From patchwork Tue Dec 19 22:28:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181312 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2272488dyi; Tue, 19 Dec 2023 14:30:19 -0800 (PST) X-Google-Smtp-Source: AGHT+IHbD7jKaUysWbZXcO31j9uND7HmDknHPPIqsCmGj3EbLwh23eX2c1s/JeM1tpJv3yBqxuH1 X-Received: by 2002:a05:620a:480c:b0:77d:cec3:3524 with SMTP id eb12-20020a05620a480c00b0077dcec33524mr23006938qkb.36.1703025019643; Tue, 19 Dec 2023 14:30:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025019; cv=none; d=google.com; s=arc-20160816; b=oBRHKvaDIjXaTEOURzgSEX4hWn6ch11O2s0mNyu0GBc6ds7qYMRFMp7fphvJFhMohV NIqSdrkSHOrjVdoGW4A8NW9eLpDh/9EjvWZKKWQqS3d3IDrLpMakVu4lw4BqGAq1fsyA IKzXfV2OIXTtT/fZGhwcm5iy5vniVogPF0FDz32SSXQfCcnFWyCiEDyNi/Lwac0T2SBM agfF6xqtQgwSA40XGF1SfYitz7NtaAP2A9fYdob0dv+hSOSJx1E8pPxqTVfSQDkCv3kT XFEEmP6TyuJLmuqGFmFt+gjwZ4EccJ3QRYpczE/ceWg66k7Gf+bqJLbFVRi5ZuQa90w/ fMYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=65Nj55va0LyidH/qJFPAhjUaSN3kZxL0lL8iCsNvyX4=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=Z6Ze2qNIZKN25c017ydCNei7VWP71MPNRPoINl8eUhAPc2yX4GeSrjtJrgHv/SgQXw ofCXOHPoBj6/0QJMMN9hu6yeBjFanuz0tWeYyoqH2CGRyejH+z1cLWtLA+OFvwG3YQeE karj2MbIaXnG9x3MYW9lzYGOPA7R3LEE6xTqUbePdqMQqIIqjN68yFh7JZ7gaM10lhMa 8ti4EmiOVbLQQRPRFSOSJPmwCSTE2clsIqLFkUsYDeX646BRpHAki1hRU2HPGUpYsA1q HnxvvFALAhw6W8HvI+ExDuyi2sdjWlTvE5Dyrf1nqJtL5clYQx+H6Uf+V2eGp4tlXtw8 ef/Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=qtqOsejh; spf=pass (google.com: domain of linux-kernel+bounces-6042-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6042-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id u7-20020a05620a120700b0077f955f21a5si14877655qkj.228.2023.12.19.14.30.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:30:19 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6042-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=qtqOsejh; spf=pass (google.com: domain of linux-kernel+bounces-6042-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6042-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 60E211C20F92 for ; Tue, 19 Dec 2023 22:30:19 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 78C3F40BF4; Tue, 19 Dec 2023 22:29:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="qtqOsejh" X-Original-To: linux-kernel@vger.kernel.org Received: from out-186.mta1.migadu.com (out-186.mta1.migadu.com [95.215.58.186]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6557E3D0AB for ; Tue, 19 Dec 2023 22:29:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703024952; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=65Nj55va0LyidH/qJFPAhjUaSN3kZxL0lL8iCsNvyX4=; b=qtqOsejhFRAQXz/SAXNo9IB1G73IEgw3a9jUz4FGb8dWQiMSemlTQ9pIavZ+Zr7zX4kUJ8 0olVIm0l45jMoaa0ZeX7DsQotFdRhNCybCgNQh0s4gGlUfcs17lifVGwAZhMGf9p4P7gCO LcI0++R63ENC8BHKVFsfmjkGqnOvA4Y= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 01/21] kasan: rename kasan_slab_free_mempool to kasan_mempool_poison_object Date: Tue, 19 Dec 2023 23:28:45 +0100 Message-Id: In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751163220472025 X-GMAIL-MSGID: 1785751163220472025 From: Andrey Konovalov Rename kasan_slab_free_mempool to kasan_mempool_poison_object. kasan_slab_free_mempool is a slightly confusing name: it is unclear whether this function poisons the object when it is freed into mempool or does something when the object is freed from mempool to the underlying allocator. The new name also aligns with other mempool-related KASAN hooks added in the following patches in this series. Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 8 ++++---- io_uring/alloc_cache.h | 3 +-- mm/kasan/common.c | 4 ++-- mm/mempool.c | 2 +- 4 files changed, 8 insertions(+), 9 deletions(-) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 72cb693b075b..6310435f528b 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -172,11 +172,11 @@ static __always_inline void kasan_kfree_large(void *ptr) __kasan_kfree_large(ptr, _RET_IP_); } -void __kasan_slab_free_mempool(void *ptr, unsigned long ip); -static __always_inline void kasan_slab_free_mempool(void *ptr) +void __kasan_mempool_poison_object(void *ptr, unsigned long ip); +static __always_inline void kasan_mempool_poison_object(void *ptr) { if (kasan_enabled()) - __kasan_slab_free_mempool(ptr, _RET_IP_); + __kasan_mempool_poison_object(ptr, _RET_IP_); } void * __must_check __kasan_slab_alloc(struct kmem_cache *s, @@ -256,7 +256,7 @@ static inline bool kasan_slab_free(struct kmem_cache *s, void *object, bool init return false; } static inline void kasan_kfree_large(void *ptr) {} -static inline void kasan_slab_free_mempool(void *ptr) {} +static inline void kasan_mempool_poison_object(void *ptr) {} static inline void *kasan_slab_alloc(struct kmem_cache *s, void *object, gfp_t flags, bool init) { diff --git a/io_uring/alloc_cache.h b/io_uring/alloc_cache.h index 241245cb54a6..8de0414e8efe 100644 --- a/io_uring/alloc_cache.h +++ b/io_uring/alloc_cache.h @@ -16,8 +16,7 @@ static inline bool io_alloc_cache_put(struct io_alloc_cache *cache, if (cache->nr_cached < cache->max_cached) { cache->nr_cached++; wq_stack_add_head(&entry->node, &cache->list); - /* KASAN poisons object */ - kasan_slab_free_mempool(entry); + kasan_mempool_poison_object(entry); return true; } return false; diff --git a/mm/kasan/common.c b/mm/kasan/common.c index fe6c4b43ad9f..e0394d0ee7f1 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -271,7 +271,7 @@ static inline bool ____kasan_kfree_large(void *ptr, unsigned long ip) /* * The object will be poisoned by kasan_poison_pages() or - * kasan_slab_free_mempool(). + * kasan_mempool_poison_object(). */ return false; @@ -282,7 +282,7 @@ void __kasan_kfree_large(void *ptr, unsigned long ip) ____kasan_kfree_large(ptr, ip); } -void __kasan_slab_free_mempool(void *ptr, unsigned long ip) +void __kasan_mempool_poison_object(void *ptr, unsigned long ip) { struct folio *folio; diff --git a/mm/mempool.c b/mm/mempool.c index b3d2084fd989..7e1c729f292b 100644 --- a/mm/mempool.c +++ b/mm/mempool.c @@ -107,7 +107,7 @@ static inline void poison_element(mempool_t *pool, void *element) static __always_inline void kasan_poison_element(mempool_t *pool, void *element) { if (pool->alloc == mempool_alloc_slab || pool->alloc == mempool_kmalloc) - kasan_slab_free_mempool(element); + kasan_mempool_poison_object(element); else if (pool->alloc == mempool_alloc_pages) kasan_poison_pages(element, (unsigned long)pool->pool_data, false); From patchwork Tue Dec 19 22:28:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181313 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2272584dyi; Tue, 19 Dec 2023 14:30:28 -0800 (PST) X-Google-Smtp-Source: AGHT+IFKJ9KTAEgz0aDHWrnfy4QohmajIgVtGZeZJ/hWQp/lR8L61lBsxUYcfBSnv0ipuk4xO2Cp X-Received: by 2002:a17:90a:72c6:b0:28b:65de:64f5 with SMTP id l6-20020a17090a72c600b0028b65de64f5mr3129345pjk.42.1703025028491; Tue, 19 Dec 2023 14:30:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025028; cv=none; d=google.com; s=arc-20160816; b=G+RVuJtWe64cx3N4GcXD4aqgZtNTYDEFvjIIuyO3VBKQVFkUJxREZZjfqvZV8GgtiG 9PPvLo42gg3v7kfZcsULCFZsf7DiXG9pbrf6l7sTS06g22jDIa6cq3F1LGEw5sY6a69/ PeLIiU44SGHzV2eDvgJbr2n4z2Tp9bOoVTpQ8j13xfyB5CGvvwTKy7fnwJ/mJLF7q5Mt BSkmgRXbORSnVBtm9I/+/N/jeocIDAZ8hnVyD7QLTa34/wSdQfAO/fa0ZfncLq78jEtW pzEtJXtk9uhiuLdz9ZPYaPGHWTMKH8tw9ZmFbs3jJpQBEjTXsCqlY5b07Hk4AHf6wYyo dpnw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=UD/Zwt/pPZV96U3h6ZFDRBLd7zSWBzdFKqeEs3HVWEE=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=aIcc9461zH+HGlb27en/33ZlP2TbgcJCK/gaNO3Qic6lzP4MfPLwH/pI6pOfO67YEo BT6sgG35fGyYIDMPXme8dsB7iksrXdAXNwmSRmiGyckwGlXeR7mCDQ7O2j2FUvvUZdDz +7Q2ZMnXss20RDjbP1HbPesMgpRA1XsyBiTJyquxJEtNTX31JpxdFrsDHgJf41j+NTVT miTWgx/Q06pnUoT2UidM7+FBOpu163aFGUvwBwx3OpS8uLsrEtU0pJSSBF6wAoyC5d1W 3ZxPaPuunc2SzKyoQPHpibSrxwn9KlUVYX9PDobHIvp+/296brJubeImalPG/8tlIkcA BcaA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=UmTZEubK; spf=pass (google.com: domain of linux-kernel+bounces-6043-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6043-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id a2-20020a17090a740200b0028b0e8deee5si1832385pjg.75.2023.12.19.14.30.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:30:28 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6043-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=UmTZEubK; spf=pass (google.com: domain of linux-kernel+bounces-6043-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6043-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 3F72E2852DF for ; Tue, 19 Dec 2023 22:30:28 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id D108B40C0D; Tue, 19 Dec 2023 22:29:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="UmTZEubK" X-Original-To: linux-kernel@vger.kernel.org Received: from out-176.mta1.migadu.com (out-176.mta1.migadu.com [95.215.58.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CE9E43D0B2 for ; Tue, 19 Dec 2023 22:29:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703024953; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=UD/Zwt/pPZV96U3h6ZFDRBLd7zSWBzdFKqeEs3HVWEE=; b=UmTZEubKzQoH/lyQhsn4scksM491Jqbo0EpqojoHRU0E+cXktICkazzTkFV4YlK3P70GL4 dgY6Fs06IrKmOBcUEU27QhbAyaN4aO/daowtIz1mMORsloednidVgfydYvYT7U3SjZHFk/ +5imE9/lInyqZ2hSS3qnfUmxERlUWdM= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 02/21] kasan: move kasan_mempool_poison_object Date: Tue, 19 Dec 2023 23:28:46 +0100 Message-Id: <23ea215409f43c13cdf9ecc454501a264c107d67.1703024586.git.andreyknvl@google.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751171963139949 X-GMAIL-MSGID: 1785751171963139949 From: Andrey Konovalov Move kasan_mempool_poison_object after all slab-related KASAN hooks. This is a preparatory change for the following patches in this series. No functional changes. Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 16 +++++++-------- mm/kasan/common.c | 46 +++++++++++++++++++++---------------------- 2 files changed, 31 insertions(+), 31 deletions(-) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 6310435f528b..0d1f925c136d 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -172,13 +172,6 @@ static __always_inline void kasan_kfree_large(void *ptr) __kasan_kfree_large(ptr, _RET_IP_); } -void __kasan_mempool_poison_object(void *ptr, unsigned long ip); -static __always_inline void kasan_mempool_poison_object(void *ptr) -{ - if (kasan_enabled()) - __kasan_mempool_poison_object(ptr, _RET_IP_); -} - void * __must_check __kasan_slab_alloc(struct kmem_cache *s, void *object, gfp_t flags, bool init); static __always_inline void * __must_check kasan_slab_alloc( @@ -219,6 +212,13 @@ static __always_inline void * __must_check kasan_krealloc(const void *object, return (void *)object; } +void __kasan_mempool_poison_object(void *ptr, unsigned long ip); +static __always_inline void kasan_mempool_poison_object(void *ptr) +{ + if (kasan_enabled()) + __kasan_mempool_poison_object(ptr, _RET_IP_); +} + /* * Unlike kasan_check_read/write(), kasan_check_byte() is performed even for * the hardware tag-based mode that doesn't rely on compiler instrumentation. @@ -256,7 +256,6 @@ static inline bool kasan_slab_free(struct kmem_cache *s, void *object, bool init return false; } static inline void kasan_kfree_large(void *ptr) {} -static inline void kasan_mempool_poison_object(void *ptr) {} static inline void *kasan_slab_alloc(struct kmem_cache *s, void *object, gfp_t flags, bool init) { @@ -276,6 +275,7 @@ static inline void *kasan_krealloc(const void *object, size_t new_size, { return (void *)object; } +static inline void kasan_mempool_poison_object(void *ptr) {} static inline bool kasan_check_byte(const void *address) { return true; diff --git a/mm/kasan/common.c b/mm/kasan/common.c index e0394d0ee7f1..fc7f711607e1 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -282,29 +282,6 @@ void __kasan_kfree_large(void *ptr, unsigned long ip) ____kasan_kfree_large(ptr, ip); } -void __kasan_mempool_poison_object(void *ptr, unsigned long ip) -{ - struct folio *folio; - - folio = virt_to_folio(ptr); - - /* - * Even though this function is only called for kmem_cache_alloc and - * kmalloc backed mempool allocations, those allocations can still be - * !PageSlab() when the size provided to kmalloc is larger than - * KMALLOC_MAX_SIZE, and kmalloc falls back onto page_alloc. - */ - if (unlikely(!folio_test_slab(folio))) { - if (____kasan_kfree_large(ptr, ip)) - return; - kasan_poison(ptr, folio_size(folio), KASAN_PAGE_FREE, false); - } else { - struct slab *slab = folio_slab(folio); - - ____kasan_slab_free(slab->slab_cache, ptr, ip, false, false); - } -} - void * __must_check __kasan_slab_alloc(struct kmem_cache *cache, void *object, gfp_t flags, bool init) { @@ -452,6 +429,29 @@ void * __must_check __kasan_krealloc(const void *object, size_t size, gfp_t flag return ____kasan_kmalloc(slab->slab_cache, object, size, flags); } +void __kasan_mempool_poison_object(void *ptr, unsigned long ip) +{ + struct folio *folio; + + folio = virt_to_folio(ptr); + + /* + * Even though this function is only called for kmem_cache_alloc and + * kmalloc backed mempool allocations, those allocations can still be + * !PageSlab() when the size provided to kmalloc is larger than + * KMALLOC_MAX_SIZE, and kmalloc falls back onto page_alloc. + */ + if (unlikely(!folio_test_slab(folio))) { + if (____kasan_kfree_large(ptr, ip)) + return; + kasan_poison(ptr, folio_size(folio), KASAN_PAGE_FREE, false); + } else { + struct slab *slab = folio_slab(folio); + + ____kasan_slab_free(slab->slab_cache, ptr, ip, false, false); + } +} + bool __kasan_check_byte(const void *address, unsigned long ip) { if (!kasan_byte_accessible(address)) { From patchwork Tue Dec 19 22:28:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181315 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2272694dyi; Tue, 19 Dec 2023 14:30:40 -0800 (PST) X-Google-Smtp-Source: AGHT+IH6Dfh/KbQnALU3i9+Kz5DAbor2BZcVVlM7fJQdcLRrnjP472Pj/3qhvKw7lRwNHDJkSjpP X-Received: by 2002:a17:906:118d:b0:a23:5672:735 with SMTP id n13-20020a170906118d00b00a2356720735mr1119395eja.290.1703025040472; Tue, 19 Dec 2023 14:30:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025040; cv=none; d=google.com; s=arc-20160816; b=OsI/2gRUWxCoNp1ln5oCqwn/Pv4UbHyFw58kt/0u/b6lPGCQYs2A7cXvVBYy8dB41K WI4qpRcY/DBD5mlVRfoo0w9PsGRmvDE3SAuFB3SwELJ3vqTIUcWE1bvVEjVyldWhn/hU 5RPd9X6BLrVUVd2nHEj4oZj6fqMgKW6buK5oGCERnehdQMe6dkMScYLmVIL6kFBiOmRH bE6kuYUIEq4jduUBUbHY2dKyOS+Dxa4x5ZrcYxleNl/vjRBZ8CN6hnOv5uish9VbIE2d hLvHJvXrLbBr44H0ARSjmfr62U9614+iUCRr7aMQU4oV3PO9HyIK9sjbSFz5JWYzzHEb a/cg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=nDVhwjjwJnVTlqgIL3b0i6xOOMbmQ8bjgeF5HzBvdls=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=0hHLCmGjS29zOHNNU1IJ9jIf1+i4mfdis0sBhFEXgXdSBuja2u/ucYHe3gufhjtDTn qRoA/ArLnO3cee6IJ5vjrfMlTUQI8InQthPsnR3perc+ZvDisHxza148VswudZDzBIJP twlFMeyJFiA95i4IAcA6fCnOaOkxYg1yA9o/VJv+lOrPSL8ACOndmrEPr0U57Fydid8Y LzphOr0MwU5OaX5Uul50dZcXcCm06b/h9ghp24dYEaG2Q/ZkFmgQqpE2fFjk8Eot2Cec EdifqTtfHdB5o8D8RSJM0o+2UPdtIUXQeY46wJyxF/bKUndyaZtffn8aD7T+q408UxAs YmaQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=C4rzmgvl; spf=pass (google.com: domain of linux-kernel+bounces-6045-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6045-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id w5-20020a170906d20500b00a265d4f7650si627901ejz.736.2023.12.19.14.30.40 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:30:40 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6045-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=C4rzmgvl; spf=pass (google.com: domain of linux-kernel+bounces-6045-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6045-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 14D8F1F2482F for ; Tue, 19 Dec 2023 22:30:40 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 4DDB441228; Tue, 19 Dec 2023 22:29:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="C4rzmgvl" X-Original-To: linux-kernel@vger.kernel.org Received: from out-184.mta1.migadu.com (out-184.mta1.migadu.com [95.215.58.184]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ABD083D0B3 for ; Tue, 19 Dec 2023 22:29:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703024953; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=nDVhwjjwJnVTlqgIL3b0i6xOOMbmQ8bjgeF5HzBvdls=; b=C4rzmgvlL10DUVbNDtuc0Rxs46Curn42ZGKpKom91VOpoIt4fpkrs/ypbw6AsjfsBn5cAV f4+a7vAj+bLJwhOfAkOj0ot52A4kwU/QGW9g6mUQ3jTBsZTJ9qMcuEm6y1mZK7xk4PDRQ1 qJLgEpIfbiitBegq2Oh+ysHOy3abWJw= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 03/21] kasan: document kasan_mempool_poison_object Date: Tue, 19 Dec 2023 23:28:47 +0100 Message-Id: In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751184838122981 X-GMAIL-MSGID: 1785751184838122981 From: Andrey Konovalov Add documentation comment for kasan_mempool_poison_object. Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 0d1f925c136d..bbf6e2fa4ffd 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -213,6 +213,24 @@ static __always_inline void * __must_check kasan_krealloc(const void *object, } void __kasan_mempool_poison_object(void *ptr, unsigned long ip); +/** + * kasan_mempool_poison_object - Check and poison a mempool slab allocation. + * @ptr: Pointer to the slab allocation. + * + * This function is intended for kernel subsystems that cache slab allocations + * to reuse them instead of freeing them back to the slab allocator (e.g. + * mempool). + * + * This function poisons a slab allocation without initializing its memory and + * without putting it into the quarantine (for the Generic mode). + * + * This function also performs checks to detect double-free and invalid-free + * bugs and reports them. + * + * This function operates on all slab allocations including large kmalloc + * allocations (the ones returned by kmalloc_large() or by kmalloc() with the + * size > KMALLOC_MAX_SIZE). + */ static __always_inline void kasan_mempool_poison_object(void *ptr) { if (kasan_enabled()) From patchwork Tue Dec 19 22:28:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181314 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2272690dyi; Tue, 19 Dec 2023 14:30:39 -0800 (PST) X-Google-Smtp-Source: AGHT+IHaew7KsGUvEQvOydFN6TzrllmtOPuXsnNVwg+Hfnmz3L6PqMNHu/e7apS4kdUPLZWrB3ml X-Received: by 2002:a50:d497:0:b0:552:f193:34b8 with SMTP id s23-20020a50d497000000b00552f19334b8mr2852132edi.45.1703025039557; Tue, 19 Dec 2023 14:30:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025039; cv=none; d=google.com; s=arc-20160816; b=BgMRSop3MKQ5HmrEIGuWvWT5/YcS/VOIwby+OKEKPbAimywgQH+57qUCqLFe6kFPd3 UNGOAef5qO6T/NoCcr4d/cdcfdhoVM/oG4r0fGIAcTubvAdWwupJiAbLUb0cF/0HSkos s4U/WMOyRtd8bv08hmkR3zJ4Jouc5cNqJze0OvFla/RhKN9Aj/yPtWISFahexglLidPH VuIhGa72PiC/Ar31/ZJ4hxld0MyVBOWeSi+Mg/6Ly2MKCjeIjcUtKmQ8HRB/+y5rQT0i sNqC3Rj8xH5gkgk8Mh0zaxT9FYL26N2m+ik39ckiHmFWwbOJPtderpae64vu+dPeh/5V 1O2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=W+GO4UdeS5AdNTnDLBObG20S1KoxsxGlKzUPAgkpjho=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=zN4KO2BtjGQmAFfyLrI4qT8TgmIlQM/3XCCyxCsRwUiIe4+C9wo4PGUsOGqULLhxdm 7JB7Q4fw4QLxdl5O+kG8sKCSS2ZcD/Z+W8DCvynEUOAQpENqwWxGvHUpAlD5jnmEceJE cqTvk1vtZ40dJSxl7bl8zSWiUoxpQYsEStcLjIFzGi3S+QZ4VZ5n3+/Xiu5GccH20OZY D12MuSnEBBRg5kbEyK7xQUEHWr/lx4ykfCVOMdLyVBMEg2JnhSNtjVjdMqr5CNR9ZYQ5 4ng+r2yOdSx1JjeEvcqsgUSQoTAcbXo5b2b0xn3GPihI2pxV0IVOwf0h3MNUSyi4FrQd mzZQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=dzo5xM0U; spf=pass (google.com: domain of linux-kernel+bounces-6044-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6044-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id n17-20020a5099d1000000b0055335a0a7b2si2539125edb.219.2023.12.19.14.30.39 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:30:39 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6044-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=dzo5xM0U; spf=pass (google.com: domain of linux-kernel+bounces-6044-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6044-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id BBEE51F25151 for ; Tue, 19 Dec 2023 22:30:38 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 349264120C; Tue, 19 Dec 2023 22:29:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="dzo5xM0U" X-Original-To: linux-kernel@vger.kernel.org Received: from out-183.mta1.migadu.com (out-183.mta1.migadu.com [95.215.58.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CD4873D0B6 for ; Tue, 19 Dec 2023 22:29:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703024954; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=W+GO4UdeS5AdNTnDLBObG20S1KoxsxGlKzUPAgkpjho=; b=dzo5xM0U129ISs8wP5QYvHL5occ5Ub/oL2lz1qj/FqHB9brhX1Gfjk4Uw9COo67ZEnW8ww KhbMK460okwgrIt1sc0CA8v8HSc2psAxv4a5/jCjrofVYNGNlcaua/Ot8Y8/UKGJ7gqOyM 9nt9J9X1zm2DTKxesXWV16ZmBqZDjO0= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 04/21] kasan: add return value for kasan_mempool_poison_object Date: Tue, 19 Dec 2023 23:28:48 +0100 Message-Id: <618af65273875fb9f56954285443279b15f1fcd9.1703024586.git.andreyknvl@google.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751183535003178 X-GMAIL-MSGID: 1785751183535003178 From: Andrey Konovalov Add a return value for kasan_mempool_poison_object that lets the caller know whether the allocation is affected by a double-free or an invalid-free bug. The caller can use this return value to stop operating on the object. Also introduce a check_page_allocation helper function to improve the code readability. Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 17 ++++++++++++----- mm/kasan/common.c | 21 ++++++++++----------- 2 files changed, 22 insertions(+), 16 deletions(-) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index bbf6e2fa4ffd..33387e254caa 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -212,7 +212,7 @@ static __always_inline void * __must_check kasan_krealloc(const void *object, return (void *)object; } -void __kasan_mempool_poison_object(void *ptr, unsigned long ip); +bool __kasan_mempool_poison_object(void *ptr, unsigned long ip); /** * kasan_mempool_poison_object - Check and poison a mempool slab allocation. * @ptr: Pointer to the slab allocation. @@ -225,16 +225,20 @@ void __kasan_mempool_poison_object(void *ptr, unsigned long ip); * without putting it into the quarantine (for the Generic mode). * * This function also performs checks to detect double-free and invalid-free - * bugs and reports them. + * bugs and reports them. The caller can use the return value of this function + * to find out if the allocation is buggy. * * This function operates on all slab allocations including large kmalloc * allocations (the ones returned by kmalloc_large() or by kmalloc() with the * size > KMALLOC_MAX_SIZE). + * + * Return: true if the allocation can be safely reused; false otherwise. */ -static __always_inline void kasan_mempool_poison_object(void *ptr) +static __always_inline bool kasan_mempool_poison_object(void *ptr) { if (kasan_enabled()) - __kasan_mempool_poison_object(ptr, _RET_IP_); + return __kasan_mempool_poison_object(ptr, _RET_IP_); + return true; } /* @@ -293,7 +297,10 @@ static inline void *kasan_krealloc(const void *object, size_t new_size, { return (void *)object; } -static inline void kasan_mempool_poison_object(void *ptr) {} +static inline bool kasan_mempool_poison_object(void *ptr) +{ + return true; +} static inline bool kasan_check_byte(const void *address) { return true; diff --git a/mm/kasan/common.c b/mm/kasan/common.c index fc7f711607e1..2b4869de4985 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -254,7 +254,7 @@ bool __kasan_slab_free(struct kmem_cache *cache, void *object, return ____kasan_slab_free(cache, object, ip, true, init); } -static inline bool ____kasan_kfree_large(void *ptr, unsigned long ip) +static inline bool check_page_allocation(void *ptr, unsigned long ip) { if (!kasan_arch_is_ready()) return false; @@ -269,17 +269,14 @@ static inline bool ____kasan_kfree_large(void *ptr, unsigned long ip) return true; } - /* - * The object will be poisoned by kasan_poison_pages() or - * kasan_mempool_poison_object(). - */ - return false; } void __kasan_kfree_large(void *ptr, unsigned long ip) { - ____kasan_kfree_large(ptr, ip); + check_page_allocation(ptr, ip); + + /* The object will be poisoned by kasan_poison_pages(). */ } void * __must_check __kasan_slab_alloc(struct kmem_cache *cache, @@ -429,7 +426,7 @@ void * __must_check __kasan_krealloc(const void *object, size_t size, gfp_t flag return ____kasan_kmalloc(slab->slab_cache, object, size, flags); } -void __kasan_mempool_poison_object(void *ptr, unsigned long ip) +bool __kasan_mempool_poison_object(void *ptr, unsigned long ip) { struct folio *folio; @@ -442,13 +439,15 @@ void __kasan_mempool_poison_object(void *ptr, unsigned long ip) * KMALLOC_MAX_SIZE, and kmalloc falls back onto page_alloc. */ if (unlikely(!folio_test_slab(folio))) { - if (____kasan_kfree_large(ptr, ip)) - return; + if (check_page_allocation(ptr, ip)) + return false; kasan_poison(ptr, folio_size(folio), KASAN_PAGE_FREE, false); + return true; } else { struct slab *slab = folio_slab(folio); - ____kasan_slab_free(slab->slab_cache, ptr, ip, false, false); + return !____kasan_slab_free(slab->slab_cache, ptr, ip, + false, false); } } From patchwork Tue Dec 19 22:28:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181316 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2272867dyi; Tue, 19 Dec 2023 14:30:58 -0800 (PST) X-Google-Smtp-Source: AGHT+IH4AiL8gUxYfUQD/3Icb+n02VyOfNgH5kEc2PqNa/FfnXOnBTOy+wnGElJwMrUTqab1k7k5 X-Received: by 2002:a17:906:7493:b0:a23:dffc:7a27 with SMTP id e19-20020a170906749300b00a23dffc7a27mr884891ejl.27.1703025058695; Tue, 19 Dec 2023 14:30:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025058; cv=none; d=google.com; s=arc-20160816; b=zQQAYVyhNC3XMZoAqp4VTRAszx8ep8nCnlwlZLMfWMykkdG6ImzOILir+KngjvWbXU OWu5pBlbV2BauvgG0jhfperQgQCkSLfh8HSwngEMpGIRNc0eYCbEOSFrkTa/kS2MaoI2 gOKQRYh+K086WWj8REzIHFwm42S/ZLF208Hhm0F6fzBptFCQa+/YBVPB1rPNfXzu9+KO B9e6RH5Cco8H8G75yp9gZyCngZbgj1vmMkysLiY5HF0bil3rpActTFTXW0VgwusMeKbN //Sh4f4nI8fNkCjAPZ9MVqkIbVvOBIaQ15oJmsnbXM971e+jjfB5jxHyZZfjrNAdVHsY M+Pw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=DO8tjmS9YVd+JQvWum2ppGekXJiIG6c57s1H7fN9b9c=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=kSrAQNVUFGF8grfK6P1BiIRJ6qJ2WOI0Wt1xswBcXNnSneB8RI0qJZGPG4K/thB4uC qbs7wBbWZRdjMmYPf28i6PPxvxQb7lGiasafvfXfJysRadrq/ZrtP+EB1Vr/jkOs3I7J Vg3WY8vV0Y3eHseGZRG+TFbQoaKXIBCTOXZiDkF+/nffE3A2ittl2GYxxta1qyXt56y5 2f2tarmzGmtVbz7ZqXn53OE/ra5LimLQMkqyY1bpijZ7Xgt6R62yHHrmAHkeUMfGrXqn tScVXENphUhaEE9T5krVdCpayGj9YcscL86yu2q7002qZa+Ro/0r4PX4AxXH35Uv/wgq JvUQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b="F86/EPhH"; spf=pass (google.com: domain of linux-kernel+bounces-6046-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6046-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id p25-20020a17090635d900b00a232dc656a9si3179302ejb.8.2023.12.19.14.30.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:30:58 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6046-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b="F86/EPhH"; spf=pass (google.com: domain of linux-kernel+bounces-6046-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6046-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 4C8501F24152 for ; Tue, 19 Dec 2023 22:30:58 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 5A4C641855; Tue, 19 Dec 2023 22:29:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="F86/EPhH" X-Original-To: linux-kernel@vger.kernel.org Received: from out-188.mta1.migadu.com (out-188.mta1.migadu.com [95.215.58.188]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 82A073D0C1 for ; Tue, 19 Dec 2023 22:29:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703024954; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=DO8tjmS9YVd+JQvWum2ppGekXJiIG6c57s1H7fN9b9c=; b=F86/EPhH4w6/WbWrDENKsFnnUYgyTxWsWcPGWpBY23pYkD6fHfvr174y/cag/gCnwWPUSr 5v6xLH4KEmbEYh1Enf/9T6dx3MnCR1H0deL92bZhphAwsZ5re8vi40q1doi4AozQsFx4SP 8eXPaY9dqKTzvnqybENGUX0YdLOqPQA= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 05/21] kasan: introduce kasan_mempool_unpoison_object Date: Tue, 19 Dec 2023 23:28:49 +0100 Message-Id: In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751203742660326 X-GMAIL-MSGID: 1785751203742660326 From: Andrey Konovalov Introduce and document a kasan_mempool_unpoison_object hook. This hook serves as a replacement for the generic kasan_unpoison_range that the mempool code relies on right now. mempool will be updated to use the new hook in one of the following patches. For now, define the new hook to be identical to kasan_unpoison_range. One of the following patches will update it to add stack trace collection. Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 31 +++++++++++++++++++++++++++++++ mm/kasan/common.c | 5 +++++ 2 files changed, 36 insertions(+) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 33387e254caa..c5fe303bc1c2 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -228,6 +228,9 @@ bool __kasan_mempool_poison_object(void *ptr, unsigned long ip); * bugs and reports them. The caller can use the return value of this function * to find out if the allocation is buggy. * + * Before the poisoned allocation can be reused, it must be unpoisoned via + * kasan_mempool_unpoison_object(). + * * This function operates on all slab allocations including large kmalloc * allocations (the ones returned by kmalloc_large() or by kmalloc() with the * size > KMALLOC_MAX_SIZE). @@ -241,6 +244,32 @@ static __always_inline bool kasan_mempool_poison_object(void *ptr) return true; } +void __kasan_mempool_unpoison_object(void *ptr, size_t size, unsigned long ip); +/** + * kasan_mempool_unpoison_object - Unpoison a mempool slab allocation. + * @ptr: Pointer to the slab allocation. + * @size: Size to be unpoisoned. + * + * This function is intended for kernel subsystems that cache slab allocations + * to reuse them instead of freeing them back to the slab allocator (e.g. + * mempool). + * + * This function unpoisons a slab allocation that was previously poisoned via + * kasan_mempool_poison_object() without initializing its memory. For the + * tag-based modes, this function does not assign a new tag to the allocation + * and instead restores the original tags based on the pointer value. + * + * This function operates on all slab allocations including large kmalloc + * allocations (the ones returned by kmalloc_large() or by kmalloc() with the + * size > KMALLOC_MAX_SIZE). + */ +static __always_inline void kasan_mempool_unpoison_object(void *ptr, + size_t size) +{ + if (kasan_enabled()) + __kasan_mempool_unpoison_object(ptr, size, _RET_IP_); +} + /* * Unlike kasan_check_read/write(), kasan_check_byte() is performed even for * the hardware tag-based mode that doesn't rely on compiler instrumentation. @@ -301,6 +330,8 @@ static inline bool kasan_mempool_poison_object(void *ptr) { return true; } +static inline void kasan_mempool_unpoison_object(void *ptr, size_t size) {} + static inline bool kasan_check_byte(const void *address) { return true; diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 2b4869de4985..4b85d35bb8ab 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -451,6 +451,11 @@ bool __kasan_mempool_poison_object(void *ptr, unsigned long ip) } } +void __kasan_mempool_unpoison_object(void *ptr, size_t size, unsigned long ip) +{ + kasan_unpoison(ptr, size, false); +} + bool __kasan_check_byte(const void *address, unsigned long ip) { if (!kasan_byte_accessible(address)) { From patchwork Tue Dec 19 22:28:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181317 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2273480dyi; Tue, 19 Dec 2023 14:32:05 -0800 (PST) X-Google-Smtp-Source: AGHT+IG0bsLwhpWqiX+AL4s8Xp14aCrqiS1gsxy/tV1I81/K0j/osAH3sT7cFRLah/pDVcNtZR24 X-Received: by 2002:a17:906:d0cd:b0:a23:690e:48bf with SMTP id bq13-20020a170906d0cd00b00a23690e48bfmr1716136ejb.12.1703025125562; Tue, 19 Dec 2023 14:32:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025125; cv=none; d=google.com; s=arc-20160816; b=Mdj/f72vnymyghQ/mR2/tffefKe5xVj6PqY/o03ZH84gW9UtOAFRcbW9LiN3Dc+rIv 0WfVeXwML2k20UVvssDptBsCYcB3vGsSbyQn3cpvi6gv5TfJ9RwHjrN9HCfwSScC7cpe SvU9eLzLbaQ184WxDBpqx5C5a5vnv56aUY5ZwmW2/BnLndb4ZvkuxVBRFIlU6LTE8vao 4ssRQoMKRMB/pOmpiWvDs0G2niuxk1NB4L2ylAa0aTCzDBFxtuGtuObfHvRQ+UYFEMe0 iE7gmy8sz4DygcREygg29NzUHy2Z4V8k3YU26RIxAiL+8/hBvCeckfPoiA9ZTYyB8dZw BX1g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=uNoAVP0QdjYefiRU2LrZ1wqxo2WmCMSn1BBV5oc4/p4=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=mDOx5uDOtI7/Rm9cXQoz0rIov52mqPgkkq1anDXilsBfY579RhN38xiRnFDUM/eaBF Ezva0VcmPgjvQ1OCmtGXOl5+Ie4tiYoiuiXBidRtY3Pu8WBIVCHuUTTKb3o0H8l5FU4y QDKP3AbcydbKamPE4JpY/F4UHhEuBpO/sBc6QTKIoDpuynSoUIKMGo7U6lNnOFNxfOIx zNYPHRbBE1XZou19use4e/NnpzTqjWhr7iMJcB1kRm/V2VYhaXYQOpkHIKfxQII8l7nc f73Nfzm3nzzmLezR8dAjeQkv/zULyHNtQgoUqwRRJMX58thVQeOeaLi5tndaHXeDkVCC xVkQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=qKyzmQgF; spf=pass (google.com: domain of linux-kernel+bounces-6047-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6047-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id q16-20020a170906541000b00a232eeeca11si3158025ejo.160.2023.12.19.14.32.05 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:32:05 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6047-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=qKyzmQgF; spf=pass (google.com: domain of linux-kernel+bounces-6047-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6047-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 10FFE1F26047 for ; Tue, 19 Dec 2023 22:32:05 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 5E00741C92; Tue, 19 Dec 2023 22:30:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="qKyzmQgF" X-Original-To: linux-kernel@vger.kernel.org Received: from out-176.mta0.migadu.com (out-176.mta0.migadu.com [91.218.175.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DBE163D0C1 for ; Tue, 19 Dec 2023 22:30:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025017; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=uNoAVP0QdjYefiRU2LrZ1wqxo2WmCMSn1BBV5oc4/p4=; b=qKyzmQgFg/Y7DFx/QocHdWjJrVPMWCP48LD0cbTxo/AvGFiyJYN91o7BgFE+N8U+w/yHzN C6OjPdLT2mHcpxPkyqBEu2zYClKYdujcJMMPKEyXb1+/NggG2ze+zsPE+2stPIX/Yx9tta GpLx/JGbzJYPzm4QqujIB6NjsTUMg1k= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 06/21] kasan: introduce kasan_mempool_poison_pages Date: Tue, 19 Dec 2023 23:28:50 +0100 Message-Id: <88dc7340cce28249abf789f6e0c792c317df9ba5.1703024586.git.andreyknvl@google.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751274052448093 X-GMAIL-MSGID: 1785751274052448093 From: Andrey Konovalov Introduce and document a kasan_mempool_poison_pages hook to be used by the mempool code instead of kasan_poison_pages. Compated to kasan_poison_pages, the new hook: 1. For the tag-based modes, skips checking and poisoning allocations that were not tagged due to sampling. 2. Checks for double-free and invalid-free bugs. In the future, kasan_poison_pages can also be updated to handle #2, but this is out-of-scope of this series. Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 27 +++++++++++++++++++++++++++ mm/kasan/common.c | 23 +++++++++++++++++++++++ 2 files changed, 50 insertions(+) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index c5fe303bc1c2..de2a695ad34d 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -212,6 +212,29 @@ static __always_inline void * __must_check kasan_krealloc(const void *object, return (void *)object; } +bool __kasan_mempool_poison_pages(struct page *page, unsigned int order, + unsigned long ip); +/** + * kasan_mempool_poison_pages - Check and poison a mempool page allocation. + * @page: Pointer to the page allocation. + * @order: Order of the allocation. + * + * This function is intended for kernel subsystems that cache page allocations + * to reuse them instead of freeing them back to page_alloc (e.g. mempool). + * + * This function is similar to kasan_mempool_poison_object() but operates on + * page allocations. + * + * Return: true if the allocation can be safely reused; false otherwise. + */ +static __always_inline bool kasan_mempool_poison_pages(struct page *page, + unsigned int order) +{ + if (kasan_enabled()) + return __kasan_mempool_poison_pages(page, order, _RET_IP_); + return true; +} + bool __kasan_mempool_poison_object(void *ptr, unsigned long ip); /** * kasan_mempool_poison_object - Check and poison a mempool slab allocation. @@ -326,6 +349,10 @@ static inline void *kasan_krealloc(const void *object, size_t new_size, { return (void *)object; } +static inline bool kasan_mempool_poison_pages(struct page *page, unsigned int order) +{ + return true; +} static inline bool kasan_mempool_poison_object(void *ptr) { return true; diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 4b85d35bb8ab..b416f4c265a4 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -426,6 +426,29 @@ void * __must_check __kasan_krealloc(const void *object, size_t size, gfp_t flag return ____kasan_kmalloc(slab->slab_cache, object, size, flags); } +bool __kasan_mempool_poison_pages(struct page *page, unsigned int order, + unsigned long ip) +{ + unsigned long *ptr; + + if (unlikely(PageHighMem(page))) + return true; + + /* Bail out if allocation was excluded due to sampling. */ + if (!IS_ENABLED(CONFIG_KASAN_GENERIC) && + page_kasan_tag(page) == KASAN_TAG_KERNEL) + return true; + + ptr = page_address(page); + + if (check_page_allocation(ptr, ip)) + return false; + + kasan_poison(ptr, PAGE_SIZE << order, KASAN_PAGE_FREE, false); + + return true; +} + bool __kasan_mempool_poison_object(void *ptr, unsigned long ip) { struct folio *folio; From patchwork Tue Dec 19 22:28:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181319 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2273628dyi; Tue, 19 Dec 2023 14:32:23 -0800 (PST) X-Google-Smtp-Source: AGHT+IE8AMq4Cc56DOdFfUHgkKTLgdDdtoWtI4yd+xsLsQBsTaFHvRspBXH9gUhfa7fQvxy+xiDo X-Received: by 2002:a05:6a00:4b95:b0:6d4:ecab:7137 with SMTP id ks21-20020a056a004b9500b006d4ecab7137mr5826620pfb.10.1703025143562; Tue, 19 Dec 2023 14:32:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025143; cv=none; d=google.com; s=arc-20160816; b=WSUWmCfpb9LGh36PQrrKK238QpUf5mn9OX7ZNemMJDLwce14L/SjSjTO2dnuhDK3wM 8w8yaMTIxITFj49Cdotl7XOKUYktfLGiWQ9ZYhQAt5zNXPs9WPZRpAhtag6sEfJYURmu RloVazFDNT7uIij6w6fBe8ZFYcOZaT2MPUKD9UC1T22ZIhMrPSXjQ7jxR3xSJBMTNrhE AoZfV/Q+f7Yn6sZChvxRSU6HVTlAjF3m3EJwr4erRDL71HU7hUkVANpLmwX+7kGS3fIM fBXlPCKwZx8Qn9SLKUfSOi0n9z4PG8wqinizhUYJJvH99OQg6ZaZWCRk8vy/dZsrUriB smTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=WvnDVDl+9gd8JY/2icI2mu85dJxeSXpMDACLsdprvYg=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=tBIiwiLGIExfClYmS+Ov+3BSiWQINgGA2OfAUCBjRKZDgOuHW4gp9nMdLMqO+wF1B1 vvxUIV+ZMsPaK6TZACIShML7mgw3uuKiIsu2k4OPRurkQDtHcwlgV/+Dc8ugyY1zb4wY zQY53jMFHjhYFUXt6npsPANOU5xviSKQJGNT6CXuiNCCS6KHL6xbvxoFxwx9yZrMTmVv WvDyF/rr5aycMW8A9APZRhXEBiz5tOQgbQcXOD0P2SM/PS1iNtQMInGeftZ/e5E+YA1z xPUqKbKcgBIT21iCYHzh7QdG/3Act/9wL9bXx084rEcVSn2Q8ze8erNTlM0wmVMPLRm+ ogNA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=mmCEXgMa; spf=pass (google.com: domain of linux-kernel+bounces-6049-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6049-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id dw21-20020a056a00369500b006d947840c8bsi59841pfb.334.2023.12.19.14.32.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:32:23 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6049-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=mmCEXgMa; spf=pass (google.com: domain of linux-kernel+bounces-6049-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6049-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 50C26285AA7 for ; Tue, 19 Dec 2023 22:32:23 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 215A94436A; Tue, 19 Dec 2023 22:30:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="mmCEXgMa" X-Original-To: linux-kernel@vger.kernel.org Received: from out-183.mta0.migadu.com (out-183.mta0.migadu.com [91.218.175.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 796A61DFD7 for ; Tue, 19 Dec 2023 22:30:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025018; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WvnDVDl+9gd8JY/2icI2mu85dJxeSXpMDACLsdprvYg=; b=mmCEXgMaxz3LTDhN5Aelii+nb4wwQAwSPgj8RLHqQ7+wmGOwxjtSh8dT+vmH5EYV5C6oSg QM5LoKW2tweYqFLGq6U5930x/xHPsIBo/zhwS0iRxm/r+0RSCb6zBs2bH9dNdRzIbXalym qshEQaM+itGw4MLCZQr6zHqTS6ub/qA= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 07/21] kasan: introduce kasan_mempool_unpoison_pages Date: Tue, 19 Dec 2023 23:28:51 +0100 Message-Id: <239bd9af6176f2cc59f5c25893eb36143184daff.1703024586.git.andreyknvl@google.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751292695200831 X-GMAIL-MSGID: 1785751292695200831 From: Andrey Konovalov Introduce and document a new kasan_mempool_unpoison_pages hook to be used by the mempool code instead of kasan_unpoison_pages. This hook is not functionally different from kasan_unpoison_pages, but using it improves the mempool code readability. Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 25 +++++++++++++++++++++++++ mm/kasan/common.c | 6 ++++++ 2 files changed, 31 insertions(+) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index de2a695ad34d..f8ebde384bd7 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -225,6 +225,9 @@ bool __kasan_mempool_poison_pages(struct page *page, unsigned int order, * This function is similar to kasan_mempool_poison_object() but operates on * page allocations. * + * Before the poisoned allocation can be reused, it must be unpoisoned via + * kasan_mempool_unpoison_pages(). + * * Return: true if the allocation can be safely reused; false otherwise. */ static __always_inline bool kasan_mempool_poison_pages(struct page *page, @@ -235,6 +238,27 @@ static __always_inline bool kasan_mempool_poison_pages(struct page *page, return true; } +void __kasan_mempool_unpoison_pages(struct page *page, unsigned int order, + unsigned long ip); +/** + * kasan_mempool_unpoison_pages - Unpoison a mempool page allocation. + * @page: Pointer to the page allocation. + * @order: Order of the allocation. + * + * This function is intended for kernel subsystems that cache page allocations + * to reuse them instead of freeing them back to page_alloc (e.g. mempool). + * + * This function unpoisons a page allocation that was previously poisoned by + * kasan_mempool_poison_pages() without zeroing the allocation's memory. For + * the tag-based modes, this function assigns a new tag to the allocation. + */ +static __always_inline void kasan_mempool_unpoison_pages(struct page *page, + unsigned int order) +{ + if (kasan_enabled()) + __kasan_mempool_unpoison_pages(page, order, _RET_IP_); +} + bool __kasan_mempool_poison_object(void *ptr, unsigned long ip); /** * kasan_mempool_poison_object - Check and poison a mempool slab allocation. @@ -353,6 +377,7 @@ static inline bool kasan_mempool_poison_pages(struct page *page, unsigned int or { return true; } +static inline void kasan_mempool_unpoison_pages(struct page *page, unsigned int order) {} static inline bool kasan_mempool_poison_object(void *ptr) { return true; diff --git a/mm/kasan/common.c b/mm/kasan/common.c index b416f4c265a4..7ebc001d0fcd 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -449,6 +449,12 @@ bool __kasan_mempool_poison_pages(struct page *page, unsigned int order, return true; } +void __kasan_mempool_unpoison_pages(struct page *page, unsigned int order, + unsigned long ip) +{ + __kasan_unpoison_pages(page, order, false); +} + bool __kasan_mempool_poison_object(void *ptr, unsigned long ip) { struct folio *folio; From patchwork Tue Dec 19 22:28:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181318 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2273541dyi; Tue, 19 Dec 2023 14:32:13 -0800 (PST) X-Google-Smtp-Source: AGHT+IGMogYgYv6Ib8dW5k6P5Df33aS54UQSo/rHvMNwOsUpoTvLujWK0v+HMFE1JtVvqQUlARVA X-Received: by 2002:a17:906:b245:b0:a23:5eac:181e with SMTP id ce5-20020a170906b24500b00a235eac181emr889100ejb.258.1703025133039; Tue, 19 Dec 2023 14:32:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025133; cv=none; d=google.com; s=arc-20160816; b=HLldi81gTONwzalgCGruJ6VfkKU84ZWGMXypTHhvyz/xcP7xc6Ar+7HN0kRVT6NTzo ueOdzZokaFbg3a/vXz6j7UDNjGrJw8E1a2Z+7QzccK4+U4Ez9gInI7NAFhZ6sSU79LtV 7Zq99cSn+dGJRPukOe/09dNlt7owy2dwtgoKQjKGSmaMawzsPvGKQIKYkQJDtYb+rDcQ sG9oAQINBAzCLy3ipr5fVRm76FUcq39L88J5DxbqTefLJ7y+spJd7DK3iR9ru5m2aMcX 6cBaeJogsoj0YJbioU7PamL6AN+EfXe485EwImum7N50JtFJhw1w/MBGP5Ck5T+P/upo UxLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=xReOl/oREsxJLQ8k6aIhVhARLuZMnM3hsCknlxTDelk=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=Ul/FVgZofAsYMl8xvpclS8DGs3sLktNRsUOfVMYgZzU+Ks2Jrks2a+iDq/+6G1m/MS bX2zU5jB4oVrZ7ZpUg42xPc1rITwOZgePVE8myGVEKPTHuk7+kbFoUftKRl4CpMztQ0k eFrZP/7ZHtFzxzviZpW8UQ5SALle+gSAyRyHYo3dT8hNYsRzW/zglBghjwxbr4jE5Lxp KFE9mmOyNdym7epV3zAw0cwJck9moFHbi+9XBZJVe7/OLyTqaEpNwoNoB+vjPk3af+WB 6c1iX5wGH8KyyXZH7Cf0SsAPlntRWjCIHXDLHDzRYqiPTgEMe0A5cHJG84FSG/Lk1nUU bvHA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=aMTrQUR0; spf=pass (google.com: domain of linux-kernel+bounces-6048-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6048-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id w15-20020a170906480f00b00a236ad88211si1396728ejq.564.2023.12.19.14.32.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:32:13 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6048-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=aMTrQUR0; spf=pass (google.com: domain of linux-kernel+bounces-6048-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6048-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id A39C91F258B2 for ; Tue, 19 Dec 2023 22:32:12 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1D5F842064; Tue, 19 Dec 2023 22:30:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="aMTrQUR0" X-Original-To: linux-kernel@vger.kernel.org Received: from out-174.mta0.migadu.com (out-174.mta0.migadu.com [91.218.175.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C9E423C6AC for ; Tue, 19 Dec 2023 22:30:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025019; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xReOl/oREsxJLQ8k6aIhVhARLuZMnM3hsCknlxTDelk=; b=aMTrQUR0xLK7BplxYFtE4/Xbs25JDCetJWE5YR0p8XlsH+LA6uU4fkxqdQROa6y+LmxS6E H6/bMd8AJ43AJZtjVMsIrilr90PtruFOb4TzM1ChHIK5W2TnGpASFi8QvV447DisyRfhwH u+nqgpjQtRh+bJSPL6UUsX9RcwPAdbI= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 08/21] kasan: clean up __kasan_mempool_poison_object Date: Tue, 19 Dec 2023 23:28:52 +0100 Message-Id: <4f6fc8840512286c1a96e16e86901082c671677d.1703024586.git.andreyknvl@google.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751281569838581 X-GMAIL-MSGID: 1785751281569838581 From: Andrey Konovalov Reorganize the code and reword the comment in __kasan_mempool_poison_object to improve the code readability. Signed-off-by: Andrey Konovalov --- mm/kasan/common.c | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 7ebc001d0fcd..3f4a1ed69e03 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -457,27 +457,22 @@ void __kasan_mempool_unpoison_pages(struct page *page, unsigned int order, bool __kasan_mempool_poison_object(void *ptr, unsigned long ip) { - struct folio *folio; - - folio = virt_to_folio(ptr); + struct folio *folio = virt_to_folio(ptr); + struct slab *slab; /* - * Even though this function is only called for kmem_cache_alloc and - * kmalloc backed mempool allocations, those allocations can still be - * !PageSlab() when the size provided to kmalloc is larger than - * KMALLOC_MAX_SIZE, and kmalloc falls back onto page_alloc. + * This function can be called for large kmalloc allocation that get + * their memory from page_alloc. Thus, the folio might not be a slab. */ if (unlikely(!folio_test_slab(folio))) { if (check_page_allocation(ptr, ip)) return false; kasan_poison(ptr, folio_size(folio), KASAN_PAGE_FREE, false); return true; - } else { - struct slab *slab = folio_slab(folio); - - return !____kasan_slab_free(slab->slab_cache, ptr, ip, - false, false); } + + slab = folio_slab(folio); + return !____kasan_slab_free(slab->slab_cache, ptr, ip, false, false); } void __kasan_mempool_unpoison_object(void *ptr, size_t size, unsigned long ip) From patchwork Tue Dec 19 22:28:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181320 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2273750dyi; Tue, 19 Dec 2023 14:32:41 -0800 (PST) X-Google-Smtp-Source: AGHT+IHHgGrgrodUk48k4jy1vk5I+7hPvyZMLLbs/3myyo+OBHX+suxbfPahIRgDHn7Mpi/OSmM8 X-Received: by 2002:a17:907:7f8b:b0:a26:861f:c05c with SMTP id qk11-20020a1709077f8b00b00a26861fc05cmr863924ejc.114.1703025161525; Tue, 19 Dec 2023 14:32:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025161; cv=none; d=google.com; s=arc-20160816; b=shejZfGPM8gRpqnc6vbtEvTGPrpJ073Gve4+boRP6bxrC+mOCDDVXIHqha8MZwHyqE q4qRyLxEnkaVLQdQbqtqFmORkV8wozkYmT0QybpOEjuVMikkXlh4GHoW/bXEv6hDlH+W M4VZ8Iyb1XkKSTF1FEiiSbaVIMkvfCes4SvFZBd098kR4S2cdo3oFqCtHu76rV9IizvT POAGfBAvMLe4rZN8pvUAsFjsZ/54J6Jlp50Zpmy6n4nsV4Ql4J67kcZg78f9cXn4ItNx CSLkMnraLbynvgVk+oN7I1sFnPGMhJJx1jFSukYstffIAJ3P9sw6zW0GLlsc2aQIMK9v 2b0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=hXURpFT5cXmxHd6E+IlRMk2ARDz23DTQrTWld5qdG1E=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=AUtygDcqiCestgTtRU97BHO76pv0P41OD5fqay2HQ9c2DolMC1hJEcvphNtpqLhdKY 5uSkhYSx0oKUyOdM+Vg4Z4I8FfnZ2zwOP4H4iyOAwYVhubSmO8XE6l4JlAvPXuweABHw r+sZrayC4eEGouLl6F4y59QiSFOi0/PpcdoAn5WawLsEZaK56NvYyu8BX8oWQYSfDal7 yFNtCX3YeVBxIz2FBa5vQEiKhk3+31/Nipluj59Z/jiahuktX+YQez6IuNLSJM2RAmrH cxTzjyfujyMLV79udKWKagpb7wfaJZEd1T+GIURpMamcmFWkcHmBxjlPXuZXfvxeLqo7 2GXQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=TbFrSJjR; spf=pass (google.com: domain of linux-kernel+bounces-6051-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6051-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id fy20-20020a170906b7d400b00a23761cb0bcsi963006ejb.790.2023.12.19.14.32.41 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:32:41 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6051-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=TbFrSJjR; spf=pass (google.com: domain of linux-kernel+bounces-6051-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6051-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 2486C1F261DC for ; Tue, 19 Dec 2023 22:32:41 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 61E5E46422; Tue, 19 Dec 2023 22:30:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="TbFrSJjR" X-Original-To: linux-kernel@vger.kernel.org Received: from out-188.mta0.migadu.com (out-188.mta0.migadu.com [91.218.175.188]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9A6DA3D0D9 for ; Tue, 19 Dec 2023 22:30:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025019; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=hXURpFT5cXmxHd6E+IlRMk2ARDz23DTQrTWld5qdG1E=; b=TbFrSJjRFEHr11m9ihb+YpF44WT4zDOU6SR/gpiWxNk2O2ewimYty9RDE8JeT2bHHQsmaJ 7iHSxvOfzi3HpU9gwdbmyAE7I1nnRqLM1ejSraTyzN977wLeS1qdGvxzBLEl1QotjPd3vl vMCPpPc3Z0zUFBC41bC95eXG8vcuwiQ= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 09/21] kasan: save free stack traces for slab mempools Date: Tue, 19 Dec 2023 23:28:53 +0100 Message-Id: <413a7c7c3344fb56809853339ffaabc9e4905e94.1703024586.git.andreyknvl@google.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751311770154425 X-GMAIL-MSGID: 1785751311770154425 From: Andrey Konovalov Make kasan_mempool_poison_object save free stack traces for slab and kmalloc mempools when the object is freed into the mempool. Also simplify and rename ____kasan_slab_free to poison_slab_object and do a few other reability changes. Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 5 +++-- mm/kasan/common.c | 20 +++++++++----------- 2 files changed, 12 insertions(+), 13 deletions(-) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index f8ebde384bd7..e636a00e26ba 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -268,8 +268,9 @@ bool __kasan_mempool_poison_object(void *ptr, unsigned long ip); * to reuse them instead of freeing them back to the slab allocator (e.g. * mempool). * - * This function poisons a slab allocation without initializing its memory and - * without putting it into the quarantine (for the Generic mode). + * This function poisons a slab allocation and saves a free stack trace for it + * without initializing the allocation's memory and without putting it into the + * quarantine (for the Generic mode). * * This function also performs checks to detect double-free and invalid-free * bugs and reports them. The caller can use the return value of this function diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 3f4a1ed69e03..59146886e57d 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -207,8 +207,8 @@ void * __must_check __kasan_init_slab_obj(struct kmem_cache *cache, return (void *)object; } -static inline bool ____kasan_slab_free(struct kmem_cache *cache, void *object, - unsigned long ip, bool quarantine, bool init) +static inline bool poison_slab_object(struct kmem_cache *cache, void *object, + unsigned long ip, bool init) { void *tagged_object; @@ -221,13 +221,12 @@ static inline bool ____kasan_slab_free(struct kmem_cache *cache, void *object, if (is_kfence_address(object)) return false; - if (unlikely(nearest_obj(cache, virt_to_slab(object), object) != - object)) { + if (unlikely(nearest_obj(cache, virt_to_slab(object), object) != object)) { kasan_report_invalid_free(tagged_object, ip, KASAN_REPORT_INVALID_FREE); return true; } - /* RCU slabs could be legally used after free within the RCU period */ + /* RCU slabs could be legally used after free within the RCU period. */ if (unlikely(cache->flags & SLAB_TYPESAFE_BY_RCU)) return false; @@ -239,19 +238,18 @@ static inline bool ____kasan_slab_free(struct kmem_cache *cache, void *object, kasan_poison(object, round_up(cache->object_size, KASAN_GRANULE_SIZE), KASAN_SLAB_FREE, init); - if ((IS_ENABLED(CONFIG_KASAN_GENERIC) && !quarantine)) - return false; - if (kasan_stack_collection_enabled()) kasan_save_free_info(cache, tagged_object); - return kasan_quarantine_put(cache, object); + return false; } bool __kasan_slab_free(struct kmem_cache *cache, void *object, unsigned long ip, bool init) { - return ____kasan_slab_free(cache, object, ip, true, init); + bool buggy_object = poison_slab_object(cache, object, ip, init); + + return buggy_object ? true : kasan_quarantine_put(cache, object); } static inline bool check_page_allocation(void *ptr, unsigned long ip) @@ -472,7 +470,7 @@ bool __kasan_mempool_poison_object(void *ptr, unsigned long ip) } slab = folio_slab(folio); - return !