From: David Rientjes <rientjes@google.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Dave Kleikamp <shaggy@kernel.org>, Christoph Hellwig <hch@lst.de>,
Sebastian Ott <sebott@linux.vnet.ibm.com>,
Mikulas Patocka <mpatocka@redhat.com>,
Catalin Marinas <catalin.marinas@arm.com>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
jfs-discussion@lists.sourceforge.net
Subject: [patch 1/4] fs, jfs: remove slab object constructor
Date: Tue, 24 Mar 2015 16:08:41 -0700 (PDT) [thread overview]
Message-ID: <alpine.DEB.2.10.1503241607240.21805@chino.kir.corp.google.com> (raw)
Mempools based on slab caches with object constructors are risky because
element allocation can happen either from the slab cache itself, meaning
the constructor is properly called before returning, or from the mempool
reserve pool, meaning the constructor is not called before returning,
depending on the allocation context.
For this reason, we should disallow creating mempools based on slab
caches that have object constructors. Callers of mempool_alloc() will
be responsible for properly initializing the returned element.
Then, it doesn't matter if the element came from the slab cache or the
mempool reserved pool.
The only occurrence of a mempool being based on a slab cache with an
object constructor in the tree is in fs/jfs/jfs_metapage.c. Remove it
and properly initialize the element in alloc_metapage().
At the same time, META_free is never used, so remove it as well.
Signed-off-by: David Rientjes <rientjes@google.com>
---
fs/jfs/jfs_metapage.c | 31 ++++++++++++-------------------
fs/jfs/jfs_metapage.h | 1 -
2 files changed, 12 insertions(+), 20 deletions(-)
diff --git a/fs/jfs/jfs_metapage.c b/fs/jfs/jfs_metapage.c
--- a/fs/jfs/jfs_metapage.c
+++ b/fs/jfs/jfs_metapage.c
@@ -183,30 +183,23 @@ static inline void remove_metapage(struct page *page, struct metapage *mp)
#endif
-static void init_once(void *foo)
-{
- struct metapage *mp = (struct metapage *)foo;
-
- mp->lid = 0;
- mp->lsn = 0;
- mp->flag = 0;
- mp->data = NULL;
- mp->clsn = 0;
- mp->log = NULL;
- set_bit(META_free, &mp->flag);
- init_waitqueue_head(&mp->wait);
-}
-
static inline struct metapage *alloc_metapage(gfp_t gfp_mask)
{
- return mempool_alloc(metapage_mempool, gfp_mask);
+ struct metapage *mp = mempool_alloc(metapage_mempool, gfp_mask);
+
+ if (mp) {
+ mp->lid = 0;
+ mp->lsn = 0;
+ mp->data = NULL;
+ mp->clsn = 0;
+ mp->log = NULL;
+ init_waitqueue_head(&mp->wait);
+ }
+ return mp;
}
static inline void free_metapage(struct metapage *mp)
{
- mp->flag = 0;
- set_bit(META_free, &mp->flag);
-
mempool_free(mp, metapage_mempool);
}
@@ -216,7 +209,7 @@ int __init metapage_init(void)
* Allocate the metapage structures
*/
metapage_cache = kmem_cache_create("jfs_mp", sizeof(struct metapage),
- 0, 0, init_once);
+ 0, 0, NULL);
if (metapage_cache == NULL)
return -ENOMEM;
diff --git a/fs/jfs/jfs_metapage.h b/fs/jfs/jfs_metapage.h
--- a/fs/jfs/jfs_metapage.h
+++ b/fs/jfs/jfs_metapage.h
@@ -48,7 +48,6 @@ struct metapage {
/* metapage flag */
#define META_locked 0
-#define META_free 1
#define META_dirty 2
#define META_sync 3
#define META_discard 4
WARNING: multiple messages have this Message-ID (diff)
From: David Rientjes <rientjes@google.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Dave Kleikamp <shaggy@kernel.org>, Christoph Hellwig <hch@lst.de>,
Sebastian Ott <sebott@linux.vnet.ibm.com>,
Mikulas Patocka <mpatocka@redhat.com>,
Catalin Marinas <catalin.marinas@arm.com>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
jfs-discussion@lists.sourceforge.net
Subject: [patch 1/4] fs, jfs: remove slab object constructor
Date: Tue, 24 Mar 2015 16:08:41 -0700 (PDT) [thread overview]
Message-ID: <alpine.DEB.2.10.1503241607240.21805@chino.kir.corp.google.com> (raw)
Mempools based on slab caches with object constructors are risky because
element allocation can happen either from the slab cache itself, meaning
the constructor is properly called before returning, or from the mempool
reserve pool, meaning the constructor is not called before returning,
depending on the allocation context.
For this reason, we should disallow creating mempools based on slab
caches that have object constructors. Callers of mempool_alloc() will
be responsible for properly initializing the returned element.
Then, it doesn't matter if the element came from the slab cache or the
mempool reserved pool.
The only occurrence of a mempool being based on a slab cache with an
object constructor in the tree is in fs/jfs/jfs_metapage.c. Remove it
and properly initialize the element in alloc_metapage().
