From nobody Fri Dec 13 01:43:56 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Y8XDs0hPXz5h1WK; Fri, 13 Dec 2024 01:43:57 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Y8XDs0451z4jQW; Fri, 13 Dec 2024 01:43:57 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1734054237; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=91YqumezXyoHcptjQ6pmEJJO3X0DAbJ4G7eKQ4HZKZE=; b=Twd5wjr2vPyir+q2EXrGN6Cc0y+SPRRXLYxpAT4XszjvNjo3ssKqXrZxSyeXYChtnNGzBJ JNWke8x1fvdb0A6eyYi/5APKXbtkrR6L9tZjxmZLubQvp/+Xf7N739A3djgFdreXWYk0WO SVn6yCUP8On/FkCikhQwfLkeVeW7xwa191X2splWPVvX/Iaf2h9BhfQCA9pV4vrRCc5gcm 3PRNSguXcoB9e6Ev1Vt38+PGvlsWC9K9yjkI/pzCsrx5d4T3lSAsaWuEhB0emCrwbXOMvp /bCVc9juKqs2RwNU3lsr2m/ThHjetAfJL1HKQoN1aAq9oE/St2HsGMiIsyFbQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1734054237; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=91YqumezXyoHcptjQ6pmEJJO3X0DAbJ4G7eKQ4HZKZE=; b=RucmPhohWe+HJusodgSTXx3ACLlAG7g3l19EqDspMgKK/SEr4IBDtK3BLIoUAXfNB6xjj1 Chn40xkKvQfVy/6107VXSRoZ+kJP/eWeIc1RVdSDM3kS2UjIne7eidxGavRTGKNUpIj9p+ PZS07ZINAVqu5h7xU2f5BubW+ADQT5431dtZB1QRQoQbwoB71z6mxi6AkseAs7zgMdj1Ji 7h7HrZSRSH8QQXQKyqRmFGG/lkqmKM2DbrNp4ckvDkA1pLQFZxWQK5h3id7DtS2p7L9yBV o8cXyw9LWe4WEYNfJzHofy+Ai81kWvFvskPqPlPpdE+qgo3fcatzLyuMZp3/zg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1734054237; a=rsa-sha256; cv=none; b=craka1raaKwgFJPO3leSIQ/zfifu+exBVkraKQbxxemYVWX2mXE2nFmeOUqRicCaIfR/RK Cwxj5h4LCn/8+BVpiySgxzXzG8mTlHW0Lk7avf1zXLKroMXDqES4bzmBUaYY0s+qnAVCRC decbT6Le6XLS1tGBBtlmMTpAJBiUirj59TrF104aXrj/nGSmIUcN1cOl+sLylhj8s+uFvY IgGn3kUKOGFhV4BkwBBFfL6pPMA9YfmIyoKzLjFPEUy6FglfAW+yCG1KmwA3V+sPuysIz8 kQ2YHxeCAF9CrsxIfEFiT7me8HTQm5UNpTNUZjHt+7Nv1Zec+/ou0gkXH0a53Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Y8XDr6mdfzHGq; Fri, 13 Dec 2024 01:43:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4BD1huk8033684; Fri, 13 Dec 2024 01:43:56 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4BD1huOe033681; Fri, 13 Dec 2024 01:43:56 GMT (envelope-from git) Date: Fri, 13 Dec 2024 01:43:56 GMT Message-Id: <202412130143.4BD1huOe033681@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 2bd47ff64577 - stable/14 - dtrace: Add some more annotations for KMSAN List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 2bd47ff6457759cb5b90245519c0f9f660c2dcc3 Auto-Submitted: auto-generated The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=2bd47ff6457759cb5b90245519c0f9f660c2dcc3 commit 2bd47ff6457759cb5b90245519c0f9f660c2dcc3 Author: Mark Johnston AuthorDate: 2024-11-23 02:32:36 +0000 Commit: Mark Johnston CommitDate: 2024-12-13 01:34:14 +0000 dtrace: Add some more annotations for KMSAN - Don't allow FBT and kinst to instrument the KMSAN runtime. - When fetching data from the traced thread's stack, mark it as initialized. It may well be uninitialized, but as dtrace permits arbitrary inspection of