Unverified Commit 58354376 authored by Palmer Dabbelt's avatar Palmer Dabbelt
Browse files

Merge patch series "riscv: Improve KASAN coverage to fix unit tests" 

Samuel Holland <samuel.holland@sifive.com> says:

This series fixes two areas where uninstrumented assembly routines
caused gaps in KASAN coverage on RISC-V, which were caught by KUnit
tests. The KASAN KUnit test suite passes after applying this series.

This series fixes the following test failures:
  # kasan_strings: EXPECTATION FAILED at mm/kasan/kasan_test.c:1520
  KASAN failure expected in "kasan_int_result = strcmp(ptr, "2")", but none occurred
  # kasan_strings: EXPECTATION FAILED at mm/kasan/kasan_test.c:1524
  KASAN failure expected in "kasan_int_result = strlen(ptr)", but none occurred
  not ok 60 kasan_strings
  # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1531
  KASAN failure expected in "set_bit(nr, addr)", but none occurred
  # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1533
  KASAN failure expected in "clear_bit(nr, addr)", but none occurred
  # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1535
  KASAN failure expected in "clear_bit_unlock(nr, addr)", but none occurred
  # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1536
  KASAN failure expected in "__clear_bit_unlock(nr, addr)", but none occurred
  # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1537
  KASAN failure expected in "change_bit(nr, addr)", but none occurred
  # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1543
  KASAN failure expected in "test_and_set_bit(nr, addr)", but none occurred
  # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1545
  KASAN failure expected in "test_and_set_bit_lock(nr, addr)", but none occurred
  # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1546
  KASAN failure expected in "test_and_clear_bit(nr, addr)", but none occurred
  # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1548
  KASAN failure expected in "test_and_change_bit(nr, addr)", but none occurred
  not ok 61 kasan_bitops_generic

Samuel Holland (2):
  riscv: Omit optimized string routines when using KASAN
  riscv: Enable bitops instrumentation

arch/riscv/include/asm/bitops.h | 43 ++++++++++++++++++---------------
 arch/riscv/include/asm/string.h |  2 ++
 arch/riscv/kernel/riscv_ksyms.c |  3 ---
 arch/riscv/lib/Makefile         |  2 ++
 arch/riscv/lib/strcmp.S         |  1 +
 arch/riscv/lib/strlen.S         |  1 +
 arch/riscv/lib/strncmp.S        |  1 +
 arch/riscv/purgatory/Makefile   |  2 ++
 8 files changed, 32 insertions(+), 23 deletions(-)

* b4-shazam-merge:
  riscv: Enable bitops instrumentation
  riscv: Omit optimized string routines when using KASAN

Link: https://lore.kernel.org/r/20240801033725.28816-1-samuel.holland@sifive.com


Signed-off-by: default avatarPalmer Dabbelt <palmer@rivosinc.com>
parents 21d98d65 77514915

arch/riscv/include/asm/bitops.h

+23 −20
Original line number Diff line number Diff line
@@ -222,44 +222,44 @@ static __always_inline int variable_fls(unsigned int x) 
#define __NOT(x)	(~(x))



/**

 * test_and_set_bit - Set a bit and return its old value

 * arch_test_and_set_bit - Set a bit and return its old value

 * @nr: Bit to set

 * @addr: Address to count from

 *

 * This operation may be reordered on other architectures than x86.

 */

static inline int test_and_set_bit(int nr, volatile unsigned long *addr)

static inline int arch_test_and_set_bit(int nr, volatile unsigned long *addr)

{

	return __test_and_op_bit(or, __NOP, nr, addr);

}



/**

 * test_and_clear_bit - Clear a bit and return its old value

 * arch_test_and_clear_bit - Clear a bit and return its old value

 * @nr: Bit to clear

 * @addr: Address to count from

 *

 * This operation can be reordered on other architectures other than x86.

 */

static inline int test_and_clear_bit(int nr, volatile unsigned long *addr)

static inline int arch_test_and_clear_bit(int nr, volatile unsigned long *addr)

{

	return __test_and_op_bit(and, __NOT, nr, addr);

}



/**

 * test_and_change_bit - Change a bit and return its old value

 * arch_test_and_change_bit - Change a bit and return its old value

 * @nr: Bit to change

 * @addr: Address to count from

 *

 * This operation is atomic and cannot be reordered.

 * It also implies a memory barrier.

 */

static inline int test_and_change_bit(int nr, volatile unsigned long *addr)

static inline int arch_test_and_change_bit(int nr, volatile unsigned long *addr)

{

	return __test_and_op_bit(xor, __NOP, nr, addr);

}



/**

 * set_bit - Atomically set a bit in memory

 * arch_set_bit - Atomically set a bit in memory

 * @nr: the bit to set

 * @addr: the address to start counting from

 *
@@ -270,13 +270,13 @@ static inline int test_and_change_bit(int nr, volatile unsigned long *addr) 
 * Note that @nr may be almost arbitrarily large; this function is not

 * restricted to acting on a single-word quantity.

 */

static inline void set_bit(int nr, volatile unsigned long *addr)

static inline void arch_set_bit(int nr, volatile unsigned long *addr)

{

	__op_bit(or, __NOP, nr, addr);

}



/**

 * clear_bit - Clears a bit in memory

 * arch_clear_bit - Clears a bit in memory

 * @nr: Bit to clear

 * @addr: Address to start counting from

 *
@@ -284,13 +284,13 @@ static inline void set_bit(int nr, volatile unsigned long *addr) 
 * on non x86 architectures, so if you are writing portable code,

 * make sure not to rely on its reordering guarantees.

