From: Jann Horn <jannh@google.com>
To: Marco Elver <elver@google.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Alexander Potapenko <glider@google.com>,
"H . Peter Anvin" <hpa@zytor.com>,
"Paul E . McKenney" <paulmck@kernel.org>,
Andrey Konovalov <andreyknvl@google.com>,
Andrey Ryabinin <aryabinin@virtuozzo.com>,
Andy Lutomirski <luto@kernel.org>,
Borislav Petkov <bp@alien8.de>,
Catalin Marinas <catalin.marinas@arm.com>,
Christoph Lameter <cl@linux.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
David Rientjes <rientjes@google.com>,
Dmitry Vyukov <dvyukov@google.com>,
Eric Dumazet <edumazet@google.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Hillf Danton <hdanton@sina.com>, Ingo Molnar <mingo@redhat.com>,
Jonathan Cameron <Jonathan.Cameron@huawei.com>,
Jonathan Corbet <corbet@lwn.net>,
Joonsoo Kim <iamjoonsoo.kim@lge.com>,
joern@purestorage.com, Kees Cook <keescook@chromium.org>,
Mark Rutland <mark.rutland@arm.com>,
Pekka Enberg <penberg@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
SeongJae Park <sjpark@amazon.com>,
Thomas Gleixner <tglx@linutronix.de>,
Vlastimil Babka <vbabka@suse.cz>, Will Deacon <will@kernel.org>,
"the arch/x86 maintainers" <x86@kernel.org>,
"open list:DOCUMENTATION" <linux-doc@vger.kernel.org>,
kernel list <linux-kernel@vger.kernel.org>,
kasan-dev <kasan-dev@googlegroups.com>,
Linux ARM <linux-arm-kernel@lists.infradead.org>,
Linux-MM <linux-mm@kvack.org>
Subject: Re: [PATCH v6 5/9] mm, kfence: insert KFENCE hooks for SLUB
Date: Fri, 30 Oct 2020 03:49:41 +0100 [thread overview]
Message-ID: <CAG48ez005N4SVKNXDL7k1C+JPiEbY7eTBJ+kL53N7g=bgWGAeQ@mail.gmail.com> (raw)
In-Reply-To: <20201029131649.182037-6-elver@google.com>
On Thu, Oct 29, 2020 at 2:17 PM Marco Elver <elver@google.com> wrote:
> Inserts KFENCE hooks into the SLUB allocator.
>
> To pass the originally requested size to KFENCE, add an argument
> 'orig_size' to slab_alloc*(). The additional argument is required to
> preserve the requested original size for kmalloc() allocations, which
> uses size classes (e.g. an allocation of 272 bytes will return an object
> of size 512). Therefore, kmem_cache::size does not represent the
> kmalloc-caller's requested size, and we must introduce the argument
> 'orig_size' to propagate the originally requested size to KFENCE.
>
> Without the originally requested size, we would not be able to detect
> out-of-bounds accesses for objects placed at the end of a KFENCE object
> page if that object is not equal to the kmalloc-size class it was
> bucketed into.
>
> When KFENCE is disabled, there is no additional overhead, since
> slab_alloc*() functions are __always_inline.
>
> Reviewed-by: Dmitry Vyukov <dvyukov@google.com>
> Co-developed-by: Marco Elver <elver@google.com>
> Signed-off-by: Marco Elver <elver@google.com>
> Signed-off-by: Alexander Potapenko <glider@google.com>
Reviewed-by: Jann Horn <jannh@google.com>
if you fix one nit:
[...]
> diff --git a/mm/slub.c b/mm/slub.c
[...]
> @@ -2658,7 +2664,8 @@ static inline void *get_freelist(struct kmem_cache *s, struct page *page)
> * already disabled (which is the case for bulk allocation).
> */
> static void *___slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
> - unsigned long addr, struct kmem_cache_cpu *c)
> + unsigned long addr, struct kmem_cache_cpu *c,
> + size_t orig_size)
orig_size is added as a new argument, but never used. (And if you
remove this argument, __slab_alloc will also not be using its
orig_size argument anymore.)
> {
> void *freelist;
> struct page *page;
> @@ -2763,7 +2770,8 @@ static void *___slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
> * cpu changes by refetching the per cpu area pointer.
