xref: /linux/mm/kasan/report_hw_tags.c (revision cdd5b5a9761fd66d17586e4f4ba6588c70e640ea) 
12e903b91SAndrey Konovalov // SPDX-License-Identifier: GPL-2.0
22e903b91SAndrey Konovalov /*
32e903b91SAndrey Konovalov  * This file contains hardware tag-based KASAN specific error reporting code.
42e903b91SAndrey Konovalov  *
52e903b91SAndrey Konovalov  * Copyright (c) 2020 Google, Inc.
62e903b91SAndrey Konovalov  * Author: Andrey Konovalov <andreyknvl@google.com>
72e903b91SAndrey Konovalov  */
82e903b91SAndrey Konovalov 
92e903b91SAndrey Konovalov #include <linux/kasan.h>
102e903b91SAndrey Konovalov #include <linux/kernel.h>
112e903b91SAndrey Konovalov #include <linux/memory.h>
122e903b91SAndrey Konovalov #include <linux/mm.h>
132e903b91SAndrey Konovalov #include <linux/string.h>
142e903b91SAndrey Konovalov #include <linux/types.h>
152e903b91SAndrey Konovalov 
162e903b91SAndrey Konovalov #include "kasan.h"
172e903b91SAndrey Konovalov 
kasan_find_first_bad_addr(const void * addr,size_t size)18*bb6e04a1SArnd Bergmann const void *kasan_find_first_bad_addr(const void *addr, size_t size)
192e903b91SAndrey Konovalov {
208f17febbSKuan-Ying Lee 	/*
218f17febbSKuan-Ying Lee 	 * Hardware Tag-Based KASAN only calls this function for normal memory
228f17febbSKuan-Ying Lee 	 * accesses, and thus addr points precisely to the first bad address
238f17febbSKuan-Ying Lee 	 * with an invalid (and present) memory tag. Therefore:
248f17febbSKuan-Ying Lee 	 * 1. Return the address as is without walking memory tags.
258f17febbSKuan-Ying Lee 	 * 2. Skip the addr_has_metadata check.
268f17febbSKuan-Ying Lee 	 */
27c0054c56SAndrey Konovalov 	return kasan_reset_tag(addr);
282e903b91SAndrey Konovalov }
292e903b91SAndrey Konovalov 
kasan_get_alloc_size(void * object,struct kmem_cache * cache)308f17febbSKuan-Ying Lee size_t kasan_get_alloc_size(void *object, struct kmem_cache *cache)
318f17febbSKuan-Ying Lee {
328f17febbSKuan-Ying Lee 	size_t size = 0;
338f17febbSKuan-Ying Lee 	int i = 0;
348f17febbSKuan-Ying Lee 	u8 memory_tag;
358f17febbSKuan-Ying Lee 
368f17febbSKuan-Ying Lee 	/*
378f17febbSKuan-Ying Lee 	 * Skip the addr_has_metadata check, as this function only operates on
388f17febbSKuan-Ying Lee 	 * slab memory, which must have metadata.
398f17febbSKuan-Ying Lee 	 */
408f17febbSKuan-Ying Lee 
418f17febbSKuan-Ying Lee 	/*
428f17febbSKuan-Ying Lee 	 * The loop below returns 0 for freed objects, for which KASAN cannot
438f17febbSKuan-Ying Lee 	 * calculate the allocation size based on the metadata.
448f17febbSKuan-Ying Lee 	 */
458f17febbSKuan-Ying Lee 	while (size < cache->object_size) {
468f17febbSKuan-Ying Lee 		memory_tag = hw_get_mem_tag(object + i * KASAN_GRANULE_SIZE);
478f17febbSKuan-Ying Lee 		if (memory_tag != KASAN_TAG_INVALID)
488f17febbSKuan-Ying Lee 			size += KASAN_GRANULE_SIZE;
498f17febbSKuan-Ying Lee 		else
508f17febbSKuan-Ying Lee 			return size;
518f17febbSKuan-Ying Lee 		i++;
528f17febbSKuan-Ying Lee 	}
538f17febbSKuan-Ying Lee 
548f17febbSKuan-Ying Lee 	return cache->object_size;
558f17febbSKuan-Ying Lee }
568f17febbSKuan-Ying Lee 
kasan_metadata_fetch_row(char * buffer,void * row)57f00748bfSAndrey Konovalov void kasan_metadata_fetch_row(char *buffer, void *row)
582e903b91SAndrey Konovalov {
592e903b91SAndrey Konovalov 	int i;
602e903b91SAndrey Konovalov 
612e903b91SAndrey Konovalov 	for (i = 0; i < META_BYTES_PER_ROW; i++)
622e903b91SAndrey Konovalov 		buffer[i] = hw_get_mem_tag(row + i * KASAN_GRANULE_SIZE);
632e903b91SAndrey Konovalov }
642e903b91SAndrey Konovalov 
kasan_print_tags(u8 addr_tag,const void * addr)65f00748bfSAndrey Konovalov void kasan_print_tags(u8 addr_tag, const void *addr)
662e903b91SAndrey Konovalov {
672e903b91SAndrey Konovalov 	u8 memory_tag = hw_get_mem_tag((void *)addr);
682e903b91SAndrey Konovalov 
692e903b91SAndrey Konovalov 	pr_err("Pointer tag: [%02x], memory tag: [%02x]\n",
702e903b91SAndrey Konovalov 		addr_tag, memory_tag);
712e903b91SAndrey Konovalov }
72