lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAG48ez3uh48VZCVO3JD3uv9k5kZBHahr3dAita4hkHsLqyyA9w@mail.gmail.com>
Date: Wed, 26 Mar 2025 22:21:16 +0100
From: Jann Horn <jannh@...gle.com>
To: Nathan Chancellor <nathan@...nel.org>, Arnd Bergmann <arnd@...db.de>
Cc: Marco Elver <elver@...gle.com>, Dmitry Vyukov <dvyukov@...gle.com>, kasan-dev@...glegroups.com, 
	linux-arch@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] rwonce: handle KCSAN like KASAN in read_word_at_a_time()

On Wed, Mar 26, 2025 at 9:44 PM Jann Horn <jannh@...gle.com> wrote:
> On Wed, Mar 26, 2025 at 9:39 PM Nathan Chancellor <nathan@...nel.org> wrote:
> > On Tue, Mar 25, 2025 at 05:01:34PM +0100, Jann Horn wrote:
> > > Also, since this read can be racy by design, we should technically do
> > > READ_ONCE(), so add that.
> > >
> > > Fixes: dfd402a4c4ba ("kcsan: Add Kernel Concurrency Sanitizer infrastructure")
> > > Signed-off-by: Jann Horn <jannh@...gle.com>
> > ...
> > > diff --git a/include/asm-generic/rwonce.h b/include/asm-generic/rwonce.h
> > > index 8d0a6280e982..e9f2b84d2338 100644
> > > --- a/include/asm-generic/rwonce.h
> > > +++ b/include/asm-generic/rwonce.h
> > > @@ -79,11 +79,14 @@ unsigned long __read_once_word_nocheck(const void *addr)
> > >       (typeof(x))__read_once_word_nocheck(&(x));                      \
> > >  })
> > >
> > > -static __no_kasan_or_inline
> > > +static __no_sanitize_or_inline
> > >  unsigned long read_word_at_a_time(const void *addr)
> > >  {
> > > +     /* open-coded instrument_read(addr, 1) */
> > >       kasan_check_read(addr, 1);
> > > -     return *(unsigned long *)addr;
> > > +     kcsan_check_read(addr, 1);
> > > +
> > > +     return READ_ONCE(*(unsigned long *)addr);
> >
> > I bisected a boot hang that I see on arm64 with LTO enabled to this
> > change as commit ece69af2ede1 ("rwonce: handle KCSAN like KASAN in
> > read_word_at_a_time()") in -next. With LTO, READ_ONCE() gets upgraded to
> > ldar / ldapr, which requires an aligned address to access, but
> > read_word_at_a_time() can be called with an unaligned address. I
> > confirmed this should be the root cause by removing the READ_ONCE()
> > added above or removing the selects of DCACHE_WORD_ACCESS and
> > HAVE_EFFICIENT_UNALIGNED_ACCESS in arch/arm64/Kconfig, which avoids
> > the crash.
>
> Oh, bleeeh. Thanks for figuring that out. I guess that means we should
> remove that READ_ONCE() again to un-break the build. I'll send a patch
> in a bit...

I sent a patch at
<https://lore.kernel.org/all/20250326-rwaat-fix-v1-1-600f411eaf23@google.com/>.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