[PATCH] arm64: Fix KASAN random tag seed initialization
Andrey Konovalov
andreyknvl at gmail.com
Wed Aug 14 10:25:27 PDT 2024
On Wed, Aug 14, 2024 at 6:19 PM Catalin Marinas <catalin.marinas at arm.com> wrote:
>
> On Wed, Aug 14, 2024 at 02:09:53AM -0700, Samuel Holland wrote:
> > Currently, kasan_init_sw_tags() is called before setup_per_cpu_areas(),
> > so per_cpu(prng_state, cpu) accesses the same address regardless of the
> > value of "cpu", and the same seed value gets copied to the percpu area
> > for every CPU. Fix this by moving the call to smp_prepare_boot_cpu(),
> > which is the first architecture hook after setup_per_cpu_areas().
>
> Even with the fix, given the lower resolution of get_cycles(), there's a
> good chance that we still have the same seed on all CPUs. If we want
> separate seeds, a better bet would be to initialise each CPU separately
> via the secondary_start_kernel() path. I'll let the KASAN people comment
> on whether that's important.
I think it's fine if we end up with the same seed: SW_TAGS KASAN is
just a debugging feature, not a mitigation. We just want some kind of
randomness.
Calling kasan_init_sw_tags() after setup_per_cpu_areas() seems
reasonable though.
More information about the linux-arm-kernel
mailing list