On Fri, 19 Mar 2021 at 15:41, Daniel Axtens <dja@xxxxxxxxxx> wrote: > Allow architectures to define a kasan_arch_is_ready() hook that bails > out of any function that's about to touch the shadow unless the arch > says that it is ready for the memory to be accessed. This is fairly > uninvasive and should have a negligible performance penalty. > > This will only work in outline mode, so an arch must specify > ARCH_DISABLE_KASAN_INLINE if it requires this. > > Cc: Balbir Singh <bsingharora@xxxxxxxxx> > Cc: Aneesh Kumar K.V <aneesh.kumar@xxxxxxxxxxxxxxxxxx> > Suggested-by: Christophe Leroy <christophe.leroy@xxxxxxxxxx> > Signed-off-by: Daniel Axtens <dja@xxxxxxxxxx> > > -- > > I discuss the justfication for this later in the series. Also, > both previous RFCs for ppc64 - by 2 different people - have > needed this trick! See: > - https://lore.kernel.org/patchwork/patch/592820/ # ppc64 hash series > - https://patchwork.ozlabs.org/patch/795211/ # ppc radix series > --- > include/linux/kasan.h | 4 ++++ > mm/kasan/common.c | 4 ++++ > mm/kasan/generic.c | 3 +++ > mm/kasan/shadow.c | 4 ++++ > 4 files changed, 15 insertions(+) > > diff --git a/include/linux/kasan.h b/include/linux/kasan.h > index 8b3b99d659b7..6bd8343f0033 100644 > --- a/include/linux/kasan.h > +++ b/include/linux/kasan.h Does kasan_arch_is_ready() need to be defined in the public interface of KASAN? Could it instead be moved to mm/kasan/kasan.h? > @@ -23,6 +23,10 @@ struct kunit_kasan_expectation { > > #endif > > +#ifndef kasan_arch_is_ready > +static inline bool kasan_arch_is_ready(void) { return true; } > +#endif > + > #if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) > > #include <linux/pgtable.h> > diff --git a/mm/kasan/common.c b/mm/kasan/common.c > index 6bb87f2acd4e..f23a9e2dce9f 100644 > --- a/mm/kasan/common.c > +++ b/mm/kasan/common.c > @@ -345,6 +345,10 @@ static inline bool ____kasan_slab_free(struct kmem_cache *cache, void *object, > if (unlikely(cache->flags & SLAB_TYPESAFE_BY_RCU)) > return false; > > + /* We can't read the shadow byte if the arch isn't ready */ > + if (!kasan_arch_is_ready()) > + return false; > + While it probably doesn't matter much, it seems this check could be moved up, rather than having it in the middle here. > if (!kasan_byte_accessible(tagged_object)) { > kasan_report_invalid_free(tagged_object, ip); > return true; > diff --git a/mm/kasan/generic.c b/mm/kasan/generic.c > index 53cbf28859b5..c3f5ba7a294a 100644 > --- a/mm/kasan/generic.c > +++ b/mm/kasan/generic.c > @@ -163,6 +163,9 @@ static __always_inline bool check_region_inline(unsigned long addr, > size_t size, bool write, > unsigned long ret_ip) > { > + if (!kasan_arch_is_ready()) > + return true; > + > if (unlikely(size == 0)) > return true; > > diff --git a/mm/kasan/shadow.c b/mm/kasan/shadow.c > index 727ad4629173..1f650c521037 100644 > --- a/mm/kasan/shadow.c > +++ b/mm/kasan/shadow.c > @@ -80,6 +80,10 @@ void kasan_poison(const void *addr, size_t size, u8 value, bool init) > */ > addr = kasan_reset_tag(addr); > > + /* Don't touch the shadow memory if arch isn't ready */ > + if (!kasan_arch_is_ready()) > + return; > + > /* Skip KFENCE memory if called explicitly outside of sl*b. */ > if (is_kfence_address(addr)) > return; > -- > 2.27.0 > > -- > You received this message because you are subscribed to the Google Groups "kasan-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an email to kasan-dev+unsubscribe@xxxxxxxxxxxxxxxx. > To view this discussion on the web visit https://groups.google.com/d/msgid/kasan-dev/20210319144058.772525-3-dja%40axtens.net.
