On Tue, Dec 1, 2020 at 5:16 PM Daniel Axtens <dja@xxxxxxxxxx> wrote: > > Building on the work of Christophe, Aneesh and Balbir, I've ported > KASAN to 64-bit Book3S kernels running on the Radix MMU. > > This is a significant reworking of the previous versions. Instead of > the previous approach which supported inline instrumentation, this > series provides only outline instrumentation. > > To get around the problem of accessing the shadow region inside code we run > with translations off (in 'real mode'), we we restrict checking to when > translations are enabled. This is done via a new hook in the kasan core and > by excluding larger quantites of arch code from instrumentation. The upside > is that we no longer require that you be able to specify the amount of > physically contiguous memory on the system at compile time. Hopefully this > is a better trade-off. More details in patch 6. > > kexec works. Both 64k and 4k pages work. Running as a KVM host works, but > nothing in arch/powerpc/kvm is instrumented. It's also potentially a bit > fragile - if any real mode code paths call out to instrumented code, things > will go boom. > > There are 4 failing KUnit tests: > > kasan_stack_oob, kasan_alloca_oob_left & kasan_alloca_oob_right - these are > due to not supporting inline instrumentation. > > kasan_global_oob - gcc puts the ASAN init code in a section called > '.init_array'. Powerpc64 module loading code goes through and _renames_ any > section beginning with '.init' to begin with '_init' in order to avoid some > complexities around our 24-bit indirect jumps. This means it renames > '.init_array' to '_init_array', and the generic module loading code then > fails to recognise the section as a constructor and thus doesn't run > it. This hack dates back to 2003 and so I'm not going to try to unpick it > in this series. (I suspect this may have previously worked if the code > ended up in .ctors rather than .init_array but I don't keep my old binaries > around so I have no real way of checking.) Hi Daniel, Just FYI: there's a number of KASAN-related patches in the mm tree right now, so this series will need to be rebased. Onto mm or onto 5.11-rc1 one it's been released. Thanks!