 */

static inline void clear_bit(int nr, volatile unsigned long *addr)

static inline void arch_clear_bit(int nr, volatile unsigned long *addr)

{

	__op_bit(and, __NOT, nr, addr);

}



/**

 * change_bit - Toggle a bit in memory

 * arch_change_bit - Toggle a bit in memory

 * @nr: Bit to change

 * @addr: Address to start counting from

 *
@@ -298,40 +298,40 @@ static inline void clear_bit(int nr, volatile unsigned long *addr) 
 * Note that @nr may be almost arbitrarily large; this function is not

 * restricted to acting on a single-word quantity.

 */

static inline void change_bit(int nr, volatile unsigned long *addr)

static inline void arch_change_bit(int nr, volatile unsigned long *addr)

{

	__op_bit(xor, __NOP, nr, addr);

}



/**

 * test_and_set_bit_lock - Set a bit and return its old value, for lock

 * arch_test_and_set_bit_lock - Set a bit and return its old value, for lock

 * @nr: Bit to set

 * @addr: Address to count from

 *

 * This operation is atomic and provides acquire barrier semantics.

 * It can be used to implement bit locks.

 */

static inline int test_and_set_bit_lock(

static inline int arch_test_and_set_bit_lock(

	unsigned long nr, volatile unsigned long *addr)

{

	return __test_and_op_bit_ord(or, __NOP, nr, addr, .aq);

}



/**

 * clear_bit_unlock - Clear a bit in memory, for unlock

 * arch_clear_bit_unlock - Clear a bit in memory, for unlock

 * @nr: the bit to set

 * @addr: the address to start counting from

 *

 * This operation is atomic and provides release barrier semantics.

 */

static inline void clear_bit_unlock(

static inline void arch_clear_bit_unlock(

	unsigned long nr, volatile unsigned long *addr)

{

	__op_bit_ord(and, __NOT, nr, addr, .rl);

}



/**

 * __clear_bit_unlock - Clear a bit in memory, for unlock

 * arch___clear_bit_unlock - Clear a bit in memory, for unlock

 * @nr: the bit to set

 * @addr: the address to start counting from

 *
@@ -345,13 +345,13 @@ static inline void clear_bit_unlock( 
 * non-atomic property here: it's a lot more instructions and we still have to

 * provide release semantics anyway.

 */

static inline void __clear_bit_unlock(

static inline void arch___clear_bit_unlock(

	unsigned long nr, volatile unsigned long *addr)

{

	clear_bit_unlock(nr, addr);

	arch_clear_bit_unlock(nr, addr);

}



static inline bool xor_unlock_is_negative_byte(unsigned long mask,

static inline bool arch_xor_unlock_is_negative_byte(unsigned long mask,

		volatile unsigned long *addr)

{

	unsigned long res;
@@ -369,6 +369,9 @@ static inline bool xor_unlock_is_negative_byte(unsigned long mask, 
#undef __NOT

#undef __AMO



#include <asm-generic/bitops/instrumented-atomic.h>

#include <asm-generic/bitops/instrumented-lock.h>



#include <asm-generic/bitops/non-atomic.h>

#include <asm-generic/bitops/le.h>

#include <asm-generic/bitops/ext2-atomic.h>

arch/riscv/include/asm/string.h

+2 −0
Original line number Diff line number Diff line
@@ -19,6 +19,7 @@ extern asmlinkage void *__memcpy(void *, const void *, size_t); 
extern asmlinkage void *memmove(void *, const void *, size_t);

extern asmlinkage void *__memmove(void *, const void *, size_t);



#if !(defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS))

#define __HAVE_ARCH_STRCMP

extern asmlinkage int strcmp(const char *cs, const char *ct);
@@ -27,6 +28,7 @@ extern asmlinkage __kernel_size_t strlen(const char *); 


#define __HAVE_ARCH_STRNCMP

extern asmlinkage int strncmp(const char *cs, const char *ct, size_t count);

#endif



/* For those files which don't want to check by kasan. */

#if defined(CONFIG_KASAN) && !defined(__SANITIZE_ADDRESS__)

arch/riscv/kernel/riscv_ksyms.c

+0 −3
Original line number Diff line number Diff line
@@ -12,9 +12,6 @@ 
EXPORT_SYMBOL(memset);

EXPORT_SYMBOL(memcpy);

EXPORT_SYMBOL(memmove);

EXPORT_SYMBOL(strcmp);

EXPORT_SYMBOL(strlen);

EXPORT_SYMBOL(strncmp);

EXPORT_SYMBOL(__memset);

EXPORT_SYMBOL(__memcpy);

EXPORT_SYMBOL(__memmove);

arch/riscv/lib/Makefile

+2 −0
Original line number Diff line number Diff line
@@ -3,9 +3,11 @@ lib-y += delay.o 
lib-y			+= memcpy.o

lib-y			+= memset.o

lib-y			+= memmove.o

ifeq ($(CONFIG_KASAN_GENERIC)$(CONFIG_KASAN_SW_TAGS),)

lib-y			+= strcmp.o

lib-y			+= strlen.o

lib-y			+= strncmp.o

endif

lib-y			+= csum.o

ifeq ($(CONFIG_MMU), y)

lib-$(CONFIG_RISCV_ISA_V)	+= uaccess_vector.o

arch/riscv/lib/strcmp.S

+1 −0
Original line number Diff line number Diff line
@@ -121,3 +121,4 @@ strcmp_zbb: 
#endif

SYM_FUNC_END(strcmp)

SYM_FUNC_ALIAS(__pi_strcmp, strcmp)

EXPORT_SYMBOL(strcmp)