linux/arch/arm64
Mark Rutland 07b742a4d9 arm64: mm: log potential KASAN shadow alias
When the kernel is built with KASAN_GENERIC or KASAN_SW_TAGS, shadow
memory is allocated and mapped for all legitimate kernel addresses, and
prior to a regular memory access instrumentation will read from the
corresponding shadow address.

Due to the way memory addresses are converted to shadow addresses, bogus
pointers (e.g. NULL) can generate shadow addresses out of the bounds of
allocated shadow memory. For example, with KASAN_GENERIC and 48-bit VAs,
NULL would have a shadow address of dfff800000000000, which falls
between the TTBR ranges.

To make such cases easier to debug, this patch makes die_kernel_fault()
dump the real memory address range for any potential KASAN shadow access
using kasan_non_canonical_hook(), which results in fault information as
below when KASAN is enabled:

| Unable to handle kernel paging request at virtual address dfff800000000017
| KASAN: null-ptr-deref in range [0x00000000000000b8-0x00000000000000bf]
| Mem abort info:
|   ESR = 0x96000004
|   EC = 0x25: DABT (current EL), IL = 32 bits
|   SET = 0, FnV = 0
|   EA = 0, S1PTW = 0
|   FSC = 0x04: level 0 translation fault
| Data abort info:
|   ISV = 0, ISS = 0x00000004
|   CM = 0, WnR = 0
| [dfff800000000017] address between user and kernel address ranges

Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Cc: Alexander Potapenko <glider@google.com>
Cc: Andrey Konovalov <andreyknvl@gmail.com>
Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Will Deacon <will@kernel.org>
Tested-by: Andrey Konovalov <andreyknvl@gmail.com>
Acked-by: Will Deacon <will@kernel.org>
Link: https://lore.kernel.org/r/20211207183226.834557-3-mark.rutland@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2021-12-13 18:47:09 +00:00
..
boot arm64: dts: exynos: drop samsung,ufs-shareability-reg-offset in ExynosAutov9 2021-11-25 14:46:00 +01:00
configs ARM: defconfig updates for 5.16 2021-11-03 17:07:02 -07:00
crypto crypto: arm64/aes-ccm - avoid by-ref argument for ce_aes_ccm_auth_data 2021-09-17 11:05:11 +08:00
hyperv
include arm64: uaccess: avoid blocking within critical sections 2021-11-24 09:16:26 +00:00
kernel arm64: ftrace: use HAVE_FUNCTION_GRAPH_RET_ADDR_PTR 2021-11-16 09:47:54 +00:00
kvm KVM: arm64: Cap KVM_CAP_NR_VCPUS by kvm_arm_default_max_vcpus() 2021-11-18 02:12:14 -05:00
lib Kbuild updates for v5.16 2021-11-08 09:15:45 -08:00
mm arm64: mm: log potential KASAN shadow alias 2021-12-13 18:47:09 +00:00
net arm64 updates for 5.16 2021-11-01 16:33:53 -07:00
tools Merge branch 'for-next/trbe-errata' into for-next/core 2021-10-29 12:25:33 +01:00
xen xen: allow pv-only hypercalls only with CONFIG_XEN_PV 2021-11-02 08:11:01 -05:00
Kbuild kbuild: use more subdir- for visiting subdirectories while cleaning 2021-10-24 13:49:46 +09:00
Kconfig Merge branch 'akpm' (patches from Andrew) 2021-11-06 14:08:17 -07:00
Kconfig.debug
Kconfig.platforms ARM: SoC drivers for 5.16 2021-11-03 17:00:52 -07:00
Makefile kbuild: use more subdir- for visiting subdirectories while cleaning 2021-10-24 13:49:46 +09:00