____kasan_slab_free(slab->slab_cache, ptr, ip, false, false); + return !poison_slab_object(slab->slab_cache, ptr, ip, false); } void __kasan_mempool_unpoison_object(void *ptr, size_t size, unsigned long ip) From patchwork Tue Dec 19 22:28:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181322 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2273999dyi; Tue, 19 Dec 2023 14:33:16 -0800 (PST) X-Google-Smtp-Source: AGHT+IFNslt4pA2kCSA9XQU+N1+SanblVYEinPeX2hXAXz0/k+FjJzGB6DfNI0+g/vcXFZVkLeCL X-Received: by 2002:a17:903:1248:b0:1d3:ad3d:2bec with SMTP id u8-20020a170903124800b001d3ad3d2becmr2942977plh.25.1703025196244; Tue, 19 Dec 2023 14:33:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025196; cv=none; d=google.com; s=arc-20160816; b=u4mJTOLSm+bNJtSiP7YBuH99/Zw9wZFdTAbppsiUTokdBTyyzCC8+79MdB8FFZ80Ei wTg9hfexG3g4ms97t80YTGoIXUBT2kE6ClpZoOJlr4AroTIhpIHpk796tGXHis4/rwRV bqJajxQJiq2fndlt8cl+9+YNQ11WyFKwGn333HvflFu+KgMTO5xGP/U/+141AbPd7ict ygKBcGG5BGWbqbWkTdD3tPYJGDL5mddo6o8psX2hjOYpxps5JMv6/nP7FiPYR9j3IcsY n0QLrCj3/7Wchg7OoS/TAIrhu0I9qwsY9duqQuu0/7ZOPw4/9W+M0JZ63ZfwLoci8Zy7 BQuw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=TOZdtH5KljVO+QBwvb475Ri4NSt7i5y2rX8Y2gdn2wY=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=fDlRd2t8k58D2KKIP6ogotS17lJ0bnVTLT3nTULo6zhJHeqLd9t3ikE9JdFHvCt/e9 eqkuvVok/g27bankdlsrP4xHv3I5iRCSahbvRLuQ4TQGOW5ncCArrIwbvSfxM79xxWcE /pi/dUn0o1dqUCi2Dr2v28C+FkAkoJPo6X2Qaox3D10vSXmZJxN0BL6YLSfaSjmzugO0 CAkpCXBZczStotTsCZi/VLIN1kgYbW0Xf8mkFYL+URQORwdFPC+eoVMwYQvM99G31ug/ HcoRQbPFQkvQgsa2aWYVuRrUxRdgOkoMRt0/zfHFCqkondzWZIdkFCkguadgvFehE3zT xrsg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=Ctrg2ZB1; spf=pass (google.com: domain of linux-kernel+bounces-6050-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6050-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id h8-20020a170902704800b001cfa7f91403si20165136plt.183.2023.12.19.14.33.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:33:16 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6050-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=Ctrg2ZB1; spf=pass (google.com: domain of linux-kernel+bounces-6050-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6050-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id E8765B23A38 for ; Tue, 19 Dec 2023 22:32:33 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 733973DBAA; Tue, 19 Dec 2023 22:30:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="Ctrg2ZB1" X-Original-To: linux-kernel@vger.kernel.org Received: from out-184.mta0.migadu.com (out-184.mta0.migadu.com [91.218.175.184]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C009F3D0DB for ; Tue, 19 Dec 2023 22:30:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025020; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=TOZdtH5KljVO+QBwvb475Ri4NSt7i5y2rX8Y2gdn2wY=; b=Ctrg2ZB1vr09mQJDl/g4xpRjwYVqozqH5I/yyeUDJ9kKUUsjofuMXHKU5XEuSmxPXCR5w9 dDaoAQH0Z6U4wMeGi6PrDUTFdO+Rj/pE+kqT96iJ8qj/ZdT+fG6UmURjrqCkw90n3UvUpY cDiRSDo85Tluc4i4aNZ0g57lX0tLRX8= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 10/21] kasan: clean up and rename ____kasan_kmalloc Date: Tue, 19 Dec 2023 23:28:54 +0100 Message-Id: <5881232ad357ec0d59a5b1aefd9e0673a386399a.1703024586.git.andreyknvl@google.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751348458713268 X-GMAIL-MSGID: 1785751348458713268 From: Andrey Konovalov Introduce a new poison_kmalloc_redzone helper function that poisons the redzone for kmalloc object. Drop the confusingly named ____kasan_kmalloc function and instead use poison_kmalloc_redzone along with the other required parts of ____kasan_kmalloc in the callers' code. This is a preparatory change for the following patches in this series. Signed-off-by: Andrey Konovalov --- mm/kasan/common.c | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 59146886e57d..1217b260abc3 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -312,26 +312,12 @@ void * __must_check __kasan_slab_alloc(struct kmem_cache *cache, return tagged_object; } -static inline void *____kasan_kmalloc(struct kmem_cache *cache, +static inline void poison_kmalloc_redzone(struct kmem_cache *cache, const void *object, size_t size, gfp_t flags) { unsigned long redzone_start; unsigned long redzone_end; - if (gfpflags_allow_blocking(flags)) - kasan_quarantine_reduce(); - - if (unlikely(object == NULL)) - return NULL; - - if (is_kfence_address(kasan_reset_tag(object))) - return (void *)object; - - /* - * The object has already been unpoisoned by kasan_slab_alloc() for - * kmalloc() or by kasan_krealloc() for krealloc(). - */ - /* * The redzone has byte-level precision for the generic mode. * Partially poison the last object granule to cover the unaligned @@ -355,14 +341,25 @@ static inline void *____kasan_kmalloc(struct kmem_cache *cache, if (kasan_stack_collection_enabled() && is_kmalloc_cache(cache)) kasan_save_alloc_info(cache, (void *)object, flags); - /* Keep the tag that was set by kasan_slab_alloc(). */ - return (void *)object; } void * __must_check __kasan_kmalloc(struct kmem_cache *cache, const void *object, size_t size, gfp_t flags) { - return ____kasan_kmalloc(cache, object, size, flags); + if (gfpflags_allow_blocking(flags)) + kasan_quarantine_reduce(); + + if (unlikely(object == NULL)) + return NULL; + + if (is_kfence_address(kasan_reset_tag(object))) + return (void *)object; + + /* The object has already been unpoisoned by kasan_slab_alloc(). */ + poison_kmalloc_redzone(cache, object, size, flags); + + /* Keep the tag that was set by kasan_slab_alloc(). */ + return (void *)object; } EXPORT_SYMBOL(__kasan_kmalloc); @@ -408,6 +405,9 @@ void * __must_check __kasan_krealloc(const void *object, size_t size, gfp_t flag if (unlikely(object == ZERO_SIZE_PTR)) return (void *)object; + if (is_kfence_address(kasan_reset_tag(object))) + return (void *)object; + /* * Unpoison the object's data. * Part of it might already have been unpoisoned, but it's unknown @@ -420,8 +420,10 @@ void * __must_check __kasan_krealloc(const void *object, size_t size, gfp_t flag /* Piggy-back on kmalloc() instrumentation to poison the redzone. */ if (unlikely(!slab)) return __kasan_kmalloc_large(object, size, flags); - else - return ____kasan_kmalloc(slab->slab_cache, object, size, flags); + else { + poison_kmalloc_redzone(slab->slab_cache, object, size, flags); + return (void *)object; + } } bool __kasan_mempool_poison_pages(struct page *page, unsigned int order, From patchwork Tue Dec 19 22:28:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181321 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2273800dyi; Tue, 19 Dec 2023 14:32:48 -0800 (PST) X-Google-Smtp-Source: AGHT+IGBDu5WEhD1kMJtnq104IeA5qJ47aywuDXanF6HCF975sbkjBnGpJMqRhrxPUnTHvqeU/Jh X-Received: by 2002:a05:600c:c0c:b0:40d:2d7a:7a25 with SMTP id fm12-20020a05600c0c0c00b0040d2d7a7a25mr643230wmb.66.1703025168216; Tue, 19 Dec 2023 14:32:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025168; cv=none; d=google.com; s=arc-20160816; b=s08EjcTLIAQfqTOaFSGDNE0BkPJnUJO/wG9dW3afhORA9oY/ElqgONCw/MdP2HSaLt PTVeOxGvgu5/OZbVy3M0HYPXVmIt4XsV7bGXK0auHlpZ3L5GMwijJLAKK0OlWHUeTf2C Im9p0tDWHJqqItkLNb+8qGBhJzwoo3kEcuCSODeZ5+GEZ6QjzmAOMLa5S27k6HYqdWaZ pDFGP3p2yeCYFAa57XuIs0v5vB35UmOZmJ0LFgwMxByDvJzDqxo+HQH/n2kBo2ADGbtG L1qHfaSZp6v6qptdGWTNW6TO0lCB6Sr69M/esu5ZdvtLneWzWF8fVVVKC2eO1+ZBsrv1 peYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=+EoZxIVuEAKv7x5FH4zs492QikDHeQQIvGcyYCPoQRk=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=RNzAStb2Qcz8T37ljdGojcOjtjD4IBCbsOCp3nZBm+IvMvchp+XE3uFuRbjqZjV+LR SH7HTtBBAaLndZbw2iguvSoG1ZvIIQG4UJ7ryI6KafxqvFf51P8l49Xj0zf4XBPv1taT ctSjwcSr6/giC45+3Ww0YeVk2TSOPG7NXYfIklb2+oIgZpIyyFgaI32dRWsI/sP7sQ7n EaXwwWhAFLJ3UDFlVlRA4DHHSqc96MPAptOku7hcb+zuotnimEExFeDAqWLdMw+laR/n rS0az6sKacKd8nNTg8moqHIOQihLAZffuLq7ZbN8Zj1mbONXHIVTy4fI/r9Q++ZMJL30 mY4A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=SkAJqCw+; spf=pass (google.com: domain of linux-kernel+bounces-6052-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6052-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id e5-20020a170906504500b00a2353a27a3fsi2348532ejk.910.2023.12.19.14.32.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:32:48 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6052-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=SkAJqCw+; spf=pass (google.com: domain of linux-kernel+bounces-6052-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6052-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id D0A531F26047 for ; Tue, 19 Dec 2023 22:32:47 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 41131273FD; Tue, 19 Dec 2023 22:30:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="SkAJqCw+" X-Original-To: linux-kernel@vger.kernel.org Received: from out-180.mta0.migadu.com (out-180.mta0.migadu.com [91.218.175.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A54F13D0D5 for ; Tue, 19 Dec 2023 22:30:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025021; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=+EoZxIVuEAKv7x5FH4zs492QikDHeQQIvGcyYCPoQRk=; b=SkAJqCw+CpgpYcxkKbpNsgiVRs3jZsJLDCK6h/+n2tye0d1nsMHpkQEKaGwzu+Y3ortVD6 2V4tHBKknFNLP7uf44CoMBA1yfnNNq11AYTUObnX7PBrHpXsVtYRLuuPg5ub4gL7k2ldkm fH/a/eow85Q+6vMR0kRodOwNov6scpA= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 11/21] kasan: introduce poison_kmalloc_large_redzone Date: Tue, 19 Dec 2023 23:28:55 +0100 Message-Id: <93317097b668519d76097fb065201b2027436e22.1703024586.git.andreyknvl@google.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751318856514442 X-GMAIL-MSGID: 1785751318856514442 From: Andrey Konovalov Split out a poison_kmalloc_large_redzone helper from __kasan_kmalloc_large and use it in the caller's code. This is a preparatory change for the following patches in this series. Signed-off-by: Andrey Konovalov --- mm/kasan/common.c | 41 +++++++++++++++++++++++------------------ 1 file changed, 23 insertions(+), 18 deletions(-) diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 1217b260abc3..962805bf5f62 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -363,23 +363,12 @@ void * __must_check __kasan_kmalloc(struct kmem_cache *cache, const void *object } EXPORT_SYMBOL(__kasan_kmalloc); -void * __must_check __kasan_kmalloc_large(const void *ptr, size_t size, +static inline void poison_kmalloc_large_redzone(const void *ptr, size_t size, gfp_t flags) { unsigned long redzone_start; unsigned long redzone_end; - if (gfpflags_allow_blocking(flags)) - kasan_quarantine_reduce(); - - if (unlikely(ptr == NULL)) - return NULL; - - /* - * The object has already been unpoisoned by kasan_unpoison_pages() for - * alloc_pages() or by kasan_krealloc() for krealloc(). - */ - /* * The redzone has byte-level precision for the generic mode. * Partially poison the last object granule to cover the unaligned @@ -389,12 +378,25 @@ void * __must_check __kasan_kmalloc_large(const void *ptr, size_t size, kasan_poison_last_granule(ptr, size); /* Poison the aligned part of the redzone. */ - redzone_start = round_up((unsigned long)(ptr + size), - KASAN_GRANULE_SIZE); + redzone_start = round_up((unsigned long)(ptr + size), KASAN_GRANULE_SIZE); redzone_end = (unsigned long)ptr + page_size(virt_to_page(ptr)); kasan_poison((void *)redzone_start, redzone_end - redzone_start, KASAN_PAGE_REDZONE, false); +} +void * __must_check __kasan_kmalloc_large(const void *ptr, size_t size, + gfp_t flags) +{ + if (gfpflags_allow_blocking(flags)) + kasan_quarantine_reduce(); + + if (unlikely(ptr == NULL)) + return NULL; + + /* The object has already been unpoisoned by kasan_unpoison_pages(). */ + poison_kmalloc_large_redzone(ptr, size, flags); + + /* Keep the tag that was set by alloc_pages(). */ return (void *)ptr; } @@ -402,6 +404,9 @@ void * __must_check __kasan_krealloc(const void *object, size_t size, gfp_t flag { struct slab *slab; + if (gfpflags_allow_blocking(flags)) + kasan_quarantine_reduce(); + if (unlikely(object == ZERO_SIZE_PTR)) return (void *)object; @@ -419,11 +424,11 @@ void * __must_check __kasan_krealloc(const void *object, size_t size, gfp_t flag /* Piggy-back on kmalloc() instrumentation to poison the redzone. */ if (unlikely(!slab)) - return __kasan_kmalloc_large(object, size, flags); - else { + poison_kmalloc_large_redzone(object, size, flags); + else poison_kmalloc_redzone(slab->slab_cache, object, size, flags); - return (void *)object; - } + + return (void *)object; } bool __kasan_mempool_poison_pages(struct page *page, unsigned int order, From patchwork Tue Dec 19 22:28:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181326 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2274361dyi; Tue, 19 Dec 2023 14:34:10 -0800 (PST) X-Google-Smtp-Source: AGHT+IGqxEMCcfPJI7i97NkkAXkCC7o3mf3ov1Vo34OmUewMX2B7VXeJnZn4HVNI1CJ/DMWhk7dH X-Received: by 2002:a05:6808:198d:b0:3b5:75ad:5b73 with SMTP id bj13-20020a056808198d00b003b575ad5b73mr26219578oib.13.1703025250678; Tue, 19 Dec 2023 14:34:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025250; cv=none; d=google.com; s=arc-20160816; b=aawXkZTJRlZ7IF+Kgdzqk9X/73sZY2hVmSi3shHjZO37skEFgV1vOmUi+HgRVm+YL/ exk1N1kUXlvXCJB6E0N008ExmxCEGW58INNUhYJ55AhveMnMLZjoK0FMyRRIa3X1q6qL VkO4bz65wFmTLx5biZIQa2FpPz22ejJzbitx5xfi58qybYM5LMRz4vTViU0qFf8WMopc +dvLXfiXEsXu1Tge92u2DmdXMpKY1xFv42wZG38YSNxO01GIGpcx1NT8dxpCKRWciwOo SmOGQbtPsSAu4YAwmP8fGPVUkPs6d+V2KNtY4zu1nGbypNRhYWLnxBn77i+bktlhGEk3 /VCA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=g+O4MJvijsH/fxNfhEtO0ZT1bhv1NQvjMHnoD8zQplM=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=hMQ/2fb9+l7NzV4sMrwCSlPr/W6vO2xb3j3jlL4Spuv6Z/1yeqoELoWVtLnAmoOTQW c4uOnQXebGNWc6Dlu+4tfmeEN6kIFT6mh3JnPceoV+HPLY0mIVKM8B2RrT8bVpm7aYdN RWjWmaXR1rqJAS/fqmrHLaAlakbYijRk2hXDku7CXaZzXNzrk7/PEJ/LOlCu7Xg7Hu1T Z4JWTuexENBfEeF3ebofaHxyUFX0l4B8kkqmWcgqR/p1SibTxD5xEdNc4VZvFYuq4ssV 0B532Je3Tk/JHZaJzOdJp0L0ncuBjSRnIzQHDtxcmd3/yk7o891R/RRZ4QJtI7ILjDWS J3Dw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=r2ZaOIS6; spf=pass (google.com: domain of linux-kernel+bounces-6056-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6056-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id pb22-20020a05620a839600b00774173d6bb4si27875433qkn.190.2023.12.19.14.34.10 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:34:10 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6056-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=r2ZaOIS6; spf=pass (google.com: domain of linux-kernel+bounces-6056-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6056-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 61A051C25450 for ; Tue, 19 Dec 2023 22:34:10 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 8A9B13DB80; Tue, 19 Dec 2023 22:31:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="r2ZaOIS6" X-Original-To: linux-kernel@vger.kernel.org Received: from out-178.mta0.migadu.com (out-178.mta0.migadu.com [91.218.175.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 55A553D0D0 for ; Tue, 19 Dec 2023 22:31:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025083; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=g+O4MJvijsH/fxNfhEtO0ZT1bhv1NQvjMHnoD8zQplM=; b=r2ZaOIS6ZMwbcRwAxJW59qk9nmH2ETUbfqjNUSa+35AQ7mxBRhFueCynEMDfgvcNnxrrtH sElLzMZVBT/HNZgRFD9eQQjvBsU+nFyNWnkw46nJ6bBbaBE5Zd1NMueq/it/uzQfhtXh75 B0otrG1zpXfsZNehE7M3FBuN9mYYkzY= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 12/21] kasan: save alloc stack traces for mempool Date: Tue, 19 Dec 2023 23:28:56 +0100 Message-Id: <05ad235da8347cfe14d496d01b2aaf074b4f607c.1703024586.git.andreyknvl@google.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751405157485248 X-GMAIL-MSGID: 1785751405157485248 From: Andrey Konovalov Update kasan_mempool_unpoison_object to properly poison the redzone and save alloc strack traces for kmalloc and slab pools. As a part of this change, split out and use a unpoison_slab_object helper function from __kasan_slab_alloc. Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 7 +++--- mm/kasan/common.c | 50 ++++++++++++++++++++++++++++++++++--------- 2 files changed, 44 insertions(+), 13 deletions(-) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index e636a00e26ba..7392c5d89b92 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -303,9 +303,10 @@ void __kasan_mempool_unpoison_object(void *ptr, size_t size, unsigned long ip); * mempool). * * This function unpoisons a slab allocation that was previously poisoned via - * kasan_mempool_poison_object() without initializing its memory. For the - * tag-based modes, this function does not assign a new tag to the allocation - * and instead restores the original tags based on the pointer value. + * kasan_mempool_poison_object() and saves an alloc stack trace for it without + * initializing the allocation's memory. For the tag-based modes, this function + * does not assign a new tag to the allocation and instead restores the + * original tags based on the pointer value. * * This function operates on all slab allocations including large kmalloc * allocations (the ones returned by kmalloc_large() or by kmalloc() with the diff --git a/mm/kasan/common.c b/mm/kasan/common.c index 962805bf5f62..b8e7416f83af 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -277,6 +277,20 @@ void __kasan_kfree_large(void *ptr, unsigned long ip) /* The object will be poisoned by kasan_poison_pages(). */ } +void unpoison_slab_object(struct kmem_cache *cache, void *object, gfp_t flags, + bool init) +{ + /* + * Unpoison the whole object. For kmalloc() allocations, + * poison_kmalloc_redzone() will do precise poisoning. + */ + kasan_unpoison(object, cache->object_size, init); + + /* Save alloc info (if possible) for non-kmalloc() allocations. */ + if (kasan_stack_collection_enabled() && !is_kmalloc_cache(cache)) + kasan_save_alloc_info(cache, object, flags); +} + void * __must_check __kasan_slab_alloc(struct kmem_cache *cache, void *object, gfp_t flags, bool init) { @@ -299,15 +313,8 @@ void * __must_check __kasan_slab_alloc(struct kmem_cache *cache, tag = assign_tag(cache, object, false); tagged_object = set_tag(object, tag); - /* - * Unpoison the whole object. - * For kmalloc() allocations, kasan_kmalloc() will do precise poisoning. - */ - kasan_unpoison(tagged_object, cache->object_size, init); - - /* Save alloc info (if possible) for non-kmalloc() allocations. */ - if (kasan_stack_collection_enabled() && !is_kmalloc_cache(cache)) - kasan_save_alloc_info(cache, tagged_object, flags); + /* Unpoison the object and save alloc info for non-kmalloc() allocations. */ + unpoison_slab_object(cache, tagged_object, flags, init); return tagged_object; } @@ -482,7 +489,30 @@ bool __kasan_mempool_poison_object(void *ptr, unsigned long ip) void __kasan_mempool_unpoison_object(void *ptr, size_t size, unsigned long ip) { - kasan_unpoison(ptr, size, false); + struct slab *slab; + gfp_t flags = 0; /* Might be executing under a lock. */ + + if (is_kfence_address(kasan_reset_tag(ptr))) + return; + + slab = virt_to_slab(ptr); + + /* + * This function can be called for large kmalloc allocation that get + * their memory from page_alloc. + */ + if (unlikely(!slab)) { + kasan_unpoison(ptr, size, false); + poison_kmalloc_large_redzone(ptr, size, flags); + return; + } + + /* Unpoison the object and save alloc info for non-kmalloc() allocations. */ + unpoison_slab_object(slab->slab_cache, ptr, size, flags); + + /* Poison the redzone and save alloc info for kmalloc() allocations. */ + if (is_kmalloc_cache(slab->slab_cache)) + poison_kmalloc_redzone(slab->slab_cache, ptr, size, flags); } bool __kasan_check_byte(const void *address, unsigned long ip) From patchwork Tue Dec 19 22:28:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181323 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2274211dyi; Tue, 19 Dec 2023 14:33:45 -0800 (PST) X-Google-Smtp-Source: AGHT+IHGhapexIw/+c8f97JRAoeo11dWEUhesS5bhDEvU2QDtW6F6/b/Grn1GZOPiKgi76Sa1ZsZ X-Received: by 2002:a17:906:7fc9:b0:a23:5893:1ac8 with SMTP id r9-20020a1709067fc900b00a2358931ac8mr1819551ejs.27.1703025225598; Tue, 19 Dec 2023 14:33:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025225; cv=none; d=google.com; s=arc-20160816; b=eXHHuRuXnjXAOyNNALnBz/Fzrp+GeURw9gC1VtOdSb/pyKyYI8DQSWMpb/CF+k4ZQC W+mxVI7x3bqDnZq6+u6ydjpd3jemr5NOBUnU223VRbXDf5x3EMz/8ze4obwmvahNMpj8 jSsruIz4gOImQaQlg1nBNIzOr+4DtrwnGVWy5B+yEq3KcdHsvrvvWpt0/ruj0C5Y3qHN uljf96cGW6BCYHIoxpzxwYM/mFDcuXMZZJ5QYz0sPibulUs5GTAlGeyZLIDtjOoAHfeq 1HDpXrQNtAQLqrlQONAY/VVbaPcQd45qAL0c3nfXnluKkyY0UZnVUDRH7PZFtW2CXCr2 O/oQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=KVsX1wYh/u3bsgXc0v6541Y+g0kgoewEBIuD2sVrVOE=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=VfJhm28ei0Y3sbftijye0nZQHL16q4jUaKipBae2ou6sbOtdSAF5iN/KP2Zq0pBwBr nHHAdtwz+VpaQ7A5IlDLw239SQs9fU2rEdgGtm3lr60OiGCGEzKyxBegvXfFrRC33Zau Ud7pvaLeJe2tvab8CxLkZPdz8OeeYwGK5QLkYCQs84eKrbECQM7zpt+wxKUgeIKhldzc Pv7Eme+JU56FKRbY3Dx9r3aIZE1gFQiC/0otbgE4B28u9SoXmS6rNzHhd1vMGRumMIpj mKvw5TLZqtsYUzhxt4BKPfU9mpOzlzgQAItq19IlpjJY5V4R7lu/x8pZYVuKgg+fJPBL puZw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=Kt1rNfuv; spf=pass (google.com: domain of linux-kernel+bounces-6053-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6053-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id lj11-20020a170906f9cb00b00a235b1d5de0si1898059ejb.440.2023.12.19.14.33.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:33:45 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6053-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=Kt1rNfuv; spf=pass (google.com: domain of linux-kernel+bounces-6053-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6053-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id F35211F263B4 for ; Tue, 19 Dec 2023 22:33:44 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id A4BFA4184B; Tue, 19 Dec 2023 22:31:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="Kt1rNfuv" X-Original-To: linux-kernel@vger.kernel.org Received: from out-179.mta0.migadu.com (out-179.mta0.migadu.com [91.218.175.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CC21F3D0AB for ; Tue, 19 Dec 2023 22:31:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025084; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=KVsX1wYh/u3bsgXc0v6541Y+g0kgoewEBIuD2sVrVOE=; b=Kt1rNfuvx7+wT5H8UNOgwHCeTbOEvaDygKRpZZi3u1FYmus+bD/11ubTVW79B+oIdiaNwz JlwOYJnlQA+xJy+dqmZh3LmC25rgn5CNTohHAkyMco9Blc+/P3IIuddLLDTvM6CJy8A9+O KeuWbai25yfJ/zAiqqyvZxcC5VTNrDs= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 13/21] mempool: skip slub_debug poisoning when KASAN is enabled Date: Tue, 19 Dec 2023 23:28:57 +0100 Message-Id: <98a4b1617e8ceeb266ef9a46f5e8c7f67a563ad2.1703024586.git.andreyknvl@google.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751378913517398 X-GMAIL-MSGID: 1785751378913517398 From: Andrey Konovalov With the changes in the following patch, KASAN starts saving its metadata within freed mempool elements. Thus, skip slub_debug poisoning and checking of mempool elements when KASAN is enabled. Corruptions of freed mempool elements will be detected by KASAN anyway. Signed-off-by: Andrey Konovalov --- Changes RFC->v1: - This is a new patch. --- mm/mempool.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/mm/mempool.c b/mm/mempool.c index 7e1c729f292b..1fd39478c85e 100644 --- a/mm/mempool.c +++ b/mm/mempool.c @@ -56,6 +56,10 @@ static void __check_element(mempool_t *pool, void *element, size_t size) static void check_element(mempool_t *pool, void *element) { + /* Skip checking: KASAN might save its metadata in the element. */ + if (kasan_enabled()) + return; + /* Mempools backed by slab allocator */ if (pool->free == mempool_kfree) { __check_element(pool, element, (size_t)pool->pool_data); @@ -81,6 +85,10 @@ static void __poison_element(void *element, size_t size) static void poison_element(mempool_t *pool, void *element) { + /* Skip poisoning: KASAN might save its metadata in the element. */ + if (kasan_enabled()) + return; + /* Mempools backed by slab allocator */ if (pool->alloc == mempool_kmalloc) { __poison_element(element, (size_t)pool->pool_data); From patchwork Tue Dec 19 22:28:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181324 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2274284dyi; Tue, 19 Dec 2023 14:34:00 -0800 (PST) X-Google-Smtp-Source: AGHT+IGXp4fnidj2WpCngaZoJ6O2/dF7UIt4acgS4MvCv3iYPybVqDvNPKSngAbK0KJ0BvFoAeVK X-Received: by 2002:a19:645a:0:b0:50e:314c:76da with SMTP id b26-20020a19645a000000b0050e314c76damr2313104lfj.82.1703025239761; Tue, 19 Dec 2023 14:33:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025239; cv=none; d=google.com; s=arc-20160816; b=qB4l171kltzZfsmoPMcrR0IvNuebAl7APv5BZFeGkcub0BMc4v39w9c9bYOB0nW0W1 0IBora3p/wVvDmk+EtV1qHxQr9SIya4YSY/laay+aBqXvRzj6i3IX0jWSGVZ3jpto26W aUmjv2GaLpf6t8R39pfpB0RhcONWzyjtrfo1usrezZVkw1l3lm+LZj6PXKzeZ3gKQd/F dUKjK+ifedG+wZn4OPV5A0a5flokeSxbtAPaLKlJLgg1yOgag5SKZDrkt1wrb0qbiPdD QheT8V5p45+3zqxbBqzWApHyOMfngMqcpHB0p4IEs2FJbHpjTW9w0uLXM8PkJ5L1vO5K 84/w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=ZKMuCi1Fs+yi8i1iMj8jEYKxpwLo+oL8GkzWTmOTGSI=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=c9CfyRFKe9dsSe0EQbMF9ecwi2n9KBuPMrnu/FCr4UV5iejd5wvG2vk4AaMu6WLULa 1eyLvOm+EvO7w71swihjLZZ6B6umO/91bbfeuX1bao8mz9hjg3wL0K8ljVa3W91rigc/ IKB4Rl6IAs1TGZcKzF9ptgUv+kpQZ4X74gw+ooBl1qarr+L/p5H6PSxvv+YjqRu4GBpB xg7gxXg1P36v6twBVvVGy7dyGAuUpdfGRmynCCungoFklzE0bHl1+5q/G5RsalyectFp Xwdasiz1Ex6T9aG2fldtIZ+xI0CYsDXW3MldHGfmYpVR/HgMFyD2kZzVUmMFy8qr3GQY IIuw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=fbafFq1j; spf=pass (google.com: domain of linux-kernel+bounces-6054-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6054-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id bi14-20020a170906a24e00b00a1d0e5a3032si11082587ejb.261.2023.12.19.14.33.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:33:59 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6054-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=fbafFq1j; spf=pass (google.com: domain of linux-kernel+bounces-6054-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6054-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 5DBE91F2596D for ; Tue, 19 Dec 2023 22:33:59 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 271E64207E; Tue, 19 Dec 2023 22:31:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="fbafFq1j" X-Original-To: linux-kernel@vger.kernel.org Received: from out-189.mta0.migadu.com (out-189.mta0.migadu.com [91.218.175.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7BE023D0BC for ; Tue, 19 Dec 2023 22:31:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025084; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ZKMuCi1Fs+yi8i1iMj8jEYKxpwLo+oL8GkzWTmOTGSI=; b=fbafFq1jlKC1cw8l0es+kRgSLJMag+jZz1zaVwws6qJ/XwEE/QAU3b2QRQ4d4gY3ik5ERb tj3mXVFI3saO1VRCl/G6F+6cQtebPvlWXWmXRbKaD42JplnE469NR+x6bSXKkfuSwR+j0Y wmoNA/R34bjTYOY+bjg9F2pqKV9n4xU= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 14/21] mempool: use new mempool KASAN hooks Date: Tue, 19 Dec 2023 23:28:58 +0100 Message-Id: In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751394063707387 X-GMAIL-MSGID: 1785751394063707387 From: Andrey Konovalov Update the mempool code to use the new mempool KASAN hooks. Rely on the return value of kasan_mempool_poison_object and kasan_mempool_poison_pages to prevent double-free and invalid-free bugs. Signed-off-by: Andrey Konovalov --- mm/mempool.c | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/mm/mempool.c b/mm/mempool.c index 1fd39478c85e..103dc4770cfb 100644 --- a/mm/mempool.c +++ b/mm/mempool.c @@ -112,32 +112,34 @@ static inline void poison_element(mempool_t *pool, void *element) } #endif /* CONFIG_DEBUG_SLAB || CONFIG_SLUB_DEBUG_ON */ -static __always_inline void kasan_poison_element(mempool_t *pool, void *element) +static __always_inline bool kasan_poison_element(mempool_t *pool, void *element) { if (pool->alloc == mempool_alloc_slab || pool->alloc == mempool_kmalloc) - kasan_mempool_poison_object(element); + return kasan_mempool_poison_object(element); else if (pool->alloc == mempool_alloc_pages) - kasan_poison_pages(element, (unsigned long)pool->pool_data, - false); + return kasan_mempool_poison_pages(element, + (unsigned long)pool->pool_data); + return true; } static void kasan_unpoison_element(mempool_t *pool, void *element) { if (pool->alloc == mempool_kmalloc) - kasan_unpoison_range(element, (size_t)pool->pool_data); + kasan_mempool_unpoison_object(element, (size_t)pool->pool_data); else if (pool->alloc == mempool_alloc_slab) - kasan_unpoison_range(element, kmem_cache_size(pool->pool_data)); + kasan_mempool_unpoison_object(element, + kmem_cache_size(pool->pool_data)); else if (pool->alloc == mempool_alloc_pages) - kasan_unpoison_pages(element, (unsigned long)pool->pool_data, - false); + kasan_mempool_unpoison_pages(element, + (unsigned long)pool->pool_data); } static __always_inline void add_element(mempool_t *pool, void *element) { BUG_ON(pool->curr_nr >= pool->min_nr); poison_element(pool, element); - kasan_poison_element(pool, element); - pool->elements[pool->curr_nr++] = element; + if (kasan_poison_element(pool, element)) + pool->elements[pool->curr_nr++] = element; } static void *remove_element(mempool_t *pool) From patchwork Tue Dec 19 22:28:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181325 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2274343dyi; Tue, 19 Dec 2023 14:34:08 -0800 (PST) X-Google-Smtp-Source: AGHT+IEdCaL4yOIUwo7JruD+04mTdVQnqtmwh3X4CAm/5zLDP7wOv+KneWHqBB7J8S9D2JMbfgh5 X-Received: by 2002:a05:6214:27c9:b0:67f:53a6:3e3d with SMTP id ge9-20020a05621427c900b0067f53a63e3dmr3182409qvb.66.1703025248052; Tue, 19 Dec 2023 14:34:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025248; cv=none; d=google.com; s=arc-20160816; b=GDrkvG4uzvuyw8FONe8mu4GWsFrDAjSgV7HuA9aKVrJiutbJrm3d2RB2sNbNvcGW/9 43EhpzBxLsUVBMWlajx/b4lH7kYesmmsKHuXZwuSdphlTaRmUQCOq3hZBC3GwUOilPaZ oOwnlfT/xghwWIejDOf6n3mF0Wx2svjQ4aV4Gqlj9HakeV6ePIXCJ4d1O1sZmEgfbiIx kAyN7kLAxMP2dxO2kFyFLxy5VjKv2wV68IpfuX/RnHYFZE5aNfO9Y4yom7thbTLkZfZ4 tSUuf2a0ZnYPOB5t7JZmnQQtamKXGHr16Pl/TTfcBs7tgFD6vK533QFFB6m8J+t2AR6p /OOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=Vw9Ju+XsuH7jTh0rV53QjnTfccLPGDaCnQHzua8vht8=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=M3I/bz1fef1wL4ecM0p9WWC1zN+q0z40jRQvLC65vNaGdybzVlzzZRpNs/uKsNAZ1q zE7qVEF8kjkLmNiOcu7Dhq5r3ZYMby2ZREPlXtXeqUHa+tpssQtX6CvZKZ1ZtDVkhfdr ygl5gHHs2D48IJF6j6ASrzH5RuYKggA50eH8U7Y2QsHducrjgif/aRy4DeN3ybvMHFie yAMRQuvxbebC8Xjg7Mcnb469tUsgHJP4jQUInQA1qy6e4hQYDBZlVxBd5K/K3WWsWWB4 Meu/ReXLIFnggkw0SZkE5lJ405lx7Cz+5PLqUtNoehp91QFCQKy0kqILR+0m+ivaQSq3 VaSw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=CZpopGBZ; spf=pass (google.com: domain of linux-kernel+bounces-6055-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6055-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id x18-20020a0ce0d2000000b0067f2956fe05si8620434qvk.504.2023.12.19.14.34.07 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:34:08 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6055-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=CZpopGBZ; spf=pass (google.com: domain of linux-kernel+bounces-6055-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6055-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id D3D8B1C25492 for ; Tue, 19 Dec 2023 22:34:07 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 7218846439; Tue, 19 Dec 2023 22:31:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="CZpopGBZ" X-Original-To: linux-kernel@vger.kernel.org Received: from out-177.mta0.migadu.com (out-177.mta0.migadu.com [91.218.175.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D64AE3D0C4 for ; Tue, 19 Dec 2023 22:31:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025085; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Vw9Ju+XsuH7jTh0rV53QjnTfccLPGDaCnQHzua8vht8=; b=CZpopGBZsYX+uocBYMIAfDP7PDv7NGAgHL88CMPaHeNmC1Jd3UkHAbZqq1SXvnp8qR3PRk ko3vkaTQDOJV582w6cY6Jpq7gGMvDm6ekS2hgFsxwAQMhisoeEHQlLiOfoxsL6ydfk5Smi uW9JPOVYPoMNbIRTQbjw3x7wa9H6dN4= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 15/21] mempool: introduce mempool_use_prealloc_only Date: Tue, 19 Dec 2023 23:28:59 +0100 Message-Id: In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751402378843353 X-GMAIL-MSGID: 1785751402378843353 From: Andrey Konovalov Introduce a new mempool_alloc_preallocated API that asks the mempool to only use the elements preallocated during the mempool's creation when allocating and to not attempt allocating new ones from the underlying allocator. This API is required to test the KASAN poisoning/unpoisoning functionality in KASAN tests, but it might be also useful on its own. Signed-off-by: Andrey Konovalov --- Changes RFC->v1: - Introduce a new mempool_alloc_preallocated API instead of adding a flag into mempool_t. --- include/linux/mempool.h | 1 + mm/mempool.c | 37 +++++++++++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+) diff --git a/include/linux/mempool.h b/include/linux/mempool.h index 4aae6c06c5f2..7be1e32e6d42 100644 --- a/include/linux/mempool.h +++ b/include/linux/mempool.h @@ -51,6 +51,7 @@ extern mempool_t *mempool_create_node(int min_nr, mempool_alloc_t *alloc_fn, extern int mempool_resize(mempool_t *pool, int new_min_nr); extern void mempool_destroy(mempool_t *pool); extern void *mempool_alloc(mempool_t *pool, gfp_t gfp_mask) __malloc; +extern void *mempool_alloc_preallocated(mempool_t *pool) __malloc; extern void mempool_free(void *element, mempool_t *pool); /* diff --git a/mm/mempool.c b/mm/mempool.c index 103dc4770cfb..cb7b4b56cec1 100644 --- a/mm/mempool.c +++ b/mm/mempool.c @@ -456,6 +456,43 @@ void *mempool_alloc(mempool_t *pool, gfp_t gfp_mask) } EXPORT_SYMBOL(mempool_alloc); +/** + * mempool_alloc_preallocated - allocate an element from preallocated elements + * belonging to a specific memory pool + * @pool: pointer to the memory pool which was allocated via + * mempool_create(). + * + * This function is similar to mempool_alloc, but it only attempts allocating + * an element from the preallocated elements. It does not sleep and immediately + * returns if no preallocated elements are available. + * + * Return: pointer to the allocated element or %NULL if no elements are + * available. + */ +void *mempool_alloc_preallocated(mempool_t *pool) +{ + void *element; + unsigned long flags; + + spin_lock_irqsave(&pool->lock, flags); + if (likely(pool->curr_nr)) { + element = remove_element(pool); + spin_unlock_irqrestore(&pool->lock, flags); + /* paired with rmb in mempool_free(), read comment there */ + smp_wmb(); + /* + * Update the allocation stack trace as this is more useful + * for debugging. + */ + kmemleak_update_trace(element); + return element; + } + spin_unlock_irqrestore(&pool->lock, flags); + + return NULL; +} +EXPORT_SYMBOL(mempool_alloc_preallocated); + /** * mempool_free - return an element to the pool. * @element: pool element pointer. From patchwork Tue Dec 19 22:29:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181327 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2274456dyi; Tue, 19 Dec 2023 14:34:25 -0800 (PST) X-Google-Smtp-Source: AGHT+IHQfc8qg6creAJiCs5X2Lk+S0yOYmrKC+kkNhBRaCN9RCi7Dc2mIbMlygFq5dN980mmhZqa X-Received: by 2002:a17:906:b299:b0:a26:859f:c20a with SMTP id q25-20020a170906b29900b00a26859fc20amr718150ejz.21.1703025265012; Tue, 19 Dec 2023 14:34:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025265; cv=none; d=google.com; s=arc-20160816; b=dS++E6AbZPsTA1ZLXPGRdvpgCB5Zrvf1G5m2g/EivQECwCO821Ma6WWg4THttpvzDb nCcWEPN6XheyAg4/CR8lsdA/7s0uwzzT9nazftw2ICvuhrzv+pIh3hE/2ey7QqiCt/XK kIVxIL0qXKJ9r22C+akUBhAc8gUw+7aL1gWjLDo3OT9ixOSIioMomn6hF+JCvdH+oizH n4MK40urQsxj1lT00JcWSJp0Rpz11kkRacFYQviOcMLFdPRdC0vVuOj1uzmZKagefoa9 FldhV4aTCywcOYbF5UKK12dnyH70Zq8ffErrF105xisoj6Dji65mxWxpMqNZt66dJ1/v n8iQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=gqTGbtVMui+CmtAk7WElvDUhOKijpogQXuGURBykLZ0=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=kNlAiSzl7dLlGM4kZefTMvTCy+yynjVdxbtJqK01jEJcBKbCttZ5pGdM+d5IaBinbO h6Vgrdr34koURu5Z8b+z9MqhZi6VEtm0xfSAwvj+15V+vjVcmryeykGHLFGG5dLe3sdB 0sMlUK6lpcPG1uXGvh6JxvNF8Ymy5NUVAYDnyV1g4FB6mDlWvtQqccVua/wSorMyDKLt TbPHl5QU4JbqgREo8pc2C8HqOcqw0NzMWgYbuIUWXPR8TuzV5/aIIsko7gJzc0KvU1jy sZrcl9yz2KhYj4XDNaOjdj0w5hSPJbGTC83qYK1QpRXmhEODujMeApZvuV153Kp9TXFi rdhg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=YqrnJgAl; spf=pass (google.com: domain of linux-kernel+bounces-6057-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6057-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id br13-20020a170906d14d00b00a2354a98916si2214320ejb.811.2023.12.19.14.34.