kasan: test: support async (again) and asymm modes for HW_TAGS
Async mode support has already been implemented in commite80a76aa1a
("kasan, arm64: tests supports for HW_TAGS async mode") but then got accidentally broken in commit99734b535d
("kasan: detect false-positives in tests"). Restore the changes removed by the latter patch and adapt them for asymm mode: add a sync_fault flag to kunit_kasan_expectation that only get set if the MTE fault was synchronous, and reenable MTE on such faults in tests. Also rename kunit_kasan_expectation to kunit_kasan_status and move its definition to mm/kasan/kasan.h from include/linux/kasan.h, as this structure is only internally used by KASAN. Also put the structure definition under IS_ENABLED(CONFIG_KUNIT). Link: https://lkml.kernel.org/r/133970562ccacc93ba19d754012c562351d4a8c8.1645033139.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Cc: Marco Elver <elver@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Родитель
1a2473f0cb
Коммит
ed6d74446c
|
@ -19,11 +19,6 @@ struct task_struct;
|
||||||
#include <linux/linkage.h>
|
#include <linux/linkage.h>
|
||||||
#include <asm/kasan.h>
|
#include <asm/kasan.h>
|
||||||
|
|
||||||
/* kasan_data struct is used in KUnit tests for KASAN expected failures */
|
|
||||||
struct kunit_kasan_expectation {
|
|
||||||
bool report_found;
|
|
||||||
};
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
typedef unsigned int __bitwise kasan_vmalloc_flags_t;
|
typedef unsigned int __bitwise kasan_vmalloc_flags_t;
|
||||||
|
|
|
@ -37,7 +37,7 @@ void *kasan_ptr_result;
|
||||||
int kasan_int_result;
|
int kasan_int_result;
|
||||||
|
|
||||||
static struct kunit_resource resource;
|
static struct kunit_resource resource;
|
||||||
static struct kunit_kasan_expectation fail_data;
|
static struct kunit_kasan_status test_status;
|
||||||
static bool multishot;
|
static bool multishot;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -54,58 +54,63 @@ static int kasan_test_init(struct kunit *test)
|
||||||
}
|
}
|
||||||
|
|
||||||
multishot = kasan_save_enable_multi_shot();
|
multishot = kasan_save_enable_multi_shot();
|
||||||
fail_data.report_found = false;
|
test_status.report_found = false;
|
||||||
|
test_status.sync_fault = false;
|
||||||
kunit_add_named_resource(test, NULL, NULL, &resource,
|
kunit_add_named_resource(test, NULL, NULL, &resource,
|
||||||
"kasan_data", &fail_data);
|
"kasan_status", &test_status);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void kasan_test_exit(struct kunit *test)
|
static void kasan_test_exit(struct kunit *test)
|
||||||
{
|
{
|
||||||
kasan_restore_multi_shot(multishot);
|
kasan_restore_multi_shot(multishot);
|
||||||
KUNIT_EXPECT_FALSE(test, fail_data.report_found);
|
KUNIT_EXPECT_FALSE(test, test_status.report_found);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* KUNIT_EXPECT_KASAN_FAIL() - check that the executed expression produces a
|
* KUNIT_EXPECT_KASAN_FAIL() - check that the executed expression produces a
|
||||||
* KASAN report; causes a test failure otherwise. This relies on a KUnit
|
* KASAN report; causes a test failure otherwise. This relies on a KUnit
|
||||||
* resource named "kasan_data". Do not use this name for KUnit resources
|
* resource named "kasan_status". Do not use this name for KUnit resources
|
||||||
* outside of KASAN tests.
|
* outside of KASAN tests.
|
||||||
*
|
*
|
||||||
* For hardware tag-based KASAN in sync mode, when a tag fault happens, tag
|
* For hardware tag-based KASAN, when a synchronous tag fault happens, tag
|
||||||
* checking is auto-disabled. When this happens, this test handler reenables
|
* checking is auto-disabled. When this happens, this test handler reenables
|
||||||
* tag checking. As tag checking can be only disabled or enabled per CPU,
|
* tag checking. As tag checking can be only disabled or enabled per CPU,
|
||||||
* this handler disables migration (preemption).
