lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 18 Nov 2015 17:33:43 +0300
From:	Andrey Ryabinin <ryabinin.a.a@...il.com>
To:	Catalin Marinas <catalin.marinas@....com>
Cc:	"Suzuki K. Poulose" <Suzuki.Poulose@....com>,
	Yury <yury.norov@...il.com>, Arnd Bergmann <arnd@...db.de>,
	linux-mm@...ck.org, Linus Walleij <linus.walleij@...aro.org>,
	Ard Biesheuvel <ard.biesheuvel@...aro.org>,
	Will Deacon <will.deacon@....com>,
	linux-kernel@...r.kernel.org,
	kasan-dev <kasan-dev@...glegroups.com>,
	Alexey Klimov <klimov.linux@...il.com>,
	Alexander Potapenko <glider@...gle.com>,
	Dmitry Vyukov <dvyukov@...gle.com>,
	Andrey Konovalov <andreyknvl@...gle.com>,
	David Keitel <dkeitel@...eaurora.org>,
	linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH v7 0/4] KASAN for arm64



On 11/16/2015 07:51 PM, Catalin Marinas wrote:
> On Mon, Nov 16, 2015 at 06:34:27PM +0300, Andrey Ryabinin wrote:
>> On 11/16/2015 02:16 PM, Suzuki K. Poulose wrote:
>>> On 13/10/15 09:34, Catalin Marinas wrote:
>>>> On Mon, Oct 12, 2015 at 06:52:56PM +0300, Andrey Ryabinin wrote:
>>>>> Andrey Ryabinin (3):
>>>>>    arm64: move PGD_SIZE definition to pgalloc.h
>>>>>    arm64: add KASAN support
>>>>>    Documentation/features/KASAN: arm64 supports KASAN now
>>>>>
>>>>> Linus Walleij (1):
>>>>>    ARM64: kasan: print memory assignment
>>>>
>>>> Patches queued for 4.4. Thanks.
>>>
>>> I get the following failure with KASAN + 16K_PAGES + 48BIT_VA, with 4.4-rc1:
>>>
>>> arch/arm64/mm/kasan_init.c: In function ‘kasan_early_init’:
>>> include/linux/compiler.h:484:38: error: call to ‘__compiletime_assert_95’ declared with attribute error: BUILD_BUG_ON failed: !IS_ALIGNED(KASAN_SHADOW_END, PGDIR_SIZE)
>>>   _compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
>>>                                       ^
>>> include/linux/compiler.h:467:4: note: in definition of macro ‘__compiletime_assert’
>>>     prefix ## suffix();    \
>>>     ^
>>> include/linux/compiler.h:484:2: note: in expansion of macro ‘_compiletime_assert’
>>>   _compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
>>>   ^
>>> include/linux/bug.h:50:37: note: in expansion of macro ‘compiletime_assert’
>>>  #define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
>>>                                      ^
>>> include/linux/bug.h:74:2: note: in expansion of macro ‘BUILD_BUG_ON_MSG’
>>>   BUILD_BUG_ON_MSG(condition, "BUILD_BUG_ON failed: " #condition)
>>>   ^
>>> arch/arm64/mm/kasan_init.c:95:2: note: in expansion of macro ‘BUILD_BUG_ON’
>>>   BUILD_BUG_ON(!IS_ALIGNED(KASAN_SHADOW_END, PGDIR_SIZE));
>>>
>>> The problem is that the PGDIR_SIZE is (1UL << 47) with 16K+48bit, which makes
>>> the KASAN_SHADOW_END unaligned(which is aligned to (1UL << (48 - 3)) ). Is the
>>> alignment really needed ? Thoughts on how best we could fix this ?
>>
>> Yes, it's really needed, because some code relies on this (e.g.
>> clear_pgs() and kasan_init()). But it should be possible to get rid of
>> this requirement.
> 
> I don't think clear_pgds() and kasan_init() are the only problems. IIUC,
> kasan_populate_zero_shadow() also assumes that KASan shadow covers
> multiple pgds. You need some kind of recursive writing which avoids
> populating an entry which is not empty (like kasan_early_pud_populate).
> 

I think kasan_populate_zero_shadow() should be fine. We call pgd_populate() only
if address range covers the entire pgd:

		if (IS_ALIGNED(addr, PGDIR_SIZE) && end - addr >= PGDIR_SIZE) {
....
			pgd_populate(&init_mm, pgd, kasan_zero_pud);
....

and otherwise we check for pgd_none(*pgd):
		if (pgd_none(*pgd)) {
			pgd_populate(&init_mm, pgd,
				early_alloc(PAGE_SIZE, NUMA_NO_NODE));
		}


Is there any way to run 16K pages on emulated environment?
I've tried:
 - ARM V8 Foundation Platformr0p0 (platform build 9.4.59)
 - QEMU 2.4.0
and both just doesn't boot for me on 4.4-rc1 with 16k pages config.




--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