lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 2 Sep 2008 22:08:48 -0700 (PDT) From: Steve VanDeBogart <vandebo-lkml@...dBox.Net> To: Pekka Enberg <penberg@...helsinki.fi> cc: user-mode-linux-devel@...ts.sourceforge.net, linux-kernel@...r.kernel.org, "Paul E. McKenney" <paulmck@...ibm.com>, Ingo Molnar <mingo@...e.hu>, dkegel@...gle.com, jiayingz@...gle.com, John Reiser <jreiser@...Wagon.com> Subject: Re: [uml-devel] [PATCH 5/6] slab: Annotate slab On Sat, 30 Aug 2008, Pekka Enberg wrote: > Hi Steve, > > On Sat, Aug 30, 2008 at 2:17 AM, Steve VanDeBogart > <vandebo-lkml@...dbox.net> wrote: >> Valgrind annotations for the slab allocator: Malloc-like and free-like >> for cache_alloc and free. Telling Valgrind a region is free-like clears >> all the valid bits, so slabs with constructors need different treatment; >> tell Valgrind about slab objects when first constructed and free them >> when the slab is destroyed. > > OK, I'm biased (I'm one of the kmemcheck developers) but these hooks > to SLAB are too ugly to live with. My preferred solution is that you > reuse the kmemcheck annotations > kmemcheck_slab_alloc()/kmemcheck_slab_free() we have: > > http://git.kernel.org/?p=linux/kernel/git/x86/linux-2.6-tip.git;a=commitdiff;h=30532cb3c49a2a9fed94127aab26003c52398a51 Thank you for pointing out the location of the kmemcheck code. I looked around briefly but didn't find the latest version. It does seem that kmemcheck and Valgrind annotations want to live in the same places so it makes perfect sense to combine them where possible. I'm not exactly sure what you find so ugly about the Valgrind annotations, please elaborate. >> @@ -3578,6 +3595,9 @@ >> { >> struct array_cache *ac = cpu_cache_get(cachep); >> >> + if (!cachep->ctor) >> + VALGRIND_FREELIKE_BLOCK(objp, 0); >> + >> check_irq_off(); >> objp = cache_free_debugcheck(cachep, objp, >> __builtin_return_address(0)); > > I'm not sure why you want to treat caches with constructor > differently. Sure, the memory regions *are* initialized but from > programmer's point of view you're not supposed to be touching the > memory unless you got it from kmalloc() or kmem_cache_alloc(). Same > goes for kfree() and kmem_cache_free() -- no touchy touchy after you > pass a pointer to either of the functions (unless you're RCU, of > course). It is true that code above the allocator should not be touching free'd slab objects. However, it is also true that objects from slabs that have a constructor should retain their per byte un/initialized state through allocation and free cycles (just the semantic of slabs with constructors AFAICT). Ideally, we'd tell Valgrind that the bytes of a free'd slab object are no longer accessible, but the initialized state should remain the same until the object is made accessible again by the next allocation of the object. Unfortunately, the compression method for A & V bits in Valgrind doesn't allow a region to be inaccessible and retain validness bits. The best we can do without spending extra space or extra cycles it to leave the memory accessible while it is free in a slab. -- Steve -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists