Revision f2d7b53c0153f2daa8bc8f1ff29b5a1e03a36458 authored by Alexander Potapenko on 02 November 2022, 10:15:00 UTC, committed by Alexander Potapenko on 02 November 2022, 10:55:06 UTC
There is a case in exc_invalid_op handler that is executed outside the irqentry_enter()/irqentry_exit() region when an UD2 instruction is used to encode a call to __warn(). In that case the `struct pt_regs` passed to the interrupt handler is never unpoisoned by KMSAN (this is normally done in irqentry_enter()), which leads to false positives inside handle_bug(). Use kmsan_unpoison_entry_regs() to explicitly unpoison those registers before using them. Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Borislav Petkov <bp@alien8.de> Cc: Dave Hansen <dave.hansen@linux.intel.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: x86@kernel.org Signed-off-by: Alexander Potapenko <glider@google.com>
1 parent 4dbc4d5
Kconfig.kmsan
# SPDX-License-Identifier: GPL-2.0-only
config HAVE_ARCH_KMSAN
bool
config HAVE_KMSAN_COMPILER
# Clang versions <14.0.0 also support -fsanitize=kernel-memory, but not
# all the features necessary to build the kernel with KMSAN.
depends on CC_IS_CLANG && CLANG_VERSION >= 140000
def_bool $(cc-option,-fsanitize=kernel-memory -mllvm -msan-disable-checks=1)
config KMSAN
bool "KMSAN: detector of uninitialized values use"
depends on HAVE_ARCH_KMSAN && HAVE_KMSAN_COMPILER
depends on SLUB && DEBUG_KERNEL && !KASAN && !KCSAN
depends on !PREEMPT_RT
select STACKDEPOT
select STACKDEPOT_ALWAYS_INIT
help
KernelMemorySanitizer (KMSAN) is a dynamic detector of uses of
uninitialized values in the kernel. It is based on compiler
instrumentation provided by Clang and thus requires Clang to build.
An important note is that KMSAN is not intended for production use,
because it drastically increases kernel memory footprint and slows
the whole system down.
See <file:Documentation/dev-tools/kmsan.rst> for more details.
if KMSAN
config HAVE_KMSAN_PARAM_RETVAL
# -fsanitize-memory-param-retval is supported only by Clang >= 14.
depends on HAVE_KMSAN_COMPILER
def_bool $(cc-option,-fsanitize=kernel-memory -fsanitize-memory-param-retval)
config KMSAN_CHECK_PARAM_RETVAL
bool "Check for uninitialized values passed to and returned from functions"
default y
depends on HAVE_KMSAN_PARAM_RETVAL
help
If the compiler supports -fsanitize-memory-param-retval, KMSAN will
eagerly check every function parameter passed by value and every
function return value.
Disabling KMSAN_CHECK_PARAM_RETVAL will result in tracking shadow for
function parameters and return values across function borders. This
is a more relaxed mode, but it generates more instrumentation code and
may potentially report errors in corner cases when non-instrumented
functions call instrumented ones.
config KMSAN_KUNIT_TEST
tristate "KMSAN integration test suite" if !KUNIT_ALL_TESTS
default KUNIT_ALL_TESTS
depends on TRACEPOINTS && KUNIT
help
Test suite for KMSAN, testing various error detection scenarios,
and checking that reports are correctly output to console.
Say Y here if you want the test to be built into the kernel and run
during boot; say M if you want the test to build as a module; say N
if you are unsure.
endif
Computing file changes ...