| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250805062333.121553-2-bhe@redhat.com>
Date: Tue, 5 Aug 2025 14:23:30 +0800
From: Baoquan He <bhe@...hat.com>
To: linux-mm@...ck.org
Cc: ryabinin.a.a@...il.com,
glider@...gle.com,
andreyknvl@...il.com,
dvyukov@...gle.com,
vincenzo.frascino@....com,
akpm@...ux-foundation.org,
kasan-dev@...glegroups.com,
linux-kernel@...r.kernel.org,
kexec@...ts.infradead.org,
Baoquan He <bhe@...hat.com>
Subject: [PATCH 1/4] mm/kasan: add conditional checks in functions to return directly if kasan is disabled
The current code only does the check if kasan is disabled for hw_tags
mode. Here add the conditional checks for functional functions of
generic mode and sw_tags mode.
This is prepared for later adding kernel parameter kasan=on|off for
all kasan modes.
Signed-off-by: Baoquan He <bhe@...hat.com>
---
mm/kasan/generic.c | 20 ++++++++++++++++++--
mm/kasan/init.c | 6 ++++++
mm/kasan/quarantine.c | 3 +++
mm/kasan/shadow.c | 23 ++++++++++++++++++++++-
mm/kasan/sw_tags.c | 3 +++
5 files changed, 52 insertions(+), 3 deletions(-)
diff --git a/mm/kasan/generic.c b/mm/kasan/generic.c
index d54e89f8c3e7..ee4ddc1e7127 100644
--- a/mm/kasan/generic.c
+++ b/mm/kasan/generic.c
@@ -165,6 +165,9 @@ static __always_inline bool check_region_inline(const void *addr,
size_t size, bool write,
unsigned long ret_ip)
{
+ if (!kasan_enabled())
+ return true;
+
if (!kasan_arch_is_ready())
return true;
@@ -203,12 +206,13 @@ bool kasan_byte_accessible(const void *addr)
void kasan_cache_shrink(struct kmem_cache *cache)
{
- kasan_quarantine_remove_cache(cache);
+ if (kasan_enabled())
+ kasan_quarantine_remove_cache(cache);
}
void kasan_cache_shutdown(struct kmem_cache *cache)
{
- if (!__kmem_cache_empty(cache))
+ if (kasan_enabled() && !__kmem_cache_empty(cache))
kasan_quarantine_remove_cache(cache);
}
@@ -228,6 +232,9 @@ void __asan_register_globals(void *ptr, ssize_t size)
int i;
struct kasan_global *globals = ptr;
+ if (!kasan_enabled())
+ return;
+
for (i = 0; i < size; i++)
register_global(&globals[i]);
}
@@ -358,6 +365,9 @@ void kasan_cache_create(struct kmem_cache *cache, unsigned int *size,
unsigned int rem_free_meta_size;
unsigned int orig_alloc_meta_offset;
+ if (!kasan_enabled())
+ return;
+
if (!kasan_requires_meta())
return;
@@ -510,6 +520,9 @@ size_t kasan_metadata_size(struct kmem_cache *cache, bool in_object)
{
struct kasan_cache *info = &cache->kasan_info;
+ if (!kasan_enabled())
+ return 0;
+
if (!kasan_requires_meta())
return 0;
@@ -535,6 +548,9 @@ void kasan_record_aux_stack(void *addr)
struct kasan_alloc_meta *alloc_meta;
void *object;
+ if (!kasan_enabled())
+ return;
+
if (is_kfence_address(addr) || !slab)
return;
diff --git a/mm/kasan/init.c b/mm/kasan/init.c
index ced6b29fcf76..43d95f329675 100644
--- a/mm/kasan/init.c
+++ b/mm/kasan/init.c
@@ -449,6 +449,9 @@ void kasan_remove_zero_shadow(void *start, unsigned long size)
unsigned long addr, end, next;
pgd_t *pgd;
+ if (!kasan_enabled())
+ return;
+
addr = (unsigned long)kasan_mem_to_shadow(start);
end = addr + (size >> KASAN_SHADOW_SCALE_SHIFT);
@@ -484,6 +487,9 @@ int kasan_add_zero_shadow(void *start, unsigned long size)
