On Wed, 1 Feb 2023 21:25:51 -0800 Eric Biggers ebiggers@kernel.org wrote:
From: David Gow davidgow@google.com
commit be4f1ae978ffe98cc95ec49ceb95386fb4474974 upstream.
KASAN errors will currently trigger a panic when panic_on_warn is set. This renders kasan_multishot useless, as further KASAN errors won't be reported if the kernel has already paniced. By making kasan_multishot disable this behaviour for KASAN errors, we can still have the benefits of panic_on_warn for non-KASAN warnings, yet be able to use kasan_multishot.
This is particularly important when running KASAN tests, which need to trigger multiple KASAN errors: previously these would panic the system if panic_on_warn was set, now they can run (and will panic the system should non-KASAN warnings show up).
Signed-off-by: David Gow davidgow@google.com Signed-off-by: Andrew Morton akpm@linux-foundation.org Tested-by: Andrey Konovalov andreyknvl@google.com Reviewed-by: Andrey Konovalov andreyknvl@google.com Reviewed-by: Brendan Higgins brendanhiggins@google.com Cc: Andrey Ryabinin aryabinin@virtuozzo.com Cc: Dmitry Vyukov dvyukov@google.com Cc: Ingo Molnar mingo@redhat.com Cc: Juri Lelli juri.lelli@redhat.com Cc: Patricia Alfonso trishalfonso@google.com Cc: Peter Zijlstra a.p.zijlstra@chello.nl Cc: Shuah Khan shuah@kernel.org Cc: Vincent Guittot vincent.guittot@linaro.org Link: https://lkml.kernel.org/r/20200915035828.570483-6-davidgow@google.com Link: https://lkml.kernel.org/r/20200910070331.3358048-6-davidgow@google.com Signed-off-by: Linus Torvalds torvalds@linux-foundation.org Signed-off-by: Eric Biggers ebiggers@google.com
mm/kasan/report.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mm/kasan/report.c b/mm/kasan/report.c index 5c169aa688fde..90fdb261a5e2d 100644 --- a/mm/kasan/report.c +++ b/mm/kasan/report.c @@ -176,7 +176,7 @@ static void kasan_end_report(unsigned long *flags) pr_err("==================================================================\n"); add_taint(TAINT_BAD_PAGE, LOCKDEP_NOW_UNRELIABLE); spin_unlock_irqrestore(&report_lock, *flags);
- if (panic_on_warn)
- if (panic_on_warn && !test_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags)) panic("panic_on_warn set ...\n"); kasan_enable_current();
Seems this introduced a build failure when CONFIG_KASAN is enabled, as also reported by Sasha[1].
mm/kasan/report.c: In function ‘kasan_end_report’: mm/kasan/report.c:179:16: error: ‘KASAN_BIT_MULTI_SHOT’ undeclared (first use in this function) 179 | if (!test_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags)) | ^~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/bitops.h:342:25: note: in definition of macro ‘test_bit’ 342 | (__builtin_constant_p((nr)) \ | ^~ mm/kasan/report.c:179:16: note: each undeclared identifier is reported only once for each function it appears in 179 | if (!test_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags)) | ^~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/bitops.h:342:25: note: in definition of macro ‘test_bit’ 342 | (__builtin_constant_p((nr)) \ | ^~ mm/kasan/report.c:179:39: error: ‘kasan_flags’ undeclared (first use in this function) 179 | if (!test_bit(KASAN_BIT_MULTI_SHOT, &kasan_flags)) | ^~~~~~~~~~~ arch/x86/include/asm/bitops.h:343:30: note: in definition of macro ‘test_bit’ 343 | ? constant_test_bit((nr), (addr)) \ | ^~~~
I confirmed dropping this patch fixes the build failure. It causes a conflict to a following patch[1], but seems it's not that difficult to resolve. I updated kernel/panic.c part of the patch like attached below to resolve the conflict.
[1] https://lore.kernel.org/stable/Y9v3G6UantaCo29G@sashalap/ [2] https://lore.kernel.org/stable/20230202052604.179184-13-ebiggers@kernel.org/
Thanks, SJ
================================ >8 ===========================================
diff --git a/kernel/panic.c b/kernel/panic.c index a078d413042f..08b8adc55b2b 100644 --- a/kernel/panic.c +++ b/kernel/panic.c @@ -125,6 +125,12 @@ void nmi_panic(struct pt_regs *regs, const char *msg) } EXPORT_SYMBOL(nmi_panic);
+void check_panic_on_warn(const char *origin) +{ + if (panic_on_warn) + panic("%s: panic_on_warn set ...\n", origin); +} + /** * panic - halt the system * @fmt: The text string to print @@ -540,8 +546,7 @@ void __warn(const char *file, int line, void *caller, unsigned taint, if (args) vprintk(args->fmt, args->args);
- if (panic_on_warn) - panic("panic_on_warn set ...\n"); + check_panic_on_warn("kernel");
print_modules();