[PATCH 1/1] x86_64: fix KASan shadow region page tables

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH 1/1] x86_64: fix KASan shadow region page tables
@ 2015-05-22 16:03 Alexander Popov
  2015-05-25  8:12 ` Andrey Ryabinin
  0 siblings, 1 reply; 5+ messages in thread
From: Alexander Popov @ 2015-05-22 16:03 UTC (permalink / raw)
  To: Thomas Gleixner, Ingo Molnar, H. Peter Anvin, Andrey Ryabinin,
	Andrey Konovalov, Denys Vlasenko, Andy Lutomirski,
	Alexander Kuleshov, Alexander Popov, Sergey Kovalev, x86,
	linux-kernel

Physical addresses in KASan shadow region page tables need fixup:
kernel halts without it if phys_base is not zero.

Signed-off-by: Alexander Popov <alpopov@ptsecurity.com>
---
 arch/x86/kernel/head_64.S | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S
index ae6588b..f7711bb 100644
--- a/arch/x86/kernel/head_64.S
+++ b/arch/x86/kernel/head_64.S
@@ -95,6 +95,20 @@ startup_64:
 
 	addq	%rbp, level2_fixmap_pgt + (506*8)(%rip)
 
+#ifdef CONFIG_KASAN
+	xor	%rax, %rax
+	leaq	kasan_zero_pud(%rip), %rbx
+	leaq	kasan_zero_pmd(%rip), %rcx
+	leaq	kasan_zero_pte(%rip), %rdx
+1:
+	addq	%rbp, (%rbx,%rax,8)
+	addq	%rbp, (%rcx,%rax,8)
+	addq	%rbp, (%rdx,%rax,8)
+	inc	%rax
+	cmp	$512, %rax
+	jne	1b
+#endif
+
 	/*
 	 * Set up the identity mapping for the switchover.  These
 	 * entries should *NOT* have the global bit set!  This also
-- 
1.9.1


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH 1/1] x86_64: fix KASan shadow region page tables
  2015-05-22 16:03 [PATCH 1/1] x86_64: fix KASan shadow region page tables Alexander Popov
@ 2015-05-25  8:12 ` Andrey Ryabinin
  2015-05-25 13:43   ` Alexander Popov
  0 siblings, 1 reply; 5+ messages in thread
From: Andrey Ryabinin @ 2015-05-25  8:12 UTC (permalink / raw)
  To: Alexander Popov
  Cc: Thomas Gleixner, Ingo Molnar, H. Peter Anvin, Andrey Konovalov,
	Denys Vlasenko, Andy Lutomirski, Alexander Kuleshov,
	Sergey Kovalev, x86, linux-kernel

On 05/22/2015 07:03 PM, Alexander Popov wrote:
> Physical addresses in KASan shadow region page tables need fixup:
> kernel halts without it if phys_base is not zero.
> 

Indeed.
Since we have to patch page tables anyway, compile-time created kasan
page tables become pointless.
So, I'd suggest to create them in runtime. This could be done in plain C
in kasan_map_early_shadow().



^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 1/1] x86_64: fix KASan shadow region page tables
  2015-05-25  8:12 ` Andrey Ryabinin
@ 2015-05-25 13:43   ` Alexander Popov
  2015-05-26  8:52     ` Andrey Ryabinin
  0 siblings, 1 reply; 5+ messages in thread
From: Alexander Popov @ 2015-05-25 13:43 UTC (permalink / raw)
  To: Andrey Ryabinin
  Cc: Thomas Gleixner, Ingo Molnar, H. Peter Anvin, Andrey Konovalov,
	Denys Vlasenko, Andy Lutomirski, Alexander Kuleshov,
	Sergey Kovalev, x86, linux-kernel

On 25.05.2015 11:12, Andrey Ryabinin wrote:
> On 05/22/2015 07:03 PM, Alexander Popov wrote:
>> Physical addresses in KASan shadow region page tables need fixup:
>> kernel halts without it if phys_base is not zero.
>>
> 
> Indeed.
> Since we have to patch page tables anyway, compile-time created kasan
> page tables become pointless.
> So, I'd suggest to create them in runtime. This could be done in plain C
> in kasan_map_early_shadow().
> 

Thanks for your reply, Andrey.

