141b7a347SDaniel AxtensKASAN is supported on powerpc on 32-bit and Radix 64-bit only. 260e832deSDaniel Axtens 360e832deSDaniel Axtens32 bit support 460e832deSDaniel Axtens============== 560e832deSDaniel Axtens 660e832deSDaniel AxtensKASAN is supported on both hash and nohash MMUs on 32-bit. 760e832deSDaniel Axtens 860e832deSDaniel AxtensThe shadow area sits at the top of the kernel virtual memory space above the 960e832deSDaniel Axtensfixmap area and occupies one eighth of the total kernel virtual memory space. 1060e832deSDaniel Axtens 1160e832deSDaniel AxtensInstrumentation of the vmalloc area is optional, unless built with modules, 1260e832deSDaniel Axtensin which case it is required. 1341b7a347SDaniel Axtens 1441b7a347SDaniel Axtens64 bit support 1541b7a347SDaniel Axtens============== 1641b7a347SDaniel Axtens 1741b7a347SDaniel AxtensCurrently, only the radix MMU is supported. There have been versions for hash 1841b7a347SDaniel Axtensand Book3E processors floating around on the mailing list, but nothing has been 1941b7a347SDaniel Axtensmerged. 2041b7a347SDaniel Axtens 2141b7a347SDaniel AxtensKASAN support on Book3S is a bit tricky to get right: 2241b7a347SDaniel Axtens 2341b7a347SDaniel Axtens - It would be good to support inline instrumentation so as to be able to catch 2441b7a347SDaniel Axtens stack issues that cannot be caught with outline mode. 2541b7a347SDaniel Axtens 2641b7a347SDaniel Axtens - Inline instrumentation requires a fixed offset. 2741b7a347SDaniel Axtens 2841b7a347SDaniel Axtens - Book3S runs code with translations off ("real mode") during boot, including a 2941b7a347SDaniel Axtens lot of generic device-tree parsing code which is used to determine MMU 3041b7a347SDaniel Axtens features. 3141b7a347SDaniel Axtens 3241b7a347SDaniel Axtens - Some code - most notably a lot of KVM code - also runs with translations off 3341b7a347SDaniel Axtens after boot. 3441b7a347SDaniel Axtens 3541b7a347SDaniel Axtens - Therefore any offset has to point to memory that is valid with 3641b7a347SDaniel Axtens translations on or off. 3741b7a347SDaniel Axtens 3841b7a347SDaniel AxtensOne approach is just to give up on inline instrumentation. This way boot-time 3941b7a347SDaniel Axtenschecks can be delayed until after the MMU is set is up, and we can just not 4041b7a347SDaniel Axtensinstrument any code that runs with translations off after booting. This is the 4141b7a347SDaniel Axtenscurrent approach. 4241b7a347SDaniel Axtens 43*d56b699dSBjorn HelgaasTo avoid this limitation, the KASAN shadow would have to be placed inside the 4441b7a347SDaniel Axtenslinear mapping, using the same high-bits trick we use for the rest of the linear 4541b7a347SDaniel Axtensmapping. This is tricky: 4641b7a347SDaniel Axtens 4741b7a347SDaniel Axtens - We'd like to place it near the start of physical memory. In theory we can do 4841b7a347SDaniel Axtens this at run-time based on how much physical memory we have, but this requires 4941b7a347SDaniel Axtens being able to arbitrarily relocate the kernel, which is basically the tricky 5041b7a347SDaniel Axtens part of KASLR. Not being game to implement both tricky things at once, this 5141b7a347SDaniel Axtens is hopefully something we can revisit once we get KASLR for Book3S. 5241b7a347SDaniel Axtens 5341b7a347SDaniel Axtens - Alternatively, we can place the shadow at the _end_ of memory, but this 5441b7a347SDaniel Axtens requires knowing how much contiguous physical memory a system has _at compile 5541b7a347SDaniel Axtens time_. This is a big hammer, and has some unfortunate consequences: inablity 5641b7a347SDaniel Axtens to handle discontiguous physical memory, total failure to boot on machines 5741b7a347SDaniel Axtens with less memory than specified, and that machines with more memory than 5841b7a347SDaniel Axtens specified can't use it. This was deemed unacceptable. 59