Re: [PATCH v2 13/14] x86: runtime_const used for KASAN_SHADOW_END

From: Andrey Konovalov
Date: Sat Feb 22 2025 - 10:07:44 EST

Next message: Andrey Konovalov: "Re: [PATCH v2 13/14] x86: runtime_const used for KASAN_SHADOW_END"
Previous message: Jason Xing: "Re: [PATCH net v2] tcp: Defer ts_recent changes until req is owned"
In reply to: Andrey Konovalov: "Re: [PATCH v2 13/14] x86: runtime_const used for KASAN_SHADOW_END"
Next in thread: Maciej Wieczor-Retman: "[PATCH v2 14/14] x86: Make software tag-based kasan available"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Feb 21, 2025 at 4:11 PM Maciej Wieczor-Retman
<maciej.wieczor-retman@xxxxxxxxx> wrote:
>
> On 2025-02-20 at 00:31:08 +0100, Andrey Konovalov wrote:
> >On Tue, Feb 18, 2025 at 9:20 AM Maciej Wieczor-Retman
> ><maciej.wieczor-retman@xxxxxxxxx> wrote:
> >>
> >> On x86, generic KASAN is setup in a way that needs a single
> >> KASAN_SHADOW_OFFSET value for both 4 and 5 level paging. It's required
> >> to facilitate boot time switching and it's a compiler ABI so it can't be
> >> changed during runtime.
> >>
> >> Software tag-based mode doesn't tie shadow start and end to any linear
> >> addresses as part of the compiler ABI so it can be changed during
> >> runtime.
> >
> >KASAN_SHADOW_OFFSET is passed to the compiler via
> >hwasan-mapping-offset, see scripts/Makefile.kasan (for the INLINE
> >mode). So while we can change its value, it has to be known at compile
> >time. So I don't think using a runtime constant would work.
>
> I don't know about arm64, but this doesn't seem to work right now on x86.

You mean it _does_ seem to work? Or otherwise if runtime constant
doesn't work on x86, then we shouldn't use it?

> I
> think I recall that hwasan-mapping-offset isn't implemented on the x86 LLVM or
> something like that? I'm sure I saw some note about it a while ago on the
> internet but I couldn't find it today.

In LLVM sources, ShadowBase gets calculated [1] based on
Mapping.Offset [2], which is in turn taken [3] from
hwasan-mapping-offset [4]. And then ShadowBase is used to calculate
[5] the shadow memory address.

All of this happens in the common code, so this should affect both x86
and arm64.

[1] https://github.com/llvm/llvm-project/blob/llvmorg-20-init/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp#L1305
[2] https://github.com/llvm/llvm-project/blob/llvmorg-20-init/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp#L761
[3] https://github.com/llvm/llvm-project/blob/llvmorg-20-init/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp#L1863
[4] https://github.com/llvm/llvm-project/blob/llvmorg-20-init/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp#L171
[5] https://github.com/llvm/llvm-project/blob/llvmorg-20-init/llvm/lib/Transforms/Instrumentation/HWAddressSanitizer.cpp#L899

>
> Anyway if KASAN_SHADOW_OFFSET is not set at compile time it defaults to nothing
> and just doesn't get passed into kasan-params a few lines below. I assume that
> result seems a little too makeshift for runtime const to make sense here?

Sorry, I don't understand this question.

If hwasan-mapping-offset is not set properly, then in the inline
instrumentation mode, the compiler won't generate the right
instructions to calculate the shadow memory address.

Next message: Andrey Konovalov: "Re: [PATCH v2 13/14] x86: runtime_const used for KASAN_SHADOW_END"
Previous message: Jason Xing: "Re: [PATCH net v2] tcp: Defer ts_recent changes until req is owned"
In reply to: Andrey Konovalov: "Re: [PATCH v2 13/14] x86: runtime_const used for KASAN_SHADOW_END"
Next in thread: Maciej Wieczor-Retman: "[PATCH v2 14/14] x86: Make software tag-based kasan available"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]