lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CA+fCnZcOjyFrT7HKeSEvAEW05h8dFPMJKMB=PC_11h2W6g5eMw@mail.gmail.com>
Date: Sat, 22 Feb 2025 16:07:20 +0100
From: Andrey Konovalov <andreyknvl@...il.com>
To: Maciej Wieczor-Retman <maciej.wieczor-retman@...el.com>
Cc: kees@...nel.org, julian.stecklina@...erus-technology.de, 
	kevinloughlin@...gle.com, peterz@...radead.org, tglx@...utronix.de, 
	justinstitt@...gle.com, catalin.marinas@....com, wangkefeng.wang@...wei.com, 
	bhe@...hat.com, ryabinin.a.a@...il.com, kirill.shutemov@...ux.intel.com, 
	will@...nel.org, ardb@...nel.org, jason.andryuk@....com, 
	dave.hansen@...ux.intel.com, pasha.tatashin@...een.com, 
	ndesaulniers@...gle.com, guoweikang.kernel@...il.com, dwmw@...zon.co.uk, 
	mark.rutland@....com, broonie@...nel.org, apopple@...dia.com, bp@...en8.de, 
	rppt@...nel.org, kaleshsingh@...gle.com, richard.weiyang@...il.com, 
	luto@...nel.org, glider@...gle.com, pankaj.gupta@....com, 
	pawan.kumar.gupta@...ux.intel.com, kuan-ying.lee@...onical.com, 
	tony.luck@...el.com, tj@...nel.org, jgross@...e.com, dvyukov@...gle.com, 
	baohua@...nel.org, samuel.holland@...ive.com, dennis@...nel.org, 
	akpm@...ux-foundation.org, thomas.weissschuh@...utronix.de, surenb@...gle.com, 
	kbingham@...nel.org, ankita@...dia.com, nathan@...nel.org, ziy@...dia.com, 
	xin@...or.com, rafael.j.wysocki@...el.com, andriy.shevchenko@...ux.intel.com, 
	cl@...ux.com, jhubbard@...dia.com, hpa@...or.com, 
	scott@...amperecomputing.com, david@...hat.com, jan.kiszka@...mens.com, 
	vincenzo.frascino@....com, corbet@....net, maz@...nel.org, mingo@...hat.com, 
	arnd@...db.de, ytcoode@...il.com, xur@...gle.com, morbo@...gle.com, 
	thiago.bauermann@...aro.org, linux-doc@...r.kernel.org, 
	kasan-dev@...glegroups.com, linux-kernel@...r.kernel.org, 
	llvm@...ts.linux.dev, linux-mm@...ck.org, 
	linux-arm-kernel@...ts.infradead.org, x86@...nel.org
Subject: Re: [PATCH v2 13/14] x86: runtime_const used for KASAN_SHADOW_END

On Fri, Feb 21, 2025 at 4:11 PM Maciej Wieczor-Retman
<maciej.wieczor-retman@...el.com> wrote:
>
> On 2025-02-20 at 00:31:08 +0100, Andrey Konovalov wrote:
> >On Tue, Feb 18, 2025 at 9:20 AM Maciej Wieczor-Retman
> ><maciej.wieczor-retman@...el.com> wrote:
> >>
> >> On x86, generic KASAN is setup in a way that needs a single
> >> KASAN_SHADOW_OFFSET value for both 4 and 5 level paging. It's required
> >> to facilitate boot time switching and it's a compiler ABI so it can't be
> >> changed during runtime.
> >>
> >> Software tag-based mode doesn't tie shadow start and end to any linear
> >> addresses as part of the compiler ABI so it can be changed during
> >> runtime.
> >
> >KASAN_SHADOW_OFFSET is passed to the compiler via
> >hwasan-mapping-offset, see scripts/Makefile.kasan (for the INLINE
> >mode). So while we can change its value, it has to be known at compile
> >time. So I don't think using a runtime constant would work.
>
> I don't know about arm64, but this doesn't seem to work right now on x86.

You mean it _does_ seem to work? Or otherwise if runtime constant
doesn't work on x86, then we shouldn't use it?

> I
> think I recall that hwasan-mapping-offset isn't implemented on the x86 LLVM or
> something like that? I'm sure I saw some note about it a while ago on the
> internet but I couldn't find it today.

In LLVM sources, ShadowBase gets calculated [1] based on
Mapping.Offset [2], which is in turn taken [3] from
hwasan-mapping-offset [4]. And then ShadowBase is used to calculate
[5] the shadow memory address.

All of this happens in the common code, so this should affect both x86
and arm64.

[1] https://github.com/llvm/llvm-project/blob/llvmorg-20-init/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp#L1305
[2] https://github.com/llvm/llvm-project/blob/llvmorg-20-init/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp#L761
[3] https://github.com/llvm/llvm-project/blob/llvmorg-20-init/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp#L1863
[4] https://github.com/llvm/llvm-project/blob/llvmorg-20-init/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp#L171
[5] https://github.com/llvm/llvm-project/blob/llvmorg-20-init/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp#L899

>
> Anyway if KASAN_SHADOW_OFFSET is not set at compile time it defaults to nothing
> and just doesn't get passed into kasan-params a few lines below. I assume that
> result seems a little too makeshift for runtime const to make sense here?

Sorry, I don't understand this question.

If hwasan-mapping-offset is not set properly, then in the inline
instrumentation mode, the compiler won't generate the right
instructions to calculate the shadow memory address.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