|
* this handler disables migration (preemption).
|
||||||
*
|
*
|
||||||
* Since the compiler doesn't see that the expression can change the fail_data
|
* Since the compiler doesn't see that the expression can change the test_status
|
||||||
* fields, it can reorder or optimize away the accesses to those fields.
|
* fields, it can reorder or optimize away the accesses to those fields.
|
||||||
* Use READ/WRITE_ONCE() for the accesses and compiler barriers around the
|
* Use READ/WRITE_ONCE() for the accesses and compiler barriers around the
|
||||||
* expression to prevent that.
|
* expression to prevent that.
|
||||||
*
|
*
|
||||||
* In between KUNIT_EXPECT_KASAN_FAIL checks, fail_data.report_found is kept as
|
* In between KUNIT_EXPECT_KASAN_FAIL checks, test_status.report_found is kept
|
||||||
* false. This allows detecting KASAN reports that happen outside of the checks
|
* as false. This allows detecting KASAN reports that happen outside of the
|
||||||
* by asserting !fail_data.report_found at the start of KUNIT_EXPECT_KASAN_FAIL
|
* checks by asserting !test_status.report_found at the start of
|
||||||
* and in kasan_test_exit.
|
* KUNIT_EXPECT_KASAN_FAIL and in kasan_test_exit.
|
||||||
*/
|
*/
|
||||||
#define KUNIT_EXPECT_KASAN_FAIL(test, expression) do { \
|
#define KUNIT_EXPECT_KASAN_FAIL(test, expression) do { \
|
||||||
if (IS_ENABLED(CONFIG_KASAN_HW_TAGS) && \
|
if (IS_ENABLED(CONFIG_KASAN_HW_TAGS) && \
|
||||||
kasan_sync_fault_possible()) \
|
kasan_sync_fault_possible()) \
|
||||||
migrate_disable(); \
|
migrate_disable(); \
|
||||||
KUNIT_EXPECT_FALSE(test, READ_ONCE(fail_data.report_found)); \
|
KUNIT_EXPECT_FALSE(test, READ_ONCE(test_status.report_found)); \
|
||||||
barrier(); \
|
barrier(); \
|
||||||
expression; \
|
expression; \
|
||||||
barrier(); \
|
barrier(); \
|
||||||
if (!READ_ONCE(fail_data.report_found)) { \
|
if (kasan_async_fault_possible()) \
|
||||||
|
kasan_force_async_fault(); \
|
||||||
|
if (!READ_ONCE(test_status.report_found)) { \
|
||||||
KUNIT_FAIL(test, KUNIT_SUBTEST_INDENT "KASAN failure " \
|
KUNIT_FAIL(test, KUNIT_SUBTEST_INDENT "KASAN failure " \
|
||||||
"expected in \"" #expression \
|
"expected in \"" #expression \
|
||||||
"\", but none occurred"); \
|
"\", but none occurred"); \
|
||||||
} \
|
} \
|
||||||
if (IS_ENABLED(CONFIG_KASAN_HW_TAGS)) { \
|
if (IS_ENABLED(CONFIG_KASAN_HW_TAGS) && \
|
||||||
if (READ_ONCE(fail_data.report_found)) \
|
kasan_sync_fault_possible()) { \
|
||||||
kasan_enable_tagging_sync(); \
|
if (READ_ONCE(test_status.report_found) && \
|
||||||
|
READ_ONCE(test_status.sync_fault)) \
|
||||||
|
kasan_enable_tagging(); \
|
||||||
migrate_enable(); \
|
migrate_enable(); \
|
||||||
} \
|
} \
|
||||||
WRITE_ONCE(fail_data.report_found, false); \
|
WRITE_ONCE(test_status.report_found, false); \
|
||||||
} while (0)
|
} while (0)
|
||||||
|
|
||||||
#define KASAN_TEST_NEEDS_CONFIG_ON(test, config) do { \
|
#define KASAN_TEST_NEEDS_CONFIG_ON(test, config) do { \
|
||||||
|
|
|
@ -172,12 +172,7 @@ void kasan_init_hw_tags_cpu(void)
|
||||||
* Enable async or asymm modes only when explicitly requested
|
* Enable async or asymm modes only when explicitly requested
|
||||||
* through the command line.
