| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250816110018.4055617-1-yeoreum.yun@arm.com>
Date: Sat, 16 Aug 2025 12:00:16 +0100
From: Yeoreum Yun <yeoreum.yun@....com>
To: ryabinin.a.a@...il.com,
glider@...gle.com,
andreyknvl@...il.com,
dvyukov@...gle.com,
vincenzo.frascino@....com,
corbet@....net,
catalin.marinas@....com,
will@...nel.org,
akpm@...ux-foundation.org,
scott@...amperecomputing.com,
jhubbard@...dia.com,
pankaj.gupta@....com,
leitao@...ian.org,
kaleshsingh@...gle.com,
maz@...nel.org,
broonie@...nel.org,
oliver.upton@...ux.dev,
james.morse@....com,
ardb@...nel.org,
hardevsinh.palaniya@...iconsignals.io,
david@...hat.com,
yang@...amperecomputing.com
Cc: kasan-dev@...glegroups.com,
workflows@...r.kernel.org,
linux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org,
linux-arm-kernel@...ts.infradead.org,
linux-mm@...ck.org,
Yeoreum Yun <yeoreum.yun@....com>
Subject: [PATCH v3 0/2] introduce kasan.write_only option in hw-tags
Hardware tag based KASAN is implemented using the Memory Tagging Extension
(MTE) feature.
MTE is built on top of the ARMv8.0 virtual address tagging TBI
(Top Byte Ignore) feature and allows software to access a 4-bit
allocation tag for each 16-byte granule in the physical address space.
A logical tag is derived from bits 59-56 of the virtual
address used for the memory access. A CPU with MTE enabled will compare
the logical tag against the allocation tag and potentially raise an
tag check fault on mismatch, subject to system registers configuration.
Since ARMv8.9, FEAT_MTE_STORE_ONLY can be used to restrict raise of tag
check fault on store operation only.
Using this feature (FEAT_MTE_STORE_ONLY), introduce KASAN write-only mode
which restricts KASAN check write (store) operation only.
This mode omits KASAN check for read (fetch/load) operation.
Therefore, it might be used not only debugging purpose but also in
normal environment.
This patch is based on v6.17-rc1.
Patch History
=============
from v2 to v3:
- change MET_STORE_ONLY feature as BOOT_CPU_FEATURE
- change store_only to write_only
- move write_only setup into the place other option's setup place
- change static key of kasan_flag_write_only to static boolean.
- change macro KUNIT_EXPECT_KASAN_SUCCESS to KUNIT_EXPECT_KASAN_FAIL_READ.
- https://lore.kernel.org/all/20250813175335.3980268-1-yeoreum.yun@arm.com/
from v1 to v2:
- change cryptic name -- stonly to store_only
- remove some TCF check with store which can make memory courruption.
- https://lore.kernel.org/all/20250811173626.1878783-1-yeoreum.yun@arm.com/
Yeoreum Yun (2):
kasan/hw-tags: introduce kasan.write_only option
kasan: apply write-only mode in kasan kunit testcases
Documentation/dev-tools/kasan.rst | 3 +
arch/arm64/include/asm/memory.h | 1 +
arch/arm64/include/asm/mte-kasan.h | 6 +
arch/arm64/kernel/cpufeature.c | 2 +-
arch/arm64/kernel/mte.c | 18 +++
mm/kasan/hw_tags.c | 54 ++++++-
mm/kasan/kasan.h | 7 +
mm/kasan/kasan_test_c.c | 237 ++++++++++++++++++++---------
8 files changed, 250 insertions(+), 78 deletions(-)
base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585
--
LEVI:{C3F47F37-75D8-414A-A8BA-3980EC8A46D7}
Powered by blists - more mailing lists