int ret;
void *shadow_start, *shadow_end;
+ if (!kasan_enabled())
+ return 0;
+
shadow_start = kasan_mem_to_shadow(start);
shadow_end = shadow_start + (size >> KASAN_SHADOW_SCALE_SHIFT);
diff --git a/mm/kasan/quarantine.c b/mm/kasan/quarantine.c
index 6958aa713c67..a6dc2c3d8a15 100644
--- a/mm/kasan/quarantine.c
+++ b/mm/kasan/quarantine.c
@@ -405,6 +405,9 @@ static int __init kasan_cpu_quarantine_init(void)
{
int ret = 0;
+ if (!kasan_enabled())
+ return 0;
+
ret = cpuhp_setup_state(CPUHP_AP_ONLINE_DYN, "mm/kasan:online",
kasan_cpu_online, kasan_cpu_offline);
if (ret < 0)
diff --git a/mm/kasan/shadow.c b/mm/kasan/shadow.c
index d2c70cd2afb1..637f2d02d2a3 100644
--- a/mm/kasan/shadow.c
+++ b/mm/kasan/shadow.c
@@ -125,6 +125,9 @@ void kasan_poison(const void *addr, size_t size, u8 value, bool init)
{
void *shadow_start, *shadow_end;
+ if (!kasan_enabled())
+ return;
+
if (!kasan_arch_is_ready())
return;
@@ -150,6 +153,9 @@ EXPORT_SYMBOL_GPL(kasan_poison);
#ifdef CONFIG_KASAN_GENERIC
void kasan_poison_last_granule(const void *addr, size_t size)
{
+ if (!kasan_enabled())
+ return;
+
if (!kasan_arch_is_ready())
return;
@@ -164,6 +170,8 @@ void kasan_unpoison(const void *addr, size_t size, bool init)
{
u8 tag = get_tag(addr);
+ if (!kasan_enabled())
+ return;
/*
* Perform shadow offset calculation based on untagged address, as
* some of the callers (e.g. kasan_unpoison_new_object) pass tagged
@@ -277,7 +285,8 @@ static int __meminit kasan_mem_notifier(struct notifier_block *nb,
static int __init kasan_memhotplug_init(void)
{
- hotplug_memory_notifier(kasan_mem_notifier, DEFAULT_CALLBACK_PRI);
+ if (kasan_enabled())
+ hotplug_memory_notifier(kasan_mem_notifier, DEFAULT_CALLBACK_PRI);
return 0;
}
@@ -390,6 +399,9 @@ int kasan_populate_vmalloc(unsigned long addr, unsigned long size)
unsigned long shadow_start, shadow_end;
int ret;
+ if (!kasan_enabled())
+ return 0;
+
if (!kasan_arch_is_ready())
return 0;
@@ -560,6 +572,9 @@ void kasan_release_vmalloc(unsigned long start, unsigned long end,
unsigned long region_start, region_end;
unsigned long size;
+ if (!kasan_enabled())
+ return;
+
if (!kasan_arch_is_ready())
return;
@@ -655,6 +670,9 @@ int kasan_alloc_module_shadow(void *addr, size_t size, gfp_t gfp_mask)
size_t shadow_size;
unsigned long shadow_start;
+ if (!kasan_enabled())
+ return 0;
+
shadow_start = (unsigned long)kasan_mem_to_shadow(addr);
scaled_size = (size + KASAN_GRANULE_SIZE - 1) >>
KASAN_SHADOW_SCALE_SHIFT;
@@ -691,6 +709,9 @@ int kasan_alloc_module_shadow(void *addr, size_t size, gfp_t gfp_mask)
void kasan_free_module_shadow(const struct vm_struct *vm)
{
+ if (!kasan_enabled())
+ return;
+
if (IS_ENABLED(CONFIG_UML))
return;
diff --git a/mm/kasan/sw_tags.c b/mm/kasan/sw_tags.c
index b9382b5b6a37..01f19bc4a326 100644
--- a/mm/kasan/sw_tags.c
+++ b/mm/kasan/sw_tags.c
@@ -78,6 +78,9 @@ bool kasan_check_range(const void *addr, size_t size, bool write,
u8 *shadow_first, *shadow_last, *shadow;
void *untagged_addr;
+ if (!kasan_enabled())
+ return true;
+
if (unlikely(size == 0))
return true;
--
2.41.0
Powered by blists - more mailing lists