| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <8f2f1787-88b0-f86d-991c-34cfd2f9b4aa@redhat.com>
Date: Fri, 13 Mar 2020 13:49:57 -0400
From: Waiman Long <longman@...hat.com>
To: Eric Biggers <ebiggers@...nel.org>
Cc: David Howells <dhowells@...hat.com>,
Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>,
James Morris <jmorris@...ei.org>,
"Serge E. Hallyn" <serge@...lyn.com>,
Mimi Zohar <zohar@...ux.ibm.com>, keyrings@...r.kernel.org,
linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
linux-integrity@...r.kernel.org,
Sumit Garg <sumit.garg@...aro.org>,
Jerry Snitselaar <jsnitsel@...hat.com>,
Roberto Sassu <roberto.sassu@...wei.com>,
Chris von Recklinghausen <crecklin@...hat.com>
Subject: Re: [PATCH v3 3/3] KEYS: Use kvmalloc() to better handle large buffer
allocation
On 3/13/20 12:43 PM, Eric Biggers wrote:
> On Fri, Mar 13, 2020 at 11:21:02AM -0400, Waiman Long wrote:
>> For large multi-page temporary buffer allocation, the security/keys
>> subsystem don't need contiguous physical pages. It will work perfectly
>> fine with virtually mapped pages.
>>
>> Replace the kmalloc() call by kvmalloc() and provide a __kvzfree()
>> helper function to clear and free the kvmalloc'ed buffer. This will
>> reduce the chance of memory allocation failure just because of highly
>> fragmented pages.
>>
>> Suggested-by: David Howells <dhowells@...hat.com>
>> Signed-off-by: Waiman Long <longman@...hat.com>
>> ---
>> security/keys/internal.h | 14 ++++++++++++++
>> security/keys/keyctl.c | 10 +++++-----
>> 2 files changed, 19 insertions(+), 5 deletions(-)
>>
>> diff --git a/security/keys/internal.h b/security/keys/internal.h
>> index ba3e2da14cef..855b11eb73ee 100644
>> --- a/security/keys/internal.h
>> +++ b/security/keys/internal.h
>> @@ -16,6 +16,8 @@
>> #include <linux/keyctl.h>
>> #include <linux/refcount.h>
>> #include <linux/compat.h>
>> +#include <linux/mm.h>
>> +#include <linux/vmalloc.h>
>>
>> struct iovec;
>>
>> @@ -349,4 +351,16 @@ static inline void key_check(const struct key *key)
>>
>> #endif
>>
>> +/*
>> + * Helper function to clear and free a kvmalloc'ed memory object.
>> + */
>> +static inline void __kvzfree(const void *addr, size_t len)
>> +{
>> + if (is_vmalloc_addr(addr)) {
>> + memset((void *)addr, 0, len);
>> + vfree(addr);
>> + } else {
>> + kzfree(addr);
>> + }
>> +}
> Since this takes the length as a parameter, it can be simplified to:
>
> static inline void __kvzfree(const void *addr, size_t len)
> {
> if (addr) {
> memset((void *)addr, 0, len);
> kvfree(addr);
> }
> }
Yes, that will work too.
>> if (!tmpbuf || unlikely(ret > tmpbuflen)) {
>> if (unlikely(tmpbuf))
>> - kzfree(tmpbuf);
>> + __kvzfree(tmpbuf, tmpbuflen);
> Both kzfree() and __kvzfree() handle a NULL pointer, so there's no need for the
> NULL check first.
>
I would like to keep this one because of the unlikely annotation.
>> @@ -920,7 +920,7 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen)
>> ret = -EFAULT;
>> }
>> if (tmpbuf)
>> - kzfree(tmpbuf);
>> + __kvzfree(tmpbuf, tmpbuflen);
> Likewise here. No need for the NULL check.
Yes, that tmpbuf check is not really necessary, but it doesn't harm either.
My plan is to send out a mm patch to officially add the kvzfree()
function to mm/util.c. I will remove the tmpbuf check at that time if
you don't mind.
Cheers,
Longman
Powered by blists - more mailing lists