[PATCH 0/5 v15] KASan for Arm

Florian Fainelli f.fainelli at gmail.com
Mon Oct 12 23:22:28 EDT 2020 


On 10/12/2020 2:56 PM, Linus Walleij wrote:
> This is the 15th iteration of KASan for ARM/Aarch32.
> 
> I dropped my fix in the beginning of the series for
> Ard's more elaborate and thorough fix moving the DTB
> out of the kernel linear mapped region and into its own
> part of the memory.
> 
> This fixes my particular issue on the Qualcomm APQ8060
> and I hope it may also solve Florian's issue and what
> Ard has been seeing. KASan should be working with
> pretty much everything you throw on it, unless you
> do what I did and ran it on a 64MB system, where
> under some load it can run into the OOM killer for
> obvious reasons.
> 
> You are encouraged to test this patch set to find memory out
> of bounds bugs with ARM32 platforms and drivers.
> 
> There is a git branch you can pull in:
> https://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-integrator.git/log/?h=kasan
> 
> This branch includes Ard's two patches.
> 
> As Ard's patches are in Russell's patch tracker I will
> put these there as well if it now works for everyone.

Tested-by: Florian Fainelli <f.fainelli at gmail.com>

On Brahma-B15 (ARMv7 LPAE) and Brahma-B53 (ARMv8 in AArch32, also with 
LPAE). The 3 Cortex-A72 devices that I have access to all fail with the 
following (not related to the CPU type, more to the memory map) which I 
am hoping to track down later this week, I would not consider those 
failures to be a blocker at this point.

Thanks a lot for your persistence working on this Linus, and Ard!


[    0.000000] Booting Linux on physical CPU 0x0
[    0.000000] Linux version 5.9.0-gdf4dd84a3f7d 
(fainelli at fainelli-desktop) (arm-linux-gcc (GCC) 8.3.0, GNU ld (GNU 
Binutils) 2.32) #16 SMP Mon Oct 12 20:01:43 PDT 2020
[    0.000000] CPU: ARMv7 Processor [410fd083] revision 3 (ARMv7), 
cr=30c5383d
[    0.000000] CPU: div instructions available: patching division code
[    0.000000] CPU: PIPT / VIPT nonaliasing data cache, PIPT instruction 
cache
[    0.000000] OF: fdt: Machine model: BCM972112SV
[    0.000000] earlycon: pl11 at MMIO 0x000000047e201000 (options '115200')
[    0.000000] printk: bootconsole [pl11] enabled
[    0.000000] Memory policy: Data cache writealloc
[    0.000000] cma: Reserved 16 MiB at 0x000000007f000000
[    0.000000] Zone ranges:
[    0.000000]   DMA      [mem 0x0000000000000000-0x000000002fffffff]
[    0.000000]   Normal   empty
[    0.000000]   HighMem  [mem 0x0000000030000000-0x000000007fffffff]
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000000000000-0x00000000063fdfff]
[    0.000000]   node   0: [mem 0x0000000006400000-0x000000000fffffff]
[    0.000000]   node   0: [mem 0x0000000010400000-0x000000007fffffff]
[    0.000000] Zeroed struct page in unavailable ranges: 2 pages
[    0.000000] Initmem setup node 0 [mem 
0x0000000000000000-0x000000007fffffff]
[    0.000000] kasan: Mapping kernel virtual memory block: 
c0000000-c63fe000 at shadow: b7000000-b7c7fc00
[    0.000000] Kernel panic - not syncing: kasan_pte_populate failed to 
alloc pte for address 0xe2806000
[    0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 
5.9.0-gdf4dd84a3f7d #16
[    0.000000] Hardware name: Broadcom STB (Flattened Device Tree)
[    0.000000] Backtrace:
[    0.000000] [<c02120b4>] (dump_backtrace) from [<c02123d8>] 
(show_stack+0x20/0x24)
[    0.000000]  r9:ffffffff r8:00000080 r7:c298e3c0 r6:600000d3 
r5:00000000 r4:c298e3c0
[    0.000000] [<c02123b8>] (show_stack) from [<c08852a0>] 
(dump_stack+0xbc/0xe0)
[    0.000000] [<c08851e4>] (dump_stack) from [<c022fbec>] 
(panic+0x19c/0x3e4)
[    0.000000]  r10:e2806000 r9:c2b790e0 r8:c166b410 r7:c2803d80 
r6:00000000 r5:c2b7de80
[    0.000000]  r4:c2b78e20 r3:00000001
[    0.000000] [<c022fa50>] (panic) from [<c180b960>] 
(kasan_pgd_populate+0x1ac/0x26c)
[    0.000000]  r3:00000000 r2:e2806000 r1:c12126d4 r0:c166b410
[    0.000000]  r7:b7c7fc00
[    0.000000] [<c180b7b4>] (kasan_pgd_populate) from [<c180ba78>] 
(create_mapping+0x58/0x64)
[    0.000000]  r10:c166b4e4 r9:00000000 r8:063fe000 r7:c2ba0a40 
r6:c28a24e0 r5:b7000000
[    0.000000]  r4:b7c7fc00
[    0.000000] [<c180ba20>] (create_mapping) from [<c180bd58>] 
(kasan_init+0x26c/0x390)
[    0.000000]  r5:00000000 r4:c0000000
[    0.000000] [<c180baec>] (kasan_init) from [<c1805728>] 
(setup_arch+0x288/0xa28)
[    0.000000]  r10:c1861238 r9:410fd083 r8:c0008000 r7:c1873a40 
r6:c2803fbc r5:c2fdcf60
[    0.000000]  r4:c28a2280
[    0.000000] [<c18054a0>] (setup_arch) from [<c1801010>] 
(start_kernel+0x88/0x3e4)
[    0.000000]  r10:c2806d40 r9:410fd083 r8:0e415000 r7:ffffffff 
r6:30c0387d r5:c2806d48
[    0.000000]  r4:00007000
[    0.000000] [<c1800f88>] (start_kernel) from [<00000000>] (0x0)
[    0.000000]  r10:30c5387d r9:410fd083 r8:0e415000 r7:ffffffff 
r6:30c0387d r5:00000000
[    0.000000]  r4:c1800334
[    0.000000] ---[ end Kernel panic - not syncing: kasan_pte_populate 
failed to alloc pte for address 0xe2806000 ]---