At the same time, META_free is never used, so remove it as well.
Signed-off-by: David Rientjes <rientjes@google.com>
---
fs/jfs/jfs_metapage.c | 31 ++++++++++++-------------------
fs/jfs/jfs_metapage.h | 1 -
2 files changed, 12 insertions(+), 20 deletions(-)
diff --git a/fs/jfs/jfs_metapage.c b/fs/jfs/jfs_metapage.c
--- a/fs/jfs/jfs_metapage.c
+++ b/fs/jfs/jfs_metapage.c
@@ -183,30 +183,23 @@ static inline void remove_metapage(struct page *page, struct metapage *mp)
#endif
-static void init_once(void *foo)
-{
- struct metapage *mp = (struct metapage *)foo;
-
- mp->lid = 0;
- mp->lsn = 0;
- mp->flag = 0;
- mp->data = NULL;
- mp->clsn = 0;
- mp->log = NULL;
- set_bit(META_free, &mp->flag);
- init_waitqueue_head(&mp->wait);
-}
-
static inline struct metapage *alloc_metapage(gfp_t gfp_mask)
{
- return mempool_alloc(metapage_mempool, gfp_mask);
+ struct metapage *mp = mempool_alloc(metapage_mempool, gfp_mask);
+
+ if (mp) {
+ mp->lid = 0;
+ mp->lsn = 0;
+ mp->data = NULL;
+ mp->clsn = 0;
+ mp->log = NULL;
+ init_waitqueue_head(&mp->wait);
+ }
+ return mp;
}
static inline void free_metapage(struct metapage *mp)
{
- mp->flag = 0;
- set_bit(META_free, &mp->flag);
-
mempool_free(mp, metapage_mempool);
}
@@ -216,7 +209,7 @@ int __init metapage_init(void)
* Allocate the metapage structures
*/
metapage_cache = kmem_cache_create("jfs_mp", sizeof(struct metapage),
- 0, 0, init_once);
+ 0, 0, NULL);
if (metapage_cache == NULL)
return -ENOMEM;
diff --git a/fs/jfs/jfs_metapage.h b/fs/jfs/jfs_metapage.h
--- a/fs/jfs/jfs_metapage.h
+++ b/fs/jfs/jfs_metapage.h
@@ -48,7 +48,6 @@ struct metapage {
/* metapage flag */
#define META_locked 0
-#define META_free 1
#define META_dirty 2
#define META_sync 3
#define META_discard 4
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next reply other threads:[~2015-03-24 23:08 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-24 23:08 David Rientjes [this message]
2015-03-24 23:08 ` [patch 1/4] fs, jfs: remove slab object constructor David Rientjes
2015-03-24 23:09 ` [patch 2/4] mm, mempool: disallow mempools based on slab caches with constructors David Rientjes
2015-03-24 23:09 ` David Rientjes
2015-03-24 23:09 ` [patch v2 3/4] mm, mempool: poison elements backed by slab allocator David Rientjes
2015-03-24 23:09 ` David Rientjes
2015-03-24 23:10 ` [patch v2 4/4] mm, mempool: poison elements backed by page allocator David Rientjes
2015-03-24 23:10 ` David Rientjes
2015-03-25 21:55 ` Andrew Morton
2015-03-25 21:55 ` Andrew Morton
2015-03-26 16:07 ` Andrey Ryabinin
2015-03-26 16:07 ` Andrey Ryabinin
2015-03-26 20:38 ` Andrey Ryabinin
2015-03-26 20:38 ` Andrey Ryabinin
2015-03-26 22:50 ` David Rientjes
2015-03-26 22:50 ` David Rientjes
2015-03-30 8:53 ` Andrey Ryabinin
2015-03-30 8:53 ` Andrey Ryabinin
2015-03-31 11:33 ` Andrey Ryabinin
2015-03-31 11:33 ` Andrey Ryabinin
2015-04-03 1:04 ` David Rientjes
2015-04-03 1:04 ` David Rientjes
2015-04-03 1:07 ` [patch -mm] mm, mempool: poison elements backed by page allocator fix fix David Rientjes
2015-04-03 1:07 ` David Rientjes
2015-03-24 23:41 ` [patch 1/4] fs, jfs: remove slab object constructor Dave Kleikamp
2015-03-24 23:41 ` Dave Kleikamp
2015-03-26 2:18 ` Mikulas Patocka
2015-03-26 2:18 ` Mikulas Patocka
2015-03-26 2:37 ` David Rientjes
2015-03-26 2:37 ` David Rientjes
2015-03-26 7:28 ` Christoph Hellwig
2015-03-26 7:28 ` Christoph Hellwig
2015-03-26 14:57 ` Dave Kleikamp
2015-03-26 14:57 ` Dave Kleikamp
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.10.1503241607240.21805@chino.kir.corp.google.com \
--to=rientjes@google.com \
--cc=akpm@linux-foundation.org \
--cc=catalin.marinas@arm.com \
--cc=hch@lst.de \
--cc=jfs-discussion@lists.sourceforge.net \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mpatocka@redhat.com \
--cc=sebott@linux.vnet.ibm.com \
--cc=shaggy@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.