From nobody Thu Feb  8 16:36:32 2024
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TW2gP2s3hz5B0Rp;
	Thu,  8 Feb 2024 16:36:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TW2gP10jsz4NBg;
	Thu,  8 Feb 2024 16:36:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1707410193;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=A7KSiix/BFUiZezGvhaGVqUgT/IFetTH3a2RYIip6rg=;
	b=CPFA08lUc71X5KOAgIPWSAXlZj4ivlFUPtyN9h8P43zAM0OfJ/QaJg9/6NyYA2os4XpG64
	6/kXuscl9KcCkPkWioX0IPH3j421Rhf1rlG3CjALIB9hG73yplWC4NBair8z6GpeazdZ7A
	fb+BlgbE4L3aaJwVWTZRLt6Zb7yX4PlsRioUPqXS/WrpGkXTpbeWs1lr9+wYI5kp2wxytQ
	LHfoedxJ9rE2JvOovdOBIbiI1H/glbktJQtrO+PjbVuvytbTdJZtJibnExOuIs+FCLJoHC
	P94sKaU2lHeGTXRQlP9pJ1qQsIuYXG8Qqq4Nwc4KwZr94+i43uc2d2Lx1AMWGw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1707410193;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=A7KSiix/BFUiZezGvhaGVqUgT/IFetTH3a2RYIip6rg=;
	b=fsazLW0ReCUqTl3jv5Q5bfOTjRTg/xYlTQIdCcPUlTb08KkKiS5bFNYxLvIjaW/WJnjwAJ
	p2hZd1IC9rwj8a9pvwwPvMubqbwusdm8WIpDjNmuQBYRZncC9OYy7Prk/QIaNUx1mXraqv
	rn0xPb6Jsarpur95jqyiuhO21ONufUkJhf0TPfmQeWmQxtKQUm4kPsgwAnsZxrlv8DLFWY
	AMu9WXauVJW9LjFHBNfmrwPPusjSabX7//77BELY34F9xAvJUU27ZU1cTfDUVQBZ9XRCAx
	hePCK1y1P3lRTpNvhRMptgoJylYt5HL2kul4VNKMkg151Y8ofjrZAA8kk87EDw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707410193; a=rsa-sha256; cv=none;
	b=Ql77TxrNi/k1KZZhr8n7a2mqGnZZ33iMzS/VtXTP0U1d9CJ/9c11lC5PU7am6A3Nfjef73
	6enXk1iUOreNVcPMQFDR4pGzCMu7Bv+A4WY9RxuPTeSoIgnKYnjcPU8TXPQePwTG+2u8jj
	lExLW2iq4SSkipa9m7ta9iVhCeq7CY+CxR6cfNHM8kOrCXE3CHKjmoVUx+s2/oc472xqhW
	xTDyYyZjFUvU/hcApRGeI8+a0ddbeOma/lVTZFBomLGMPXoCBorhSdREQbV7PfwD2JRKKv
	8QfXKpBR9wDrsOP4iepvLADq2PH5zPLLwyZdhuuMgePJDDbZIwucHEm5MOG8Sw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TW2gP062fzwl2;
	Thu,  8 Feb 2024 16:36:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 418GaWsL020727;
	Thu, 8 Feb 2024 16:36:32 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 418GaW7k020724;
	Thu, 8 Feb 2024 16:36:32 GMT
	(envelope-from git)
Date: Thu, 8 Feb 2024 16:36:32 GMT
Message-Id: <202402081636.418GaW7k020724@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: c05d7bdaf63d - main - arm64: Make KMSAN aware of
  exceptions
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-all@freebsd.org
X-BeenThere: dev-commits-src-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: c05d7bdaf63dff2dede5aee742aeb8b1455e40d5
Auto-Submitted: auto-generated

The branch main has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=c05d7bdaf63dff2dede5aee742aeb8b1455e40d5

commit c05d7bdaf63dff2dede5aee742aeb8b1455e40d5
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-02-08 15:57:36 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-02-08 16:35:11 +0000

    arm64: Make KMSAN aware of exceptions
    
    - Call kmsan_intr_enter() when an exception occurs.  This ensures that
      code running in the exception context does not clobber thread-local
      KMSAN state.
    - Ensure that stack memory containing trap frames is treated as
      initialized.
    
    Co-authored-by: Alexander Stetsenko <alex.stetsenko@klarasystems.com>
    Reviewed by:    imp
    MFC after:      2 weeks
    Sponsored by:   Klara, Inc.
    Sponsored by:   Juniper Networks, Inc.
    Differential Revision:  https://reviews.freebsd.org/D43155
---
 sys/arm64/arm64/exception.S | 34 ++++++++++++++++++++++++++++++++++
 sys/arm64/arm64/trap.c      |  9 +++++++++
 sys/kern/subr_intr.c        |  2 ++
 3 files changed, 45 insertions(+)

diff --git a/sys/arm64/arm64/exception.S b/sys/arm64/arm64/exception.S
index b1990fc71281..bab71fed4453 100644
--- a/sys/arm64/arm64/exception.S
+++ b/sys/arm64/arm64/exception.S
@@ -193,55 +193,89 @@
 2:
 .endm
 
