On Wed, Feb 27, 2019 at 06:28:16PM +0100, Peter Zijlstra wrote: > On Wed, Feb 27, 2019 at 04:40:28PM +0100, Dmitry Vyukov wrote: > > On Wed, Feb 27, 2019 at 3:33 PM Peter Zijlstra <pet...@infradead.org> wrote: > > > > Urgh, kasan_report() is definitely unsafe. Now, admitedly we should > > > 'never' hit that, but it does leave us up a creek without a paddle. > > > If SMAP detects additional bugs, then it would be pity to disable it > > with KASAN (detect bugs in production but not during testing). > > > > You mentioned that exception save/restore the UACCESS state. Is it > > possible to do the same in kasan_report? At the very least we need to > > survive report printing, what happens after that does not matter much > > (we've corrupted memory by now anyway). > > Ideally we'll put all of kasan_report() in an exception, much like we do > for WARN. But there's a distinct lack of arch hooks there to play with. > I suppose I can try and create some. > > On top of that we'll have to mark these __asan functions with notrace. > > Maybe a little something horrible like so... completely untested.
OK, I got that to compile; the next problem is: ../include/linux/kasan.h:90:1: error: built-in function ‘__asan_loadN_noabort’ must be directly called UACCESS_SAFE(__asan_loadN_noabort); Which doesn't make any sense; since we actually generated that symbol, it clearly is not built-in. What gives?
