[PATCH 0/5 v11] KASan for Arm

[Ard Biesheuvel]

On Fri, 3 Jul 2020 at 05:36, Florian Fainelli <f.fainelli at gmail.com> wrote:
>
>
>
> On 7/1/2020 4:03 PM, Ard Biesheuvel wrote
> > OK, so assuming kasan_early_init() backs the entire shadow region with
> > zero pages correctly, we are losing the mapping somewhere between
> > there and kasan_init(), and there are quite a number of
> > create_mapping() calls in the meantime.
> >
> > So if you have cycles to spend on this, do you mind instrumenting
> > create_mapping() and see whether any of the ranges that are
> > (re`)mapped come within 2 MB of bc800000-bc9fffff?
>
> It does not look like we can go that far, the last debug prints I can
> get are:
>
> [    0.000000] kasan: kasan_pte_populate: p: ee002000, addr: 0xb7bef000
> [    0.000000] kasan: kasan_pte_populate: memset done
> [    0.000000] kasan: kasan_pte_populate: entry: 0xc000002e00271f
> [    0.000000] kasan: kasan_pte_populate: p: ee001000, addr: 0xb7bf0000
> [    0.000000] kasan: kasan_pte_populate: memset done
> [    0.000000] kasan: kasan_pte_populate: entry: 0xc000002e00171f
> [    0.000000] kasan: kasan_pte_populate: p: ee000000, addr: 0xb7bf1000
> [    0.000000] kasan: kasan_pte_populate: memset done
> [    0.000000] kasan: kasan_pte_populate: entry: 0xc000002e00071f
> [    0.000000] 8<--- cut here ---
> [    0.000000] Unable to handle kernel paging request at virtual address
> bcbffe00
> [    0.000000] pgd = (ptrval)
> [    0.000000] [bcbffe00] *pgd=80000000006003, *pmd=00000000
> [    0.000000] Internal error: Oops: 206 [#1] SMP ARM
>
> The next one would be 0xb7bf2000 which is ~79MB lower than 0xbc800000.
> Full log is attached.

Thanks.

So it does not look like kasan_init() is the culprit here, given that
it does not touch that region at all.

Could you try reading from that faulting address at entry, but behind
Kasan's back? E.g.,

asm volatile ("ldr %0, [%0]" ::"r"(0xbcbffe00));

If that already crashes, you could try working your way back through
setup_arch() to see where it starts breaking.