+#ifdef KMSAN
+/*
+ * The KMSAN runtime relies on a TLS block to track initialization and origin
+ * state for function parameters and return values.  To keep this state
+ * consistent in the face of asynchronous kernel-mode traps, the runtime
+ * maintains a stack of blocks: when handling an exception or interrupt,
+ * kmsan_intr_enter() pushes the new block to be used until the handler is
+ * complete, at which point kmsan_intr_leave() restores the previous block.
+ *
+ * Thus, KMSAN_ENTER/LEAVE hooks are required only in handlers for events that
+ * may have happened while in kernel-mode.  In particular, they are not required
+ * around amd64_syscall() or ast() calls.  Otherwise, kmsan_intr_enter() can be
+ * called unconditionally, without distinguishing between entry from user-mode
+ * or kernel-mode.
+ */
+#define	KMSAN_ENTER	bl kmsan_intr_enter
+#define	KMSAN_LEAVE	bl kmsan_intr_leave
+#else
+#define	KMSAN_ENTER
+#define	KMSAN_LEAVE
+#endif
+
 ENTRY(handle_el1h_sync)
 	save_registers 1
+	KMSAN_ENTER
 	ldr	x0, [x18, #PC_CURTHREAD]
 	mov	x1, sp
 	bl	do_el1h_sync
+	KMSAN_LEAVE
 	restore_registers 1
 	ERET
 END(handle_el1h_sync)
 
 ENTRY(handle_el1h_irq)
 	save_registers 1
+	KMSAN_ENTER
 	mov	x0, sp
 	bl	intr_irq_handler
+	KMSAN_LEAVE
 	restore_registers 1
 	ERET
 END(handle_el1h_irq)
 
 ENTRY(handle_el0_sync)
 	save_registers 0
+	KMSAN_ENTER
 	ldr	x0, [x18, #PC_CURTHREAD]
 	mov	x1, sp
 	str	x1, [x0, #TD_FRAME]
 	bl	do_el0_sync
 	do_ast
+	KMSAN_LEAVE
 	restore_registers 0
 	ERET
 END(handle_el0_sync)
 
 ENTRY(handle_el0_irq)
 	save_registers 0
+	KMSAN_ENTER
 	mov	x0, sp
 	bl	intr_irq_handler
 	do_ast
+	KMSAN_LEAVE
 	restore_registers 0
 	ERET
 END(handle_el0_irq)
 
 ENTRY(handle_serror)
 	save_registers 0
+	KMSAN_ENTER
 	mov	x0, sp
 1:	bl	do_serror
 	b	1b
+	KMSAN_LEAVE
 END(handle_serror)
 
 ENTRY(handle_empty_exception)
 	save_registers 0
+	KMSAN_ENTER
 	mov	x0, sp
 1:	bl	unhandled_exception
 	b	1b
+	KMSAN_LEAVE
 END(handle_empty_exception)
 
 .macro	vector	name, el
diff --git a/sys/arm64/arm64/trap.c b/sys/arm64/arm64/trap.c
index 03cac1e6450e..c0066ae7dcad 100644
--- a/sys/arm64/arm64/trap.c
+++ b/sys/arm64/arm64/trap.c
@@ -33,6 +33,7 @@
 #include <sys/kernel.h>
 #include <sys/ktr.h>
 #include <sys/lock.h>
+#include <sys/msan.h>
 #include <sys/mutex.h>
 #include <sys/proc.h>
 #include <sys/ptrace.h>
@@ -478,6 +479,8 @@ do_el1h_sync(struct thread *td, struct trapframe *frame)
 	int dfsc;
 
 	kasan_mark(frame, sizeof(*frame), sizeof(*frame), 0);
+	kmsan_mark(frame, sizeof(*frame), KMSAN_STATE_INITED);
+
 	far = frame->tf_far;
 	/* Read the esr register to get the exception details */
 	esr = frame->tf_esr;
@@ -591,6 +594,8 @@ do_el0_sync(struct thread *td, struct trapframe *frame)
 	     get_pcpu(), READ_SPECIALREG(tpidr_el1)));
 
 	kasan_mark(frame, sizeof(*frame), sizeof(*frame), 0);
+	kmsan_mark(frame, sizeof(*frame), KMSAN_STATE_INITED);
+
 	far = frame->tf_far;
 	esr = frame->tf_esr;
 	exception = ESR_ELx_EXCEPTION(esr);
@@ -737,6 +742,8 @@ do_serror(struct trapframe *frame)
 	uint64_t esr, far;
 
 	kasan_mark(frame, sizeof(*frame), sizeof(*frame), 0);
+	kmsan_mark(frame, sizeof(*frame), KMSAN_STATE_INITED);
+
 	far = frame->tf_far;
 	esr = frame->tf_esr;
 
@@ -752,6 +759,8 @@ unhandled_exception(struct trapframe *frame)
 	uint64_t esr, far;
 
 	kasan_mark(frame, sizeof(*frame), sizeof(*frame), 0);
+	kmsan_mark(frame, sizeof(*frame), KMSAN_STATE_INITED);
+
 	far = frame->tf_far;
 	esr = frame->tf_esr;
 
diff --git a/sys/kern/subr_intr.c b/sys/kern/subr_intr.c
index a03607c781b2..5958f9025b27 100644
--- a/sys/kern/subr_intr.c
+++ b/sys/kern/subr_intr.c
@@ -54,6 +54,7 @@
 #include <sys/kernel.h>
 #include <sys/lock.h>
 #include <sys/malloc.h>
+#include <sys/msan.h>
 #include <sys/mutex.h>
 #include <sys/proc.h>
 #include <sys/queue.h>
@@ -334,6 +335,7 @@ intr_irq_handler(struct trapframe *tf)
 	KASSERT(irq_root_filter != NULL, ("%s: no filter", __func__));
 
 	kasan_mark(tf, sizeof(*tf), sizeof(*tf), 0);
+	kmsan_mark(tf, sizeof(*tf), KMSAN_STATE_INITED);
 
 	VM_CNT_INC(v_intr);
 	critical_enter();