Re: [ammarfaizi2-block:paulmck/linux-rcu/pmladek.2022.06.15a 133/140] vmlinux.o: warning: objtool: __ct_user_exit+0x41: call to __kasan_check_read() leaves .noinstr.text section

From: Paul E. McKenney
Date: Thu Jun 16 2022 - 12:45:11 EST


On Thu, Jun 16, 2022 at 06:40:21AM -0700, Paul E. McKenney wrote:
> On Thu, Jun 16, 2022 at 10:19:18AM +0200, Marco Elver wrote:
> > On Wed, 15 Jun 2022 at 23:17, Paul E. McKenney <paulmck@xxxxxxxxxx> wrote:
> > >
> > > On Wed, Jun 15, 2022 at 01:40:39PM -0700, Paul E. McKenney wrote:
> > > > On Thu, Jun 16, 2022 at 04:26:16AM +0800, kernel test robot wrote:
> > > > > tree: https://github.com/ammarfaizi2/linux-block paulmck/linux-rcu/pmladek.2022.06.15a
> > > > > head: 0ba7324b44282870af740a5a121add62c7f5f730
> > > > > commit: db21b02f8044e812f8a5e3811f602409290e3ede [133/140] context_tracking: Convert state to atomic_t
> > > > > config: x86_64-randconfig-r003-20220516 (https://download.01.org/0day-ci/archive/20220616/202206160411.v3iL3YC0-lkp@xxxxxxxxx/config)
> > > > > compiler: gcc-11 (Debian 11.3.0-3) 11.3.0
> > > > > reproduce (this is a W=1 build):
> > > > > # https://github.com/ammarfaizi2/linux-block/commit/db21b02f8044e812f8a5e3811f602409290e3ede
> > > > > git remote add ammarfaizi2-block https://github.com/ammarfaizi2/linux-block
> > > > > git fetch --no-tags ammarfaizi2-block paulmck/linux-rcu/pmladek.2022.06.15a
> > > > > git checkout db21b02f8044e812f8a5e3811f602409290e3ede
> > > > > # save the config file
> > > > > mkdir build_dir && cp config build_dir/.config
> > > > > make W=1 O=build_dir ARCH=x86_64 SHELL=/bin/bash
> > > > >
> > > > > If you fix the issue, kindly add following tag where applicable
> > > > > Reported-by: kernel test robot <lkp@xxxxxxxxx>
> > > > >
> > > > > All warnings (new ones prefixed by >>):
> > > > >
> > > > > >> vmlinux.o: warning: objtool: __ct_user_exit+0x41: call to __kasan_check_read() leaves .noinstr.text section
> > > > > >> vmlinux.o: warning: objtool: __ct_user_enter+0x7f: call to __kasan_check_read() leaves .noinstr.text section
> > > >
> > > > Marco, Dmitry, my guess is that this is due to the ct->active check in
> > > > both functions. Are we supposed to do something to make this sort of
> > > > thing safe for KASAN?
> > >
> > > This time actually CCing Marco and Dmitry...
> >
> > It's due to the atomic_read()s within the noinstr function. Within
> > noinstr you can use arch_atomic_read() to avoid the instrumentation.
>
> Thank you, will fix!

And please see below for an alleged fix.

Thanx, Paul

------------------------------------------------------------------------

commit 81e24ca26ee9933bcacf67a61e3f6ae41a025442
Author: Paul E. McKenney <paulmck@xxxxxxxxxx>
Date: Thu Jun 16 09:30:37 2022 -0700

context_tracking: Use arch_atomic_read() in __ct_state for KASAN

Context tracking's __ct_state() function can be invoked from noinstr state
where RCU is not watching. This means that its use of atomic_read()
causes KASAN to invoke the non-noinstr __kasan_check_read() function
from the noinstr function __ct_state(). This is problematic because
someone tracing the __kasan_check_read() function could get a nasty
surprise because of RCU not watching.

This commit therefore replaces the __ct_state() function's use of
atomic_read() with arch_atomic_read(), which KASAN does not attempt to
add instrumention to.

Signed-off-by: Paul E. McKenney <paulmck@xxxxxxxxxx>
Cc: Frederic Weisbecker <frederic@xxxxxxxxxx>
Cc: Marco Elver <elver@xxxxxxxxxx>

diff --git a/include/linux/context_tracking_state.h b/include/linux/context_tracking_state.h
index 0aecc07fb4f50..81c51e5f03143 100644
--- a/include/linux/context_tracking_state.h
+++ b/include/linux/context_tracking_state.h
@@ -49,7 +49,7 @@ DECLARE_PER_CPU(struct context_tracking, context_tracking);

static __always_inline int __ct_state(void)
{
- return atomic_read(this_cpu_ptr(&context_tracking.state)) & CT_STATE_MASK;
+ return arch_atomic_read(this_cpu_ptr(&context_tracking.state)) & CT_STATE_MASK;
}
#endif