[PATCH mm v3 10/19] kasan: inline (un)poison_range and check_invalid_free

Mon Nov 16 10:11:26 EST 2020

On Fri, Nov 13, 2020 at 11:20PM +0100, Andrey Konovalov wrote:
> Using (un)poison_range() or check_invalid_free() currently results in
> function calls. Move their definitions to mm/kasan/kasan.h and turn them
> into static inline functions for hardware tag-based mode to avoid
> unneeded function calls.
> 
> Signed-off-by: Andrey Konovalov <andreyknvl at google.com>
> Link: https://linux-review.googlesource.com/id/Ia9d8191024a12d1374675b3d27197f10193f50bb

Reviewed-by: Marco Elver <elver at google.com>

> ---
>  mm/kasan/hw_tags.c | 30 ------------------------------
>  mm/kasan/kasan.h   | 45 ++++++++++++++++++++++++++++++++++++++++-----
>  2 files changed, 40 insertions(+), 35 deletions(-)
> 
> diff --git a/mm/kasan/hw_tags.c b/mm/kasan/hw_tags.c
> index 3cdd87d189f6..863fed4edd3f 100644
> --- a/mm/kasan/hw_tags.c
> +++ b/mm/kasan/hw_tags.c
> @@ -10,7 +10,6 @@
>  
>  #include <linux/kasan.h>
>  #include <linux/kernel.h>
> -#include <linux/kfence.h>
>  #include <linux/memory.h>
>  #include <linux/mm.h>
>  #include <linux/string.h>
> @@ -31,35 +30,6 @@ void __init kasan_init_hw_tags(void)
>  	pr_info("KernelAddressSanitizer initialized\n");
>  }
>  
> -void poison_range(const void *address, size_t size, u8 value)
> -{
> -	/* Skip KFENCE memory if called explicitly outside of sl*b. */
> -	if (is_kfence_address(address))
> -		return;
> -
> -	hw_set_mem_tag_range(kasan_reset_tag(address),
> -			round_up(size, KASAN_GRANULE_SIZE), value);
> -}
> -
> -void unpoison_range(const void *address, size_t size)
> -{
> -	/* Skip KFENCE memory if called explicitly outside of sl*b. */
> -	if (is_kfence_address(address))
> -		return;
> -
> -	hw_set_mem_tag_range(kasan_reset_tag(address),
> -			round_up(size, KASAN_GRANULE_SIZE), get_tag(address));
> -}
> -
> -bool check_invalid_free(void *addr)
> -{
> -	u8 ptr_tag = get_tag(addr);
> -	u8 mem_tag = hw_get_mem_tag(addr);
> -
> -	return (mem_tag == KASAN_TAG_INVALID) ||
> -		(ptr_tag != KASAN_TAG_KERNEL && ptr_tag != mem_tag);
> -}
> -
>  void kasan_set_free_info(struct kmem_cache *cache,
>  				void *object, u8 tag)
>  {
> diff --git a/mm/kasan/kasan.h b/mm/kasan/kasan.h
> index 7876a2547b7d..8aa83b7ad79e 100644
> --- a/mm/kasan/kasan.h
> +++ b/mm/kasan/kasan.h
> @@ -3,6 +3,7 @@
>  #define __MM_KASAN_KASAN_H
>  
>  #include <linux/kasan.h>
> +#include <linux/kfence.h>
>  #include <linux/stackdepot.h>
>  
>  #if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)
> @@ -154,9 +155,6 @@ struct kasan_alloc_meta *kasan_get_alloc_meta(struct kmem_cache *cache,
>  struct kasan_free_meta *kasan_get_free_meta(struct kmem_cache *cache,
>  						const void *object);
>  
> -void poison_range(const void *address, size_t size, u8 value);
> -void unpoison_range(const void *address, size_t size);
> -
>  #if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)
>  
>  static inline const void *kasan_shadow_to_mem(const void *shadow_addr)
> @@ -196,8 +194,6 @@ void print_tags(u8 addr_tag, const void *addr);
>  static inline void print_tags(u8 addr_tag, const void *addr) { }
>  #endif
>  
> -bool check_invalid_free(void *addr);
> -
>  void *find_first_bad_addr(void *addr, size_t size);
>  const char *get_bug_type(struct kasan_access_info *info);
>  void metadata_fetch_row(char *buffer, void *row);
> @@ -278,6 +274,45 @@ static inline u8 random_tag(void) { return hw_get_random_tag(); }
>  static inline u8 random_tag(void) { return 0; }
>  #endif
>  
> +#ifdef CONFIG_KASAN_HW_TAGS
> +
> +static inline void poison_range(const void *address, size_t size, u8 value)
> +{
> +	/* Skip KFENCE memory if called explicitly outside of sl*b. */
> +	if (is_kfence_address(address))
> +		return;
> +
> +	hw_set_mem_tag_range(kasan_reset_tag(address),
> +			round_up(size, KASAN_GRANULE_SIZE), value);
> +}
> +
> +static inline void unpoison_range(const void *address, size_t size)
> +{
> +	/* Skip KFENCE memory if called explicitly outside of sl*b. */
> +	if (is_kfence_address(address))
> +		return;
> +
> +	hw_set_mem_tag_range(kasan_reset_tag(address),
> +			round_up(size, KASAN_GRANULE_SIZE), get_tag(address));
> +}
> +
> +static inline bool check_invalid_free(void *addr)
> +{
> +	u8 ptr_tag = get_tag(addr);
> +	u8 mem_tag = hw_get_mem_tag(addr);
> +
> +	return (mem_tag == KASAN_TAG_INVALID) ||
> +		(ptr_tag != KASAN_TAG_KERNEL && ptr_tag != mem_tag);
> +}
> +
> +#else /* CONFIG_KASAN_HW_TAGS */
> +
> +void poison_range(const void *address, size_t size, u8 value);
> +void unpoison_range(const void *address, size_t size);
> +bool check_invalid_free(void *addr);
> +
> +#endif /* CONFIG_KASAN_HW_TAGS */
> +
>  /*
>   * Exported functions for interfaces called from assembly or from generated
>   * code. Declarations here to avoid warning about missing declarations.
> -- 
> 2.29.2.299.gdc1121823c-goog
>