lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.DEB.2.10.1503261542060.16259@chino.kir.corp.google.com>
Date:	Thu, 26 Mar 2015 15:50:59 -0700 (PDT)
From:	David Rientjes <rientjes@...gle.com>
To:	Andrey Ryabinin <ryabinin.a.a@...il.com>
cc:	Andrew Morton <akpm@...ux-foundation.org>,
	Dave Kleikamp <shaggy@...nel.org>,
	Christoph Hellwig <hch@....de>,
	Sebastian Ott <sebott@...ux.vnet.ibm.com>,
	Mikulas Patocka <mpatocka@...hat.com>,
	Catalin Marinas <catalin.marinas@....com>,
	LKML <linux-kernel@...r.kernel.org>,
	"linux-mm@...ck.org" <linux-mm@...ck.org>,
	jfs-discussion@...ts.sourceforge.net
Subject: Re: [patch v2 4/4] mm, mempool: poison elements backed by page
 allocator

On Thu, 26 Mar 2015, Andrey Ryabinin wrote:

> > +static void check_element(mempool_t *pool, void *element)
> > +{
> > +       /* Mempools backed by slab allocator */
> > +       if (pool->free == mempool_free_slab || pool->free == mempool_kfree)
> > +               __check_element(pool, element, ksize(element));
> > +
> > +       /* Mempools backed by page allocator */
> > +       if (pool->free == mempool_free_pages) {
> > +               int order = (int)(long)pool->pool_data;
> > +               void *addr = page_address(element);
> > +
> > +               __check_element(pool, addr, 1UL << (PAGE_SHIFT + order));
> >         }
> >  }
> >
> > -static void poison_slab_element(mempool_t *pool, void *element)
> > +static void __poison_element(void *element, size_t size)
> >  {
> > -       if (pool->alloc == mempool_alloc_slab ||
> > -           pool->alloc == mempool_kmalloc) {
> > -               size_t size = ksize(element);
> > -               u8 *obj = element;
> > +       u8 *obj = element;
> > +
> > +       memset(obj, POISON_FREE, size - 1);
> > +       obj[size - 1] = POISON_END;
> > +}
> > +
> > +static void poison_element(mempool_t *pool, void *element)
> > +{
> > +       /* Mempools backed by slab allocator */
> > +       if (pool->alloc == mempool_alloc_slab || pool->alloc == mempool_kmalloc)
> > +               __poison_element(element, ksize(element));
> > +
> > +       /* Mempools backed by page allocator */
> > +       if (pool->alloc == mempool_alloc_pages) {
> > +               int order = (int)(long)pool->pool_data;
> > +               void *addr = page_address(element);
> >
> > -               memset(obj, POISON_FREE, size - 1);
> > -               obj[size - 1] = POISON_END;
> > +               __poison_element(addr, 1UL << (PAGE_SHIFT + order));
> 
> I think, it would be better to use kernel_map_pages() here and in
> check_element().

Hmm, interesting suggestion.

> This implies that poison_element()/check_element() has to be moved out of
> CONFIG_DEBUG_SLAB || CONFIG_SLUB_DEBUG_ON ifdef (keeping only slab
> poisoning under this ifdef).

The mempool poisoning introduced here is really its own poisoning built on 
top of whatever the mempool allocator is.  Otherwise, it would have called 
into the slab subsystem to do the poisoning and include any allocated 
space beyond the object size itself.  Mempool poisoning is agnostic to the 
underlying memory just like the chain of elements is, mempools don't even 
store size.

We don't have a need to set PAGE_EXT_DEBUG_POISON on these pages sitting 
in the reserved pool, nor do we have a need to do kmap_atomic() since it's 
already mapped and must be mapped to be on the reserved pool, which is 
handled by mempool_free().
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