On Tue, Dec 10, 2019 at 11:35 AM Alexander Potapenko <glider@xxxxxxxxxx> wrote: > > On Fri, Nov 29, 2019 at 4:07 PM Andrey Konovalov <andreyknvl@xxxxxxxxxx> wrote: > > > > On Fri, Nov 22, 2019 at 12:27 PM <glider@xxxxxxxxxx> wrote: > > > > > > Instrumenting some files with KMSAN will result in kernel being unable > > > to link, boot or crashing at runtime for various reasons (e.g. infinite > > > recursion caused by instrumentation hooks calling instrumented code again). > > > > > > Disable KMSAN in the following places: > > > - arch/x86/boot and arch/x86/realmode/rm, as KMSAN doesn't work for i386; > > > - arch/x86/entry/vdso, which isn't linked with KMSAN runtime; > > > - three files in arch/x86/kernel - boot problems; > > > - arch/x86/mm/cpu_entry_area.c - recursion; > > > - EFI stub - build failures; > > > - kcov, stackdepot - recursion. > > > > It makes sense to unify comments explaining the reasons for > > KMSAN_SANITIZE := n with KCSAN patches: > In principle, yes. > But KCSAN hasn't reached upstream yet, and rebasing on top of it will > increase the number of moving parts to take into account. Ah, I see. Yes, I'll add meaningful comments in v4. > > > https://patchwork.kernel.org/patch/11244145/ > > https://patchwork.kernel.org/patch/11244161/ > > > > > > > > Signed-off-by: Alexander Potapenko <glider@xxxxxxxxxx> > > > To: Alexander Potapenko <glider@xxxxxxxxxx> > > > Cc: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> > > > Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx> > > > Cc: Vegard Nossum <vegard.nossum@xxxxxxxxxx> > > > Cc: Dmitry Vyukov <dvyukov@xxxxxxxxxx> > > > Cc: linux-mm@xxxxxxxxx > > > --- > > > > > > Change-Id: I90961eabf2dcb9ae992aed259088953bad5e4d6d > > > --- > > > arch/x86/boot/Makefile | 2 ++ > > > arch/x86/boot/compressed/Makefile | 2 ++ > > > arch/x86/entry/vdso/Makefile | 3 +++ > > > arch/x86/kernel/Makefile | 4 ++++ > > > arch/x86/kernel/cpu/Makefile | 1 + > > > arch/x86/mm/Makefile | 2 ++ > > > arch/x86/realmode/rm/Makefile | 2 ++ > > > drivers/firmware/efi/libstub/Makefile | 1 + > > > kernel/Makefile | 1 + > > > lib/Makefile | 1 + > > > 10 files changed, 19 insertions(+) > > > > > > diff --git a/arch/x86/boot/Makefile b/arch/x86/boot/Makefile > > > index e2839b5c246c..c039abd4c81f 100644 > > > --- a/arch/x86/boot/Makefile > > > +++ b/arch/x86/boot/Makefile > > > @@ -10,6 +10,8 @@ > > > # > > > > > > KASAN_SANITIZE := n > > > +# KMSAN doesn't work for i386 > > > +KMSAN_SANITIZE := n > > > OBJECT_FILES_NON_STANDARD := y > > > > > > # Kernel does not boot with kcov instrumentation here. > > > diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile > > > index 6b84afdd7538..9efe2d9fca4c 100644 > > > --- a/arch/x86/boot/compressed/Makefile > > > +++ b/arch/x86/boot/compressed/Makefile > > > @@ -18,6 +18,8 @@ > > > # compressed vmlinux.bin.all + u32 size of vmlinux.bin.all > > > > > > KASAN_SANITIZE := n > > > +# KMSAN doesn't work for i386 > > > +KMSAN_SANITIZE := n > > > OBJECT_FILES_NON_STANDARD := y > > > > > > # Prevents link failures: __sanitizer_cov_trace_pc() is not linked in. > > > diff --git a/arch/x86/entry/vdso/Makefile b/arch/x86/entry/vdso/Makefile > > > index 0f2154106d01..000467a1a4f2 100644 > > > --- a/arch/x86/entry/vdso/Makefile > > > +++ b/arch/x86/entry/vdso/Makefile > > > @@ -11,6 +11,9 @@ include $(srctree)/lib/vdso/Makefile > > > > > > KBUILD_CFLAGS += $(DISABLE_LTO) > > > KASAN_SANITIZE := n > > > +# Undefined references to KMSAN hooks. > > > +KMSAN_SANITIZE_vclock_gettime.o := n > > > +KMSAN_SANITIZE_vgetcpu.o := n > > > UBSAN_SANITIZE := n > > > OBJECT_FILES_NON_STANDARD := y > > > > > > diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile > > > index 3578ad248bc9..ce39972a7edf 100644 > > > --- a/arch/x86/kernel/Makefile > > > +++ b/arch/x86/kernel/Makefile > > > @@ -28,6 +28,10 @@ KASAN_SANITIZE_dumpstack_$(BITS).o := n > > > KASAN_SANITIZE_stacktrace.o := n > > > KASAN_SANITIZE_paravirt.o := n > > > > > > +# Work around reboot loop. > > > +KMSAN_SANITIZE_head$(BITS).o := n > > > +KMSAN_SANITIZE_nmi.o := n > > > + > > > OBJECT_FILES_NON_STANDARD_relocate_kernel_$(BITS).o := y > > > OBJECT_FILES_NON_STANDARD_test_nx.o := y > > > OBJECT_FILES_NON_STANDARD_paravirt_patch.o := y > > > diff --git a/arch/x86/kernel/cpu/Makefile b/arch/x86/kernel/cpu/Makefile > > > index d7a1e5a9331c..41f4f8f2f2f0 100644 > > > --- a/arch/x86/kernel/cpu/Makefile > > > +++ b/arch/x86/kernel/cpu/Makefile > > > @@ -12,6 +12,7 @@ endif > > > # If these files are instrumented, boot hangs during the first second. > > > KCOV_INSTRUMENT_common.o := n > > > KCOV_INSTRUMENT_perf_event.o := n > > > +KMSAN_SANITIZE_common.o := n > > > > > > # Make sure load_percpu_segment has no stackprotector > > > nostackp := $(call cc-option, -fno-stack-protector) > > > diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile > > > index 84373dc9b341..42cb3a6409b0 100644 > > > --- a/arch/x86/mm/Makefile > > > +++ b/arch/x86/mm/Makefile > > > @@ -7,6 +7,8 @@ KCOV_INSTRUMENT_mem_encrypt_identity.o := n > > > KASAN_SANITIZE_mem_encrypt.o := n > > > KASAN_SANITIZE_mem_encrypt_identity.o := n > > > > > > +KMSAN_SANITIZE_cpu_entry_area.o := n > > > + > > > ifdef CONFIG_FUNCTION_TRACER > > > CFLAGS_REMOVE_mem_encrypt.o = -pg > > > CFLAGS_REMOVE_mem_encrypt_identity.o = -pg > > > diff --git a/arch/x86/realmode/rm/Makefile b/arch/x86/realmode/rm/Makefile > > > index f60501a384f9..27e7bc0bbdde 100644 > > > --- a/arch/x86/realmode/rm/Makefile > > > +++ b/arch/x86/realmode/rm/Makefile > > > @@ -7,6 +7,8 @@ > > > # > > > # > > > KASAN_SANITIZE := n > > > +# KMSAN doesn't work for i386 > > > +KMSAN_SANITIZE := n > > > OBJECT_FILES_NON_STANDARD := y > > > > > > # Prevents link failures: __sanitizer_cov_trace_pc() is not linked in. > > > diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile > > > index 0460c7581220..11869c17a64c 100644 > > > --- a/drivers/firmware/efi/libstub/Makefile > > > +++ b/drivers/firmware/efi/libstub/Makefile > > > @@ -32,6 +32,7 @@ KBUILD_CFLAGS := $(cflags-y) -DDISABLE_BRANCH_PROFILING \ > > > > > > GCOV_PROFILE := n > > > KASAN_SANITIZE := n > > > +KMSAN_SANITIZE := n > > > UBSAN_SANITIZE := n > > > OBJECT_FILES_NON_STANDARD := y > > > > > > diff --git a/kernel/Makefile b/kernel/Makefile > > > index daad787fb795..5fd6fbca2592 100644 > > > --- a/kernel/Makefile > > > +++ b/kernel/Makefile > > > @@ -30,6 +30,7 @@ KCOV_INSTRUMENT_extable.o := n > > > # Don't self-instrument. > > > KCOV_INSTRUMENT_kcov.o := n > > > KASAN_SANITIZE_kcov.o := n > > > +KMSAN_SANITIZE_kcov.o := n > > > CFLAGS_kcov.o := $(call cc-option, -fno-conserve-stack -fno-stack-protector) > > > > > > # cond_syscall is currently not LTO compatible > > > diff --git a/lib/Makefile b/lib/Makefile > > > index 08fcb37499a0..ae6e57d857b0 100644 > > > --- a/lib/Makefile > > > +++ b/lib/Makefile > > > @@ -222,6 +222,7 @@ obj-$(CONFIG_IRQ_POLL) += irq_poll.o > > > CFLAGS_stackdepot.o += -fno-builtin > > > obj-$(CONFIG_STACKDEPOT) += stackdepot.o > > > KASAN_SANITIZE_stackdepot.o := n > > > +KMSAN_SANITIZE_stackdepot.o := n > > > KCOV_INSTRUMENT_stackdepot.o := n > > > > > > libfdt_files = fdt.o fdt_ro.o fdt_wip.o fdt_rw.o fdt_sw.o fdt_strerror.o \ > > > -- > > > 2.24.0.432.g9d3f5f5b63-goog > > > > > > > -- > Alexander Potapenko > Software Engineer > > Google Germany GmbH > Erika-Mann-Straße, 33 > 80636 München > > Geschäftsführer: Paul Manicle, Halimah DeLaine Prado > Registergericht und -nummer: Hamburg, HRB 86891 > Sitz der Gesellschaft: Hamburg -- Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Straße, 33 80636 München Geschäftsführer: Paul Manicle, Halimah DeLaine Prado Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg
