* [PATCH v1] mm, kasan: don't call kasan_krealloc() from ksize(). Add a ksize() test.
@ 2016-04-11 17:10 ` Alexander Potapenko
0 siblings, 0 replies; 4+ messages in thread
From: Alexander Potapenko @ 2016-04-11 17:10 UTC (permalink / raw)
To: adech.fo, cl, dvyukov, akpm, ryabinin.a.a, kcc
Cc: kasan-dev, linux-kernel, linux-mm
Instead of calling kasan_krealloc(), which replaces the memory allocation
stack ID (if stack depot is used), just unpoison the whole memory chunk.
Add a test that makes sure ksize() unpoisons the whole chunk.
Signed-off-by: Alexander Potapenko <glider@google.com>
---
lib/test_kasan.c | 20 ++++++++++++++++++++
mm/slab.c | 2 +-
mm/slub.c | 5 +++--
3 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/lib/test_kasan.c b/lib/test_kasan.c
index 82169fb..48e5a0b 100644
--- a/lib/test_kasan.c
+++ b/lib/test_kasan.c
@@ -344,6 +344,25 @@ static noinline void __init kasan_stack_oob(void)
*(volatile char *)p;
}
+static noinline void __init ksize_unpoisons_memory(void)
+{
+ char *ptr;
+ size_t size = 123, real_size = size;
+
+ pr_info("ksize() unpoisons the whole allocated chunk\n");
+ ptr = kmalloc(size, GFP_KERNEL);
+ if (!ptr) {
+ pr_err("Allocation failed\n");
+ return;
+ }
+ real_size = ksize(ptr);
+ /* This access doesn't trigger an error. */
+ ptr[size] = 'x';
+ /* This one does. */
+ ptr[real_size] = 'y';
+ kfree(ptr);
+}
+
static int __init kmalloc_tests_init(void)
{
kmalloc_oob_right();
@@ -367,6 +386,7 @@ static int __init kmalloc_tests_init(void)
kmem_cache_oob();
kasan_stack_oob();
kasan_global_oob();
+ ksize_unpoisons_memory();
return -EAGAIN;
}
diff --git a/mm/slab.c b/mm/slab.c
index 17e2848..de46319 100644
--- a/mm/slab.c
+++ b/mm/slab.c
@@ -4324,7 +4324,7 @@ size_t ksize(const void *objp)
/* We assume that ksize callers could use the whole allocated area,
* so we need to unpoison this area.
*/
- kasan_krealloc(objp, size, GFP_NOWAIT);
+ kasan_unpoison_shadow(objp, size);
return size;
}
diff --git a/mm/slub.c b/mm/slub.c
index 4dbb109e..62194e2 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -3635,8 +3635,9 @@ size_t ksize(const void *object)
{
size_t size = __ksize(object);
/* We assume that ksize callers could use whole allocated area,
- so we need unpoison this area. */
- kasan_krealloc(object, size, GFP_NOWAIT);
+ * so we need to unpoison this area.
+ */
+ kasan_unpoison_shadow(object, size);
return size;
}
EXPORT_SYMBOL(ksize);
--
2.8.0.rc3.226.g39d4020
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH v1] mm, kasan: don't call kasan_krealloc() from ksize(). Add a ksize() test.
@ 2016-04-11 17:10 ` Alexander Potapenko
0 siblings, 0 replies; 4+ messages in thread
From: Alexander Potapenko @ 2016-04-11 17:10 UTC (permalink / raw)
To: adech.fo, cl, dvyukov, akpm, ryabinin.a.a, kcc
Cc: kasan-dev, linux-kernel, linux-mm
Instead of calling kasan_krealloc(), which replaces the memory allocation
stack ID (if stack depot is used), just unpoison the whole memory chunk.
Add a test that makes sure ksize() unpoisons the whole chunk.
Signed-off-by: Alexander Potapenko <glider@google.com>
---
lib/test_kasan.c | 20 ++++++++++++++++++++
mm/slab.c | 2 +-
mm/slub.c | 5 +++--
3 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/lib/test_kasan.c b/lib/test_kasan.c
index 82169fb..48e5a0b 100644
--- a/lib/test_kasan.c
+++ b/lib/test_kasan.c
@@ -344,6 +344,25 @@ static noinline void __init kasan_stack_oob(void)
*(volatile char *)p;
}
+static noinline void __init ksize_unpoisons_memory(void)
+{
+ char *ptr;
+ size_t size = 123, real_size = size;
+
+ pr_info("ksize() unpoisons the whole allocated chunk\n");
+ ptr = kmalloc(size, GFP_KERNEL);
+ if (!ptr) {
+ pr_err("Allocation failed\n");
+ return;
+ }
+ real_size = ksize(ptr);
+ /* This access doesn't trigger an error. */
+ ptr[size] = 'x';
+ /* This one does. */
+ ptr[real_size] = 'y';
+ kfree(ptr);
+}
+
static int __init kmalloc_tests_init(void)
{
kmalloc_oob_right();
@@ -367,6 +386,7 @@ static int __init kmalloc_tests_init(void)
kmem_cache_oob();
kasan_stack_oob();
kasan_global_oob();
+ ksize_unpoisons_memory();
return -EAGAIN;
}
diff --git a/mm/slab.c b/mm/slab.c
index 17e2848..de46319 100644
--- a/mm/slab.c
+++ b/mm/slab.c
@@ -4324,7 +4324,7 @@ size_t ksize(const void *objp)
/* We assume that ksize callers could use the whole allocated area,
* so we need to unpoison this area.
*/
- kasan_krealloc(objp, size, GFP_NOWAIT);
+ kasan_unpoison_shadow(objp, size);
return size;
}
diff --git a/mm/slub.c b/mm/slub.c
index 4dbb109e..62194e2 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -3635,8 +3635,9 @@ size_t ksize(const void *object)
{
size_t size = __ksize(object);
/* We assume that ksize callers could use whole allocated area,
- so we need unpoison this area. */
- kasan_krealloc(object, size, GFP_NOWAIT);
+ * so we need to unpoison this area.
+ */
+ kasan_unpoison_shadow(object, size);
return size;
}
EXPORT_SYMBOL(ksize);
--
2.8.0.rc3.226.g39d4020
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH v1] mm, kasan: don't call kasan_krealloc() from ksize(). Add a ksize() test.
2016-04-11 17:10 ` Alexander Potapenko
@ 2016-04-13 8:20 ` Andrey Ryabinin
-1 siblings, 0 replies; 4+ messages in thread
From: Andrey Ryabinin @ 2016-04-13 8:20 UTC (permalink / raw)
To: Alexander Potapenko
Cc: Andrey Konovalov, Christoph Lameter, Dmitry Vyukov,
Andrew Morton, Kostya Serebryany, kasan-dev, LKML, linux-mm
2016-04-11 20:10 GMT+03:00 Alexander Potapenko <glider@google.com>:
> Instead of calling kasan_krealloc(), which replaces the memory allocation
> stack ID (if stack depot is used), just unpoison the whole memory chunk.
> Add a test that makes sure ksize() unpoisons the whole chunk.
>
Split in two please.
> Signed-off-by: Alexander Potapenko <glider@google.com>
> ---
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH v1] mm, kasan: don't call kasan_krealloc() from ksize(). Add a ksize() test.
@ 2016-04-13 8:20 ` Andrey Ryabinin
0 siblings, 0 replies; 4+ messages in thread
From: Andrey Ryabinin @ 2016-04-13 8:20 UTC (permalink / raw)
To: Alexander Potapenko
Cc: Andrey Konovalov, Christoph Lameter, Dmitry Vyukov,
Andrew Morton, Kostya Serebryany, kasan-dev, LKML, linux-mm
2016-04-11 20:10 GMT+03:00 Alexander Potapenko <glider@google.com>:
> Instead of calling kasan_krealloc(), which replaces the memory allocation
> stack ID (if stack depot is used), just unpoison the whole memory chunk.
> Add a test that makes sure ksize() unpoisons the whole chunk.
>
Split in two please.
> Signed-off-by: Alexander Potapenko <glider@google.com>
> ---
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-04-13 8:20 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-04-11 17:10 [PATCH v1] mm, kasan: don't call kasan_krealloc() from ksize(). Add a ksize() test Alexander Potapenko
2016-04-11 17:10 ` Alexander Potapenko
2016-04-13 8:20 ` Andrey Ryabinin
2016-04-13 8:20 ` Andrey Ryabinin
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.