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:34:24 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6057-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=YqrnJgAl; spf=pass (google.com: domain of linux-kernel+bounces-6057-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6057-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 773E61F262F1 for ; Tue, 19 Dec 2023 22:34:24 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 36C3347F43; Tue, 19 Dec 2023 22:31:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="YqrnJgAl" X-Original-To: linux-kernel@vger.kernel.org Received: from out-173.mta0.migadu.com (out-173.mta0.migadu.com [91.218.175.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 99CAD3D0CB for ; Tue, 19 Dec 2023 22:31:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025085; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=gqTGbtVMui+CmtAk7WElvDUhOKijpogQXuGURBykLZ0=; b=YqrnJgAlquajDIl5bS/SUbEt3hHi1yePvIngCNhvy5NPjLJtH9NzR2DNcrEbXuO3mTgAfc WnRYQEnVKDzcn1NHeUUzpzPRb5b+Jnvi9IT8lvOHAJ8lZl5px1Dta7PJmc5FDtpmw3a9kE xUWaYEaCnbJDSFV/GGHi3rjbRbq5pM0= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 16/21] kasan: add mempool tests Date: Tue, 19 Dec 2023 23:29:00 +0100 Message-Id: <5fd64732266be8287711b6408d86ffc78784be06.1703024586.git.andreyknvl@google.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751419937783662 X-GMAIL-MSGID: 1785751419937783662 From: Andrey Konovalov Add KASAN tests for mempool. Signed-off-by: Andrey Konovalov --- Changes RFC->v1: - Use read instead of write in oob_right tests to avoid triggering slub_debug-detected corruptions. - Adapt tests for the mempool API change. --- mm/kasan/kasan_test.c | 319 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 319 insertions(+) diff --git a/mm/kasan/kasan_test.c b/mm/kasan/kasan_test.c index 8281eb42464b..0ae4e93e9311 100644 --- a/mm/kasan/kasan_test.c +++ b/mm/kasan/kasan_test.c @@ -13,6 +13,7 @@ #include #include #include +#include #include #include #include @@ -798,6 +799,312 @@ static void kmem_cache_bulk(struct kunit *test) kmem_cache_destroy(cache); } +static void *mempool_prepare_kmalloc(struct kunit *test, mempool_t *pool, size_t size) +{ + int pool_size = 4; + int ret; + void *elem; + + memset(pool, 0, sizeof(*pool)); + ret = mempool_init_kmalloc_pool(pool, pool_size, size); + KUNIT_ASSERT_EQ(test, ret, 0); + + /* + * Allocate one element to prevent mempool from freeing elements to the + * underlying allocator and instead make it add them to the element + * list when the tests trigger double-free and invalid-free bugs. + * This allows testing KASAN annotations in add_element(). + */ + elem = mempool_alloc_preallocated(pool); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, elem); + + return elem; +} + +static struct kmem_cache *mempool_prepare_slab(struct kunit *test, mempool_t *pool, size_t size) +{ + struct kmem_cache *cache; + int pool_size = 4; + int ret; + + cache = kmem_cache_create("test_cache", size, 0, 0, NULL); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cache); + + memset(pool, 0, sizeof(*pool)); + ret = mempool_init_slab_pool(pool, pool_size, cache); + KUNIT_ASSERT_EQ(test, ret, 0); + + /* + * Do not allocate one preallocated element, as we skip the double-free + * and invalid-free tests for slab mempool for simplicity. + */ + + return cache; +} + +static void *mempool_prepare_page(struct kunit *test, mempool_t *pool, int order) +{ + int pool_size = 4; + int ret; + void *elem; + + memset(pool, 0, sizeof(*pool)); + ret = mempool_init_page_pool(pool, pool_size, order); + KUNIT_ASSERT_EQ(test, ret, 0); + + elem = mempool_alloc_preallocated(pool); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, elem); + + return elem; +} + +static void mempool_oob_right_helper(struct kunit *test, mempool_t *pool, size_t size) +{ + char *elem; + + elem = mempool_alloc_preallocated(pool); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, elem); + + OPTIMIZER_HIDE_VAR(elem); + + if (IS_ENABLED(CONFIG_KASAN_GENERIC)) + KUNIT_EXPECT_KASAN_FAIL(test, + ((volatile char *)&elem[size])[0]); + else + KUNIT_EXPECT_KASAN_FAIL(test, + ((volatile char *)&elem[round_up(size, KASAN_GRANULE_SIZE)])[0]); + + mempool_free(elem, pool); +} + +static void mempool_kmalloc_oob_right(struct kunit *test) +{ + mempool_t pool; + size_t size = 128 - KASAN_GRANULE_SIZE - 5; + void *extra_elem; + + extra_elem = mempool_prepare_kmalloc(test, &pool, size); + + mempool_oob_right_helper(test, &pool, size); + + mempool_free(extra_elem, &pool); + mempool_exit(&pool); +} + +static void mempool_kmalloc_large_oob_right(struct kunit *test) +{ + mempool_t pool; + size_t size = KMALLOC_MAX_CACHE_SIZE + 1; + void *extra_elem; + + extra_elem = mempool_prepare_kmalloc(test, &pool, size); + + mempool_oob_right_helper(test, &pool, size); + + mempool_free(extra_elem, &pool); + mempool_exit(&pool); +} + +static void mempool_slab_oob_right(struct kunit *test) +{ + mempool_t pool; + size_t size = 123; + struct kmem_cache *cache; + + cache = mempool_prepare_slab(test, &pool, size); + + mempool_oob_right_helper(test, &pool, size); + + mempool_exit(&pool); + kmem_cache_destroy(cache); +} + +/* + * Skip the out-of-bounds test for page mempool. With Generic KASAN, page + * allocations have no redzones, and thus the out-of-bounds detection is not + * guaranteed; see https://bugzilla.kernel.org/show_bug.cgi?id=210503. With + * the tag-based KASAN modes, the neighboring allocation might have the same + * tag; see https://bugzilla.kernel.org/show_bug.cgi?id=203505. + */ + +static void mempool_uaf_helper(struct kunit *test, mempool_t *pool, bool page) +{ + char *elem, *ptr; + + elem = mempool_alloc_preallocated(pool); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, elem); + + mempool_free(elem, pool); + + ptr = page ? page_address((struct page *)elem) : elem; + KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[0]); +} + +static void mempool_kmalloc_uaf(struct kunit *test) +{ + mempool_t pool; + size_t size = 128; + void *extra_elem; + + extra_elem = mempool_prepare_kmalloc(test, &pool, size); + + mempool_uaf_helper(test, &pool, false); + + mempool_free(extra_elem, &pool); + mempool_exit(&pool); +} + +static void mempool_kmalloc_large_uaf(struct kunit *test) +{ + mempool_t pool; + size_t size = KMALLOC_MAX_CACHE_SIZE + 1; + void *extra_elem; + + /* page_alloc fallback is only implemented for SLUB. */ + KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_SLUB); + + extra_elem = mempool_prepare_kmalloc(test, &pool, size); + + mempool_uaf_helper(test, &pool, false); + + mempool_free(extra_elem, &pool); + mempool_exit(&pool); +} + +static void mempool_slab_uaf(struct kunit *test) +{ + mempool_t pool; + size_t size = 123; + struct kmem_cache *cache; + + cache = mempool_prepare_slab(test, &pool, size); + + mempool_uaf_helper(test, &pool, false); + + mempool_exit(&pool); + kmem_cache_destroy(cache); +} + +static void mempool_page_alloc_uaf(struct kunit *test) +{ + mempool_t pool; + int order = 2; + void *extra_elem; + + extra_elem = mempool_prepare_page(test, &pool, order); + + mempool_uaf_helper(test, &pool, true); + + mempool_free(extra_elem, &pool); + mempool_exit(&pool); +} + +static void mempool_double_free_helper(struct kunit *test, mempool_t *pool) +{ + char *elem; + + elem = mempool_alloc_preallocated(pool); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, elem); + + mempool_free(elem, pool); + + KUNIT_EXPECT_KASAN_FAIL(test, mempool_free(elem, pool)); +} + +static void mempool_kmalloc_double_free(struct kunit *test) +{ + mempool_t pool; + size_t size = 128; + char *extra_elem; + + extra_elem = mempool_prepare_kmalloc(test, &pool, size); + + mempool_double_free_helper(test, &pool); + + mempool_free(extra_elem, &pool); + mempool_exit(&pool); +} + +static void mempool_kmalloc_large_double_free(struct kunit *test) +{ + mempool_t pool; + size_t size = KMALLOC_MAX_CACHE_SIZE + 1; + char *extra_elem; + + /* page_alloc fallback is only implemented for SLUB. */ + KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_SLUB); + + extra_elem = mempool_prepare_kmalloc(test, &pool, size); + + mempool_double_free_helper(test, &pool); + + mempool_free(extra_elem, &pool); + mempool_exit(&pool); +} + +static void mempool_page_alloc_double_free(struct kunit *test) +{ + mempool_t pool; + int order = 2; + char *extra_elem; + + extra_elem = mempool_prepare_page(test, &pool, order); + + mempool_double_free_helper(test, &pool); + + mempool_free(extra_elem, &pool); + mempool_exit(&pool); +} + +static void mempool_kmalloc_invalid_free_helper(struct kunit *test, mempool_t *pool) +{ + char *elem; + + elem = mempool_alloc_preallocated(pool); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, elem); + + KUNIT_EXPECT_KASAN_FAIL(test, mempool_free(elem + 1, pool)); + + mempool_free(elem, pool); +} + +static void mempool_kmalloc_invalid_free(struct kunit *test) +{ + mempool_t pool; + size_t size = 128; + char *extra_elem; + + extra_elem = mempool_prepare_kmalloc(test, &pool, size); + + mempool_kmalloc_invalid_free_helper(test, &pool); + + mempool_free(extra_elem, &pool); + mempool_exit(&pool); +} + +static void mempool_kmalloc_large_invalid_free(struct kunit *test) +{ + mempool_t pool; + size_t size = KMALLOC_MAX_CACHE_SIZE + 1; + char *extra_elem; + + /* page_alloc fallback is only implemented for SLUB. */ + KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_SLUB); + + extra_elem = mempool_prepare_kmalloc(test, &pool, size); + + mempool_kmalloc_invalid_free_helper(test, &pool); + + mempool_free(extra_elem, &pool); + mempool_exit(&pool); +} + +/* + * Skip the invalid-free test for page mempool. The invalid-free detection only + * works for compound pages and mempool preallocates all page elements without + * the __GFP_COMP flag. + */ + static char global_array[10]; static void kasan_global_oob_right(struct kunit *test) @@ -1538,6 +1845,18 @@ static struct kunit_case kasan_kunit_test_cases[] = { KUNIT_CASE(kmem_cache_oob), KUNIT_CASE(kmem_cache_accounted), KUNIT_CASE(kmem_cache_bulk), + KUNIT_CASE(mempool_kmalloc_oob_right), + KUNIT_CASE(mempool_kmalloc_large_oob_right), + KUNIT_CASE(mempool_slab_oob_right), + KUNIT_CASE(mempool_kmalloc_uaf), + KUNIT_CASE(mempool_kmalloc_large_uaf), + KUNIT_CASE(mempool_slab_uaf), + KUNIT_CASE(mempool_page_alloc_uaf), + KUNIT_CASE(mempool_kmalloc_double_free), + KUNIT_CASE(mempool_kmalloc_large_double_free), + KUNIT_CASE(mempool_page_alloc_double_free), + KUNIT_CASE(mempool_kmalloc_invalid_free), + KUNIT_CASE(mempool_kmalloc_large_invalid_free), KUNIT_CASE(kasan_global_oob_right), KUNIT_CASE(kasan_global_oob_left), KUNIT_CASE(kasan_stack_oob), From patchwork Tue Dec 19 22:29:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181328 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2274501dyi; Tue, 19 Dec 2023 14:34:30 -0800 (PST) X-Google-Smtp-Source: AGHT+IF5Z+sj+valy3+Aba8x3J1TzeJAHHjBA83sp4uBbzsgQ+NG/LJd0YXisxQzYJAkFteo7brx X-Received: by 2002:a05:620a:43a9:b0:77e:fba3:a1f8 with SMTP id a41-20020a05620a43a900b0077efba3a1f8mr25319906qkp.82.1703025270441; Tue, 19 Dec 2023 14:34:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025270; cv=none; d=google.com; s=arc-20160816; b=RDB2vNUs2fu0rLp1jQeGRNVUGyjCDurBjWgTdE0MjryaT8A1YJAT/zjXNOc96MDQuo AMmZiKmEPIp3ZLUS8asPbSOzBOZW7NdU/2J8SllOhh5xG/fN9yzI4cbsPC610Hd7Xjgd KioYvl3xphwlEl0Jfg9ojJXj9rBBVipEfMnZ6tuSGR7s7CxImqwSJd0CVC77tS4fD1is px1SRDBImq2QGlSoqVjjVeIVPxDHN7zeZabLjEpw5PrBCYQl7nGWpLH2iPYqe/YkV7wq bYAwUIhPuUjFgl26/jIjTMfQpSaGAyXTIcVaWxeONdlxdbk2/S6Evi8FZ56kbn1J+fbz 2I1Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=vtcYZCAnAciS7NEDq4A0NBDaIMQC+9FU2xLXkQaUBC0=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=rfBAJxZMRwTLS9szHg8cNwNRkTlzDaFT1lTN6vgiSDTSeTwyHURDs3zsjif5CQOqNf kbPuYotEHTixXQ0Hvfh+0puxm+eYI7fHt0O5lDi3vu4nnJjqFYFMFgIGjjhTnoiXgta2 RwAqkF5KXh0K16eA/c0/uvPiCqXY+NXog6WvATm7L1Aia21m6ej4TH5egFG0S5JQ0MuK Jk0Ibgg/59VwResXND0ZUiZ48SKzbmqpMzKUtIMwY6LW/Txe0y3E5q/stMiPxDcA50ts LboAXyGq4SQNjXDCd0+4ifuk0hCSG5h6RqWU0vg8vBjyWYf8g4k3GfpeawW4knhrFBKx jKpw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=Iwn4kg+j; spf=pass (google.com: domain of linux-kernel+bounces-6058-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6058-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id x15-20020ae9e90f000000b0077f0315a454si26143828qkf.386.2023.12.19.14.34.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:34:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6058-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=Iwn4kg+j; spf=pass (google.com: domain of linux-kernel+bounces-6058-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6058-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 2E7D51C2550A for ; Tue, 19 Dec 2023 22:34:30 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id CD351481C3; Tue, 19 Dec 2023 22:31:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="Iwn4kg+j" X-Original-To: linux-kernel@vger.kernel.org Received: from out-176.mta0.migadu.com (out-176.mta0.migadu.com [91.218.175.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 34A363D0CE for ; Tue, 19 Dec 2023 22:31:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025086; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=vtcYZCAnAciS7NEDq4A0NBDaIMQC+9FU2xLXkQaUBC0=; b=Iwn4kg+js3TZqTZyBEzr5jlkex5ITD9Q+U+eV8TWaTbadaxxhhpExvz32AObLkyzYsWKVo MEGpKSGLfb3aHTx+3wLZBhFQ6hI849in9n+2J9o44vahne4V4yCGCqK7fWLB18LfLjC7TQ S1SacVIxMXkVgZHMVh+q2zV1q3hj0X0= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 17/21] kasan: rename pagealloc tests Date: Tue, 19 Dec 2023 23:29:01 +0100 Message-Id: In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751426142688302 X-GMAIL-MSGID: 1785751426142688302 From: Andrey Konovalov Rename "pagealloc" KASAN tests: 1. Use "kmalloc_large" for tests that use large kmalloc allocations. 2. Use "page_alloc" for tests that use page_alloc. Also clean up the comments. Signed-off-by: Andrey Konovalov --- mm/kasan/kasan_test.c | 51 ++++++++++++++++++++++--------------------- 1 file changed, 26 insertions(+), 25 deletions(-) diff --git a/mm/kasan/kasan_test.c b/mm/kasan/kasan_test.c index 0ae4e93e9311..230958de7604 100644 --- a/mm/kasan/kasan_test.c +++ b/mm/kasan/kasan_test.c @@ -214,12 +214,13 @@ static void kmalloc_node_oob_right(struct kunit *test) } /* - * These kmalloc_pagealloc_* tests try allocating a memory chunk that doesn't - * fit into a slab cache and therefore is allocated via the page allocator - * fallback. Since this kind of fallback is only implemented for SLUB, these - * tests are limited to that allocator. + * The kmalloc_large_* tests below use kmalloc() to allocate a memory chunk + * that does not fit into the largest slab cache and therefore is allocated via + * the page_alloc fallback for SLUB. SLAB has no such fallback, and thus these + * tests are not supported for it. */ -static void kmalloc_pagealloc_oob_right(struct kunit *test) + +static void kmalloc_large_oob_right(struct kunit *test) { char *ptr; size_t size = KMALLOC_MAX_CACHE_SIZE + 10; @@ -235,7 +236,7 @@ static void kmalloc_pagealloc_oob_right(struct kunit *test) kfree(ptr); } -static void kmalloc_pagealloc_uaf(struct kunit *test) +static void kmalloc_large_uaf(struct kunit *test) { char *ptr; size_t size = KMALLOC_MAX_CACHE_SIZE + 10; @@ -249,7 +250,7 @@ static void kmalloc_pagealloc_uaf(struct kunit *test) KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[0]); } -static void kmalloc_pagealloc_invalid_free(struct kunit *test) +static void kmalloc_large_invalid_free(struct kunit *test) { char *ptr; size_t size = KMALLOC_MAX_CACHE_SIZE + 10; @@ -262,7 +263,7 @@ static void kmalloc_pagealloc_invalid_free(struct kunit *test) KUNIT_EXPECT_KASAN_FAIL(test, kfree(ptr + 1)); } -static void pagealloc_oob_right(struct kunit *test) +static void page_alloc_oob_right(struct kunit *test) { char *ptr; struct page *pages; @@ -284,7 +285,7 @@ static void pagealloc_oob_right(struct kunit *test) free_pages((unsigned long)ptr, order); } -static void pagealloc_uaf(struct kunit *test) +static void page_alloc_uaf(struct kunit *test) { char *ptr; struct page *pages; @@ -298,15 +299,15 @@ static void pagealloc_uaf(struct kunit *test) KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[0]); } -static void kmalloc_large_oob_right(struct kunit *test) +/* + * Check that KASAN detects an out-of-bounds access for a big object allocated + * via kmalloc(). But not as big as to trigger the page_alloc fallback for SLUB. + */ +static void kmalloc_big_oob_right(struct kunit *test) { char *ptr; size_t size = KMALLOC_MAX_CACHE_SIZE - 256; - /* - * Allocate a chunk that is large enough, but still fits into a slab - * and does not trigger the page allocator fallback in SLUB. - */ ptr = kmalloc(size, GFP_KERNEL); KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); @@ -404,18 +405,18 @@ static void krealloc_less_oob(struct kunit *test) krealloc_less_oob_helper(test, 235, 201); } -static void krealloc_pagealloc_more_oob(struct kunit *test) +static void krealloc_large_more_oob(struct kunit *test) { - /* page_alloc fallback in only implemented for SLUB. */ + /* page_alloc fallback is only implemented for SLUB. */ KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_SLUB); krealloc_more_oob_helper(test, KMALLOC_MAX_CACHE_SIZE + 201, KMALLOC_MAX_CACHE_SIZE + 235); } -static void krealloc_pagealloc_less_oob(struct kunit *test) +static void krealloc_large_less_oob(struct kunit *test) { - /* page_alloc fallback in only implemented for SLUB. */ + /* page_alloc fallback is only implemented for SLUB. */ KASAN_TEST_NEEDS_CONFIG_ON(test, CONFIG_SLUB); krealloc_less_oob_helper(test, KMALLOC_MAX_CACHE_SIZE + 235, @@ -1816,16 +1817,16 @@ static struct kunit_case kasan_kunit_test_cases[] = { KUNIT_CASE(kmalloc_oob_right), KUNIT_CASE(kmalloc_oob_left), KUNIT_CASE(kmalloc_node_oob_right), - KUNIT_CASE(kmalloc_pagealloc_oob_right), - KUNIT_CASE(kmalloc_pagealloc_uaf), - KUNIT_CASE(kmalloc_pagealloc_invalid_free), - KUNIT_CASE(pagealloc_oob_right), - KUNIT_CASE(pagealloc_uaf), KUNIT_CASE(kmalloc_large_oob_right), + KUNIT_CASE(kmalloc_large_uaf), + KUNIT_CASE(kmalloc_large_invalid_free), + KUNIT_CASE(page_alloc_oob_right), + KUNIT_CASE(page_alloc_uaf), + KUNIT_CASE(kmalloc_big_oob_right), KUNIT_CASE(krealloc_more_oob), KUNIT_CASE(krealloc_less_oob), - KUNIT_CASE(krealloc_pagealloc_more_oob), - KUNIT_CASE(krealloc_pagealloc_less_oob), + KUNIT_CASE(krealloc_large_more_oob), + KUNIT_CASE(krealloc_large_less_oob), KUNIT_CASE(krealloc_uaf), KUNIT_CASE(kmalloc_oob_16), KUNIT_CASE(kmalloc_uaf_16), From patchwork Tue Dec 19 22:29:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181329 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2275129dyi; Tue, 19 Dec 2023 14:35:49 -0800 (PST) X-Google-Smtp-Source: AGHT+IGBdov+fqHkBrPrazvJlXCBa3LL+SCgk/D5g7Q5XoIdodXZ6UkQNxuYrC/CQj19C1AevWye X-Received: by 2002:a05:620a:268b:b0:780:e6b9:621f with SMTP id c11-20020a05620a268b00b00780e6b9621fmr6356909qkp.76.1703025349574; Tue, 19 Dec 2023 14:35:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025349; cv=none; d=google.com; s=arc-20160816; b=p8cbv44ciQnhxQvMwQslfoNKw01jUGDamyp50abwWpQsmqKPqYqF7Tr6wrKzGyVcWx oEW3mVhkaeT0rYhsgknNmIkzRydfNeELPdJgnsyVrIICaxGvkkp+sPMuFEis6TZwwl6g eegvclHjqPdZMsAfFKU/yHEQ2/uKWn+9k3cB/4AN0L95AGRjm9oz5uyq/K5Umq9Lra9J unWJwHXxHsPtWHLJGQRsNJKjf1+TMqr04xqkDZxiHHsEuiRSjRGOPbC5p6YF7FTX4mNk qa9QxwDcgZSrRlIBV+qDvyomW4WLyePTTBR+ZctaKNPRdq+qhtIXfQ2H/6Rztr4b4g/m yn2A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=JAXOX97EsAmXy2yhWR89ibBKpDRw8QdBu0qlhVLQFtk=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=Gqq7p1pG6HEZqjpb4Zbno14J87BQ2kR/VYvTbxtdGe0zx6m5vxvjD9bdUAFPWN877M WnKgrG8MxUhzleGIJF/bPG/ayZ3rNK8WREAFuCwAyfT7J5n3WTtWQW+EC8j1T2Bf5TP1 vNST+GgabhnDgTdkSEanfUeF+AenUr/kYCOZS7Bw0CxRz9rb7qfYi3q4ZGNoKRonvMV+ I5yXt+YE4Vvtg9WKqU+4qRQolosD4OArmvSwfRwns5FhdC/4XiF611MWb8svcOhCSXeq pjJ27JqUad2vMQogEzZCnjcV0aBsW24tKe5TISp2FnzRpj3IufLM1J1PFF6T1Tz9X9tB 56HA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=csItksj+; spf=pass (google.com: domain of linux-kernel+bounces-6060-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6060-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id y7-20020a05620a44c700b00780f181645asi4223471qkp.650.2023.12.19.14.35.