Commit 6a63a63f authored by Andrey Konovalov's avatar Andrey Konovalov Committed by Linus Torvalds

kasan: introduce CONFIG_KASAN_HW_TAGS

This patch adds a configuration option for a new KASAN mode called
hardware tag-based KASAN.  This mode uses the memory tagging approach like
the software tag-based mode, but relies on arm64 Memory Tagging Extension
feature for tag management and access checking.

Link: https://lkml.kernel.org/r/44906a209d3a44f9c6f5a21841e90988e365601e.1606161801.git.andreyknvl@google.comSigned-off-by: default avatarAndrey Konovalov <andreyknvl@google.com>
Co-developed-by: default avatarVincenzo Frascino <vincenzo.frascino@arm.com>
Signed-off-by: default avatarVincenzo Frascino <vincenzo.frascino@arm.com>
Reviewed-by: default avatarMarco Elver <elver@google.com>
Reviewed-by: default avatarAlexander Potapenko <glider@google.com>
Tested-by: default avatarVincenzo Frascino <vincenzo.frascino@arm.com>
Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: Branislav Rankov <Branislav.Rankov@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Evgenii Stepanov <eugenis@google.com>
Cc: Kevin Brodsky <kevin.brodsky@arm.com>
Cc: Vasily Gorbik <gor@linux.ibm.com>
Cc: Will Deacon <will.deacon@arm.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 96e0279d
...@@ -6,6 +6,9 @@ config HAVE_ARCH_KASAN ...@@ -6,6 +6,9 @@ config HAVE_ARCH_KASAN
config HAVE_ARCH_KASAN_SW_TAGS config HAVE_ARCH_KASAN_SW_TAGS
bool bool
config HAVE_ARCH_KASAN_HW_TAGS
bool
config HAVE_ARCH_KASAN_VMALLOC config HAVE_ARCH_KASAN_VMALLOC
bool bool
...@@ -15,16 +18,19 @@ config CC_HAS_KASAN_GENERIC ...@@ -15,16 +18,19 @@ config CC_HAS_KASAN_GENERIC
config CC_HAS_KASAN_SW_TAGS config CC_HAS_KASAN_SW_TAGS
def_bool $(cc-option, -fsanitize=kernel-hwaddress) def_bool $(cc-option, -fsanitize=kernel-hwaddress)
# This option is only required for software KASAN modes.
# Old GCC versions don't have proper support for no_sanitize_address.
# See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89124 for details.
config CC_HAS_WORKING_NOSANITIZE_ADDRESS config CC_HAS_WORKING_NOSANITIZE_ADDRESS
def_bool !CC_IS_GCC || GCC_VERSION >= 80300 def_bool !CC_IS_GCC || GCC_VERSION >= 80300
menuconfig KASAN menuconfig KASAN
bool "KASAN: runtime memory debugger" bool "KASAN: runtime memory debugger"
depends on (HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC) || \ depends on (((HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC) || \
(HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS) (HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS)) && \
CC_HAS_WORKING_NOSANITIZE_ADDRESS) || \
HAVE_ARCH_KASAN_HW_TAGS
depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB) depends on (SLUB && SYSFS) || (SLAB && !DEBUG_SLAB)
depends on CC_HAS_WORKING_NOSANITIZE_ADDRESS
select CONSTRUCTORS
select STACKDEPOT select STACKDEPOT
help help
Enables KASAN (KernelAddressSANitizer) - runtime memory debugger, Enables KASAN (KernelAddressSANitizer) - runtime memory debugger,
...@@ -37,18 +43,24 @@ choice ...@@ -37,18 +43,24 @@ choice
prompt "KASAN mode" prompt "KASAN mode"
default KASAN_GENERIC default KASAN_GENERIC
help help
KASAN has two modes: generic KASAN (similar to userspace ASan, KASAN has three modes:
x86_64/arm64/xtensa, enabled with CONFIG_KASAN_GENERIC) and 1. generic KASAN (similar to userspace ASan,
software tag-based KASAN (a version based on software memory x86_64/arm64/xtensa, enabled with CONFIG_KASAN_GENERIC),
tagging, arm64 only, similar to userspace HWASan, enabled with 2. software tag-based KASAN (arm64 only, based on software
CONFIG_KASAN_SW_TAGS). memory tagging (similar to userspace HWASan), enabled with
CONFIG_KASAN_SW_TAGS), and
3. hardware tag-based KASAN (arm64 only, based on hardware
memory tagging, enabled with CONFIG_KASAN_HW_TAGS).
