kfence, kasan: make KFENCE compatible with KASAN

Make KFENCE compatible with KASAN. Currently this helps test KFENCE
itself, where KASAN can catch potential corruptions to KFENCE state, or
other corruptions that may be a result of freepointer corruptions in the
main allocators.

Link: https://lkml.kernel.org/r/20201103175841.3495947-7-elver@google.com
Signed-off-by: Marco Elver <elver@google.com>
Signed-off-by: Alexander Potapenko <glider@google.com>
Reviewed-by: Dmitry Vyukov <dvyukov@google.com>
Reviewed-by: Jann Horn <jannh@google.com>
Co-developed-by: Marco Elver <elver@google.com>
Cc: Andrey Konovalov <andreyknvl@google.com>
Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Christopher Lameter <cl@linux.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: David Rientjes <rientjes@google.com>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Hillf Danton <hdanton@sina.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Joern Engel <joern@purestorage.com>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Paul E. McKenney <paulmck@kernel.org>
Cc: Pekka Enberg <penberg@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: SeongJae Park <sjpark@amazon.de>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Will Deacon <will@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

diff --git a/lib/Kconfig.kfence b/lib/Kconfig.kfence
index b209cd02042b50608708c48b4ff8de8abf1df51a..d2e3c6724226235c15e2e22dda4dd08c3f488717 100644 (file)
--- a/lib/Kconfig.kfence
+++ b/lib/Kconfig.kfence
@@ -5,7 +5,7 @@ config HAVE_ARCH_KFENCE
 
 menuconfig KFENCE
        bool "KFENCE: low-overhead sampling-based memory safety error detector"
-       depends on HAVE_ARCH_KFENCE && !KASAN && (SLAB || SLUB)
+       depends on HAVE_ARCH_KFENCE && (SLAB || SLUB)
        depends on JUMP_LABEL # To ensure performance, require jump labels
        select STACKTRACE
        help

diff --git a/mm/kasan/common.c b/mm/kasan/common.c
index b25167664ead48b2877ffc2761f4c4739b55a73a..38ba2aecd8f4299236f496660ec2c6992701abab 100644 (file)
--- a/mm/kasan/common.c
+++ b/mm/kasan/common.c
@@ -336,6 +336,9 @@ static bool ____kasan_slab_free(struct kmem_cache *cache, void *object,
        tagged_object = object;
        object = kasan_reset_tag(object);
 
+       if (is_kfence_address(object))
+               return false;
+
        if (unlikely(nearest_obj(cache, virt_to_head_page(object), object) !=
            object)) {
                kasan_report_invalid_free(tagged_object, ip);
@@ -414,6 +417,9 @@ static void *____kasan_kmalloc(struct kmem_cache *cache, const void *object,
        if (unlikely(object == NULL))
                return NULL;
 
+       if (is_kfence_address(object))
+               return (void *)object;
+
        redzone_start = round_up((unsigned long)(object + size),
                                KASAN_GRANULE_SIZE);
        redzone_end = round_up((unsigned long)object + cache->object_size,

diff --git a/mm/kasan/generic.c b/mm/kasan/generic.c
index 5106b84b07d4353a3d44618d49f30f544667af5c..f8c9accafd1484f33591829252e2aaaf75e4ecb9 100644 (file)
--- a/mm/kasan/generic.c
+++ b/mm/kasan/generic.c
@@ -14,6 +14,7 @@
 #include <linux/init.h>
 #include <linux/kasan.h>
 #include <linux/kernel.h>
+#include <linux/kfence.h>
 #include <linux/kmemleak.h>
 #include <linux/linkage.h>
 #include <linux/memblock.h>
@@ -331,7 +332,7 @@ void kasan_record_aux_stack(void *addr)
        struct kasan_alloc_meta *alloc_meta;
        void *object;
 
-       if (!(page && PageSlab(page)))
+       if (is_kfence_address(addr) || !(page && PageSlab(page)))
                return;
 
        cache = page->slab_cache;