|
* through the command line.
|
||||||
*/
|
*/
|
||||||
if (kasan_arg_mode == KASAN_ARG_MODE_ASYNC)
|
kasan_enable_tagging();
|
||||||
hw_enable_tagging_async();
|
|
||||||
else if (kasan_arg_mode == KASAN_ARG_MODE_ASYMM)
|
|
||||||
hw_enable_tagging_asymm();
|
|
||||||
else
|
|
||||||
hw_enable_tagging_sync();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* kasan_init_hw_tags() is called once on boot CPU. */
|
/* kasan_init_hw_tags() is called once on boot CPU. */
|
||||||
|
@ -343,11 +338,16 @@ void __kasan_poison_vmalloc(const void *start, unsigned long size)
|
||||||
|
|
||||||
#if IS_ENABLED(CONFIG_KASAN_KUNIT_TEST)
|
#if IS_ENABLED(CONFIG_KASAN_KUNIT_TEST)
|
||||||
|
|
||||||
void kasan_enable_tagging_sync(void)
|
void kasan_enable_tagging(void)
|
||||||
{
|
{
|
||||||
hw_enable_tagging_sync();
|
if (kasan_arg_mode == KASAN_ARG_MODE_ASYNC)
|
||||||
|
hw_enable_tagging_async();
|
||||||
|
else if (kasan_arg_mode == KASAN_ARG_MODE_ASYMM)
|
||||||
|
hw_enable_tagging_asymm();
|
||||||
|
else
|
||||||
|
hw_enable_tagging_sync();
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL_GPL(kasan_enable_tagging_sync);
|
EXPORT_SYMBOL_GPL(kasan_enable_tagging);
|
||||||
|
|
||||||
void kasan_force_async_fault(void)
|
void kasan_force_async_fault(void)
|
||||||
{
|
{
|
||||||
|
|
|
@ -7,6 +7,16 @@
|
||||||
#include <linux/kfence.h>
|
#include <linux/kfence.h>
|
||||||
#include <linux/stackdepot.h>
|
#include <linux/stackdepot.h>
|
||||||
|
|
||||||
|
#if IS_ENABLED(CONFIG_KUNIT)
|
||||||
|
|
||||||
|
/* Used in KUnit-compatible KASAN tests. */
|
||||||
|
struct kunit_kasan_status {
|
||||||
|
bool report_found;
|
||||||
|
bool sync_fault;
|
||||||
|
};
|
||||||
|
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifdef CONFIG_KASAN_HW_TAGS
|
#ifdef CONFIG_KASAN_HW_TAGS
|
||||||
|
|
||||||
#include <linux/static_key.h>
|
#include <linux/static_key.h>
|
||||||
|
@ -350,12 +360,12 @@ static inline const void *arch_kasan_set_tag(const void *addr, u8 tag)
|
||||||
|
|
||||||
#if defined(CONFIG_KASAN_HW_TAGS) && IS_ENABLED(CONFIG_KASAN_KUNIT_TEST)
|
#if defined(CONFIG_KASAN_HW_TAGS) && IS_ENABLED(CONFIG_KASAN_KUNIT_TEST)
|
||||||
|
|
||||||
void kasan_enable_tagging_sync(void);
|
void kasan_enable_tagging(void);
|
||||||
void kasan_force_async_fault(void);
|
void kasan_force_async_fault(void);
|
||||||
|
|
||||||
#else /* CONFIG_KASAN_HW_TAGS || CONFIG_KASAN_KUNIT_TEST */
|
#else /* CONFIG_KASAN_HW_TAGS || CONFIG_KASAN_KUNIT_TEST */
|
||||||
|
|
||||||
static inline void kasan_enable_tagging_sync(void) { }
|
static inline void kasan_enable_tagging(void) { }
|
||||||
static inline void kasan_force_async_fault(void) { }
|
static inline void kasan_force_async_fault(void) { }
|
||||||
|
|
||||||
#endif /* CONFIG_KASAN_HW_TAGS || CONFIG_KASAN_KUNIT_TEST */
|
