KASAN help, please (Re: [PATCH 00/16] Entry stuff, in decent shape now)

From: Andy Lutomirski
Date: Mon Nov 20 2017 - 16:45:11 EST

On Mon, Nov 20, 2017 at 9:07 AM, Andy Lutomirski <luto@xxxxxxxxxx> wrote:
> This sets up stack switching, including for SYSCALL. I think it's
> in decent shape.
> Known issues:
> - KASAN is likely to be busted. This could be fixed either by teaching
> KASAN that cpu_entry_area contains valid stacks (I have no clue how
> to go about doing this) or by rigging up the IST entry code to switch
> RSP to point to the direct-mapped copy of the stacks before calling
> into non-KASAN-excluded C code.

I tried to fix the KASAN issue, and I'm doing something wrong. I'm
building this tree:


for 64 bits with KASAN on. The relevant commit is:


If I run tools/testing/selftests/single_step_syscall_32, then the
kernel goes into lala land and infinite loops. The root cause seems
to we're hitting do_debug with RSP pointing into the fixmap,
specifically in the cpu_entry_area's exception stack, with a value of
roughly 0xffffffffff1bd108. The KASAN instrumentation in do_debug is
then getting a page fault. I think my KASAN setup code should be
populating the KASAN data there and, indeed, gdb seems to be able to
access the faulting address. So I'm confused.