From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=F7pE=5Y=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-14.4 required=3.0 tests=DKIMWL_WL_MED,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,
	MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL
	autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 748C8C2D0EA
	for <linux-mm@archiver.kernel.org>; Wed,  8 Apr 2020 15:58:05 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 1DEE520769
	for <linux-mm@archiver.kernel.org>; Wed,  8 Apr 2020 15:58:05 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="o+i9m5pi"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1DEE520769
Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id AE0FE8E000D; Wed,  8 Apr 2020 11:58:04 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id A90F68E0006; Wed,  8 Apr 2020 11:58:04 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 959208E000D; Wed,  8 Apr 2020 11:58:04 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0059.hostedemail.com [216.40.44.59])
	by kanga.kvack.org (Postfix) with ESMTP id 7FC1E8E0006
	for <linux-mm@kvack.org>; Wed,  8 Apr 2020 11:58:04 -0400 (EDT)
Received: from smtpin09.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay01.hostedemail.com (Postfix) with ESMTP id 3EDC4180AD802
	for <linux-mm@kvack.org>; Wed,  8 Apr 2020 15:58:04 +0000 (UTC)
X-FDA: 76685144088.09.sail22_46658037cfc15
X-HE-Tag: sail22_46658037cfc15
X-Filterd-Recvd-Size: 12106
Received: from mail-pf1-f196.google.com (mail-pf1-f196.google.com [209.85.210.196])
	by imf34.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Wed,  8 Apr 2020 15:58:03 +0000 (UTC)
Received: by mail-pf1-f196.google.com with SMTP id v23so3247306pfm.1
        for <linux-mm@kvack.org>; Wed, 08 Apr 2020 08:58:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=OkpnZOGzsN/yuSAWh7ggBOAEGj0CC24iucYJ6ZUCsPg=;
        b=o+i9m5pi8mN/BbqfM5wNtAByuhiQwsekOyLCmU4yCZJd9YtXHwu58CcEOc17sYNFdH
         vgLFJAknUKz3f8+XBgA3mLeWHxlF4ML9nJFFlBb/dEoAe+zK5Q7QVOZ/FVzTzloCgyOj
         NsMEVGmKMMxXczyJ/sdxHqbyQIJH46rycjPKaxnenCXuX8S2zIYiQjc5X2E3rsvHWe0X
         fywFIjVARU9ajkqKDEVf/A+KhbWmYmlEnewHHqDn0xCK+LX2dSn8nM8T/iX4wy9MXQ1k
         QhUZ252cTVJFpe8VhAnEzgpXBVlVrD/2bC7mnjAT8w9T09k+7MTq77T9lGCxcj14z3Fg
         J+3w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=OkpnZOGzsN/yuSAWh7ggBOAEGj0CC24iucYJ6ZUCsPg=;
        b=TVdAlnGR63Z5LXcbhxYBjLr0ZL/Rkftv6syzgYbLUzTnpemByXDSo2PsRfeqgmdLPV
         J839VvwxQe22DsHpJvcX7IuWBW6ttXxZB3yjQSNpxGry3QewmfemCoRhRKHYmrTRCuYw
         DzC6gmJ8FjaxLi2ufE/hhnKVRrpYpL1TPWQ5RK4nGcDa169LyYhLMUf+eyiUbAAtmlZx
         YI3DU7p4YcJbUbk4OXxBQTk30ysUR8JNaeSCEIc3onmbQe9wvDtOz2HRfZbFnLg6eRFY
         knWGgdhvYMHLT15h0PsFwSDslHCKPTx2pDeEqhQQfHNrTJ1yh9csBESGDwKYSWZ5pqii
         tFqA==
X-Gm-Message-State: AGi0PuZB6mfImwR10rgo4H2c3wKqU3ITTEHiYe2oQjlftlkrNdL4alv8
