mm/tlb.c even on !SMP Andy Lutomirski
2016-01-08 23:15 ` Andy Lutomirski
2016-01-08 23:55 ` Dave Hansen
2016-01-08 23:55 ` Dave Hansen
2016-01-08 23:15 ` [RFC 12/13] x86/mm: Uninline switch_mm Andy Lutomirski
2016-01-08 23:15 ` Andy Lutomirski
2016-01-08 23:15 ` [RFC 13/13] x86/mm: Try to preserve old TLB entries using PCID Andy Lutomirski
2016-01-08 23:15 ` Andy Lutomirski
2016-01-09 0:27 ` Dave Hansen
2016-01-09 0:27 ` Dave Hansen
2016-01-09 2:19 ` Andy Lutomirski
2016-01-09 2:19 ` Andy Lutomirski
2016-01-08 23:31 ` [RFC 00/13] x86/mm: PCID and INVPCID Linus Torvalds
2016-01-08 23:31 ` Linus Torvalds
2016-01-08 23:36 ` Andy Lutomirski
2016-01-08 23:36 ` Andy Lutomirski
2016-01-08 23:42 ` Linus Torvalds
2016-01-08 23:42 ` Linus Torvalds
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=tip-69e0210fd01ff157d332102219aaf5c26ca8069b@git.kernel.org \
--to=tipbot@zytor.com \
--cc=akpm@linux-foundation.org \
--cc=aryabinin@virtuozzo.com \
--cc=bp@alien8.de \
--cc=bp@suse.de \
--cc=brgerst@gmail.com \
--cc=dave.hansen@linux.intel.com \
--cc=dvlasenk@redhat.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=luto@kernel.org \
--cc=mcgrof@suse.com \
--cc=mingo@kernel.org \
--cc=oleg@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=toshi.kani@hp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.