Hi Paul,
On Thu, Aug 15, 2019 at 11:27:51AM -0700, Paul Walmsley wrote:
> On Thu, 15 Aug 2019, Nick Hu wrote:
>
> > On Wed, Aug 14, 2019 at 10:03:39AM -0700, Paul Walmsley wrote:
> >
> > > Thanks for the explanation. What do you think about Palmer's idea to
> > > define a generic C set of KASAN string operations, derived from the
> > > newlib
> > > code?
> >
> > That sounds good to me. But it should be another topic. We need to
> > investigate
> > it further about replacing something generic and fundamental in lib/string.c
> > with newlib C functions. Some blind spots may exist. So I suggest, let's
> > consider KASAN for now.
>
> OK. Here is the problem for us as maintainers. You, Palmer, and I all
> agree that a C-language version would be better. We'd rather not merge a
> pure assembly-language version unless it had significant advantages, and
> right now we're not anticipating that. So that suggests that a C-language
> memmove() is the right way to go.
>
> But if we merge a C-language memmove() into arch/riscv, other kernel
> developers would probably ask us why we're doing that, since there's
> nothing RISC-V-specific about it. So do you think you might reconsider
> sending patches to add a generic C-language memmove()?
>
>
> - Paul
About pushing mem*() generic, let's start with the reason why in the first place
KASAN needs re-implement its own string operations:
In mm/kasan/common.c:
#undef memset
void *memset(void *addr, int c, size_t len)
{
check_memory_region((unsigned long)addr, len, true, _RET_IP_);
return __memset(addr, c, len);
}
KASAN would call the string operations with the prefix '__', which should be
just an alias to the proper one.
In the past, every architecture that supports KASAN does this in assembly.
E.g. ARM64:
In arch/arm64/lib/memset.S:
ENTRY(__memset)
ENTRY(memset)
...
...
EXPORT_SYMBOL(memset)
EXPORT_SYMBOL(__memset) // export this as an alias
In arch/arm64/include/asm/string.h
#define __HAVE_ARCH_MEMSET
extern void *memset(void *, int, __kernel_size_t);
extern void *__memset(void *, int, __kernel_size_t);
Now, if we are going to replace the current string operations with newlib ones
and let KASAN use them, we must provide something like this:
In lib/string.c:
void *___memset(...)
{
...
}
In include/linux/string.h:
#ifndef __HAVE_ARCH_MEMCPY
#ifdef CONFIG_KASAN
static inline void* __memset(...)
{
___memset(...);
}
extern void memset(...); // force those who include this header uses the
memset wrapped by KASAN
#else
static inline void *memset(...)
{
___memset(...);
}
#endif
#endif
Does this look OK to you?
Nick