> */
> static void *__slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
> - unsigned long addr, struct kmem_cache_cpu *c)
> + unsigned long addr, struct kmem_cache_cpu *c,
> + size_t orig_size)
> {
> void *p;
> unsigned long flags;
> @@ -2778,7 +2786,7 @@ static void *__slab_alloc(struct kmem_cache *s, gfp_t gfpflags, int node,
> c = this_cpu_ptr(s->cpu_slab);
> #endif
>
> - p = ___slab_alloc(s, gfpflags, node, addr, c);
> + p = ___slab_alloc(s, gfpflags, node, addr, c, orig_size);
> local_irq_restore(flags);
> return p;
> }
next prev parent reply other threads:[~2020-10-30 2:50 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-29 13:16 [PATCH v6 0/9] KFENCE: A low-overhead sampling-based memory safety error detector Marco Elver
2020-10-29 13:16 ` [PATCH v6 1/9] mm: add Kernel Electric-Fence infrastructure Marco Elver
2020-10-30 2:49 ` Jann Horn
2020-10-30 19:16 ` Marco Elver
2020-10-29 13:16 ` [PATCH v6 2/9] x86, kfence: enable KFENCE for x86 Marco Elver
2020-10-30 2:49 ` Jann Horn
2020-10-30 13:00 ` Marco Elver
2020-10-30 15:22 ` Jann Horn
2020-10-29 13:16 ` [PATCH v6 3/9] arm64, kfence: enable KFENCE for ARM64 Marco Elver
2020-10-30 2:49 ` Jann Horn
2020-10-30 16:00 ` Mark Rutland
2020-10-30 15:47 ` Mark Rutland
2020-10-30 15:54 ` Marco Elver
2020-10-29 13:16 ` [PATCH v6 4/9] mm, kfence: insert KFENCE hooks for SLAB Marco Elver
2020-10-30 2:49 ` Jann Horn
2020-10-30 15:41 ` Marco Elver
2020-10-29 13:16 ` [PATCH v6 5/9] mm, kfence: insert KFENCE hooks for SLUB Marco Elver
2020-10-30 2:49 ` Jann Horn [this message]
2020-10-29 13:16 ` [PATCH v6 6/9] kfence, kasan: make KFENCE compatible with KASAN Marco Elver
2020-10-30 2:49 ` Jann Horn
2020-10-30 13:46 ` Marco Elver
2020-10-30 15:08 ` Jann Horn
2020-10-30 15:19 ` Marco Elver
2020-10-29 13:16 ` [PATCH v6 7/9] kfence, Documentation: add KFENCE documentation Marco Elver
2020-10-30 2:49 ` Jann Horn
2020-10-30 9:59 ` Alexander Potapenko
2020-10-29 13:16 ` [PATCH v6 8/9] kfence: add test suite Marco Elver
2020-10-30 2:49 ` Jann Horn
2020-10-30 10:50 ` Marco Elver
2020-10-29 13:16 ` [PATCH v6 9/9] MAINTAINERS: Add entry for KFENCE Marco Elver
2020-10-30 2:50 ` Jann Horn
2020-10-30 2:49 ` [PATCH v6 0/9] KFENCE: A low-overhead sampling-based memory safety error detector Jann Horn
2020-10-30 10:56 ` Marco Elver
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAG48ez005N4SVKNXDL7k1C+JPiEbY7eTBJ+kL53N7g=bgWGAeQ@mail.gmail.com' \
--to=jannh@google.com \
--cc=Jonathan.Cameron@huawei.com \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@google.com \
--cc=aryabinin@virtuozzo.com \
--cc=bp@alien8.de \
--cc=catalin.marinas@arm.com \
--cc=cl@linux.com \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=dvyukov@google.com \
--cc=edumazet@google.com \
--cc=elver@google.com \
--cc=glider@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=hdanton@sina.com \
--cc=hpa@zytor.com \
--cc=iamjoonsoo.kim@lge.com \
--cc=joern@purestorage.com \
--cc=kasan-dev@googlegroups.com \
--cc=keescook@chromium.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=mark.rutland@arm.com \
--cc=mingo@redhat.com \
--cc=paulmck@kernel.org \
--cc=penberg@kernel.org \
--cc=peterz@infradead.org \
--cc=rientjes@google.com \
--cc=sjpark@amazon.com \
--cc=tglx@linutronix.de \
--cc=vbabka@suse.cz \
--cc=will@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).