Creating kasan_zero_pud, kasan_zero_pmd and kasan_zero_pte in
kasan_map_early_shadow() doesn't look handy for me because this function
is called twice in x86_64_start_kernel().

What do you think about leaving the initialization of KASan shadow region
page tables in arch/x86/kernel/head_64.S and calling something like
kasan_fixup_early_shadow() before calling kasan_map_early_shadow()
for the first time?

Best regards,
Alexander

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 1/1] x86_64: fix KASan shadow region page tables
  2015-05-25 13:43   ` Alexander Popov
@ 2015-05-26  8:52     ` Andrey Ryabinin
  2015-05-28  8:56       ` Alexander Popov
  0 siblings, 1 reply; 5+ messages in thread
From: Andrey Ryabinin @ 2015-05-26  8:52 UTC (permalink / raw)
  To: Alexander Popov
  Cc: Thomas Gleixner, Ingo Molnar, H. Peter Anvin, Andrey Konovalov,
	Denys Vlasenko, Andy Lutomirski, Alexander Kuleshov,
	Sergey Kovalev, x86, linux-kernel

On 05/25/2015 04:43 PM, Alexander Popov wrote:
> On 25.05.2015 11:12, Andrey Ryabinin wrote:
>> On 05/22/2015 07:03 PM, Alexander Popov wrote:
>>> Physical addresses in KASan shadow region page tables need fixup:
>>> kernel halts without it if phys_base is not zero.
>>>
>>
>> Indeed.
>> Since we have to patch page tables anyway, compile-time created kasan
>> page tables become pointless.
>> So, I'd suggest to create them in runtime. This could be done in plain C
>> in kasan_map_early_shadow().
>>
> 
> Thanks for your reply, Andrey.
> 
> Creating kasan_zero_pud, kasan_zero_pmd and kasan_zero_pte in
> kasan_map_early_shadow() doesn't look handy for me because this function
> is called twice in x86_64_start_kernel().
> 
> What do you think about leaving the initialization of KASan shadow region
> page tables in arch/x86/kernel/head_64.S and calling something like
> kasan_fixup_early_shadow() before calling kasan_map_early_shadow()
> for the first time?
> 

Why do we have initialize + fixup later if we could simply initialize page tables properly?

Just move everything into kasan_init_64.c
kasan_zero_p* could be a normal C arrays (with __page_aligned_bss attribute).
Initialize these page tables in something like kasan_early_init() before kasan_map_early_shadow()
call.


> Best regards,
> Alexander
> 
> 


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 1/1] x86_64: fix KASan shadow region page tables
  2015-05-26  8:52     ` Andrey Ryabinin
@ 2015-05-28  8:56       ` Alexander Popov
  0 siblings, 0 replies; 5+ messages in thread
From: Alexander Popov @ 2015-05-28  8:56 UTC (permalink / raw)
  To: Andrey Ryabinin
  Cc: Thomas Gleixner, Ingo Molnar, H. Peter Anvin, Andrey Konovalov,
	Denys Vlasenko, Andy Lutomirski, Alexander Kuleshov,
	Sergey Kovalev, x86, linux-kernel

On 26.05.2015 11:52, Andrey Ryabinin wrote:
> On 05/25/2015 04:43 PM, Alexander Popov wrote:
>> What do you think about leaving the initialization of KASan shadow region
>> page tables in arch/x86/kernel/head_64.S and calling something like
>> kasan_fixup_early_shadow() before calling kasan_map_early_shadow()
>> for the first time?
> 
> Why do we have initialize + fixup later if we could simply initialize page tables properly?
> 
> Just move everything into kasan_init_64.c
> kasan_zero_p* could be a normal C arrays (with __page_aligned_bss attribute).
> Initialize these page tables in something like kasan_early_init() before kasan_map_early_shadow()
> call.

Thanks, I'll do that and return with the second version.

Best regards,
Alexander


^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2015-05-28  8:56 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-05-22 16:03 [PATCH 1/1] x86_64: fix KASan shadow region page tables Alexander Popov
2015-05-25  8:12 ` Andrey Ryabinin
2015-05-25 13:43   ` Alexander Popov
2015-05-26  8:52     ` Andrey Ryabinin
2015-05-28  8:56       ` Alexander Popov

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox