On Wed, Oct 30, 2019 at 4:50 PM Andrey Konovalov <andreyknvl@xxxxxxxxxx> wrote:
>
> On Wed, Oct 30, 2019 at 3:23 PM <glider@xxxxxxxxxx> wrote:
> >
> > __no_sanitize_memory is a function attribute that makes KMSAN
> > ignore the uninitialized values coming from the function's
> > inputs, and initialize the function's outputs.
> >
> > Functions marked with this attribute can't be inlined into functions
> > not marked with it, and vice versa.
> >
> > __SANITIZE_MEMORY__ is a macro that's defined iff the file is
> > instrumented with KMSAN. This is not the same as CONFIG_KMSAN, which is
> > defined for every file.
> >
> > Signed-off-by: Alexander Potapenko <glider@xxxxxxxxxx>
> > To: Alexander Potapenko <glider@xxxxxxxxxx>
> > Cc: Vegard Nossum <vegard.nossum@xxxxxxxxxx>
> > Cc: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
> > Cc: linux-mm@xxxxxxxxx
> >
> > ---
> >
> > Change-Id: I1f1672652c8392f15f7ca8ac26cd4e71f9cc1e4b
> > ---
> > include/linux/compiler-clang.h | 8 ++++++++
> > include/linux/compiler-gcc.h | 5 +++++
> > 2 files changed, 13 insertions(+)
> >
> > diff --git a/include/linux/compiler-clang.h b/include/linux/compiler-clang.h
> > index 333a6695a918..edba13a069a6 100644
> > --- a/include/linux/compiler-clang.h
> > +++ b/include/linux/compiler-clang.h
> > @@ -24,6 +24,14 @@
> > #define __no_sanitize_address
> > #endif
> >
> > +/* KMSAN is a Clang-only tool, thus putting the defines here */
> > +#if __has_feature(memory_sanitizer)
> > +# define __SANITIZE_MEMORY__
> > +# define __no_sanitize_memory __attribute__((no_sanitize("kernel-memory")))
>
> For KASAN with Clang we ended up choosing to use
> no_sanitize("address") instead of no_sanitize("kernel-address") to
> make it match what GCC uses. Do we want to use no_sanitize("memory")
> here?
Since GCC doesn't currently implement KMSAN instrumentation, I think
we can stick to the current annotation and let GCC catch up :)
> > +#else
> > +# define __no_sanitize_memory
> > +#endif
> > +
> > /*
> > * Not all versions of clang implement the the type-generic versions
> > * of the builtin overflow checkers. Fortunately, clang implements
> > diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h
> > index d7ee4c6bad48..e5ebc788dde4 100644
> > --- a/include/linux/compiler-gcc.h
> > +++ b/include/linux/compiler-gcc.h
> > @@ -145,6 +145,11 @@
> > #define __no_sanitize_address
> > #endif
> >
> > +/*
> > + * GCC doesn't support KMSAN.
> > + */
> > +#define __no_sanitize_memory
> > +
> > #if GCC_VERSION >= 50100
> > #define COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW 1
> > #endif
> > --
> > 2.24.0.rc0.303.g954a862665-goog
> >
--
Alexander Potapenko
Software Engineer
Google Germany GmbH
Erika-Mann-Straße, 33
80636 München
Geschäftsführer: Paul Manicle, Halimah DeLaine Prado
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg
