[PATCH] arm64: Mitigate MTE issues with str{n}cmp()

Mark Rutland mark.rutland at arm.com
Tue Sep 21 06:23:01 PDT 2021 

On Fri, Sep 17, 2021 at 03:59:30PM +0100, Robin Murphy wrote:
> As with strlen(), the patches importing the updated str{n}cmp()
> implementations were originally developed and tested before the
> advent of CONFIG_KASAN_HW_TAGS, and have subsequently revealed
> not to be MTE-safe. Since in-kernel MTE is still a rather niche
> case, let it temporarily fall back to the generic C versions for
> correctness until we can figure out the best fix.
> 
> Reported-by: Branislav Rankov <branislav.rankov at arm.com>
> Signed-off-by: Robin Murphy <robin.murphy at arm.com>
> ---
>  arch/arm64/include/asm/assembler.h | 5 +++++
>  arch/arm64/include/asm/string.h    | 2 ++
>  arch/arm64/lib/strcmp.S            | 2 +-
>  arch/arm64/lib/strncmp.S           | 2 +-
>  4 files changed, 9 insertions(+), 2 deletions(-)
> 
> diff --git a/arch/arm64/include/asm/assembler.h b/arch/arm64/include/asm/assembler.h
> index 89faca0e740d..bfa58409a4d4 100644
> --- a/arch/arm64/include/asm/assembler.h
> +++ b/arch/arm64/include/asm/assembler.h
> @@ -525,6 +525,11 @@ alternative_endif
>  #define EXPORT_SYMBOL_NOKASAN(name)	EXPORT_SYMBOL(name)
>  #endif
>  
> +#ifdef CONFIG_KASAN_HW_TAGS
> +#define EXPORT_SYMBOL_NOHWKASAN(name)
> +#else
> +#define EXPORT_SYMBOL_NOHWKASAN(name)	EXPORT_SYMBOL_NOKASAN(name)
> +#endif

I think that depending on how we solve this in future, we might want to
have:

* EXPORT_SYMBOL_NOSWKASAN for generic/sw-tags
  (this would be a rename of the existing EXPORT_SYMBOL_NOKASAN)

* EXPORT_SYMBOL_NOHWKASAN for hw tags

* EXPORT_SYMBOL_NOKASAN for generic/sw-tags/hw-tags

... so then it's a bit clearer what's handled in each case.

Regardless, for now this is certainly good enough. FWIW:

Acked-by: Mark Rutland <mark.rutland at arm.com>

Thanks,
Mark.

>  	/*
>  	 * Emit a 64-bit absolute little endian symbol reference in a way that
>  	 * ensures that it will be resolved at build time, even when building a
> diff --git a/arch/arm64/include/asm/string.h b/arch/arm64/include/asm/string.h
> index 3a3264ff47b9..95f7686b728d 100644
> --- a/arch/arm64/include/asm/string.h
> +++ b/arch/arm64/include/asm/string.h
> @@ -12,11 +12,13 @@ extern char *strrchr(const char *, int c);
>  #define __HAVE_ARCH_STRCHR
>  extern char *strchr(const char *, int c);
>  
> +#ifndef CONFIG_KASAN_HW_TAGS
>  #define __HAVE_ARCH_STRCMP
>  extern int strcmp(const char *, const char *);
>  
>  #define __HAVE_ARCH_STRNCMP
>  extern int strncmp(const char *, const char *, __kernel_size_t);
> +#endif
>  
>  #define __HAVE_ARCH_STRLEN
>  extern __kernel_size_t strlen(const char *);
> diff --git a/arch/arm64/lib/strcmp.S b/arch/arm64/lib/strcmp.S
> index d7bee210a798..83bcad72ec97 100644
> --- a/arch/arm64/lib/strcmp.S
> +++ b/arch/arm64/lib/strcmp.S
> @@ -173,4 +173,4 @@ L(done):
>  	ret
>  
>  SYM_FUNC_END_PI(strcmp)
> -EXPORT_SYMBOL_NOKASAN(strcmp)
> +EXPORT_SYMBOL_NOHWKASAN(strcmp)
> diff --git a/arch/arm64/lib/strncmp.S b/arch/arm64/lib/strncmp.S
> index 48d44f7fddb1..e42bcfcd37e6 100644
> --- a/arch/arm64/lib/strncmp.S
> +++ b/arch/arm64/lib/strncmp.S
> @@ -258,4 +258,4 @@ L(ret0):
>  	ret
>  
>  SYM_FUNC_END_PI(strncmp)
> -EXPORT_SYMBOL_NOKASAN(strncmp)
> +EXPORT_SYMBOL_NOHWKASAN(strncmp)
> -- 
> 2.21.0.dirty
>

More information about the linux-arm-kernel mailing list