	3ClmCMUYK4uhSlEW8YHxhbIYLvvppKn5cgLy3VEmRQ==
X-Google-Smtp-Source: APiQypK8NiyYgxMGdBwY+arsBN1u5HI0/zhHeUizdKMRFcuLmW6bTd3Yn/0BkW6DukVrqA3KL1+jJxk8XnKJNF1cLVs=
X-Received: by 2002:aa7:9207:: with SMTP id 7mr1463332pfo.178.1586361482448;
 Wed, 08 Apr 2020 08:58:02 -0700 (PDT)
MIME-Version: 1.0
References: <20200325161249.55095-1-glider@google.com> <20200325161249.55095-34-glider@google.com>
In-Reply-To: <20200325161249.55095-34-glider@google.com>
From: Andrey Konovalov <andreyknvl@google.com>
Date: Wed, 8 Apr 2020 17:57:51 +0200
Message-ID: <CAAeHK+w8-XPHc4SP+JC630F9X9PnUFSkgYUDmxMnoR233jELGA@mail.gmail.com>
Subject: Re: [PATCH v5 33/38] kmsan: add iomap support
To: Alexander Potapenko <glider@google.com>
Cc: Christoph Hellwig <hch@infradead.org>, "Darrick J. Wong" <darrick.wong@oracle.com>, 
	Vegard Nossum <vegard.nossum@oracle.com>, Dmitry Vyukov <dvyukov@google.com>, 
	Marco Elver <elver@google.com>, Linux Memory Management List <linux-mm@kvack.org>, 
	Alexander Viro <viro@zeniv.linux.org.uk>, Andreas Dilger <adilger.kernel@dilger.ca>, 
	Andrew Morton <akpm@linux-foundation.org>, Andrey Ryabinin <aryabinin@virtuozzo.com>, 
	Andy Lutomirski <luto@kernel.org>, Ard Biesheuvel <ard.biesheuvel@linaro.org>, 
	Arnd Bergmann <arnd@arndb.de>, Christoph Hellwig <hch@lst.de>, "David S. Miller" <davem@davemloft.net>, 
	Dmitry Torokhov <dmitry.torokhov@gmail.com>, Eric Biggers <ebiggers@google.com>, 
	Eric Dumazet <edumazet@google.com>, Eric Van Hensbergen <ericvh@gmail.com>, 
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Harry Wentland <harry.wentland@amd.com>, 
	Herbert Xu <herbert@gondor.apana.org.au>, Ilya Leoshkevich <iii@linux.ibm.com>, 
	Ingo Molnar <mingo@elte.hu>, Jason Wang <jasowang@redhat.com>, Jens Axboe <axboe@kernel.dk>, 
	Marek Szyprowski <m.szyprowski@samsung.com>, Mark Rutland <mark.rutland@arm.com>, 
	"Martin K. Petersen" <martin.petersen@oracle.com>, Martin Schwidefsky <schwidefsky@de.ibm.com>, 
	Matthew Wilcox <willy@infradead.org>, "Michael S . Tsirkin" <mst@redhat.com>, Michal Hocko <mhocko@suse.com>, 
	Michal Simek <monstr@monstr.eu>, Petr Mladek <pmladek@suse.com>, Qian Cai <cai@lca.pw>, 
	Randy Dunlap <rdunlap@infradead.org>, Robin Murphy <robin.murphy@arm.com>, 
	Sergey Senozhatsky <sergey.senozhatsky@gmail.com>, Steven Rostedt <rostedt@goodmis.org>, 
	Takashi Iwai <tiwai@suse.com>, "Theodore Ts'o" <tytso@mit.edu>, Thomas Gleixner <tglx@linutronix.de>, 
	Vasily Gorbik <gor@linux.ibm.com>, Wolfram Sang <wsa@the-dreams.de>
Content-Type: text/plain; charset="UTF-8"
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Wed, Mar 25, 2020 at 5:14 PM <glider@google.com> wrote:
>
> Functions from lib/iomap.c interact with hardware, so KMSAN must ensure
> that:
>  - every read function returns an initialized value
>  - every write function checks values before sending them to hardware.
