On Mon, Mar 13, 2023 at 12:20 PM Marco Elver <elver@xxxxxxxxxx> wrote:
>
> > + * Hardware Tag-Based KASAN instead relies on:
> > + * For #1: Resetting tags via kasan_reset_tag().
> > + * For #2: Supression of tag checks via CPU, see report_suppress_start/end().
>
> Typo: "Suppression"
Will fix in v2.
> > +static void report_suppress_start(void)
> > +{
> > +#ifdef CONFIG_KASAN_HW_TAGS
> > + /*
> > + * Disable migration for the duration of printing a KASAN report, as
> > + * hw_suppress_tag_checks_start() disables checks on the current CPU.
> > + */
> > + migrate_disable();
>
> This still allows this task to be preempted by another task. If the
> other task is scheduled in right after hw_suppress_tag_checks_start()
> then there won't be any tag checking in that task. If HW-tags KASAN is
> used as a mitigation technique, that may unnecessarily weaken KASAN,
> because right after report_suppress_start(), it does
> spin_lock_irqsave() which disables interrupts (and thereby preemption)
> anyway.
>
> Why not just use preempt_disable()?
Ah, yes, I intended to do that but forgot to make the change.
I'll wait for comments from arm64 maintainers on the other patches and
then send v2 with a fix.
Thank you, Marco!
