Re: [PATCH v4 11/45] kmsan: add KMSAN runtime core

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jul 13, 2022 at 12:04 PM Marco Elver <elver@xxxxxxxxxx> wrote:
>
> On Fri, Jul 01, 2022 at 04:22PM +0200, 'Alexander Potapenko' via kasan-dev wrote:
> [...]
> > diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
> > index 2e24db4bff192..59819e6fa5865 100644
> > --- a/lib/Kconfig.debug
> > +++ b/lib/Kconfig.debug
> > @@ -963,6 +963,7 @@ config DEBUG_STACKOVERFLOW
> >
> >  source "lib/Kconfig.kasan"
> >  source "lib/Kconfig.kfence"
> > +source "lib/Kconfig.kmsan"
> >
> >  endmenu # "Memory Debugging"
> >
> > diff --git a/lib/Kconfig.kmsan b/lib/Kconfig.kmsan
> > new file mode 100644
> > index 0000000000000..8f768d4034e3c
> > --- /dev/null
> > +++ b/lib/Kconfig.kmsan
> > @@ -0,0 +1,50 @@
> > +# SPDX-License-Identifier: GPL-2.0-only
> > +config HAVE_ARCH_KMSAN
> > +     bool
> > +
> > +config HAVE_KMSAN_COMPILER
> > +     # Clang versions <14.0.0 also support -fsanitize=kernel-memory, but not
> > +     # all the features necessary to build the kernel with KMSAN.
> > +     depends on CC_IS_CLANG && CLANG_VERSION >= 140000
> > +     def_bool $(cc-option,-fsanitize=kernel-memory -mllvm -msan-disable-checks=1)
> > +
> > +config HAVE_KMSAN_PARAM_RETVAL
> > +     # Separate check for -fsanitize-memory-param-retval support.
>
> This comment doesn't add much value, maybe instead say that "Supported
> only by Clang >= 15."
Fixed.

> > +     depends on CC_IS_CLANG && CLANG_VERSION >= 140000
>
> Why not just "depends on HAVE_KMSAN_COMPILER"? (All
> fsanitize-memory-param-retval supporting compilers must also be KMSAN
> compilers.)
Good idea, will do.

> > +     def_bool $(cc-option,-fsanitize=kernel-memory -fsanitize-memory-param-retval)
> > +
> > +
>
> HAVE_KMSAN_PARAM_RETVAL should be moved under "if KMSAN" so that this
> isn't unnecessarily evaluated in every kernel build (saving 1 shelling
> out to clang in most builds).
Ack.

> > +config KMSAN
> > +     bool "KMSAN: detector of uninitialized values use"
> > +     depends on HAVE_ARCH_KMSAN && HAVE_KMSAN_COMPILER
> > +     depends on SLUB && DEBUG_KERNEL && !KASAN && !KCSAN
> > +     select STACKDEPOT
> > +     select STACKDEPOT_ALWAYS_INIT
> > +     help
> > +       KernelMemorySanitizer (KMSAN) is a dynamic detector of uses of
> > +       uninitialized values in the kernel. It is based on compiler
> > +       instrumentation provided by Clang and thus requires Clang to build.
> > +
> > +       An important note is that KMSAN is not intended for production use,
> > +       because it drastically increases kernel memory footprint and slows
> > +       the whole system down.
> > +
> > +       See <file:Documentation/dev-tools/kmsan.rst> for more details.
> > +
> > +if KMSAN
> > +
> > +config KMSAN_CHECK_PARAM_RETVAL
> > +     bool "Check for uninitialized values passed to and returned from functions"
> > +     default HAVE_KMSAN_PARAM_RETVAL
>
> This can be enabled even if !HAVE_KMSAN_PARAM_RETVAL. Should this be:
>
>         default y
>         depends on HAVE_KMSAN_PARAM_RETVAL
>
> instead?
>
Ack

-- 
Alexander Potapenko
Software Engineer

Google Germany GmbH
Erika-Mann-Straße, 33
80636 München

Geschäftsführer: Paul Manicle, Liana Sebastian
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg




[Index of Archives]     [Linux Kernel]     [Kernel Newbies]     [x86 Platform Driver]     [Netdev]     [Linux Wireless]     [Netfilter]     [Bugtraq]     [Linux Filesystems]     [Yosemite Discussion]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Device Mapper]

  Powered by Linux