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:35:49 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6060-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=csItksj+; spf=pass (google.com: domain of linux-kernel+bounces-6060-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6060-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 4B7E91C21DFC for ; Tue, 19 Dec 2023 22:35:49 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id E2A364EB55; Tue, 19 Dec 2023 22:32:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="csItksj+" X-Original-To: linux-kernel@vger.kernel.org Received: from out-173.mta1.migadu.com (out-173.mta1.migadu.com [95.215.58.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7D1584CB2C for ; Tue, 19 Dec 2023 22:32:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025148; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=JAXOX97EsAmXy2yhWR89ibBKpDRw8QdBu0qlhVLQFtk=; b=csItksj+qfVZgYztXVXmO5Q/IjIHIbtHAh6iT/j8QfAxoWkkqq3VWgkBhbzwvLM84M8D0A TY/aJpwJCMqD/cTXvUGvVm9NwUBAX39OldG7WZQHt0DozXkegxdK48FHxPlZa+KERo76WU +T7Q2BbJcPQj9yUjKW5CnW+vavcmm5s= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 18/21] kasan: reorder tests Date: Tue, 19 Dec 2023 23:29:02 +0100 Message-Id: In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751508508427923 X-GMAIL-MSGID: 1785751508508427923 From: Andrey Konovalov Put closely related tests next to each other. No functional changes. Signed-off-by: Andrey Konovalov --- mm/kasan/kasan_test.c | 418 +++++++++++++++++++++--------------------- 1 file changed, 209 insertions(+), 209 deletions(-) diff --git a/mm/kasan/kasan_test.c b/mm/kasan/kasan_test.c index 230958de7604..1c77c73ff287 100644 --- a/mm/kasan/kasan_test.c +++ b/mm/kasan/kasan_test.c @@ -213,6 +213,23 @@ static void kmalloc_node_oob_right(struct kunit *test) kfree(ptr); } +/* + * Check that KASAN detects an out-of-bounds access for a big object allocated + * via kmalloc(). But not as big as to trigger the page_alloc fallback for SLUB. + */ +static void kmalloc_big_oob_right(struct kunit *test) +{ + char *ptr; + size_t size = KMALLOC_MAX_CACHE_SIZE - 256; + + ptr = kmalloc(size, GFP_KERNEL); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); + + OPTIMIZER_HIDE_VAR(ptr); + KUNIT_EXPECT_KASAN_FAIL(test, ptr[size] = 0); + kfree(ptr); +} + /* * The kmalloc_large_* tests below use kmalloc() to allocate a memory chunk * that does not fit into the largest slab cache and therefore is allocated via @@ -299,23 +316,6 @@ static void page_alloc_uaf(struct kunit *test) KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[0]); } -/* - * Check that KASAN detects an out-of-bounds access for a big object allocated - * via kmalloc(). But not as big as to trigger the page_alloc fallback for SLUB. - */ -static void kmalloc_big_oob_right(struct kunit *test) -{ - char *ptr; - size_t size = KMALLOC_MAX_CACHE_SIZE - 256; - - ptr = kmalloc(size, GFP_KERNEL); - KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); - - OPTIMIZER_HIDE_VAR(ptr); - KUNIT_EXPECT_KASAN_FAIL(test, ptr[size] = 0); - kfree(ptr); -} - static void krealloc_more_oob_helper(struct kunit *test, size_t size1, size_t size2) { @@ -698,6 +698,126 @@ static void kmalloc_uaf3(struct kunit *test) KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr1)[8]); } +static void kmalloc_double_kzfree(struct kunit *test) +{ + char *ptr; + size_t size = 16; + + ptr = kmalloc(size, GFP_KERNEL); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); + + kfree_sensitive(ptr); + KUNIT_EXPECT_KASAN_FAIL(test, kfree_sensitive(ptr)); +} + +/* Check that ksize() does NOT unpoison whole object. */ +static void ksize_unpoisons_memory(struct kunit *test) +{ + char *ptr; + size_t size = 128 - KASAN_GRANULE_SIZE - 5; + size_t real_size; + + ptr = kmalloc(size, GFP_KERNEL); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); + + real_size = ksize(ptr); + KUNIT_EXPECT_GT(test, real_size, size); + + OPTIMIZER_HIDE_VAR(ptr); + + /* These accesses shouldn't trigger a KASAN report. */ + ptr[0] = 'x'; + ptr[size - 1] = 'x'; + + /* These must trigger a KASAN report. */ + if (IS_ENABLED(CONFIG_KASAN_GENERIC)) + KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[size]); + KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[size + 5]); + KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[real_size - 1]); + + kfree(ptr); +} + +/* + * Check that a use-after-free is detected by ksize() and via normal accesses + * after it. + */ +static void ksize_uaf(struct kunit *test) +{ + char *ptr; + int size = 128 - KASAN_GRANULE_SIZE; + + ptr = kmalloc(size, GFP_KERNEL); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); + kfree(ptr); + + OPTIMIZER_HIDE_VAR(ptr); + KUNIT_EXPECT_KASAN_FAIL(test, ksize(ptr)); + KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[0]); + KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[size]); +} + +/* + * The two tests below check that Generic KASAN prints auxiliary stack traces + * for RCU callbacks and workqueues. The reports need to be inspected manually. + * + * These tests are still enabled for other KASAN modes to make sure that all + * modes report bad accesses in tested scenarios. + */ + +static struct kasan_rcu_info { + int i; + struct rcu_head rcu; +} *global_rcu_ptr; + +static void rcu_uaf_reclaim(struct rcu_head *rp) +{ + struct kasan_rcu_info *fp = + container_of(rp, struct kasan_rcu_info, rcu); + + kfree(fp); + ((volatile struct kasan_rcu_info *)fp)->i; +} + +static void rcu_uaf(struct kunit *test) +{ + struct kasan_rcu_info *ptr; + + ptr = kmalloc(sizeof(struct kasan_rcu_info), GFP_KERNEL); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); + + global_rcu_ptr = rcu_dereference_protected( + (struct kasan_rcu_info __rcu *)ptr, NULL); + + KUNIT_EXPECT_KASAN_FAIL(test, + call_rcu(&global_rcu_ptr->rcu, rcu_uaf_reclaim); + rcu_barrier()); +} + +static void workqueue_uaf_work(struct work_struct *work) +{ + kfree(work); +} + +static void workqueue_uaf(struct kunit *test) +{ + struct workqueue_struct *workqueue; + struct work_struct *work; + + workqueue = create_workqueue("kasan_workqueue_test"); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, workqueue); + + work = kmalloc(sizeof(struct work_struct), GFP_KERNEL); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, work); + + INIT_WORK(work, workqueue_uaf_work); + queue_work(workqueue, work); + destroy_workqueue(workqueue); + + KUNIT_EXPECT_KASAN_FAIL(test, + ((volatile struct work_struct *)work)->data); +} + static void kfree_via_page(struct kunit *test) { char *ptr; @@ -748,6 +868,69 @@ static void kmem_cache_oob(struct kunit *test) kmem_cache_destroy(cache); } +static void kmem_cache_double_free(struct kunit *test) +{ + char *p; + size_t size = 200; + struct kmem_cache *cache; + + cache = kmem_cache_create("test_cache", size, 0, 0, NULL); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cache); + + p = kmem_cache_alloc(cache, GFP_KERNEL); + if (!p) { + kunit_err(test, "Allocation failed: %s\n", __func__); + kmem_cache_destroy(cache); + return; + } + + kmem_cache_free(cache, p); + KUNIT_EXPECT_KASAN_FAIL(test, kmem_cache_free(cache, p)); + kmem_cache_destroy(cache); +} + +static void kmem_cache_invalid_free(struct kunit *test) +{ + char *p; + size_t size = 200; + struct kmem_cache *cache; + + cache = kmem_cache_create("test_cache", size, 0, SLAB_TYPESAFE_BY_RCU, + NULL); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cache); + + p = kmem_cache_alloc(cache, GFP_KERNEL); + if (!p) { + kunit_err(test, "Allocation failed: %s\n", __func__); + kmem_cache_destroy(cache); + return; + } + + /* Trigger invalid free, the object doesn't get freed. */ + KUNIT_EXPECT_KASAN_FAIL(test, kmem_cache_free(cache, p + 1)); + + /* + * Properly free the object to prevent the "Objects remaining in + * test_cache on __kmem_cache_shutdown" BUG failure. + */ + kmem_cache_free(cache, p); + + kmem_cache_destroy(cache); +} + +static void empty_cache_ctor(void *object) { } + +static void kmem_cache_double_destroy(struct kunit *test) +{ + struct kmem_cache *cache; + + /* Provide a constructor to prevent cache merging. */ + cache = kmem_cache_create("test_cache", 200, 0, 0, empty_cache_ctor); + KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cache); + kmem_cache_destroy(cache); + KUNIT_EXPECT_KASAN_FAIL(test, kmem_cache_destroy(cache)); +} + static void kmem_cache_accounted(struct kunit *test) { int i; @@ -1145,53 +1328,6 @@ static void kasan_global_oob_left(struct kunit *test) KUNIT_EXPECT_KASAN_FAIL(test, *(volatile char *)p); } -/* Check that ksize() does NOT unpoison whole object. */ -static void ksize_unpoisons_memory(struct kunit *test) -{ - char *ptr; - size_t size = 128 - KASAN_GRANULE_SIZE - 5; - size_t real_size; - - ptr = kmalloc(size, GFP_KERNEL); - KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); - - real_size = ksize(ptr); - KUNIT_EXPECT_GT(test, real_size, size); - - OPTIMIZER_HIDE_VAR(ptr); - - /* These accesses shouldn't trigger a KASAN report. */ - ptr[0] = 'x'; - ptr[size - 1] = 'x'; - - /* These must trigger a KASAN report. */ - if (IS_ENABLED(CONFIG_KASAN_GENERIC)) - KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[size]); - KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[size + 5]); - KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[real_size - 1]); - - kfree(ptr); -} - -/* - * Check that a use-after-free is detected by ksize() and via normal accesses - * after it. - */ -static void ksize_uaf(struct kunit *test) -{ - char *ptr; - int size = 128 - KASAN_GRANULE_SIZE; - - ptr = kmalloc(size, GFP_KERNEL); - KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); - kfree(ptr); - - OPTIMIZER_HIDE_VAR(ptr); - KUNIT_EXPECT_KASAN_FAIL(test, ksize(ptr)); - KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[0]); - KUNIT_EXPECT_KASAN_FAIL(test, ((volatile char *)ptr)[size]); -} - static void kasan_stack_oob(struct kunit *test) { char stack_array[10]; @@ -1234,69 +1370,6 @@ static void kasan_alloca_oob_right(struct kunit *test) KUNIT_EXPECT_KASAN_FAIL(test, *(volatile char *)p); } -static void kmem_cache_double_free(struct kunit *test) -{ - char *p; - size_t size = 200; - struct kmem_cache *cache; - - cache = kmem_cache_create("test_cache", size, 0, 0, NULL); - KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cache); - - p = kmem_cache_alloc(cache, GFP_KERNEL); - if (!p) { - kunit_err(test, "Allocation failed: %s\n", __func__); - kmem_cache_destroy(cache); - return; - } - - kmem_cache_free(cache, p); - KUNIT_EXPECT_KASAN_FAIL(test, kmem_cache_free(cache, p)); - kmem_cache_destroy(cache); -} - -static void kmem_cache_invalid_free(struct kunit *test) -{ - char *p; - size_t size = 200; - struct kmem_cache *cache; - - cache = kmem_cache_create("test_cache", size, 0, SLAB_TYPESAFE_BY_RCU, - NULL); - KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cache); - - p = kmem_cache_alloc(cache, GFP_KERNEL); - if (!p) { - kunit_err(test, "Allocation failed: %s\n", __func__); - kmem_cache_destroy(cache); - return; - } - - /* Trigger invalid free, the object doesn't get freed. */ - KUNIT_EXPECT_KASAN_FAIL(test, kmem_cache_free(cache, p + 1)); - - /* - * Properly free the object to prevent the "Objects remaining in - * test_cache on __kmem_cache_shutdown" BUG failure. - */ - kmem_cache_free(cache, p); - - kmem_cache_destroy(cache); -} - -static void empty_cache_ctor(void *object) { } - -static void kmem_cache_double_destroy(struct kunit *test) -{ - struct kmem_cache *cache; - - /* Provide a constructor to prevent cache merging. */ - cache = kmem_cache_create("test_cache", 200, 0, 0, empty_cache_ctor); - KUNIT_ASSERT_NOT_ERR_OR_NULL(test, cache); - kmem_cache_destroy(cache); - KUNIT_EXPECT_KASAN_FAIL(test, kmem_cache_destroy(cache)); -} - static void kasan_memchr(struct kunit *test) { char *ptr; @@ -1458,79 +1531,6 @@ static void kasan_bitops_tags(struct kunit *test) kfree(bits); } -static void kmalloc_double_kzfree(struct kunit *test) -{ - char *ptr; - size_t size = 16; - - ptr = kmalloc(size, GFP_KERNEL); - KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); - - kfree_sensitive(ptr); - KUNIT_EXPECT_KASAN_FAIL(test, kfree_sensitive(ptr)); -} - -/* - * The two tests below check that Generic KASAN prints auxiliary stack traces - * for RCU callbacks and workqueues. The reports need to be inspected manually. - * - * These tests are still enabled for other KASAN modes to make sure that all - * modes report bad accesses in tested scenarios. - */ - -static struct kasan_rcu_info { - int i; - struct rcu_head rcu; -} *global_rcu_ptr; - -static void rcu_uaf_reclaim(struct rcu_head *rp) -{ - struct kasan_rcu_info *fp = - container_of(rp, struct kasan_rcu_info, rcu); - - kfree(fp); - ((volatile struct kasan_rcu_info *)fp)->i; -} - -static void rcu_uaf(struct kunit *test) -{ - struct kasan_rcu_info *ptr; - - ptr = kmalloc(sizeof(struct kasan_rcu_info), GFP_KERNEL); - KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ptr); - - global_rcu_ptr = rcu_dereference_protected( - (struct kasan_rcu_info __rcu *)ptr, NULL); - - KUNIT_EXPECT_KASAN_FAIL(test, - call_rcu(&global_rcu_ptr->rcu, rcu_uaf_reclaim); - rcu_barrier()); -} - -static void workqueue_uaf_work(struct work_struct *work) -{ - kfree(work); -} - -static void workqueue_uaf(struct kunit *test) -{ - struct workqueue_struct *workqueue; - struct work_struct *work; - - workqueue = create_workqueue("kasan_workqueue_test"); - KUNIT_ASSERT_NOT_ERR_OR_NULL(test, workqueue); - - work = kmalloc(sizeof(struct work_struct), GFP_KERNEL); - KUNIT_ASSERT_NOT_ERR_OR_NULL(test, work); - - INIT_WORK(work, workqueue_uaf_work); - queue_work(workqueue, work); - destroy_workqueue(workqueue); - - KUNIT_EXPECT_KASAN_FAIL(test, - ((volatile struct work_struct *)work)->data); -} - static void vmalloc_helpers_tags(struct kunit *test) { void *ptr; @@ -1817,12 +1817,12 @@ static struct kunit_case kasan_kunit_test_cases[] = { KUNIT_CASE(kmalloc_oob_right), KUNIT_CASE(kmalloc_oob_left), KUNIT_CASE(kmalloc_node_oob_right), + KUNIT_CASE(kmalloc_big_oob_right), KUNIT_CASE(kmalloc_large_oob_right), KUNIT_CASE(kmalloc_large_uaf), KUNIT_CASE(kmalloc_large_invalid_free), KUNIT_CASE(page_alloc_oob_right), KUNIT_CASE(page_alloc_uaf), - KUNIT_CASE(kmalloc_big_oob_right), KUNIT_CASE(krealloc_more_oob), KUNIT_CASE(krealloc_less_oob), KUNIT_CASE(krealloc_large_more_oob), @@ -1841,9 +1841,17 @@ static struct kunit_case kasan_kunit_test_cases[] = { KUNIT_CASE(kmalloc_uaf_memset), KUNIT_CASE(kmalloc_uaf2), KUNIT_CASE(kmalloc_uaf3), + KUNIT_CASE(kmalloc_double_kzfree), + KUNIT_CASE(ksize_unpoisons_memory), + KUNIT_CASE(ksize_uaf), + KUNIT_CASE(rcu_uaf), + KUNIT_CASE(workqueue_uaf), KUNIT_CASE(kfree_via_page), KUNIT_CASE(kfree_via_phys), KUNIT_CASE(kmem_cache_oob), + KUNIT_CASE(kmem_cache_double_free), + KUNIT_CASE(kmem_cache_invalid_free), + KUNIT_CASE(kmem_cache_double_destroy), KUNIT_CASE(kmem_cache_accounted), KUNIT_CASE(kmem_cache_bulk), KUNIT_CASE(mempool_kmalloc_oob_right), @@ -1863,19 +1871,11 @@ static struct kunit_case kasan_kunit_test_cases[] = { KUNIT_CASE(kasan_stack_oob), KUNIT_CASE(kasan_alloca_oob_left), KUNIT_CASE(kasan_alloca_oob_right), - KUNIT_CASE(ksize_unpoisons_memory), - KUNIT_CASE(ksize_uaf), - KUNIT_CASE(kmem_cache_double_free), - KUNIT_CASE(kmem_cache_invalid_free), - KUNIT_CASE(kmem_cache_double_destroy), KUNIT_CASE(kasan_memchr), KUNIT_CASE(kasan_memcmp), KUNIT_CASE(kasan_strings), KUNIT_CASE(kasan_bitops_generic), KUNIT_CASE(kasan_bitops_tags), - KUNIT_CASE(kmalloc_double_kzfree), - KUNIT_CASE(rcu_uaf), - KUNIT_CASE(workqueue_uaf), KUNIT_CASE(vmalloc_helpers_tags), KUNIT_CASE(vmalloc_oob), KUNIT_CASE(vmap_tags), From patchwork Tue Dec 19 22:29:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181330 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2275150dyi; Tue, 19 Dec 2023 14:35:52 -0800 (PST) X-Google-Smtp-Source: AGHT+IFy7vv6YpRTuOAGjsNGH27vPSqaKf7wF04XMS/1hMC2WGlCiKEOJvSq9e1UCow6qfDieVYe X-Received: by 2002:ad4:470e:0:b0:67a:a721:e141 with SMTP id qb14-20020ad4470e000000b0067aa721e141mr20791918qvb.110.1703025351736; Tue, 19 Dec 2023 14:35:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025351; cv=none; d=google.com; s=arc-20160816; b=UGFCENsFa3/oqO9oQOIl3Q1I44gC+CDCV4mPAqAyg4tSO2pjj79WzV3Kn7Z2E7mpOu 72ugdqKCd5nFnzEchqr0WoWey6750DRyzDYd8ge6TnAbGqBwBUPnbaGtQB4Xs6SMkqRz CJTZNTX5Vj982DrIXfb0iFN7nNqDnA70wHtdrftQsYXEePaVgivhWTLwvq23L6Ioif2i BK+wuM490sUM9zWTwNFIRQnPjhImk/i4fUwgDKJlKH4ErP0HpUM0TW+TR9CyVPV4DAn/ P6OFZ2eqKAW7ONJ7RgiJbomidcGyIh5xpwGEhTuW9fBS51mJ8Mj1HWTSG5VuIiDWsdPG vuLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=mlYQJh3Zrut4xXu3wLWLs7KGtUj3CeTDuDfdtjdzU7g=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=tVbzBIpuKE+b0D80C9ePuNAWdTrnYURRRtNG0P0lOrARBAmv4XF4VVGsmhmlXFaBvF 5g4DOV7iVLwDsz7TUvAgJ59uD2W5Nt5p6FU5CxO5nr+cNZw2vg9rniNCFLNKPhz5o5ap Brphed0xJ3q6XOj/Zh0dSwXFx++nkvw+CxjWJ+vSsJTW8de43plSA5dFqqNW8+JekEfV vSBLdiH6CQ+CF03Ew9N38fAf/uWgRu7ElGa+CT5TvV73dd+EW8vizDxfPPbmGF1GPEIZ rETGa2G2/SASkrIdc0wdKatYkWbyfzr3BUOU2bgivbb0BmnvpFbPJbbTG1qUQlwh/NRX 9ShA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=bmAVzIYf; spf=pass (google.com: domain of linux-kernel+bounces-6061-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6061-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id d12-20020a0cdb0c000000b006794ec8bf24si709995qvk.384.2023.12.19.14.35.51 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:35:51 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6061-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=bmAVzIYf; spf=pass (google.com: domain of linux-kernel+bounces-6061-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6061-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 529C51C24893 for ; Tue, 19 Dec 2023 22:35:51 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 090B74EB5D; Tue, 19 Dec 2023 22:32:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="bmAVzIYf" X-Original-To: linux-kernel@vger.kernel.org Received: from out-182.mta1.migadu.com (out-182.mta1.migadu.com [95.215.58.