> 
> Abbott Liu (1):
>    ARM: Define the virtual space of KASan's shadow region
> 
> Andrey Ryabinin (3):
>    ARM: Disable KASan instrumentation for some code
>    ARM: Replace string mem* functions for KASan
>    ARM: Enable KASan for ARM
> 
> Linus Walleij (1):
>    ARM: Initialize the mapping of KASan shadow memory
> 
>   Documentation/arm/memory.rst                  |   5 +
>   Documentation/dev-tools/kasan.rst             |   4 +-
>   .../features/debug/KASAN/arch-support.txt     |   2 +-
>   arch/arm/Kconfig                              |  10 +
>   arch/arm/boot/compressed/Makefile             |   1 +
>   arch/arm/boot/compressed/string.c             |  19 ++
>   arch/arm/include/asm/kasan.h                  |  33 ++
>   arch/arm/include/asm/kasan_def.h              |  81 +++++
>   arch/arm/include/asm/memory.h                 |   5 +
>   arch/arm/include/asm/pgalloc.h                |   8 +-
>   arch/arm/include/asm/string.h                 |  21 ++
>   arch/arm/include/asm/thread_info.h            |   8 +
>   arch/arm/include/asm/uaccess-asm.h            |   2 +-
>   arch/arm/kernel/entry-armv.S                  |   3 +-
>   arch/arm/kernel/entry-common.S                |   9 +-
>   arch/arm/kernel/head-common.S                 |   7 +-
>   arch/arm/kernel/setup.c                       |   2 +
>   arch/arm/kernel/unwind.c                      |   6 +-
>   arch/arm/lib/memcpy.S                         |   3 +
>   arch/arm/lib/memmove.S                        |   5 +-
>   arch/arm/lib/memset.S                         |   3 +
>   arch/arm/mm/Makefile                          |   5 +
>   arch/arm/mm/kasan_init.c                      | 284 ++++++++++++++++++
>   arch/arm/mm/mmu.c                             |  18 ++
>   arch/arm/mm/pgd.c                             |  16 +-
>   arch/arm/vdso/Makefile                        |   2 +
>   26 files changed, 548 insertions(+), 14 deletions(-)
>   create mode 100644 arch/arm/include/asm/kasan.h
>   create mode 100644 arch/arm/include/asm/kasan_def.h
>   create mode 100644 arch/arm/mm/kasan_init.c
> 

-- 
Florian

More information about the linux-arm-kernel mailing list