mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-27 04:47:05 +00:00
kasan: docs: update ignoring accesses section
Update the "Ignoring accesses" section in KASAN documentation: - Mention __no_sanitize_address/noinstr. - Mention kasan_disable/enable_current(). - Mention kasan_reset_tag()/page_kasan_tag_reset(). - Readability and punctuation clean-ups. Link: https://lkml.kernel.org/r/4531ba5f3eca61f6aade863c136778cc8c807a64.1615559068.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Reviewed-by: Marco Elver <elver@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: Dmitry Vyukov <dvyukov@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Andrey Konovalov
Linus Torvalds
parent
67ca1c0b74
commit
fe547fca0c
1 changed files with 30 additions and 4 deletions
|
|
@ -377,12 +377,18 @@ Ignoring accesses
|
|||
~~~~~~~~~~~~~~~~~
|
||||
|
||||
Software KASAN modes use compiler instrumentation to insert validity checks.
|
||||
Such instrumentation might be incompatible with some part of the kernel, and
|
||||
therefore needs to be disabled. To disable instrumentation for specific files
|
||||
or directories, add a line similar to the following to the respective kernel
|
||||
Such instrumentation might be incompatible with some parts of the kernel, and
|
||||
therefore needs to be disabled.
|
||||
|
||||
Other parts of the kernel might access metadata for allocated objects.
|
||||
Normally, KASAN detects and reports such accesses, but in some cases (e.g.,
|
||||
in memory allocators), these accesses are valid.
|
||||
|
||||
For software KASAN modes, to disable instrumentation for a specific file or
|
||||
directory, add a ``KASAN_SANITIZE`` annotation to the respective kernel
|
||||
Makefile:
|
||||
|
||||
- For a single file (e.g. main.o)::
|
||||
- For a single file (e.g., main.o)::
|
||||
|
||||
KASAN_SANITIZE_main.o := n
|
||||
|
||||
|
|
@ -390,6 +396,26 @@ Makefile:
|
|||
|
||||
KASAN_SANITIZE := n
|
||||
|
||||
For software KASAN modes, to disable instrumentation on a per-function basis,
|
||||
use the KASAN-specific ``__no_sanitize_address`` function attribute or the
|
||||
generic ``noinstr`` one.
|
||||
|
||||
Note that disabling compiler instrumentation (either on a per-file or a
|
||||
per-function basis) makes KASAN ignore the accesses that happen directly in
|
||||
that code for software KASAN modes. It does not help when the accesses happen
|
||||
indirectly (through calls to instrumented functions) or with the hardware
|
||||
tag-based mode that does not use compiler instrumentation.
|
||||
|
||||
For software KASAN modes, to disable KASAN reports in a part of the kernel code
|
||||
for the current task, annotate this part of the code with a
|
||||
``kasan_disable_current()``/``kasan_enable_current()`` section. This also
|
||||
disables the reports for indirect accesses that happen through function calls.
|
||||
|
||||
For tag-based KASAN modes (include the hardware one), to disable access
|
||||
checking, use ``kasan_reset_tag()`` or ``page_kasan_tag_reset()``. Note that
|
||||
temporarily disabling access checking via ``page_kasan_tag_reset()`` requires
|
||||
saving and restoring the per-page KASAN tag via
|
||||
``page_kasan_tag``/``page_kasan_tag_set``.
|
||||
|
||||
Tests
|
||||
~~~~~
|
||||
|
|
|
|||
Loading…
Reference in a new issue