| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Jan 2009 10:20:20 -0500 From: Kristian Høgsberg <krh@...hat.com> To: Stefan Richter <stefanr@...6.in-berlin.de> Cc: Andrew Morton <akpm@...ux-foundation.org>, dcm@....org, Nadia Derbey <Nadia.Derbey@...l.net>, linux1394-devel <linux1394-devel@...ts.sourceforge.net>, linux-kernel <linux-kernel@...r.kernel.org>, "Paul E. McKenney" <paulmck@...ibm.com>, Manfred Spraul <manfred@...orfullife.com> Subject: Re: [PATCH] lib/idr.c: Zero memory properly in idr_remove_all On Sat, 2009-01-10 at 11:05 +0100, Stefan Richter wrote: > Andrew Morton wrote: ... > > Are we sure that all the other callers of free_layer() are freeing > > zeroed objects? > > > > It would be cleaner, safer and quite possibly faster to remove the > > constructor altogether and use kmem_cache_zalloc() to allocate new > > objects. > > Yes, it sounds at least safer if the allocation path should be fixed up. > > The zeroing was done in idr_remove_all() though since Kristian added it > in 2.6.23, until 2.6.26 inclusive. > > Kristian, was there a deeper reason to do it at deallocation instead of > allocation, and does the reason still apply today? Oh wow, that's a long time ago... The idr implementation caches unused, zeroed out idr_layers in a free list in the idr struct for later use. If no layers are in the cache, the idr_pre_get() function will allocate one from the kmem_cache, which will zero out the layer in the ctor, and then add it to the idr free list. There are two other ways a layer can go back to the free list: 1) when we free up a layer by freeing the entries one by one, in which case the layer is already zeroed out, or in idr_remove_all(), where we just zero it out brute force. The problem isn't about returning un-zeroed-out objects to the kmem cache, the problem is returning them to the idr free list. As far as I know the kmem_cache allocator is plenty fast and we could just drop the entire free list and allocate out of the kmem cache everytime in idr_pre_alloc(). If we're doing that, we should really, please, just drop the stupid idr_pre_get() then idr_get_new() and retry if fail scheme. Every idr use I've seen could just do the whole thing under a mutex and not worry about the awkward retry idea. We don't have to break API, we can just add a new function idr_alloc_new(idr, ptr, id, gfp) that just does idr_pre_alloc() and then idr_get_new() under the assumption that the client has taken the required mutex. If the client protects access to the idr using a mutex or spinlock, we can do idr_pre_get() and idr_get_new() in succession without anybody else grabbing that new layer from under us in the meantime. Same thing for idr_get_new_above(), of course. Anyways... :) cheers, Kristian -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists