On Mon, Nov 04, 2019 at 01:35:28PM -0800, Sami Tolvanen wrote:
> On Mon, Nov 4, 2019 at 4:40 AM Mark Rutland <mark.rutland@xxxxxxx> wrote:
> > > +#ifdef CONFIG_DEBUG_STACK_USAGE
> > > +static inline unsigned long scs_used(struct task_struct *tsk)
> > > +{
> > > + unsigned long *p = __scs_base(tsk);
> > > + unsigned long *end = scs_magic(tsk);
> > > + uintptr_t s = (uintptr_t)p;
> >
> > As previously, please use unsigned long for consistency.
>
> Ack.
>
> > > + while (p < end && *p)
> > > + p++;
> >
> > I think this is the only place where we legtimately access the shadow
> > call stack directly.
>
> There's also scs_corrupted, which checks that the end magic is intact.
Ah, true. I missed that.
> > When using SCS and KASAN, are the
> > compiler-generated accesses to the SCS instrumented?
> >
> > If not, it might make sense to make this:
> >
> > while (p < end && READ_ONCE_NOCKECK(*p))
> >
> > ... and poison the allocation from KASAN's PoV, so that we can find
> > unintentional accesses more easily.
>
> Sure, that makes sense. I can poison the allocation for the
> non-vmalloc case, I'll just need to refactor scs_set_magic to happen
> before the poisoning.
Sounds good!
Mark.
