From: Andrey Konovalov <andreyknvl@google.com>
To: Andrey Ryabinin <aryabinin@virtuozzo.com>,
Alexander Potapenko <glider@google.com>,
Dmitry Vyukov <dvyukov@google.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Christoph Lameter <cl@linux.com>,
Pekka Enberg <penberg@kernel.org>,
David Rientjes <rientjes@google.com>,
Joonsoo Kim <iamjoonsoo.kim@lge.com>,
Andrew Morton <akpm@linux-foundation.org>,
kasan-dev@googlegroups.com, linux-mm@kvack.org,
linux-kernel@vger.kernel.org
Cc: Qian Cai <cai@lca.pw>,
Vincenzo Frascino <vincenzo.frascino@arm.com>,
Kostya Serebryany <kcc@google.com>,
Evgeniy Stepanov <eugenis@google.com>,
Andrey Konovalov <andreyknvl@google.com>
Subject: [PATCH 2/5] kasan, kmemleak: pass tagged pointers to kmemleak
Date: Mon, 11 Feb 2019 22:59:51 +0100 [thread overview]
Message-ID: <cd825aa4897b0fc37d3316838993881daccbe9f5.1549921721.git.andreyknvl@google.com> (raw)
In-Reply-To: <cover.1549921721.git.andreyknvl@google.com>
Right now we call kmemleak hooks before assigning tags to pointers in
KASAN hooks. As a result, when an objects gets allocated, kmemleak sees
a differently tagged pointer, compared to the one it sees when the object
gets freed. Fix it by calling KASAN hooks before kmemleak's ones.
Reported-by: Qian Cai <cai@lca.pw>
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
---
mm/slab.h | 6 ++----
mm/slab_common.c | 2 +-
mm/slub.c | 3 ++-
3 files changed, 5 insertions(+), 6 deletions(-)
diff --git a/mm/slab.h b/mm/slab.h
index 4190c24ef0e9..638ea1b25d39 100644
--- a/mm/slab.h
+++ b/mm/slab.h
@@ -437,11 +437,9 @@ static inline void slab_post_alloc_hook(struct kmem_cache *s, gfp_t flags,
flags &= gfp_allowed_mask;
for (i = 0; i < size; i++) {
- void *object = p[i];
-
- kmemleak_alloc_recursive(object, s->object_size, 1,
+ p[i] = kasan_slab_alloc(s, p[i], flags);
+ kmemleak_alloc_recursive(p[i], s->object_size, 1,
s->flags, flags);
- p[i] = kasan_slab_alloc(s, object, flags);
}
if (memcg_kmem_enabled())
diff --git a/mm/slab_common.c b/mm/slab_common.c
index 81732d05e74a..fe524c8d0246 100644
--- a/mm/slab_common.c
+++ b/mm/slab_common.c
@@ -1228,8 +1228,8 @@ void *kmalloc_order(size_t size, gfp_t flags, unsigned int order)
flags |= __GFP_COMP;
page = alloc_pages(flags, order);
ret = page ? page_address(page) : NULL;
- kmemleak_alloc(ret, size, 1, flags);
ret = kasan_kmalloc_large(ret, size, flags);
+ kmemleak_alloc(ret, size, 1, flags);
return ret;
}
EXPORT_SYMBOL(kmalloc_order);
diff --git a/mm/slub.c b/mm/slub.c
index 1e3d0ec4e200..4a3d7686902f 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -1374,8 +1374,9 @@ static inline void dec_slabs_node(struct kmem_cache *s, int node,
*/
static inline void *kmalloc_large_node_hook(void *ptr, size_t size, gfp_t flags)
{
+ ptr = kasan_kmalloc_large(ptr, size, flags);
kmemleak_alloc(ptr, size, 1, flags);
- return kasan_kmalloc_large(ptr, size, flags);
+ return ptr;
}
static __always_inline void kfree_hook(void *x)
--
2.20.1.791.gb4d0f1c61a-goog
next prev parent reply other threads:[~2019-02-11 22:00 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-11 21:59 [PATCH 0/5] kasan: more tag based mode fixes Andrey Konovalov
2019-02-11 21:59 ` [PATCH 1/5] kasan: fix assigning tags twice Andrey Konovalov
2019-02-11 21:59 ` Andrey Konovalov [this message]
2019-02-12 15:56 ` [PATCH 2/5] kasan, kmemleak: pass tagged pointers to kmemleak Vincenzo Frascino
2019-02-13 13:07 ` Andrey Konovalov
2019-02-13 13:07 ` Andrey Konovalov
2019-02-11 21:59 ` [PATCH 3/5] kmemleak: account for tagged pointers when calculating pointer range Andrey Konovalov
2019-02-15 14:05 ` Catalin Marinas
2019-02-11 21:59 ` [PATCH 4/5] kasan, slub: move kasan_poison_slab hook before page_address Andrey Konovalov
2019-02-12 21:12 ` Andrew Morton
2019-02-13 13:25 ` Andrey Konovalov
2019-02-13 13:25 ` Andrey Konovalov
2019-02-11 21:59 ` [PATCH 5/5] kasan, slub: fix conflicts with CONFIG_SLAB_FREELIST_HARDENED Andrey Konovalov
2019-02-12 2:43 ` Qian Cai
2019-02-12 13:26 ` Andrey Konovalov
2019-02-12 13:26 ` Andrey Konovalov
2019-02-12 13:43 ` Qian Cai
2019-02-12 14:42 ` Andrey Konovalov
2019-02-12 14:42 ` Andrey Konovalov
2019-02-12 16:07 ` Qian Cai
2019-02-13 2:15 ` Qian Cai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cd825aa4897b0fc37d3316838993881daccbe9f5.1549921721.git.andreyknvl@google.com \
--to=andreyknvl@google.com \
--cc=akpm@linux-foundation.org \
--cc=aryabinin@virtuozzo.com \
--cc=cai@lca.pw \
--cc=catalin.marinas@arm.com \
--cc=cl@linux.com \
--cc=dvyukov@google.com \
--cc=eugenis@google.com \
--cc=glider@google.com \
--cc=iamjoonsoo.kim@lge.com \
--cc=kasan-dev@googlegroups.com \
--cc=kcc@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=penberg@kernel.org \
--cc=rientjes@google.com \
--cc=vincenzo.frascino@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.