>
> Signed-off-by: Alexander Potapenko <glider@google.com>
> Cc: Christoph Hellwig <hch@infradead.org>
> Cc: Darrick J. Wong <darrick.wong@oracle.com>
> Cc: Vegard Nossum <vegard.nossum@oracle.com>
> Cc: Dmitry Vyukov <dvyukov@google.com>
> Cc: Marco Elver <elver@google.com>
> Cc: Andrey Konovalov <andreyknvl@google.com>
> Cc: linux-mm@kvack.org

Reviewed-by: Andrey Konovalov <andreyknvl@google.com>

> ---
> v4:
>  - adjust sizes of checked memory buffers as requested by Marco Elver
>
> Change-Id: Iacd96265e56398d8c111637ddad3cad727e48c8d
> ---
>  lib/iomap.c | 40 ++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 40 insertions(+)
>
> diff --git a/lib/iomap.c b/lib/iomap.c
> index e909ab71e995d..3582e8d1ca34e 100644
> --- a/lib/iomap.c
> +++ b/lib/iomap.c
> @@ -6,6 +6,7 @@
>   */
>  #include <linux/pci.h>
>  #include <linux/io.h>
> +#include <linux/kmsan-checks.h>
>
>  #include <linux/export.h>
>
> @@ -70,26 +71,31 @@ static void bad_io_access(unsigned long port, const char *access)
>  #define mmio_read64be(addr) swab64(readq(addr))
>  #endif
>
> +__no_sanitize_memory
>  unsigned int ioread8(void __iomem *addr)
>  {
>         IO_COND(addr, return inb(port), return readb(addr));
>         return 0xff;
>  }
> +__no_sanitize_memory
>  unsigned int ioread16(void __iomem *addr)
>  {
>         IO_COND(addr, return inw(port), return readw(addr));
>         return 0xffff;
>  }
> +__no_sanitize_memory
>  unsigned int ioread16be(void __iomem *addr)
>  {
>         IO_COND(addr, return pio_read16be(port), return mmio_read16be(addr));
>         return 0xffff;
>  }
> +__no_sanitize_memory
>  unsigned int ioread32(void __iomem *addr)
>  {
>         IO_COND(addr, return inl(port), return readl(addr));
>         return 0xffffffff;
>  }
> +__no_sanitize_memory
>  unsigned int ioread32be(void __iomem *addr)
>  {
>         IO_COND(addr, return pio_read32be(port), return mmio_read32be(addr));
> @@ -142,18 +148,21 @@ static u64 pio_read64be_hi_lo(unsigned long port)
>         return lo | (hi << 32);
>  }
>
> +__no_sanitize_memory
>  u64 ioread64_lo_hi(void __iomem *addr)
>  {
>         IO_COND(addr, return pio_read64_lo_hi(port), return readq(addr));
>         return 0xffffffffffffffffULL;
>  }
>
> +__no_sanitize_memory
>  u64 ioread64_hi_lo(void __iomem *addr)
>  {
>         IO_COND(addr, return pio_read64_hi_lo(port), return readq(addr));
>         return 0xffffffffffffffffULL;
>  }
>
> +__no_sanitize_memory
>  u64 ioread64be_lo_hi(void __iomem *addr)
>  {
>         IO_COND(addr, return pio_read64be_lo_hi(port),
> @@ -161,6 +170,7 @@ u64 ioread64be_lo_hi(void __iomem *addr)
>         return 0xffffffffffffffffULL;
>  }
>
> +__no_sanitize_memory
>  u64 ioread64be_hi_lo(void __iomem *addr)
>  {
>         IO_COND(addr, return pio_read64be_hi_lo(port),
> @@ -188,22 +198,32 @@ EXPORT_SYMBOL(ioread64be_hi_lo);
>
>  void iowrite8(u8 val, void __iomem *addr)
>  {
> +       /* Make sure uninitialized memory isn't copied to devices. */
> +       kmsan_check_memory(&val, sizeof(val));
>         IO_COND(addr, outb(val,port), writeb(val, addr));
>  }
>  void iowrite16(u16 val, void __iomem *addr)
>  {
> +       /* Make sure uninitialized memory isn't copied to devices. */
> +       kmsan_check_memory(&val, sizeof(val));
>         IO_COND(addr, outw(val,port), writew(val, addr));
>  }
>  void iowrite16be(u16 val, void __iomem *addr)
>  {
> +       /* Make sure uninitialized memory isn't copied to devices. */
> +       kmsan_check_memory(&val, sizeof(val));
>         IO_COND(addr, pio_write16be(val,port), mmio_write16be(val, addr));
>  }
>  void iowrite32(u32 val, void __iomem *addr)
>  {
