lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <08e480cf-90d4-8225-1af9-fe187fc622be@arm.com>
Date:   Fri, 8 Apr 2022 13:32:28 +0100
From:   Vincenzo Frascino <vincenzo.frascino@....com>
To:     Andrey Konovalov <andreyknvl@...il.com>
Cc:     Linux ARM <linux-arm-kernel@...ts.infradead.org>,
        LKML <linux-kernel@...r.kernel.org>,
        kasan-dev <kasan-dev@...glegroups.com>,
        Andrey Ryabinin <ryabinin.a.a@...il.com>,
        Alexander Potapenko <glider@...gle.com>,
        Dmitry Vyukov <dvyukov@...gle.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Catalin Marinas <catalin.marinas@....com>,
        Will Deacon <will@...nel.org>
Subject: Re: [PATCH] kasan: Fix hw tags enablement when KUNIT tests are
 disabled

Hi Andrey,

On 4/8/22 1:26 PM, Andrey Konovalov wrote:
> On Fri, Apr 8, 2022 at 12:04 PM Vincenzo Frascino
> <vincenzo.frascino@....com> wrote:
>>
>> Kasan enables hw tags via kasan_enable_tagging() which based on the mode
>> passed via kernel command line selects the correct hw backend.
>> kasan_enable_tagging() is meant to be invoked indirectly via the cpu features
>> framework of the architectures that support these backends.
>> Currently the invocation of this function is guarded by CONFIG_KASAN_KUNIT_TEST
>> which allows the enablement of the correct backend only when KUNIT tests are
>> enabled in the kernel.
> 
>> ... and prevents to enable MTE on arm64 when KUNIT tests for kasan hw_tags are
>> disabled.
> 
> Oh, indeed. Thanks for finding this!
> 
>> This inconsistency was introduced in commit:
>>
>>   f05842cfb9ae2 ("kasan, arm64: allow using KUnit tests with HW_TAGS mode")
> 
> No, that commit is fine. The issue was introduced recently in
> ed6d74446cbf ("kasan: test: support async (again) and asymm modes for
> HW_TAGS"), where I changed kasan_init_hw_tags_cpu() to call
> kasan_enable_tagging() instead of hw_enable_tagging_*().
>

Thanks for pointing this out, the commit message above is referring to when the
guard was introduced but I agree it is more correct to refer to when the logical
issue was introduced. I will update it in v2.

>> Fix the issue making sure that the CONFIG_KASAN_KUNIT_TEST guard does not
>> prevent the correct invocation of kasan_enable_tagging().
>>
>> Fixes: f05842cfb9ae2 ("kasan, arm64: allow using KUnit tests with HW_TAGS mode")
>> Cc: Andrey Ryabinin <ryabinin.a.a@...il.com>
>> Cc: Alexander Potapenko <glider@...gle.com>
>> Cc: Andrey Konovalov <andreyknvl@...il.com>
>> Cc: Dmitry Vyukov <dvyukov@...gle.com>
>> Cc: Andrew Morton <akpm@...ux-foundation.org>
>> Cc: Catalin Marinas <catalin.marinas@....com>
>> Cc: Will Deacon <will@...nel.org>
>> Signed-off-by: Vincenzo Frascino <vincenzo.frascino@....com>
>> ---
>>  mm/kasan/hw_tags.c |  4 ++--
>>  mm/kasan/kasan.h   | 10 ++++++----
>>  2 files changed, 8 insertions(+), 6 deletions(-)
>>
>> diff --git a/mm/kasan/hw_tags.c b/mm/kasan/hw_tags.c
>> index 07a76c46daa5..e2677501c36e 100644
>> --- a/mm/kasan/hw_tags.c
>> +++ b/mm/kasan/hw_tags.c
>> @@ -336,8 +336,6 @@ void __kasan_poison_vmalloc(const void *start, unsigned long size)
>>
>>  #endif
>>
>> -#if IS_ENABLED(CONFIG_KASAN_KUNIT_TEST)
>> -
>>  void kasan_enable_tagging(void)
>>  {
>>         if (kasan_arg_mode == KASAN_ARG_MODE_ASYNC)
>> @@ -349,6 +347,8 @@ void kasan_enable_tagging(void)
>>  }
>>  EXPORT_SYMBOL_GPL(kasan_enable_tagging);
> 
> Please keep this EXPORT_SYMBOL_GPL under CONFIG_KASAN_KUNIT_TEST.
> 

Will do. Thanks!

>>
>> +#if IS_ENABLED(CONFIG_KASAN_KUNIT_TEST)
>> +
>>  void kasan_force_async_fault(void)
>>  {
>>         hw_force_async_tag_fault();
>> diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h
>> index d79b83d673b1..b01b4bbe0409 100644
>> --- a/mm/kasan/kasan.h
>> +++ b/mm/kasan/kasan.h
>> @@ -355,25 +355,27 @@ static inline const void *arch_kasan_set_tag(const void *addr, u8 tag)
>>  #define hw_set_mem_tag_range(addr, size, tag, init) \
>>                         arch_set_mem_tag_range((addr), (size), (tag), (init))
>>
>> +void kasan_enable_tagging(void);
>> +
>>  #else /* CONFIG_KASAN_HW_TAGS */
>>
>>  #define hw_enable_tagging_sync()
>>  #define hw_enable_tagging_async()
>>  #define hw_enable_tagging_asymm()
>>
>> +static inline void kasan_enable_tagging(void) { }
>> +
>>  #endif /* CONFIG_KASAN_HW_TAGS */
>>
>>  #if defined(CONFIG_KASAN_HW_TAGS) && IS_ENABLED(CONFIG_KASAN_KUNIT_TEST)
>>
>> -void kasan_enable_tagging(void);
>>  void kasan_force_async_fault(void);
>>
>> -#else /* CONFIG_KASAN_HW_TAGS || CONFIG_KASAN_KUNIT_TEST */
>> +#else /* CONFIG_KASAN_HW_TAGS && CONFIG_KASAN_KUNIT_TEST */
>>
>> -static inline void kasan_enable_tagging(void) { }
>>  static inline void kasan_force_async_fault(void) { }
>>
>> -#endif /* CONFIG_KASAN_HW_TAGS || CONFIG_KASAN_KUNIT_TEST */
>> +#endif /* CONFIG_KASAN_HW_TAGS && CONFIG_KASAN_KUNIT_TEST */
>>
>>  #ifdef CONFIG_KASAN_SW_TAGS
>>  u8 kasan_random_tag(void);
>> --
>> 2.35.1
>>
> 
> Thank you, Vincenzo!

-- 
Regards,
Vincenzo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