From: Igor Stoppa <igor.stoppa@huawei.com>
To: J Freyensee <why2jjj.linux@gmail.com>, <david@fromorbit.com>,
<willy@infradead.org>, <keescook@chromium.org>,
<mhocko@kernel.org>
Cc: <labbott@redhat.com>, <linux-security-module@vger.kernel.org>,
<linux-mm@kvack.org>, <linux-kernel@vger.kernel.org>,
<kernel-hardening@lists.openwall.com>
Subject: Re: [PATCH 7/7] Documentation for Pmalloc
Date: Mon, 26 Feb 2018 17:39:07 +0200 [thread overview]
Message-ID: <181b20bb-b0ae-c337-d4bd-03b6ddfed749@huawei.com> (raw)
In-Reply-To: <98b2fecf-c1b3-aa5e-ba70-2770940bb965@gmail.com>
On 24/02/18 02:26, J Freyensee wrote:
>
>
> On 2/23/18 6:48 AM, Igor Stoppa wrote:
[...]
>> +- Before destroying a pool, all the memory allocated from it must be
>> + released.
>
> Is that true? pmalloc_destroy_pool() has:
>
> .
> .
> + pmalloc_pool_set_protection(pool, false);
> + gen_pool_for_each_chunk(pool, pmalloc_chunk_free, NULL);
> + gen_pool_destroy(pool);
> + kfree(data);
>
> which to me looks like is the opposite, the data (ie, "memory") is being
> released first, then the pool is destroyed.
well, this is embarrassing ... yes I had this prototype code, because I
was wondering if it wouldn't make more sense to tear down the pool as
fast as possible. It slipped in, apparently.
I'm actually tempted to leave it in and fix the comment.
[...]
>> +
>> +- pmalloc does not provide locking support with respect to allocating vs
>> + protecting an individual pool, for performance reasons.
>
> What is the recommendation to using locks then, as the computing
> real-world mainly operates in multi-threaded/process world?
How common are multi-threaded allocations of write-once memory?
Here we are talking exclusively about the part of the memory life-cycle
where it is allocated (from pmalloc).
> Maybe show
> an example of an issue that occur if locks aren't used and give a coding
> example.
An example of how to use a mutex to access a shared resource? :-O
This part below, under your question, was supposed to be the answer :-(
>> + It is recommended not to share the same pool between unrelated functions.
>> + Should sharing be a necessity, the user of the shared pool is expected
>> + to implement locking for that pool.
[...]
>> +- pmalloc uses genalloc to optimize the use of the space it allocates
>> + through vmalloc. Some more TLB entries will be used, however less than
>> + in the case of using vmalloc directly. The exact number depends on the
>> + size of each allocation request and possible slack.
>> +
>> +- Considering that not much data is supposed to be dynamically allocated
>> + and then marked as read-only, it shouldn't be an issue that the address
>> + range for pmalloc is limited, on 32-bit systems.
>
> Why is 32-bit systems mentioned and not 64-bit?
Because, as written, on 32 bit system the vmalloc range is relatively
small, so one might wonder if there are enough addresses.
> Is there a problem with 64-bit here?
Quite the opposite.
I thought it was clear, but obviously it isn't, I'll reword this.
-igor
next prev parent reply other threads:[~2018-02-26 15:39 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-23 14:48 [RFC PATCH v17 0/7] mm: security: ro protection for dynamic data Igor Stoppa
2018-02-23 14:48 ` [PATCH 1/7] genalloc: track beginning of allocations Igor Stoppa
2018-02-23 22:28 ` J Freyensee
2018-02-26 12:09 ` Igor Stoppa
2018-02-26 17:32 ` J Freyensee
2018-02-26 18:44 ` Igor Stoppa
2018-02-25 3:37 ` kbuild test robot
2018-02-23 14:48 ` [PATCH 2/7] genalloc: selftest Igor Stoppa
2018-02-23 22:42 ` J Freyensee
2018-02-26 12:11 ` Igor Stoppa
2018-02-26 17:46 ` J Freyensee
2018-02-26 18:00 ` Igor Stoppa
2018-02-26 19:12 ` Matthew Wilcox
2018-02-26 19:26 ` Igor Stoppa
2018-02-23 14:48 ` [PATCH 3/7] struct page: add field for vm_struct Igor Stoppa
2018-02-25 3:38 ` Matthew Wilcox
2018-02-26 16:37 ` Igor Stoppa
2018-02-23 14:48 ` [PATCH 4/7] Protectable Memory Igor Stoppa
2018-02-24 0:10 ` J Freyensee
2018-02-26 14:28 ` Igor Stoppa
2018-02-26 18:25 ` J Freyensee
2018-02-25 2:33 ` kbuild test robot
2018-02-23 14:48 ` [PATCH 5/7] Pmalloc selftest Igor Stoppa
2018-03-06 16:59 ` J Freyensee
2018-02-23 14:48 ` [PATCH 6/7] lkdtm: crash on overwriting protected pmalloc var Igor Stoppa
2018-02-25 3:46 ` kbuild test robot
2018-03-06 17:05 ` J Freyensee
2018-03-06 17:08 ` J Freyensee
2018-02-23 14:48 ` [PATCH 7/7] Documentation for Pmalloc Igor Stoppa
2018-02-24 0:26 ` J Freyensee
2018-02-26 15:39 ` Igor Stoppa [this message]
2018-02-26 18:32 ` J Freyensee
2018-02-28 20:06 [RFC PATCH v18 0/7] mm: security: ro protection for dynamic data Igor Stoppa
2018-02-28 20:06 ` [PATCH 7/7] Documentation for Pmalloc Igor Stoppa
2018-03-06 13:30 ` Mike Rapoport
2018-03-06 17:33 ` J Freyensee
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=181b20bb-b0ae-c337-d4bd-03b6ddfed749@huawei.com \
--to=igor.stoppa@huawei.com \
--cc=david@fromorbit.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=labbott@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mhocko@kernel.org \
--cc=why2jjj.linux@gmail.com \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).