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 597B64CB43 for ; Tue, 19 Dec 2023 22:32:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025149; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=mlYQJh3Zrut4xXu3wLWLs7KGtUj3CeTDuDfdtjdzU7g=; b=bmAVzIYfyYppWmvGTLBiS5nG8obTrmbbdL0D6+ClOLIyRzStyC0cUpgaQoGRj4B9negloZ gDBuxMa0ozyhE+nyywcFc4sF3IFTOtfxFhASYlhLoyPMu0p611lKZY7InRWt+SuofDu71+ 8EC/bvZUjw4CO1A7j3BBvX7vr2/bJog= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 19/21] kasan: rename and document kasan_(un)poison_object_data Date: Tue, 19 Dec 2023 23:29:03 +0100 Message-Id: In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751511394236323 X-GMAIL-MSGID: 1785751511394236323 From: Andrey Konovalov Rename kasan_unpoison_object_data to kasan_unpoison_new_object and add a documentation comment. Do the same for kasan_poison_object_data. The new names and the comments should suggest the users that these hooks are intended for internal use by the slab allocator. The following patch will remove non-slab-internal uses of these hooks. No functional changes. Signed-off-by: Andrey Konovalov --- include/linux/kasan.h | 35 +++++++++++++++++++++++++++-------- mm/kasan/common.c | 4 ++-- mm/slab.c | 10 ++++------ mm/slub.c | 4 ++-- net/core/skbuff.c | 8 ++++---- 5 files changed, 39 insertions(+), 22 deletions(-) diff --git a/include/linux/kasan.h b/include/linux/kasan.h index 7392c5d89b92..d49e3d4c099e 100644 --- a/include/linux/kasan.h +++ b/include/linux/kasan.h @@ -129,20 +129,39 @@ static __always_inline void kasan_poison_slab(struct slab *slab) __kasan_poison_slab(slab); } -void __kasan_unpoison_object_data(struct kmem_cache *cache, void *object); -static __always_inline void kasan_unpoison_object_data(struct kmem_cache *cache, +void __kasan_unpoison_new_object(struct kmem_cache *cache, void *object); +/** + * kasan_unpoison_new_object - Temporarily unpoison a new slab object. + * @cache: Cache the object belong to. + * @object: Pointer to the object. + * + * This function is intended for the slab allocator's internal use. It + * temporarily unpoisons an object from a newly allocated slab without doing + * anything else. The object must later be repoisoned by + * kasan_poison_new_object(). + */ +static __always_inline void kasan_unpoison_new_object(struct kmem_cache *cache, void *object) { if (kasan_enabled()) - __kasan_unpoison_object_data(cache, object); + __kasan_unpoison_new_object(cache, object); } -void __kasan_poison_object_data(struct kmem_cache *cache, void *object); -static __always_inline void kasan_poison_object_data(struct kmem_cache *cache, +void __kasan_poison_new_object(struct kmem_cache *cache, void *object); +/** + * kasan_unpoison_new_object - Repoison a new slab object. + * @cache: Cache the object belong to. + * @object: Pointer to the object. + * + * This function is intended for the slab allocator's internal use. It + * repoisons an object that was previously unpoisoned by + * kasan_unpoison_new_object() without doing anything else. + */ +static __always_inline void kasan_poison_new_object(struct kmem_cache *cache, void *object) { if (kasan_enabled()) - __kasan_poison_object_data(cache, object); + __kasan_poison_new_object(cache, object); } void * __must_check __kasan_init_slab_obj(struct kmem_cache *cache, @@ -342,9 +361,9 @@ static inline bool kasan_unpoison_pages(struct page *page, unsigned int order, return false; } static inline void kasan_poison_slab(struct slab *slab) {} -static inline void kasan_unpoison_object_data(struct kmem_cache *cache, +static inline void kasan_unpoison_new_object(struct kmem_cache *cache, void *object) {} -static inline void kasan_poison_object_data(struct kmem_cache *cache, +static inline void kasan_poison_new_object(struct kmem_cache *cache, void *object) {} static inline void *kasan_init_slab_obj(struct kmem_cache *cache, const void *object) diff --git a/mm/kasan/common.c b/mm/kasan/common.c index b8e7416f83af..ebb1b23d6480 100644 --- a/mm/kasan/common.c +++ b/mm/kasan/common.c @@ -143,12 +143,12 @@ void __kasan_poison_slab(struct slab *slab) KASAN_SLAB_REDZONE, false); } -void __kasan_unpoison_object_data(struct kmem_cache *cache, void *object) +void __kasan_unpoison_new_object(struct kmem_cache *cache, void *object) { kasan_unpoison(object, cache->object_size, false); } -void __kasan_poison_object_data(struct kmem_cache *cache, void *object) +void __kasan_poison_new_object(struct kmem_cache *cache, void *object) { kasan_poison(object, round_up(cache->object_size, KASAN_GRANULE_SIZE), KASAN_SLAB_REDZONE, false); diff --git a/mm/slab.c b/mm/slab.c index 9ad3d0f2d1a5..773c79e153f3 100644 --- a/mm/slab.c +++ b/mm/slab.c @@ -2327,11 +2327,9 @@ static void cache_init_objs_debug(struct kmem_cache *cachep, struct slab *slab) * They must also be threaded. */ if (cachep->ctor && !(cachep->flags & SLAB_POISON)) { - kasan_unpoison_object_data(cachep, - objp + obj_offset(cachep)); + kasan_unpoison_new_object(cachep, objp + obj_offset(cachep)); cachep->ctor(objp + obj_offset(cachep)); - kasan_poison_object_data( - cachep, objp + obj_offset(cachep)); + kasan_poison_new_object(cachep, objp + obj_offset(cachep)); } if (cachep->flags & SLAB_RED_ZONE) { @@ -2472,9 +2470,9 @@ static void cache_init_objs(struct kmem_cache *cachep, /* constructor could break poison info */ if (DEBUG == 0 && cachep->ctor) { - kasan_unpoison_object_data(cachep, objp); + kasan_unpoison_new_object(cachep, objp); cachep->ctor(objp); - kasan_poison_object_data(cachep, objp); + kasan_poison_new_object(cachep, objp); } if (!shuffled) diff --git a/mm/slub.c b/mm/slub.c index 782bd8a6bd34..891742e5932a 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -1860,9 +1860,9 @@ static void *setup_object(struct kmem_cache *s, void *object) setup_object_debug(s, object); object = kasan_init_slab_obj(s, object); if (unlikely(s->ctor)) { - kasan_unpoison_object_data(s, object); + kasan_unpoison_new_object(s, object); s->ctor(object); - kasan_poison_object_data(s, object); + kasan_poison_new_object(s, object); } return object; } diff --git a/net/core/skbuff.c b/net/core/skbuff.c index b157efea5dea..63bb6526399d 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -337,7 +337,7 @@ static struct sk_buff *napi_skb_cache_get(void) } skb = nc->skb_cache[--nc->skb_count]; - kasan_unpoison_object_data(skbuff_cache, skb); + kasan_unpoison_new_object(skbuff_cache, skb); return skb; } @@ -1309,13 +1309,13 @@ static void napi_skb_cache_put(struct sk_buff *skb) struct napi_alloc_cache *nc = this_cpu_ptr(&napi_alloc_cache); u32 i; - kasan_poison_object_data(skbuff_cache, skb); + kasan_poison_new_object(skbuff_cache, skb); nc->skb_cache[nc->skb_count++] = skb; if (unlikely(nc->skb_count == NAPI_SKB_CACHE_SIZE)) { for (i = NAPI_SKB_CACHE_HALF; i < NAPI_SKB_CACHE_SIZE; i++) - kasan_unpoison_object_data(skbuff_cache, - nc->skb_cache[i]); + kasan_unpoison_new_object(skbuff_cache, + nc->skb_cache[i]); kmem_cache_free_bulk(skbuff_cache, NAPI_SKB_CACHE_HALF, nc->skb_cache + NAPI_SKB_CACHE_HALF); From patchwork Tue Dec 19 22:29:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181333 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2276414dyi; Tue, 19 Dec 2023 14:38:52 -0800 (PST) X-Google-Smtp-Source: AGHT+IE4wNWFMxtFNSPR8MH2JN8BMgT6CbNzzwu/9KIISW7CbFAYxmBtpoKcmNAreZBhlHRFRxW9 X-Received: by 2002:a05:6a00:21c1:b0:6ce:56da:62d3 with SMTP id t1-20020a056a0021c100b006ce56da62d3mr20505252pfj.25.1703025532131; Tue, 19 Dec 2023 14:38:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025532; cv=none; d=google.com; s=arc-20160816; b=PjljyuSoIgz9GHEAtt7CXmDVn6evab1y1ZekCCCIaHzkXBZ2/gfrRRYvZLPHfGEgRw VFS3kKQ2B+pb+XrxA1yt3/SV34bLCnwtf73SHP/sKoZ+aEF7tM8tbjSCgcEU+OQEaMze NLTt0uktu2rXcdKd/c2meeJOUAJulr6mj4jJ7+jgZi8tr5sOD8a0+f9FiotTd49dixG5 326sEM3h8lHgM1cah6tY1r7pvF0EtlthEJ+Fn9FdSDMxheOR3Mc6FmPEphhNy7sN3vDV A2hTfwHKR6K9y3bURZLnmlkUqipjgY9KrNF7Yi+fPaExeEc3vtl6z6MoOJbC7sDtey8F GMhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=e29xpsueqsta+pB4dpMwNezQWpITpFZrOcR7dgpqXnM=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=rz/qLWzNrMMnQw0d3FWeWBmvPYymv5VoHta6FRJBYGtfrTClrlljGPKp/9B52HTr/R uksuydQCFePC6+G7GI3/8ASRzT9nqmdjDAhpgohtvQGFENkVzDnimU6jlT4sgTSdtsM3 +mqPnklfCNR1ZDt/LpZKfA+9WsTT1rhFCKAywxiidEYCqubg9y/BhFvaH8OMc1DpXhBN CIR0mtR8yZ+KSNWTHYn1UtusYv8Mj/A/LHXfJw5RolbNS+MPPhSA2yU5F0jdbuO6JYWE UvcZLdUopJU2nCm+K/BtToOxXCHaSzLefcf+XktEd51LK1Qfx8gGhwk6pydykZl19qcu cwog== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b="ljf0/KaK"; spf=pass (google.com: domain of linux-kernel+bounces-6062-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6062-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id y20-20020a056a00191400b0068fd7cb5864si20707719pfi.263.2023.12.19.14.38.51 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:38:52 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6062-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b="ljf0/KaK"; spf=pass (google.com: domain of linux-kernel+bounces-6062-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6062-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 93720B25512 for ; Tue, 19 Dec 2023 22:35:53 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 11E604EB5F; Tue, 19 Dec 2023 22:32:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="ljf0/KaK" X-Original-To: linux-kernel@vger.kernel.org Received: from out-189.mta1.migadu.com (out-189.mta1.migadu.com [95.215.58.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 03BEB4CB22 for ; Tue, 19 Dec 2023 22:32:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025149; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=e29xpsueqsta+pB4dpMwNezQWpITpFZrOcR7dgpqXnM=; b=ljf0/KaKFmDC2Uyj9pcq18seQDB62a/kgliZneYzRVKag4kgTWvduY54lnptev/4IOVTKg XWh9fADptQruk8bYRvzl+jF0l8p4U0RNpQ3xZT3+C7DxlLuZnVWmBR0/EtI5V5z/V058ga q4EXpOfTgh0O1XTzevXYooHK4dHrhlQ= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 20/21] skbuff: use mempool KASAN hooks Date: Tue, 19 Dec 2023 23:29:04 +0100 Message-Id: In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751700271320664 X-GMAIL-MSGID: 1785751700271320664 From: Andrey Konovalov Instead of using slab-internal KASAN hooks for poisoning and unpoisoning cached objects, use the proper mempool KASAN hooks. Also check the return value of kasan_mempool_poison_object to prevent double-free and invali-free bugs. Signed-off-by: Andrey Konovalov --- net/core/skbuff.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/net/core/skbuff.c b/net/core/skbuff.c index 63bb6526399d..bb75b4272992 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -337,7 +337,7 @@ static struct sk_buff *napi_skb_cache_get(void) } skb = nc->skb_cache[--nc->skb_count]; - kasan_unpoison_new_object(skbuff_cache, skb); + kasan_mempool_unpoison_object(skb, kmem_cache_size(skbuff_cache)); return skb; } @@ -1309,13 +1309,15 @@ static void napi_skb_cache_put(struct sk_buff *skb) struct napi_alloc_cache *nc = this_cpu_ptr(&napi_alloc_cache); u32 i; - kasan_poison_new_object(skbuff_cache, skb); + if (!kasan_mempool_poison_object(skb)) + return; + nc->skb_cache[nc->skb_count++] = skb; if (unlikely(nc->skb_count == NAPI_SKB_CACHE_SIZE)) { for (i = NAPI_SKB_CACHE_HALF; i < NAPI_SKB_CACHE_SIZE; i++) - kasan_unpoison_new_object(skbuff_cache, - nc->skb_cache[i]); + kasan_mempool_unpoison_object(nc->skb_cache[i], + kmem_cache_size(skbuff_cache)); kmem_cache_free_bulk(skbuff_cache, NAPI_SKB_CACHE_HALF, nc->skb_cache + NAPI_SKB_CACHE_HALF); From patchwork Tue Dec 19 22:29:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: andrey.konovalov@linux.dev X-Patchwork-Id: 181331 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:24d3:b0:fb:cd0c:d3e with SMTP id r19csp2275177dyi; Tue, 19 Dec 2023 14:35:54 -0800 (PST) X-Google-Smtp-Source: AGHT+IFd1GOFSOt0QFDrpE+p+lW65flyBUKu6WcK0iynhBiv4+zl8QpbowWhZrl8a2zryCd0yCir X-Received: by 2002:a17:902:db09:b0:1d3:ead1:dc07 with SMTP id m9-20020a170902db0900b001d3ead1dc07mr582124plx.75.1703025354423; Tue, 19 Dec 2023 14:35:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703025354; cv=none; d=google.com; s=arc-20160816; b=zrcI+9z5qOv6VvMGJR4Lq1Q6pNNbKbn1+pzgP0swVIMLcTbwKIw1Hmwcksr8ikDnYI 85pBEHZ4VWYtZXive91GucU3RGktPNUCfQGpoqPUf9aSfUU92auc0IrjqDQxbQQhZ1z2 SgQmF/bxyWRq8yiJZ53Mb2gcbUkgdRfyqiLY3mxeta6Kxdgdi0d5RdJU84OGsqS/8PTg iBvWW1LzrHPzGfUGToytJ2Y6FCuNFrQOC8M/xmqV6/IoP6/IrkoEdtclGvuflZepFMO+ cEOX+GU8qiT8xsGs5ihMmCfvFPqZBieqsLXcp6Qa1qubJlFbnZQgcAyEYyr4h+4p6fLc EV4w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=EPGVjwO+qP/d7FcuwPK2D6CcDKWjvT42oG4AsVrb0Go=; fh=AIzsiqkKUtrB7QnM+XRgAblgvDINIC5pDvD0mg8EzrU=; b=cGyvJkBABettmtOCNm8Qxw3ILXYl5RaV8fXDfDhu32Msr1fusg2waRAuKpzJlYgsHE N/2LntvrdqqBRv5fNukruoWq1E/ob7yadPOsYkbOgp9qy5To6JfncG96H1JbZjuOYCLg N4eDYhkPKArfTrt5/O4FYpfVKnleI3RnoJ5HoGvqN/XELR2IUbS/jzhiadWzYYQBaicu m3QmRu/GK/MTGEL6CI7Vmy6BIME50Lyise6yWMKEu2fuv+TuuoceyjQSaSXRcTXeAuhp gvP8itURMSiCqRxnEsibZmsTxJOiBT7XctDADC4qszNpEwA53GoVbKFXDmplZXQVjMyO Hj2Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b="PVS7/Vp9"; spf=pass (google.com: domain of linux-kernel+bounces-6063-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6063-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id g10-20020a1709026b4a00b001d3c3d4869csi3380846plt.481.2023.12.19.14.35.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Dec 2023 14:35:54 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-6063-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b="PVS7/Vp9"; spf=pass (google.com: domain of linux-kernel+bounces-6063-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-6063-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 268C6286086 for ; Tue, 19 Dec 2023 22:35:54 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 384794F1EB; Tue, 19 Dec 2023 22:32:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="PVS7/Vp9" X-Original-To: linux-kernel@vger.kernel.org Received: from out-189.mta1.migadu.com (out-189.mta1.migadu.com [95.215.58.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1C8C54CB34 for ; Tue, 19 Dec 2023 22:32:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1703025150; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=EPGVjwO+qP/d7FcuwPK2D6CcDKWjvT42oG4AsVrb0Go=; b=PVS7/Vp9rKcCStvahkmREEOMnuEX6kau1z/8KUeJ+M+L9oh0S/muURork3hPcDgoR/5lvV ReB2LpYutwX5p3c63FdFGnocPloJeeIBz+IrzYNEY41q/t2SiRz0dp5ZLm4EF8f/mEHnF3 IzsuSBbMxsPovIvvYoBbisxMLMXLZwo= From: andrey.konovalov@linux.dev To: Marco Elver , Alexander Potapenko Cc: Andrey Konovalov , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, Evgenii Stepanov , Breno Leitao , Alexander Lobakin , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm 21/21] io_uring: use mempool KASAN hook Date: Tue, 19 Dec 2023 23:29:05 +0100 Message-Id: In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Migadu-Flow: FLOW_OUT X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1785751514352964152 X-GMAIL-MSGID: 1785751514352964152 From: Andrey Konovalov Use the proper kasan_mempool_unpoison_object hook for unpoisoning cached objects. A future change might also update io_uring to check the return value of kasan_mempool_poison_object to prevent double-free and invalid-free bugs. This proves to be non-trivial with the current way io_uring caches objects, so this is left out-of-scope of this series. Signed-off-by: Andrey Konovalov --- io_uring/alloc_cache.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/io_uring/alloc_cache.h b/io_uring/alloc_cache.h index 8de0414e8efe..bf2fb26a6539 100644 --- a/io_uring/alloc_cache.h +++ b/io_uring/alloc_cache.h @@ -33,7 +33,7 @@ static inline struct io_cache_entry *io_alloc_cache_get(struct io_alloc_cache *c struct io_cache_entry *entry; entry = container_of(cache->list.next, struct io_cache_entry, node); - kasan_unpoison_range(entry, cache->elem_size); + kasan_mempool_unpoison_object(entry, cache->elem_size); cache->list.next = cache->list.next->next; cache->nr_cached--; return entry;