> +       /* Make sure uninitialized memory isn't copied to devices. */
> +       kmsan_check_memory(&val, sizeof(val));
>         IO_COND(addr, outl(val,port), writel(val, addr));
>  }
>  void iowrite32be(u32 val, void __iomem *addr)
>  {
> +       /* Make sure uninitialized memory isn't copied to devices. */
> +       kmsan_check_memory(&val, sizeof(val));
>         IO_COND(addr, pio_write32be(val,port), mmio_write32be(val, addr));
>  }
>  EXPORT_SYMBOL(iowrite8);
> @@ -239,24 +259,32 @@ static void pio_write64be_hi_lo(u64 val, unsigned long port)
>
>  void iowrite64_lo_hi(u64 val, void __iomem *addr)
>  {
> +       /* Make sure uninitialized memory isn't copied to devices. */
> +       kmsan_check_memory(&val, sizeof(val));
>         IO_COND(addr, pio_write64_lo_hi(val, port),
>                 writeq(val, addr));
>  }
>
>  void iowrite64_hi_lo(u64 val, void __iomem *addr)
>  {
> +       /* Make sure uninitialized memory isn't copied to devices. */
> +       kmsan_check_memory(&val, sizeof(val));
>         IO_COND(addr, pio_write64_hi_lo(val, port),
>                 writeq(val, addr));
>  }
>
>  void iowrite64be_lo_hi(u64 val, void __iomem *addr)
>  {
> +       /* Make sure uninitialized memory isn't copied to devices. */
> +       kmsan_check_memory(&val, sizeof(val));
>         IO_COND(addr, pio_write64be_lo_hi(val, port),
>                 mmio_write64be(val, addr));
>  }
>
>  void iowrite64be_hi_lo(u64 val, void __iomem *addr)
>  {
> +       /* Make sure uninitialized memory isn't copied to devices. */
> +       kmsan_check_memory(&val, sizeof(val));
>         IO_COND(addr, pio_write64be_hi_lo(val, port),
>                 mmio_write64be(val, addr));
>  }
> @@ -328,14 +356,20 @@ static inline void mmio_outsl(void __iomem *addr, const u32 *src, int count)
>  void ioread8_rep(void __iomem *addr, void *dst, unsigned long count)
>  {
>         IO_COND(addr, insb(port,dst,count), mmio_insb(addr, dst, count));
> +       /* KMSAN must treat values read from devices as initialized. */
> +       kmsan_unpoison_shadow(dst, count);
>  }
>  void ioread16_rep(void __iomem *addr, void *dst, unsigned long count)
>  {
>         IO_COND(addr, insw(port,dst,count), mmio_insw(addr, dst, count));
> +       /* KMSAN must treat values read from devices as initialized. */
> +       kmsan_unpoison_shadow(dst, count * 2);
>  }
>  void ioread32_rep(void __iomem *addr, void *dst, unsigned long count)
>  {
>         IO_COND(addr, insl(port,dst,count), mmio_insl(addr, dst, count));
> +       /* KMSAN must treat values read from devices as initialized. */
> +       kmsan_unpoison_shadow(dst, count * 4);
>  }
>  EXPORT_SYMBOL(ioread8_rep);
>  EXPORT_SYMBOL(ioread16_rep);
> @@ -343,14 +377,20 @@ EXPORT_SYMBOL(ioread32_rep);
>
>  void iowrite8_rep(void __iomem *addr, const void *src, unsigned long count)
>  {
> +       /* Make sure uninitialized memory isn't copied to devices. */
> +       kmsan_check_memory(src, count);
>         IO_COND(addr, outsb(port, src, count), mmio_outsb(addr, src, count));
>  }
>  void iowrite16_rep(void __iomem *addr, const void *src, unsigned long count)
>  {
> +       /* Make sure uninitialized memory isn't copied to devices. */
> +       kmsan_check_memory(src, count * 2);
>         IO_COND(addr, outsw(port, src, count), mmio_outsw(addr, src, count));
>  }
>  void iowrite32_rep(void __iomem *addr, const void *src, unsigned long count)
>  {
> +       /* Make sure uninitialized memory isn't copied to devices. */
> +       kmsan_check_memory(src, count * 4);
>         IO_COND(addr, outsl(port, src,count), mmio_outsl(addr, src, count));
>  }
>  EXPORT_SYMBOL(iowrite8_rep);
> --
> 2.25.1.696.g5e7596f4ac-goog
>