lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 29 Nov 2022 13:02:51 +0100
From:   Vlastimil Babka <vbabka@...e.cz>
To:     Marco Elver <elver@...gle.com>
Cc:     Feng Tang <feng.tang@...el.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Oliver Glitta <glittao@...il.com>,
        Christoph Lameter <cl@...ux.com>,
        Pekka Enberg <penberg@...nel.org>,
        David Rientjes <rientjes@...gle.com>,
        Joonsoo Kim <iamjoonsoo.kim@....com>,
        Roman Gushchin <roman.gushchin@...ux.dev>,
        Hyeonggon Yoo <42.hyeyoo@...il.com>, linux-mm@...ck.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 2/2] mm/slub, kunit: Add a test case for kmalloc
 redzone check

On 11/29/22 12:48, Marco Elver wrote:
> On Tue, 29 Nov 2022 at 12:01, Vlastimil Babka <vbabka@...e.cz> wrote:
>>
>> On 11/29/22 10:31, Marco Elver wrote:
>> > On Tue, 29 Nov 2022 at 07:37, Feng Tang <feng.tang@...el.com> wrote:
> 
>> For SLAB_SKIP_KFENCE, we could also add the flag after creation to avoid
>> this trouble? After all there is a sysfs file to control it at runtime
>> anyway (via skip_kfence_store()).
>> In that case patch 1 would have to wrap kmem_cache_create() and the flag
>> addition with a new function to avoid repeating. That function could also be
>> adding SLAB_NO_USER_FLAGS to kmem_cache_create(), instead of the #define
>> DEFAULT_FLAGS.
> 
> I wouldn't overcomplicate it, all we need is a way to say "this flag
> should not be used directly" - and only have it available via an
> indirect step. Availability via sysfs is one such step.
> 
> And for tests, there are 2 options:
> 
> 1. we could provide a function "kmem_cache_set_test_flags(cache,
> gfp_flags)" and define SLAB_TEST_FLAGS (which would include
> SLAB_SKIP_KFENCE). This still allows to set it generally, but should
> make abuse less likely due to the "test" in the name of that function.
> 
> 2. just set it directly, s->flags |= SLAB_SKIP_KFENCE.
> 
> If you're fine with #2, that seems simplest and would be my preference.

Yeah, that's what I meant. But slub_kunit.c could still have own internal
cache creation function so the "|SLAB_NO_USER_FLAGS" and "s->flags |=
SLAB_SKIP_KFENCE" is not repeated X times.

> 
>> For SLAB_KMALLOC there's probably no such way unless we abuse the internal
>> APIs even more and call e.g. create_boot_cache() instead of
>> kmem_cache_create(). But that one is __init, so probably not. If we do
>> instead allow the flag, I wouldn't add it to SLAB_CORE_FLAGS but rather
>> SLAB_CACHE_FLAGS and SLAB_FLAGS_PERMITTED.
> 
> I'd probably go with the simplest solution here.

Agreed.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