From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8FF9CCDB47E for ; Sun, 15 Oct 2023 20:31:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229641AbjJOUbd (ORCPT ); Sun, 15 Oct 2023 16:31:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33286 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229518AbjJOUbc (ORCPT ); Sun, 15 Oct 2023 16:31:32 -0400 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.9]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9C7DDAB for ; Sun, 15 Oct 2023 13:31:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1697401891; x=1728937891; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=3p72bTlmU/e1O9Wu6LXKktz05ZC/4IkFZvFnZNh1BEs=; b=d/xRzYAZq6/5YktLazqzunTkMB3MBDrX0VaK70z1HcTKsS7VWWklA0Uj ToYxW3Gw23yZqs8BllE/DLYUldtqN7T7qdH+NEJe39jnW+ssOCivkvJer kU4chXmqA6BdVHN0e8LJRa7qahNMEsd+XyrLAnGDIw4e32td6k3I9MnP6 mAGgUWRiJeqY5u0D++AokqpmbslepEhqbZNVapv4wVA4k7btTH9oC55UL PBpxFZwltBRiizwv0Ofa5ic4njlO7FbywEw1kcYM6pAuWTprv9Nh89tIx HNHOHsRd9nNOB4/NUbh3td2hyX3XB1pMBuK/FqL3x3XTB6OahI2i3TqCi g==; X-IronPort-AV: E=McAfee;i="6600,9927,10863"; a="4025884" X-IronPort-AV: E=Sophos;i="6.03,226,1694761200"; d="scan'208";a="4025884" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orvoesa101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Oct 2023 13:31:31 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10863"; a="871831026" X-IronPort-AV: E=Sophos;i="6.03,226,1694761200"; d="scan'208";a="871831026" Received: from bmihaile-mobl1.ger.corp.intel.com (HELO box.shutemov.name) ([10.249.37.165]) by fmsmga002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Oct 2023 13:31:29 -0700 Received: by box.shutemov.name (Postfix, from userid 1000) id 8FB0310A1BD; Sun, 15 Oct 2023 23:31:26 +0300 (+03) From: "Kirill A. Shutemov" To: stable@vger.kernel.org Cc: "Kirill A. Shutemov" , Fei Yang , Ingo Molnar , Peter Zijlstra , Linus Torvalds Subject: [PATCH 4.19.y] x86/alternatives: Disable KASAN in apply_alternatives() Date: Sun, 15 Oct 2023 23:31:23 +0300 Message-ID: <20231015203123.4005-1-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <2023101554-babied-exemption-cde9@gregkh> References: <2023101554-babied-exemption-cde9@gregkh> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org Fei has reported that KASAN triggers during apply_alternatives() on a 5-level paging machine: BUG: KASAN: out-of-bounds in rcu_is_watching() Read of size 4 at addr ff110003ee6419a0 by task swapper/0/0 ... __asan_load4() rcu_is_watching() trace_hardirqs_on() text_poke_early() apply_alternatives() ... On machines with 5-level paging, cpu_feature_enabled(X86_FEATURE_LA57) gets patched. It includes KASAN code, where KASAN_SHADOW_START depends on __VIRTUAL_MASK_SHIFT, which is defined with cpu_feature_enabled(). KASAN gets confused when apply_alternatives() patches the KASAN_SHADOW_START users. A test patch that makes KASAN_SHADOW_START static, by replacing __VIRTUAL_MASK_SHIFT with 56, works around the issue. Fix it for real by disabling KASAN while the kernel is patching alternatives. [ mingo: updated the changelog ] Fixes: 6657fca06e3f ("x86/mm: Allow to boot without LA57 if CONFIG_X86_5LEVEL=y") Reported-by: Fei Yang Signed-off-by: Kirill A. Shutemov Signed-off-by: Ingo Molnar Acked-by: Peter Zijlstra (Intel) Cc: Linus Torvalds Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20231012100424.1456-1-kirill.shutemov@linux.intel.com (cherry picked from commit d35652a5fc9944784f6f50a5c979518ff8dacf61) Signed-off-by: Kirill A. Shutemov --- arch/x86/kernel/alternative.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index 918a23704c0c..0744b881a820 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -366,6 +366,17 @@ void __init_or_module noinline apply_alternatives(struct alt_instr *start, u8 insnbuf[MAX_PATCH_LEN]; DPRINTK("alt table %px, -> %px", start, end); + + /* + * In the case CONFIG_X86_5LEVEL=y, KASAN_SHADOW_START is defined using + * cpu_feature_enabled(X86_FEATURE_LA57) and is therefore patched here. + * During the process, KASAN becomes confused seeing partial LA57 + * conversion and triggers a false-positive out-of-bound report. + * + * Disable KASAN until the patching is complete. + */ + kasan_disable_current(); + /* * The scan order should be from start to end. A later scanned * alternative code can overwrite previously scanned alternative code. @@ -426,6 +437,8 @@ void __init_or_module noinline apply_alternatives(struct alt_instr *start, text_poke_early(instr, insnbuf, insnbuf_sz); } + + kasan_disable_current(); } #ifdef CONFIG_SMP -- 2.41.0