lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 Jun 2020 13:04:14 -0700 From: Roman Gushchin <guro@...com> To: Vlastimil Babka <vbabka@...e.cz> CC: Andrew Morton <akpm@...ux-foundation.org>, Christoph Lameter <cl@...ux.com>, Pekka Enberg <penberg@...nel.org>, David Rientjes <rientjes@...gle.com>, Joonsoo Kim <iamjoonsoo.kim@....com>, <linux-mm@...ck.org>, <linux-kernel@...r.kernel.org>, <kernel-team@...roid.com>, <vinmenon@...eaurora.org>, Kees Cook <keescook@...omium.org>, Matthew Garrett <mjg59@...gle.com>, Jann Horn <jannh@...gle.com>, Vijayanand Jitta <vjitta@...eaurora.org> Subject: Re: [PATCH 9/9] mm, slab/slub: move and improve cache_from_obj() On Thu, Jun 11, 2020 at 11:56:53AM +0200, Vlastimil Babka wrote: > On 6/11/20 12:46 AM, Roman Gushchin wrote: > > On Wed, Jun 10, 2020 at 06:31:35PM +0200, Vlastimil Babka wrote: > >> @@ -3672,6 +3672,14 @@ void *__kmalloc_track_caller(size_t size, gfp_t flags, unsigned long caller) > >> } > >> EXPORT_SYMBOL(__kmalloc_track_caller); > >> > >> +static inline struct kmem_cache *cache_from_obj(struct kmem_cache *s, void *x) > >> +{ > >> + if (memcg_kmem_enabled()) > >> + return virt_to_cache(x); > >> + else > >> + return s; > >> +} > > > > Hm, it looks like all the SLAB version doesn't perform any sanity checks anymore. > > Is it intended? > > Yes, it was the same before commit b9ce5ef49f00. The commit could have been more > precise - kmemcg needs virt_to_cache(), but not the sanity check. The SLUB > version also shouldn't really be doing the sanity check if only > memcg_kmem_enabled() is true (and not the debugging/hardening), but the code > then looks ugly and I hope this will just fix itself with your kmemcg slab rework. Got it. > > > Also, Is it ever possible that s != virt_to_cache(x) if there are no bugs? > > Well, only in the kmemcg case it should be possible. > > > kmem_cache_free_bulk() in slab.c does contain the following: > > if (!orig_s) /* called via kfree_bulk */ > > s = virt_to_cache(objp); > > else > > s = cache_from_obj(orig_s, objp); > > which looks a bit strange with the version above. > > Looks fine to me. If we are called with non-NULL s, and kmemcg is not enabled, > we can just trust s. If we are called with NULL s (via kfree_bulk()) we need to > get cache from the object, even if kmemcg is not enabled, so we do > virt_to_cache() unconditionally. > Once your series is fully accepted, we can remove SLAB's cache_from_obj() and > the whole 'else' part in the hunk above. Or am I missing something? Right. I guess there will be even more cleanups possible, let's see where we'll end up. It looks like nothing prevents it from being queued for 5.9 after 5.8-rc1 will be out, right? > > > >> @@ -3175,6 +3179,23 @@ void ___cache_free(struct kmem_cache *cache, void *x, unsigned long addr) > >> } > >> #endif > >> > >> +static inline struct kmem_cache *cache_from_obj(struct kmem_cache *s, void *x) > >> +{ > >> + struct kmem_cache *cachep; > >> + > >> + if (!IS_ENABLED(CONFIG_SLAB_FREELIST_HARDENED) && > >> + !memcg_kmem_enabled() && > >> + !kmem_cache_debug_flags(s, SLAB_CONSISTENCY_CHECKS)) > >> + return s; > >> + > >> + cachep = virt_to_cache(x); > >> + if (WARN(cachep && !slab_equal_or_root(cachep, s), > >> + "%s: Wrong slab cache. %s but object is from %s\n", > >> + __func__, s->name, cachep->name)) > >> + print_tracking(cachep, x); > >> + return cachep; > >> +} > > > > Maybe we can define a trivial SLAB version of kmem_cache_debug_flags() > > and keep a single version of cache_from_obj()? > > I think the result would be more obfuscated than just making it plain that SLAB > doesn't have those SLUB features. And I still hope SLAB's version will go away > completely. If your series is accepted first, then this patch based in that will > not introduce slab.c cache_from_obj() at all. Ok, makes sense to me. Thank you!
Powered by blists - more mailing lists