On Fri, Sep 5, 2025 at 9:13 PM Christophe Leroy <christophe.le...@csgroup.eu> wrote: > > > Hm, I thought it worked like that, but then what threw me off just now > > was seeing that zero_pte_populate()->pte_wrprotect() (on arm64) resets > > the PTE_WRITE bit and sets the PTE_RDONLY bit. So I thought the > > kasan_early_shadow_page is marked as read-only and then the > > instrumentation is disabled for all early code that might write into > > the page before the proper shadow is set up. Or am I reading this > > bit-setting code wrong? > > But that zero_pte_populate() is called by kasan_init() when everything > is ready. > > kasan_init()->kasan_init_shadow()->kasan_populate_early_shadow()->zero_p4d_populate()->zero_pud_populate()->zero_pmd_populate()->zero_pte_populate() > > Here we are talking about the shadow set at startup kasan_early_init(), > aren't we ?
Ah, you're right, thanks! I was confused by the name of kasan_populate_early_shadow(). I think we should rename it to kasan_populate_shadow_read_only() or something like that and also update the comment. As this function is not intended for populating early shadow (that is done via kasan_early_init() in the arch code instead), we're populating normal shadow for pages that can be accessed but whose shadow won't be written to. Perhaps it makes sense to come up with a better name for the kasan_early_shadow_page variable too to point out its dual purpose.