#endif /* CONFIG_KASAN_HW_TAGS || CONFIG_KASAN_KUNIT_TEST */
|
||||||
|
|
|
@ -336,20 +336,21 @@ static bool report_enabled(void)
|
||||||
}
|
}
|
||||||
|
|
||||||
#if IS_ENABLED(CONFIG_KUNIT)
|
#if IS_ENABLED(CONFIG_KUNIT)
|
||||||
static void kasan_update_kunit_status(struct kunit *cur_test)
|
static void kasan_update_kunit_status(struct kunit *cur_test, bool sync)
|
||||||
{
|
{
|
||||||
struct kunit_resource *resource;
|
struct kunit_resource *resource;
|
||||||
struct kunit_kasan_expectation *kasan_data;
|
struct kunit_kasan_status *status;
|
||||||
|
|
||||||
resource = kunit_find_named_resource(cur_test, "kasan_data");
|
resource = kunit_find_named_resource(cur_test, "kasan_status");
|
||||||
|
|
||||||
if (!resource) {
|
if (!resource) {
|
||||||
kunit_set_failure(cur_test);
|
kunit_set_failure(cur_test);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
kasan_data = (struct kunit_kasan_expectation *)resource->data;
|
status = (struct kunit_kasan_status *)resource->data;
|
||||||
WRITE_ONCE(kasan_data->report_found, true);
|
WRITE_ONCE(status->report_found, true);
|
||||||
|
WRITE_ONCE(status->sync_fault, sync);
|
||||||
kunit_put_resource(resource);
|
kunit_put_resource(resource);
|
||||||
}
|
}
|
||||||
#endif /* IS_ENABLED(CONFIG_KUNIT) */
|
#endif /* IS_ENABLED(CONFIG_KUNIT) */
|
||||||
|
@ -363,7 +364,7 @@ void kasan_report_invalid_free(void *object, unsigned long ip)
|
||||||
|
|
||||||
#if IS_ENABLED(CONFIG_KUNIT)
|
#if IS_ENABLED(CONFIG_KUNIT)
|
||||||
if (current->kunit_test)
|
if (current->kunit_test)
|
||||||
kasan_update_kunit_status(current->kunit_test);
|
kasan_update_kunit_status(current->kunit_test, true);
|
||||||
#endif /* IS_ENABLED(CONFIG_KUNIT) */
|
#endif /* IS_ENABLED(CONFIG_KUNIT) */
|
||||||
|
|
||||||
start_report(&flags);
|
start_report(&flags);
|
||||||
|
@ -383,7 +384,7 @@ void kasan_report_async(void)
|
||||||
|
|
||||||
#if IS_ENABLED(CONFIG_KUNIT)
|
#if IS_ENABLED(CONFIG_KUNIT)
|
||||||
if (current->kunit_test)
|
if (current->kunit_test)
|
||||||
kasan_update_kunit_status(current->kunit_test);
|
kasan_update_kunit_status(current->kunit_test, false);
|
||||||
#endif /* IS_ENABLED(CONFIG_KUNIT) */
|
#endif /* IS_ENABLED(CONFIG_KUNIT) */
|
||||||
|
|
||||||
start_report(&flags);
|
start_report(&flags);
|
||||||
|
@ -405,7 +406,7 @@ static void __kasan_report(unsigned long addr, size_t size, bool is_write,
|
||||||
|
|
||||||
#if IS_ENABLED(CONFIG_KUNIT)
|
#if IS_ENABLED(CONFIG_KUNIT)
|
||||||
if (current->kunit_test)
|
if (current->kunit_test)
|
||||||
kasan_update_kunit_status(current->kunit_test);
|
kasan_update_kunit_status(current->kunit_test, true);
|
||||||
#endif /* IS_ENABLED(CONFIG_KUNIT) */
|
#endif /* IS_ENABLED(CONFIG_KUNIT) */
|
||||||
|
|
||||||
disable_trace_on_warning();
|
disable_trace_on_warning();
|
||||||
|
|
Загрузка…
Ссылка в новой задаче