Re: [PATCH RFC v2 07/25] kmsan: introduce __no_sanitize_memory and __SANITIZE_MEMORY__

Andrey Konovalov <andreyknvl@xxxxxxxxxx> · Wed, 30 Oct 2019 16:50:11 +0100

On Wed, Oct 30, 2019 at 3:23 PM <glider@xxxxxxxxxx> wrote:
>
> __no_sanitize_memory is a function attribute that makes KMSAN
> ignore the uninitialized values coming from the function's
> inputs, and initialize the function's outputs.
>
> Functions marked with this attribute can't be inlined into functions
> not marked with it, and vice versa.
>
> __SANITIZE_MEMORY__ is a macro that's defined iff the file is
> instrumented with KMSAN. This is not the same as CONFIG_KMSAN, which is
> defined for every file.
>
> Signed-off-by: Alexander Potapenko <glider@xxxxxxxxxx>
> To: Alexander Potapenko <glider@xxxxxxxxxx>
> Cc: Vegard Nossum <vegard.nossum@xxxxxxxxxx>
> Cc: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
> Cc: linux-mm@xxxxxxxxx
>
> ---
>
> Change-Id: I1f1672652c8392f15f7ca8ac26cd4e71f9cc1e4b
> ---
>  include/linux/compiler-clang.h | 8 ++++++++
>  include/linux/compiler-gcc.h   | 5 +++++
>  2 files changed, 13 insertions(+)
>
> diff --git a/include/linux/compiler-clang.h b/include/linux/compiler-clang.h
> index 333a6695a918..edba13a069a6 100644
> --- a/include/linux/compiler-clang.h
> +++ b/include/linux/compiler-clang.h
> @@ -24,6 +24,14 @@
>  #define __no_sanitize_address
>  #endif
>
> +/* KMSAN is a Clang-only tool, thus putting the defines here */
> +#if __has_feature(memory_sanitizer)
> +# define __SANITIZE_MEMORY__
> +# define __no_sanitize_memory __attribute__((no_sanitize("kernel-memory")))

For KASAN with Clang we ended up choosing to use
no_sanitize("address") instead of no_sanitize("kernel-address") to
make it match what GCC uses. Do we want to use no_sanitize("memory")
here?

> +#else
> +# define __no_sanitize_memory
> +#endif
> +
>  /*
>   * Not all versions of clang implement the the type-generic versions
>   * of the builtin overflow checkers. Fortunately, clang implements
> diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h
> index d7ee4c6bad48..e5ebc788dde4 100644
> --- a/include/linux/compiler-gcc.h
> +++ b/include/linux/compiler-gcc.h
> @@ -145,6 +145,11 @@
>  #define __no_sanitize_address
>  #endif
>
> +/*
> + * GCC doesn't support KMSAN.
> + */
> +#define __no_sanitize_memory
> +
>  #if GCC_VERSION >= 50100
>  #define COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW 1
>  #endif
> --
> 2.24.0.rc0.303.g954a862665-goog
>