kernel memory, it isn't very useful to raise KMSAN reports. - Mark data copied in from userspace as initialized, as we do for copyin() etc. using interceptors. MFC after: 2 weeks (cherry picked from commit fdeb273d49bf2fa2544d3c98114859db10385550) --- sys/cddl/dev/dtrace/amd64/dtrace_isa.c | 55 +++++++++++++++++++++++++++------- sys/cddl/dev/fbt/fbt.c | 7 +++++ sys/cddl/dev/kinst/kinst.c | 7 +++++ 3 files changed, 59 insertions(+), 10 deletions(-) diff --git a/sys/cddl/dev/dtrace/amd64/dtrace_isa.c b/sys/cddl/dev/dtrace/amd64/dtrace_isa.c index 83d34abbd270..f14e90d974bc 100644 --- a/sys/cddl/dev/dtrace/amd64/dtrace_isa.c +++ b/sys/cddl/dev/dtrace/amd64/dtrace_isa.c @@ -29,6 +29,7 @@ #include #include #include +#include #include #include @@ -73,6 +74,8 @@ dtrace_getpcstack(pc_t *pcstack, int pcstack_limit, int aframes, frame = (struct amd64_frame *)rbp; td = curthread; while (depth < pcstack_limit) { + kmsan_mark(frame, sizeof(*frame), KMSAN_STATE_INITED); + if (!kstack_contains(curthread, (vm_offset_t)frame, sizeof(*frame))) break; @@ -99,6 +102,7 @@ dtrace_getpcstack(pc_t *pcstack, int pcstack_limit, int aframes, for (; depth < pcstack_limit; depth++) { pcstack[depth] = 0; } + kmsan_check(pcstack, pcstack_limit * sizeof(*pcstack), "dtrace"); } static int @@ -399,8 +403,10 @@ dtrace_getarg(int arg, int aframes) goto load; } - for (i = 1; i <= aframes; i++) + for (i = 1; i <= aframes; i++) { + kmsan_mark(fp, sizeof(*fp), KMSAN_STATE_INITED); fp = fp->f_frame; + } /* * We know that we did not come through a trap to get into @@ -430,6 +436,8 @@ load: val = stack[arg]; DTRACE_CPUFLAG_CLEAR(CPU_DTRACE_NOFAULT); + kmsan_mark(&val, sizeof(val), KMSAN_STATE_INITED); + return (val); } @@ -444,10 +452,13 @@ dtrace_getstackdepth(int aframes) rbp = dtrace_getfp(); frame = (struct amd64_frame *)rbp; depth++; - for(;;) { + for (;;) { + kmsan_mark(frame, sizeof(*frame), KMSAN_STATE_INITED); + if (!kstack_contains(curthread, (vm_offset_t)frame, sizeof(*frame))) break; + depth++; if (frame->f_frame <= frame) break; @@ -574,76 +585,100 @@ void dtrace_copyin(uintptr_t uaddr, uintptr_t kaddr, size_t size, volatile uint16_t *flags) { - if (dtrace_copycheck(uaddr, kaddr, size)) + if (dtrace_copycheck(uaddr, kaddr, size)) { dtrace_copy(uaddr, kaddr, size); + kmsan_mark((void *)kaddr, size, KMSAN_STATE_INITED); + } } void dtrace_copyout(uintptr_t kaddr, uintptr_t uaddr, size_t size, volatile uint16_t *flags) { - if (dtrace_copycheck(uaddr, kaddr, size)) + if (dtrace_copycheck(uaddr, kaddr, size)) { + kmsan_check((void *)kaddr, size, "dtrace_copyout"); dtrace_copy(kaddr, uaddr, size); + } } void dtrace_copyinstr(uintptr_t uaddr, uintptr_t kaddr, size_t size, volatile uint16_t *flags) { - if (dtrace_copycheck(uaddr, kaddr, size)) + if (dtrace_copycheck(uaddr, kaddr, size)) { dtrace_copystr(uaddr, kaddr, size, flags); + kmsan_mark((void *)kaddr, size, KMSAN_STATE_INITED); + } } void dtrace_copyoutstr(uintptr_t kaddr, uintptr_t uaddr, size_t size, volatile uint16_t *flags) { - if (dtrace_copycheck(uaddr, kaddr, size)) + if (dtrace_copycheck(uaddr, kaddr, size)) { + kmsan_check((void *)kaddr, size, "dtrace_copyoutstr"); dtrace_copystr(kaddr, uaddr, size, flags); + } } uint8_t dtrace_fuword8(void *uaddr) { + uint8_t val; + if ((uintptr_t)uaddr > VM_MAXUSER_ADDRESS) { DTRACE_CPUFLAG_SET(CPU_DTRACE_BADADDR); cpu_core[curcpu].cpuc_dtrace_illval = (uintptr_t)uaddr; return (0); } - return (dtrace_fuword8_nocheck(uaddr)); + val = dtrace_fuword8_nocheck(uaddr); + kmsan_mark(&val, sizeof(val), KMSAN_STATE_INITED); + return (val); } uint16_t dtrace_fuword16(void *uaddr) { + uint16_t val; + if ((uintptr_t)uaddr > VM_MAXUSER_ADDRESS) { DTRACE_CPUFLAG_SET(CPU_DTRACE_BADADDR); cpu_core[curcpu].cpuc_dtrace_illval = (uintptr_t)uaddr; return (0); } - return (dtrace_fuword16_nocheck(uaddr)); + val = dtrace_fuword16_nocheck(uaddr); + kmsan_mark(&val, sizeof(val), KMSAN_STATE_INITED); + return (val); } uint32_t dtrace_fuword32(void *uaddr) { + uint32_t val; + if ((uintptr_t)uaddr > VM_MAXUSER_ADDRESS) { DTRACE_CPUFLAG_SET(CPU_DTRACE_BADADDR); cpu_core[curcpu].cpuc_dtrace_illval = (uintptr_t)uaddr; return (0); } - return (dtrace_fuword32_nocheck(uaddr)); + val = dtrace_fuword32_nocheck(uaddr); + kmsan_mark(&val, sizeof(val), KMSAN_STATE_INITED); + return (val); } uint64_t dtrace_fuword64(void *uaddr) { + uint64_t val; + if ((uintptr_t)uaddr > VM_MAXUSER_ADDRESS) { DTRACE_CPUFLAG_SET(CPU_DTRACE_BADADDR); cpu_core[curcpu].cpuc_dtrace_illval = (uintptr_t)uaddr; return (0); } - return (dtrace_fuword64_nocheck(uaddr)); + val = dtrace_fuword64_nocheck(uaddr); + kmsan_mark(&val, sizeof(val), KMSAN_STATE_INITED); + return (val); } /* diff --git a/sys/cddl/dev/fbt/fbt.c b/sys/cddl/dev/fbt/fbt.c index a31c6eb3631c..355c56627afe 100644 --- a/sys/cddl/dev/fbt/fbt.c +++ b/sys/cddl/dev/fbt/fbt.c @@ -137,6 +137,13 @@ fbt_excluded(const char *name) strcmp(name, "owner_sx") == 0) return (1); + /* + * The KMSAN runtime can't be instrumented safely. + */ + if (strncmp(name, "__msan", 6) == 0 || + strncmp(name, "kmsan_", 6) == 0) + return (1); + /* * Stack unwinders may be called from probe context on some * platforms. diff --git a/sys/cddl/dev/kinst/kinst.c b/sys/cddl/dev/kinst/kinst.c index 60400a452b95..82b78d98987c 100644 --- a/sys/cddl/dev/kinst/kinst.c +++ b/sys/cddl/dev/kinst/kinst.c @@ -132,6 +132,13 @@ kinst_excluded(const char *name) strcmp(name, "owner_sx") == 0) return (true); + /* + * The KMSAN runtime can't be instrumented safely. + */ + if (strncmp(name, "__msan", 6) == 0 || + strncmp(name, "kmsan_", 6) == 0) + return (1); + /* * When DTrace is built into the kernel we need to exclude the kinst * functions from instrumentation.