On Sat, 19 Dec 2020 01:28:29 +0100 Marco Elver <elver@xxxxxxxxxx> wrote:
> [...]
> > -/*
> > - * Poisons the shadow memory for 'size' bytes starting from 'addr'.
> > - * Memory addresses should be aligned to KASAN_GRANULE_SIZE.
> > - */
> > -void poison_range(const void *address, size_t size, u8 value)
> > -{
> > - void *shadow_start, *shadow_end;
> > -
> > - /*
> > - * Perform shadow offset calculation based on untagged address, as
> > - * some of the callers (e.g. kasan_poison_object_data) pass tagged
> > - * addresses to this function.
> > - */
> > - address = reset_tag(address);
> > -
>
> The moved lines do not mention kfence...
> (The same commit in -next does.)
They shouldn't.
> > - shadow_start = kasan_mem_to_shadow(address);
> > - shadow_end = kasan_mem_to_shadow(address + size);
> > -
> > - __memset(shadow_start, value, shadow_end - shadow_start);
> > -}
> [...]
> > --- /dev/null
> > +++ a/mm/kasan/shadow.c
> > @@ -0,0 +1,518 @@
> > +// SPDX-License-Identifier: GPL-2.0
> > +/*
> > + * This file contains KASAN runtime code that manages shadow memory for
> > + * generic and software tag-based KASAN modes.
> > + *
> > + * Copyright (c) 2014 Samsung Electronics Co., Ltd.
> > + * Author: Andrey Ryabinin <ryabinin.a.a@xxxxxxxxx>
> > + *
> > + * Some code borrowed from https://github.com/xairy/kasan-prototype by
> > + * Andrey Konovalov <andreyknvl@xxxxxxxxx>
> > + */
> > +
> > +#include <linux/init.h>
> > +#include <linux/kasan.h>
> > +#include <linux/kernel.h>
> > +#include <linux/kfence.h>
>
> This is the first time kfence is mentioned. Is this correct?
Yes.
> Is my assumption correct that the kasan changes and kfence changes are
> to be swapped?
Yes, kfence came in fairly late and seems a bit fresh. I was planning
on holding it off until next cycle.
Sigh. I don't have access to my capable-of-compiling-KASAN machine at
present :( We'll need this, yes?
--- a/mm/kasan/kasan.h~a
+++ a/mm/kasan/kasan.h
@@ -3,7 +3,6 @@
#define __MM_KASAN_KASAN_H
#include <linux/kasan.h>
-#include <linux/kfence.h>
#include <linux/stackdepot.h>
#ifdef CONFIG_KASAN_HW_TAGS
@@ -305,20 +304,12 @@ static inline u8 random_tag(void) { retu
static inline void poison_range(const void *address, size_t size, u8 value)
{
- /* Skip KFENCE memory if called explicitly outside of sl*b. */
- if (is_kfence_address(address))
- return;
-
hw_set_mem_tag_range(kasan_reset_tag(address),
round_up(size, KASAN_GRANULE_SIZE), value);
}
static inline void unpoison_range(const void *address, size_t size)
{
- /* Skip KFENCE memory if called explicitly outside of sl*b. */
- if (is_kfence_address(address))
- return;
-
hw_set_mem_tag_range(kasan_reset_tag(address),
round_up(size, KASAN_GRANULE_SIZE), get_tag(address));
}
--- a/mm/kasan/shadow.c~a
+++ a/mm/kasan/shadow.c
@@ -13,7 +13,6 @@
#include <linux/init.h>
#include <linux/kasan.h>
#include <linux/kernel.h>
-#include <linux/kfence.h>
#include <linux/kmemleak.h>
#include <linux/memory.h>
#include <linux/mm.h>
@@ -85,10 +84,6 @@ void poison_range(const void *address, s
address = kasan_reset_tag(address);
size = round_up(size, KASAN_GRANULE_SIZE);
- /* Skip KFENCE memory if called explicitly outside of sl*b. */
- if (is_kfence_address(address))
- return;
-
shadow_start = kasan_mem_to_shadow(address);
shadow_end = kasan_mem_to_shadow(address + size);
@@ -106,14 +101,6 @@ void unpoison_range(const void *address,
*/
address = kasan_reset_tag(address);
- /*
- * Skip KFENCE memory if called explicitly outside of sl*b. Also note
- * that calls to ksize(), where size is not a multiple of machine-word
- * size, would otherwise poison the invalid portion of the word.
- */
- if (is_kfence_address(address))
- return;
-
poison_range(address, size, tag);
if (size & KASAN_GRANULE_MASK) {
_
