mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-12-23 01:13:55 +07:00
bebf56a1b1
This feature let us to detect accesses out of bounds of global variables. This will work as for globals in kernel image, so for globals in modules. Currently this won't work for symbols in user-specified sections (e.g. __init, __read_mostly, ...) The idea of this is simple. Compiler increases each global variable by redzone size and add constructors invoking __asan_register_globals() function. Information about global variable (address, size, size with redzone ...) passed to __asan_register_globals() so we could poison variable's redzone. This patch also forces module_alloc() to return 8*PAGE_SIZE aligned address making shadow memory handling ( kasan_module_alloc()/kasan_module_free() ) more simple. Such alignment guarantees that each shadow page backing modules address space correspond to only one module_alloc() allocation. Signed-off-by: Andrey Ryabinin <a.ryabinin@samsung.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Konstantin Serebryany <kcc@google.com> Cc: Dmitry Chernenkov <dmitryc@google.com> Signed-off-by: Andrey Konovalov <adech.fo@gmail.com> Cc: Yuri Gribov <tetra2005@gmail.com> Cc: Konstantin Khlebnikov <koct9i@gmail.com> Cc: Sasha Levin <sasha.levin@oracle.com> Cc: Christoph Lameter <cl@linux.com> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Dave Hansen <dave.hansen@intel.com> Cc: Andi Kleen <andi@firstfloor.org> Cc: Ingo Molnar <mingo@elte.hu> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Christoph Lameter <cl@linux.com> Cc: Pekka Enberg <penberg@kernel.org> Cc: David Rientjes <rientjes@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
92 lines
3.0 KiB
C
92 lines
3.0 KiB
C
#ifndef __LINUX_COMPILER_H
|
|
#error "Please don't include <linux/compiler-gcc4.h> directly, include <linux/compiler.h> instead."
|
|
#endif
|
|
|
|
/* GCC 4.1.[01] miscompiles __weak */
|
|
#ifdef __KERNEL__
|
|
# if GCC_VERSION >= 40100 && GCC_VERSION <= 40101
|
|
# error Your version of gcc miscompiles the __weak directive
|
|
# endif
|
|
#endif
|
|
|
|
#define __used __attribute__((__used__))
|
|
#define __must_check __attribute__((warn_unused_result))
|
|
#define __compiler_offsetof(a,b) __builtin_offsetof(a,b)
|
|
|
|
#if GCC_VERSION >= 40100 && GCC_VERSION < 40600
|
|
# define __compiletime_object_size(obj) __builtin_object_size(obj, 0)
|
|
#endif
|
|
|
|
#if GCC_VERSION >= 40300
|
|
/* Mark functions as cold. gcc will assume any path leading to a call
|
|
to them will be unlikely. This means a lot of manual unlikely()s
|
|
are unnecessary now for any paths leading to the usual suspects
|
|
like BUG(), printk(), panic() etc. [but let's keep them for now for
|
|
older compilers]
|
|
|
|
Early snapshots of gcc 4.3 don't support this and we can't detect this
|
|
in the preprocessor, but we can live with this because they're unreleased.
|
|
Maketime probing would be overkill here.
|
|
|
|
gcc also has a __attribute__((__hot__)) to move hot functions into
|
|
a special section, but I don't see any sense in this right now in
|
|
the kernel context */
|
|
#define __cold __attribute__((__cold__))
|
|
|
|
#define __UNIQUE_ID(prefix) __PASTE(__PASTE(__UNIQUE_ID_, prefix), __COUNTER__)
|
|
|
|
#ifndef __CHECKER__
|
|
# define __compiletime_warning(message) __attribute__((warning(message)))
|
|
# define __compiletime_error(message) __attribute__((error(message)))
|
|
#endif /* __CHECKER__ */
|
|
#endif /* GCC_VERSION >= 40300 */
|
|
|
|
#if GCC_VERSION >= 40500
|
|
/*
|
|
* Mark a position in code as unreachable. This can be used to
|
|
* suppress control flow warnings after asm blocks that transfer
|
|
* control elsewhere.
|
|
*
|
|
* Early snapshots of gcc 4.5 don't support this and we can't detect
|
|
* this in the preprocessor, but we can live with this because they're
|
|
* unreleased. Really, we need to have autoconf for the kernel.
|
|
*/
|
|
#define unreachable() __builtin_unreachable()
|
|
|
|
/* Mark a function definition as prohibited from being cloned. */
|
|
#define __noclone __attribute__((__noclone__))
|
|
|
|
#endif /* GCC_VERSION >= 40500 */
|
|
|
|
#if GCC_VERSION >= 40600
|
|
/*
|
|
* Tell the optimizer that something else uses this function or variable.
|
|
*/
|
|
#define __visible __attribute__((externally_visible))
|
|
#endif
|
|
|
|
/*
|
|
* GCC 'asm goto' miscompiles certain code sequences:
|
|
*
|
|
* http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58670
|
|
*
|
|
* Work it around via a compiler barrier quirk suggested by Jakub Jelinek.
|
|
*
|
|
* (asm goto is automatically volatile - the naming reflects this.)
|
|
*/
|
|
#define asm_volatile_goto(x...) do { asm goto(x); asm (""); } while (0)
|
|
|
|
#ifdef CONFIG_ARCH_USE_BUILTIN_BSWAP
|
|
#if GCC_VERSION >= 40400
|
|
#define __HAVE_BUILTIN_BSWAP32__
|
|
#define __HAVE_BUILTIN_BSWAP64__
|
|
#endif
|
|
#if GCC_VERSION >= 40800 || (defined(__powerpc__) && GCC_VERSION >= 40600)
|
|
#define __HAVE_BUILTIN_BSWAP16__
|
|
#endif
|
|
#endif /* CONFIG_ARCH_USE_BUILTIN_BSWAP */
|
|
|
|
#if GCC_VERSION >= 40902
|
|
#define KASAN_ABI_VERSION 3
|
|
#endif
|