lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 May 2022 12:33:48 +0100 From: Mark Rutland <mark.rutland@....com> To: andrey.konovalov@...ux.dev Cc: Andrey Konovalov <andreyknvl@...il.com>, Marco Elver <elver@...gle.com>, Alexander Potapenko <glider@...gle.com>, Dmitry Vyukov <dvyukov@...gle.com>, Andrey Ryabinin <ryabinin.a.a@...il.com>, kasan-dev@...glegroups.com, Catalin Marinas <catalin.marinas@....com>, Vincenzo Frascino <vincenzo.frascino@....com>, Will Deacon <will@...nel.org>, linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org, Andrey Konovalov <andreyknvl@...gle.com> Subject: Re: [PATCH 1/2] arm64: kasan: do not instrument stacktrace.c On Sun, May 22, 2022 at 01:50:58AM +0200, andrey.konovalov@...ux.dev wrote: > From: Andrey Konovalov <andreyknvl@...gle.com> > > Disable KASAN instrumentation of arch/arm64/kernel/stacktrace.c. > > This speeds up Generic KASAN by 5-20%. > > As a side-effect, KASAN is now unable to detect bugs in the stack trace > collection code. This is taken as an acceptable downside. > > Also replace READ_ONCE_NOCHECK() with READ_ONCE() in stacktrace.c. > As the file is now not instrumented, there is no need to use the > NOCHECK version of READ_ONCE(). > > Suggested-by: Mark Rutland <mark.rutland@....com> > Signed-off-by: Andrey Konovalov <andreyknvl@...gle.com> > --- > arch/arm64/kernel/Makefile | 3 +++ > arch/arm64/kernel/stacktrace.c | 4 ++-- > 2 files changed, 5 insertions(+), 2 deletions(-) > > diff --git a/arch/arm64/kernel/Makefile b/arch/arm64/kernel/Makefile > index fa7981d0d917..da8cf6905c76 100644 > --- a/arch/arm64/kernel/Makefile > +++ b/arch/arm64/kernel/Makefile > @@ -14,6 +14,9 @@ CFLAGS_REMOVE_return_address.o = $(CC_FLAGS_FTRACE) > CFLAGS_REMOVE_syscall.o = -fstack-protector -fstack-protector-strong > CFLAGS_syscall.o += -fno-stack-protector > > +# Do not instrument to improve performance. > +KASAN_SANITIZE_stacktrace.o := n Can we make that a little more descriptive? e.g. # When KASAN is enabled, a stacktrace is recorded for every alloc/free, which # can significantly impact performance. Avoid instrumenting the stacktrace code # to minimize this impact. KASAN_SANITIZE_stacktrace.o := n With that: Acked-by: Mark Rutland <mark.rutland@....com> Mark. > + > # It's not safe to invoke KCOV when portions of the kernel environment aren't > # available or are out-of-sync with HW state. Since `noinstr` doesn't always > # inhibit KCOV instrumentation, disable it for the entire compilation unit. > diff --git a/arch/arm64/kernel/stacktrace.c b/arch/arm64/kernel/stacktrace.c > index e4103e085681..33e96ae4b15f 100644 > --- a/arch/arm64/kernel/stacktrace.c > +++ b/arch/arm64/kernel/stacktrace.c > @@ -110,8 +110,8 @@ static int notrace unwind_frame(struct task_struct *tsk, > * Record this frame record's values and location. The prev_fp and > * prev_type are only meaningful to the next unwind_frame() invocation. > */ > - frame->fp = READ_ONCE_NOCHECK(*(unsigned long *)(fp)); > - frame->pc = READ_ONCE_NOCHECK(*(unsigned long *)(fp + 8)); > + frame->fp = READ_ONCE(*(unsigned long *)(fp)); > + frame->pc = READ_ONCE(*(unsigned long *)(fp + 8)); > frame->prev_fp = fp; > frame->prev_type = info.type; > > -- > 2.25.1 >
Powered by blists - more mailing lists