linux-kernel - [PATCH v2 10/14] x86: KASAN raw shadow memory PTE init

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <738373d32089fbf84a8c5d6f32ade1bf28d14020.1739866028.git.maciej.wieczor-retman@intel.com>
Date: Tue, 18 Feb 2025 09:15:26 +0100
From: Maciej Wieczor-Retman <maciej.wieczor-retman@...el.com>
To: kees@...nel.org,
	julian.stecklina@...erus-technology.de,
	kevinloughlin@...gle.com,
	peterz@...radead.org,
	tglx@...utronix.de,
	justinstitt@...gle.com,
	catalin.marinas@....com,
	wangkefeng.wang@...wei.com,
	bhe@...hat.com,
	ryabinin.a.a@...il.com,
	kirill.shutemov@...ux.intel.com,
	will@...nel.org,
	ardb@...nel.org,
	jason.andryuk@....com,
	dave.hansen@...ux.intel.com,
	pasha.tatashin@...een.com,
	ndesaulniers@...gle.com,
	guoweikang.kernel@...il.com,
	dwmw@...zon.co.uk,
	mark.rutland@....com,
	broonie@...nel.org,
	apopple@...dia.com,
	bp@...en8.de,
	rppt@...nel.org,
	kaleshsingh@...gle.com,
	richard.weiyang@...il.com,
	luto@...nel.org,
	glider@...gle.com,
	pankaj.gupta@....com,
	andreyknvl@...il.com,
	pawan.kumar.gupta@...ux.intel.com,
	kuan-ying.lee@...onical.com,
	tony.luck@...el.com,
	tj@...nel.org,
	jgross@...e.com,
	dvyukov@...gle.com,
	baohua@...nel.org,
	samuel.holland@...ive.com,
	dennis@...nel.org,
	akpm@...ux-foundation.org,
	thomas.weissschuh@...utronix.de,
	surenb@...gle.com,
	kbingham@...nel.org,
	ankita@...dia.com,
	nathan@...nel.org,
	maciej.wieczor-retman@...el.com,
	ziy@...dia.com,
	xin@...or.com,
	rafael.j.wysocki@...el.com,
	andriy.shevchenko@...ux.intel.com,
	cl@...ux.com,
	jhubbard@...dia.com,
	hpa@...or.com,
	scott@...amperecomputing.com,
	david@...hat.com,
	jan.kiszka@...mens.com,
	vincenzo.frascino@....com,
	corbet@....net,
	maz@...nel.org,
	mingo@...hat.com,
	arnd@...db.de,
	ytcoode@...il.com,
	xur@...gle.com,
	morbo@...gle.com,
	thiago.bauermann@...aro.org
Cc: linux-doc@...r.kernel.org,
	kasan-dev@...glegroups.com,
	linux-kernel@...r.kernel.org,
	llvm@...ts.linux.dev,
	linux-mm@...ck.org,
	linux-arm-kernel@...ts.infradead.org,
	x86@...nel.org
Subject: [PATCH v2 10/14] x86: KASAN raw shadow memory PTE init

In KASAN's generic mode the default value in shadow memory is zero.
During initialization of shadow memory pages they are allocated and
zeroed.

In KASAN's tag-based mode the default tag for the arm64 architecture is
0xFE which corresponds to any memory that should not be accessed. On x86
(where tags are 4-bit wide instead of 8-bit wide) that tag is 0xE so
during the initializations all the bytes in shadow memory pages should
be filled with 0xE or 0xEE if two tags should be packed in one shadow
byte.

Use memblock_alloc_try_nid_raw() instead of memblock_alloc_try_nid() to
avoid zeroing out the memory so it can be set with the KASAN invalid
tag.

Signed-off-by: Maciej Wieczor-Retman <maciej.wieczor-retman@...el.com>
---
Changelog v2:
- Remove dense mode references, use memset() instead of kasan_poison().

 arch/x86/mm/kasan_init_64.c | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/arch/x86/mm/kasan_init_64.c b/arch/x86/mm/kasan_init_64.c
index 9dddf19a5571..299a2144dac4 100644
--- a/arch/x86/mm/kasan_init_64.c
+++ b/arch/x86/mm/kasan_init_64.c
@@ -35,6 +35,18 @@ static __init void *early_alloc(size_t size, int nid, bool should_panic)
 	return ptr;
 }
 
+static __init void *early_raw_alloc(size_t size, int nid, bool should_panic)
+{
+	void *ptr = memblock_alloc_try_nid_raw(size, size,
+			__pa(MAX_DMA_ADDRESS), MEMBLOCK_ALLOC_ACCESSIBLE, nid);
+
+	if (!ptr && should_panic)
+		panic("%pS: Failed to allocate page, nid=%d from=%lx\n",
+		      (void *)_RET_IP_, nid, __pa(MAX_DMA_ADDRESS));
+
+	return ptr;
+}
+
 static void __init kasan_populate_pmd(pmd_t *pmd, unsigned long addr,
 				      unsigned long end, int nid)
 {
@@ -64,8 +76,9 @@ static void __init kasan_populate_pmd(pmd_t *pmd, unsigned long addr,
 		if (!pte_none(*pte))
 			continue;
 
-		p = early_alloc(PAGE_SIZE, nid, true);
-		entry = pfn_pte(PFN_DOWN(__pa(p)), PAGE_KERNEL);
+		p = early_raw_alloc(PAGE_SIZE, nid, true);
+		memset(p, PAGE_SIZE, KASAN_SHADOW_INIT);
+		entry = pfn_pte(PFN_DOWN(__pa_nodebug(p)), PAGE_KERNEL);
 		set_pte_at(&init_mm, addr, pte, entry);
 	} while (pte++, addr += PAGE_SIZE, addr != end);
 }
@@ -437,7 +450,7 @@ void __init kasan_init(void)
 	 * it may contain some garbage. Now we can clear and write protect it,
 	 * since after the TLB flush no one should write to it.
 	 */
-	memset(kasan_early_shadow_page, 0, PAGE_SIZE);
+	memset(kasan_early_shadow_page, KASAN_SHADOW_INIT, PAGE_SIZE);
 	for (i = 0; i < PTRS_PER_PTE; i++) {
 		pte_t pte;
 		pgprot_t prot;
-- 
2.47.1