All KASAN modes are strictly debugging features.
Both generic and tag-based KASAN are strictly debugging features. For better error reports enable CONFIG_STACKTRACE.
config KASAN_GENERIC config KASAN_GENERIC
bool "Generic mode" bool "Generic mode"
depends on HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC depends on HAVE_ARCH_KASAN && CC_HAS_KASAN_GENERIC
select SLUB_DEBUG if SLUB select SLUB_DEBUG if SLUB
select CONSTRUCTORS
help help
Enables generic KASAN mode. Enables generic KASAN mode.
...@@ -61,8 +73,6 @@ config KASAN_GENERIC ...@@ -61,8 +73,6 @@ config KASAN_GENERIC
and introduces an overhead of ~x1.5 for the rest of the allocations. and introduces an overhead of ~x1.5 for the rest of the allocations.
The performance slowdown is ~x3. The performance slowdown is ~x3.
For better error detection enable CONFIG_STACKTRACE.
Currently CONFIG_KASAN_GENERIC doesn't work with CONFIG_DEBUG_SLAB Currently CONFIG_KASAN_GENERIC doesn't work with CONFIG_DEBUG_SLAB
(the resulting kernel does not boot). (the resulting kernel does not boot).
...@@ -70,11 +80,15 @@ config KASAN_SW_TAGS ...@@ -70,11 +80,15 @@ config KASAN_SW_TAGS
bool "Software tag-based mode" bool "Software tag-based mode"
depends on HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS depends on HAVE_ARCH_KASAN_SW_TAGS && CC_HAS_KASAN_SW_TAGS
select SLUB_DEBUG if SLUB select SLUB_DEBUG if SLUB
select CONSTRUCTORS
help help
Enables software tag-based KASAN mode. Enables software tag-based KASAN mode.
This mode requires Top Byte Ignore support by the CPU and therefore This mode require software memory tagging support in the form of
is only supported for arm64. This mode requires Clang. HWASan-like compiler instrumentation.
Currently this mode is only implemented for arm64 CPUs and relies on
Top Byte Ignore. This mode requires Clang.
This mode consumes about 1/16th of available memory at kernel start This mode consumes about 1/16th of available memory at kernel start
and introduces an overhead of ~20% for the rest of the allocations. and introduces an overhead of ~20% for the rest of the allocations.
...@@ -82,15 +96,27 @@ config KASAN_SW_TAGS ...@@ -82,15 +96,27 @@ config KASAN_SW_TAGS
casting and comparison, as it embeds tags into the top byte of each casting and comparison, as it embeds tags into the top byte of each
pointer. pointer.
For better error detection enable CONFIG_STACKTRACE.
Currently CONFIG_KASAN_SW_TAGS doesn't work with CONFIG_DEBUG_SLAB Currently CONFIG_KASAN_SW_TAGS doesn't work with CONFIG_DEBUG_SLAB
(the resulting kernel does not boot). (the resulting kernel does not boot).
config KASAN_HW_TAGS
bool "Hardware tag-based mode"
depends on HAVE_ARCH_KASAN_HW_TAGS
depends on SLUB
help
Enables hardware tag-based KASAN mode.
This mode requires hardware memory tagging support, and can be used
by any architecture that provides it.
Currently this mode is only implemented for arm64 CPUs starting from
ARMv8.5 and relies on Memory Tagging Extension and Top Byte Ignore.
endchoice endchoice
choice choice
prompt "Instrumentation type" prompt "Instrumentation type"
depends on KASAN_GENERIC || KASAN_SW_TAGS
default KASAN_OUTLINE default KASAN_OUTLINE
config KASAN_OUTLINE config KASAN_OUTLINE
...@@ -114,6 +140,7 @@ endchoice ...@@ -114,6 +140,7 @@ endchoice
config KASAN_STACK_ENABLE config KASAN_STACK_ENABLE
bool "Enable stack instrumentation (unsafe)" if CC_IS_CLANG && !COMPILE_TEST bool "Enable stack instrumentation (unsafe)" if CC_IS_CLANG && !COMPILE_TEST
depends on KASAN_GENERIC || KASAN_SW_TAGS
help help
The LLVM stack address sanitizer has a know problem that The LLVM stack address sanitizer has a know problem that
causes excessive stack usage in a lot of functions, see causes excessive stack usage in a lot of functions, see
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment