From: will.deacon@arm•com (Will Deacon)
To: linux-arm-kernel@lists•infradead.org
Subject: [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer
Date: Fri, 3 Aug 2018 10:23:13 +0100 [thread overview]
Message-ID: <20180803092312.GA17798@arm.com> (raw)
In-Reply-To: <CACT4Y+aZtph5qDsLzTDEgpQRz4_Vtg1DD-cB18qooi6D0bexDg@mail.gmail.com>
On Wed, Aug 01, 2018 at 06:52:09PM +0200, Dmitry Vyukov wrote:
> On Wed, Aug 1, 2018 at 6:35 PM, Will Deacon <will.deacon@arm•com> wrote:
> > Thanks for tracking these cases down and going through each of them. The
> > obvious follow-up question is: how do we ensure that we keep on top of
> > this in mainline? Are you going to repeat your experiment at every kernel
> > release or every -rc or something else? I really can't see how we can
> > maintain this in the long run, especially given that the coverage we have
> > is only dynamic -- do you have an idea of how much coverage you're actually
> > getting for, say, a defconfig+modules build?
> >
> > I'd really like to enable pointer tagging in the kernel, I'm just still
> > failing to see how we can do it in a controlled manner where we can reason
> > about the semantic changes using something other than a best-effort,
> > case-by-case basis which is likely to be fragile and error-prone.
> > Unfortunately, if that's all we have, then this gets relegated to a
> > debug feature, which sort of defeats the point in my opinion.
>
> Well, in some cases there is no other way as resorting to dynamic testing.
> How do we ensure that kernel does not dereference NULL pointers, does
> not access objects after free or out of bounds? Nohow. And, yes, it's
> constant maintenance burden resolved via dynamic testing.
... and the advantage of NULL pointer issues is that you're likely to see
them as a synchronous exception at runtime, regardless of architecture and
regardless of Kconfig options. With pointer tagging, that's certainly not
the case, and so I don't think we can just treat issues there like we do for
NULL pointers.
Will
next prev parent reply other threads:[~2018-08-03 9:23 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-26 13:15 [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 01/17] khwasan, mm: change kasan hooks signatures Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 02/17] khwasan: move common kasan and khwasan code to common.c Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 03/17] khwasan: add CONFIG_KASAN_GENERIC and CONFIG_KASAN_HW Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 04/17] khwasan, arm64: adjust shadow size for CONFIG_KASAN_HW Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 05/17] khwasan: initialize shadow to 0xff Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 06/17] khwasan, arm64: untag virt address in __kimg_to_phys and _virt_addr_is_linear Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 07/17] khwasan: add tag related helper functions Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 08/17] khwasan, arm64: fix up fault handling logic Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 09/17] khwasan, arm64: enable top byte ignore for the kernel Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 10/17] khwasan, mm: perform untagged pointers comparison in krealloc Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 11/17] khwasan: split out kasan_report.c from report.c Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 12/17] khwasan: add bug reporting routines Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 13/17] khwasan: add hooks implementation Andrey Konovalov
2018-07-25 13:44 ` Vincenzo Frascino@Foss
2018-07-31 13:05 ` Andrey Konovalov
2018-07-31 14:50 ` Andrey Ryabinin
2018-07-31 15:03 ` Dmitry Vyukov
2018-07-31 15:38 ` Christopher Lameter
2018-07-31 16:03 ` Dmitry Vyukov
2018-07-31 16:04 ` Andrey Ryabinin
2018-07-31 16:08 ` Dmitry Vyukov
2018-07-31 16:18 ` Andrey Ryabinin
2018-07-31 15:21 ` Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 14/17] khwasan, arm64: add brk handler for inline instrumentation Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 15/17] khwasan, mm, arm64: tag non slab memory allocated via pagealloc Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 16/17] khwasan: update kasan documentation Andrey Konovalov
2018-06-26 13:15 ` [PATCH v4 17/17] kasan: add SPDX-License-Identifier mark to source files Andrey Konovalov
2018-06-27 23:08 ` [PATCH v4 00/17] khwasan: kernel hardware assisted address sanitizer Andrew Morton
2018-06-28 0:04 ` Kostya Serebryany
[not found] ` <CAEZpscCcP6=O_OCqSwW8Y6u9Ee99SzWN+hRcgpP2tK=OEBFnNw@mail.gmail.com>
2018-06-28 1:11 ` Andrew Morton
2018-06-28 18:26 ` Andrey Konovalov
2018-06-28 7:01 ` Geert Uytterhoeven
2018-07-02 20:33 ` Matthew Wilcox
2018-07-02 23:39 ` Evgenii Stepanov
2018-06-28 18:29 ` Andrey Konovalov
2018-06-28 19:40 ` Andrew Morton
2018-06-29 12:45 ` Andrey Konovalov
2018-06-29 13:01 ` Mark Rutland
2018-06-29 14:40 ` Andrey Konovalov
2018-06-30 2:41 ` Andrew Morton
2018-07-02 19:16 ` Evgenii Stepanov
2018-07-02 19:21 ` Andrew Morton
2018-07-02 20:22 ` Evgenii Stepanov
2018-07-02 20:30 ` Andrew Morton
2018-06-28 10:51 ` Dave Martin
2018-06-28 18:56 ` Andrey Konovalov
2018-06-29 10:14 ` Mark Rutland
2018-06-29 11:04 ` Dave Martin
2018-06-29 11:26 ` Luc Van Oostenryck
2018-06-29 13:18 ` Andrey Konovalov
2018-06-29 13:42 ` Dan Carpenter
2018-06-29 11:07 ` Catalin Marinas
2018-06-29 11:07 ` Will Deacon
2018-06-29 16:36 ` Andrey Konovalov
2018-07-03 17:36 ` Will Deacon
2018-07-18 17:16 ` Andrey Konovalov
2018-07-31 13:22 ` Andrey Konovalov
2018-08-01 16:35 ` Will Deacon
2018-08-01 16:52 ` Dmitry Vyukov
2018-08-02 11:10 ` Catalin Marinas
2018-08-02 11:36 ` Dmitry Vyukov
2018-08-02 13:52 ` Catalin Marinas
2018-08-02 14:11 ` Andrey Ryabinin
2018-08-03 9:23 ` Will Deacon [this message]
2018-08-03 9:42 ` Dmitry Vyukov
2018-08-08 16:27 ` Will Deacon
2018-08-08 16:53 ` Dmitry Vyukov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180803092312.GA17798@arm.com \
--to=will.deacon@arm$(echo .)com \
--cc=linux-arm-kernel@lists$(echo .)infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox