Re: [PATCH v9 00/17] Kernel address sanitizer - runtime memory debugger.
From: Andrey Ryabinin
Date: Thu Jan 22 2015 - 00:53:13 EST
2015-01-22 8:34 GMT+03:00 Andrey Ryabinin <ryabinin.a.a@xxxxxxxxx>:
> 2015-01-22 3:22 GMT+03:00 Sasha Levin <sasha.levin@xxxxxxxxxx>:
>> On 01/21/2015 11:51 AM, Andrey Ryabinin wrote:
>>> Changes since v8:
>>> - Fixed unpoisoned redzones for not-allocated-yet object
>>> in newly allocated slab page. (from Dmitry C.)
>>>
>>> - Some minor non-function cleanups in kasan internals.
>>>
>>> - Added ack from Catalin
>>>
>>> - Added stack instrumentation. With this we could detect
>>> out of bounds accesses in stack variables. (patch 12)
>>>
>>> - Added globals instrumentation - catching out of bounds in
>>> global varibles. (patches 13-17)
>>>
>>> - Shadow moved out from vmalloc into hole between vmemmap
>>> and %esp fixup stacks. For globals instrumentation
>>> we will need shadow backing modules addresses.
>>> So we need some sort of a shadow memory allocator
>>> (something like vmmemap_populate() function, except
>>> that it should be available after boot).
>>>
>>> __vmalloc_node_range() suits that purpose, except that
>>> it can't be used for allocating for shadow in vmalloc
>>> area because shadow in vmalloc is already 'allocated'
>>> to protect us from other vmalloc users. So we need
>>> 16TB of unused addresses. And we have big enough hole
>>> between vmemmap and %esp fixup stacks. So I moved shadow
>>> there.
>>
>> I'm not sure which new addition caused it, but I'm getting tons of
>> false positives from platform drivers trying to access memory they
>> don't "own" - because they expect to find hardware there.
>>
>
> To be sure, that this is really false positives, could you try with
> patches in attachment?
Attaching properly formed patches
From 8aca28dc4df2ed597f4fe0d49468021db5f29c61 Mon Sep 17 00:00:00 2001
From: Andrey Ryabinin <a.ryabinin@xxxxxxxxxxx>
Date: Thu, 22 Jan 2015 12:44:42 +0300
Subject: [PATCH 1/3] backlight: da9052_bl: terminate da9052_wled_ids array
with empty element
Array of platform_device_id elements should be terminated
with empty element.
Signed-off-by: Andrey Ryabinin <a.ryabinin@xxxxxxxxxxx>
---
drivers/video/backlight/da9052_bl.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/video/backlight/da9052_bl.c b/drivers/video/backlight/da9052_bl.c
index d4bd74bd..b1943e7 100644
--- a/drivers/video/backlight/da9052_bl.c
+++ b/drivers/video/backlight/da9052_bl.c
@@ -165,6 +165,7 @@ static struct platform_device_id da9052_wled_ids[] = {
.name = "da9052-wled3",
.driver_data = DA9052_TYPE_WLED3,
},
+ { },
};
static struct platform_driver da9052_wled_driver = {
--
2.0.4
From 27f8cf0aff7d16c061dda9dd219887cae2214586 Mon Sep 17 00:00:00 2001
From: Andrey Ryabinin <a.ryabinin@xxxxxxxxxxx>
Date: Thu, 22 Jan 2015 12:46:44 +0300
Subject: [PATCH 2/3] crypto: ccp: terminate ccp_support array with empty
element
x86_match_cpu() expects array of x86_cpu_ids terminated
with empty element.
Signed-off-by: Andrey Ryabinin <a.ryabinin@xxxxxxxxxxx>
---
drivers/crypto/ccp/ccp-dev.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/crypto/ccp/ccp-dev.c b/drivers/crypto/ccp/ccp-dev.c
index c6e6171..ca29c12 100644
--- a/drivers/crypto/ccp/ccp-dev.c
+++ b/drivers/crypto/ccp/ccp-dev.c
@@ -583,6 +583,7 @@ bool ccp_queues_suspended(struct ccp_device *ccp)
#ifdef CONFIG_X86
static const struct x86_cpu_id ccp_support[] = {
{ X86_VENDOR_AMD, 22, },
+ { },
};
#endif
--
2.0.4
From 3a3bd9cfd223f14d31352b9a44209476b3f5ef11 Mon Sep 17 00:00:00 2001
From: Andrey Ryabinin <a.ryabinin@xxxxxxxxxxx>
Date: Thu, 22 Jan 2015 12:48:15 +0300
Subject: [PATCH 3/3] rtc: s5m: terminate s5m_rtc_id array with empty element
Array of platform_device_id elements should be terminated
with empty element.
Signed-off-by: Andrey Ryabinin <a.ryabinin@xxxxxxxxxxx>
---
drivers/rtc/rtc-s5m.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/rtc/rtc-s5m.c b/drivers/rtc/rtc-s5m.c
index b5e7c46..89ac1d5 100644
--- a/drivers/rtc/rtc-s5m.c
+++ b/drivers/rtc/rtc-s5m.c
@@ -832,6 +832,7 @@ static SIMPLE_DEV_PM_OPS(s5m_rtc_pm_ops, s5m_rtc_suspend, s5m_rtc_resume);
static const struct platform_device_id s5m_rtc_id[] = {
{ "s5m-rtc", S5M8767X },
{ "s2mps14-rtc", S2MPS14X },
+ { },
};
static struct platform_driver s5m_rtc_driver = {
--
2.0.4