lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20251204192237.0d7a07c9961843503c08ebab@linux-foundation.org>
Date: Thu, 4 Dec 2025 19:22:37 -0800
From: Andrew Morton <akpm@...ux-foundation.org>
To: Andrey Konovalov <andreyknvl@...il.com>
Cc: Maciej Wieczor-Retman <m.wieczorretman@...me>, Andrey Ryabinin
 <ryabinin.a.a@...il.com>, Alexander Potapenko <glider@...gle.com>, Dmitry
 Vyukov <dvyukov@...gle.com>, Vincenzo Frascino <vincenzo.frascino@....com>,
 Marco Elver <elver@...gle.com>, jiayuan.chen@...ux.dev,
 stable@...r.kernel.org, Maciej Wieczor-Retman
 <maciej.wieczor-retman@...el.com>, kasan-dev@...glegroups.com,
 linux-mm@...ck.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 3/3] kasan: Unpoison vms[area] addresses with a
 common tag

On Fri, 5 Dec 2025 02:09:06 +0100 Andrey Konovalov <andreyknvl@...il.com> wrote:

> > --- a/mm/kasan/common.c
> > +++ b/mm/kasan/common.c
> > @@ -591,11 +591,28 @@ void __kasan_unpoison_vmap_areas(struct vm_struct **vms, int nr_vms,
> >         unsigned long size;
> >         void *addr;
> >         int area;
> > +       u8 tag;
> > +
> > +       /*
> > +        * If KASAN_VMALLOC_KEEP_TAG was set at this point, all vms[] pointers
> > +        * would be unpoisoned with the KASAN_TAG_KERNEL which would disable
> > +        * KASAN checks down the line.
> > +        */
> > +       if (flags & KASAN_VMALLOC_KEEP_TAG) {
> 
> I think we can do a WARN_ON() here: passing KASAN_VMALLOC_KEEP_TAG to
> this function would be a bug in KASAN annotations and thus a kernel
> bug. Therefore, printing a WARNING seems justified.

This?

--- a/mm/kasan/common.c~kasan-unpoison-vms-addresses-with-a-common-tag-fix
+++ a/mm/kasan/common.c
@@ -598,7 +598,7 @@ void __kasan_unpoison_vmap_areas(struct
 	 * would be unpoisoned with the KASAN_TAG_KERNEL which would disable
 	 * KASAN checks down the line.
 	 */
-	if (flags & KASAN_VMALLOC_KEEP_TAG) {
+	if (WARN_ON_ONCE(flags & KASAN_VMALLOC_KEEP_TAG)) {
 		pr_warn("KASAN_VMALLOC_KEEP_TAG flag shouldn't be already set!\n");
 		return;
 	}
_

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