| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 5 Jul 2021 13:12:30 +0200
From: Andrey Konovalov <andreyknvl@...il.com>
To: yee.lee@...iatek.com
Cc: LKML <linux-kernel@...r.kernel.org>, nicholas.Tang@...iatek.com,
Kuan-Ying Lee <Kuan-Ying.lee@...iatek.com>,
chinwen.chang@...iatek.com,
Andrey Ryabinin <ryabinin.a.a@...il.com>,
Alexander Potapenko <glider@...gle.com>,
Dmitry Vyukov <dvyukov@...gle.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Matthias Brugger <matthias.bgg@...il.com>,
"open list:KASAN" <kasan-dev@...glegroups.com>,
"open list:MEMORY MANAGEMENT" <linux-mm@...ck.org>,
"moderated list:ARM/Mediatek SoC support"
<linux-arm-kernel@...ts.infradead.org>,
"moderated list:ARM/Mediatek SoC support"
<linux-mediatek@...ts.infradead.org>
Subject: Re: [PATCH v6 2/2] kasan: Add memzero int for unaligned size at DEBUG
On Mon, Jul 5, 2021 at 12:33 PM <yee.lee@...iatek.com> wrote:
>
> From: Yee Lee <yee.lee@...iatek.com>
>
> Issue: when SLUB debug is on, hwtag kasan_unpoison() would overwrite
> the redzone of object with unaligned size.
>
> An additional memzero_explicit() path is added to replacing init by
> hwtag instruction for those unaligned size at SLUB debug mode.
>
> The penalty is acceptable since they are only enabled in debug mode,
> not production builds. A block of comment is added for explanation.
>
> Cc: Andrey Ryabinin <ryabinin.a.a@...il.com>
> Cc: Alexander Potapenko <glider@...gle.com>
> Cc: Dmitry Vyukov <dvyukov@...gle.com>
> Cc: Andrew Morton <akpm@...ux-foundation.org>
> Suggested-by: Marco Elver <elver@...gle.com>
> Suggested-by: Andrey Konovalov <andreyknvl@...il.com>
> Signed-off-by: Yee Lee <yee.lee@...iatek.com>
> ---
> mm/kasan/kasan.h | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
> diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h
> index 98e3059bfea4..d739cdd1621a 100644
> --- a/mm/kasan/kasan.h
> +++ b/mm/kasan/kasan.h
> @@ -9,6 +9,7 @@
> #ifdef CONFIG_KASAN_HW_TAGS
>
> #include <linux/static_key.h>
> +#include "../slab.h"
>
> DECLARE_STATIC_KEY_FALSE(kasan_flag_stacktrace);
> extern bool kasan_flag_async __ro_after_init;
> @@ -387,6 +388,17 @@ static inline void kasan_unpoison(const void *addr, size_t size, bool init)
>
> if (WARN_ON((unsigned long)addr & KASAN_GRANULE_MASK))
> return;
> + /*
> + * Explicitly initialize the memory with the precise object size to
> + * avoid overwriting the SLAB redzone. This disables initialization in
> + * the arch code and may thus lead to performance penalty. The penalty
> + * is accepted since SLAB redzones aren't enabled in production builds.
> + */
> + if (__slub_debug_enabled() &&
What happened to slub_debug_enabled_unlikely()? Was it renamed? Why? I
didn't receive patch #1 of v6 (nor of v5).
> + init && ((unsigned long)size & KASAN_GRANULE_MASK)) {
> + init = false;
> + memzero_explicit((void *)addr, size);
> + }
> size = round_up(size, KASAN_GRANULE_SIZE);
>
> hw_set_mem_tag_range((void *)addr, size, tag, init);
> --
> 2.18.0
>
Powered by blists - more mailing lists