From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 77F19CD37B7 for ; Fri, 15 Sep 2023 21:13:08 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 0FFF96B039E; Fri, 15 Sep 2023 17:13:08 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 0B0B46B03A1; Fri, 15 Sep 2023 17:13:08 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id EBA086B03A2; Fri, 15 Sep 2023 17:13:07 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id DBFD26B039E for ; Fri, 15 Sep 2023 17:13:07 -0400 (EDT) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id B37C0120818 for ; Fri, 15 Sep 2023 21:13:07 +0000 (UTC) X-FDA: 81240082014.08.A72F626 Received: from mail-pg1-f175.google.com (mail-pg1-f175.google.com [209.85.215.175]) by imf19.hostedemail.com (Postfix) with ESMTP id DA0A01A001E for ; Fri, 15 Sep 2023 21:13:05 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=FEMzn7rK; spf=pass (imf19.hostedemail.com: domain of keescook@chromium.org designates 209.85.215.175 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1694812386; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=AZHk7vThpLpskZtqajJEmCcHKvsPyXWDUd5X6GjbEhM=; b=YG3zKA0O19UL8dzOZAw75B4A1iyP/3yBTjlIMbAue8vsLYWBXjcYuKcd55pPJJhjQudbrZ R5vZ5zi8qaqGO6fuzkhGEb/4KSxs1AaaaESZ+UfFbLhHJDwJe43oXCd+bxflXAAMs8HHLS ptVCxRjN2Ld9EsBGk/0WAfyL2VNmbxk= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=FEMzn7rK; spf=pass (imf19.hostedemail.com: domain of keescook@chromium.org designates 209.85.215.175 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1694812386; a=rsa-sha256; cv=none; b=gx12UemQSsPPKIFob9hf88s+zg7o71Qleit0Vhe6qX3rjEW5DnFstTnGaokylNu4b9naF1 /K0wi7PBFVEZa91XNKY5KCLZWYDFeuBDDm1EswkFvpz2vv9+8CV8WqE/wOtKTMN0qAwHFB Y+SDU6ZgjI1XpY1Q978jml6MpeiV7Z8= Received: by mail-pg1-f175.google.com with SMTP id 41be03b00d2f7-5779055a474so2061014a12.0 for ; Fri, 15 Sep 2023 14:13:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1694812385; x=1695417185; darn=kvack.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=AZHk7vThpLpskZtqajJEmCcHKvsPyXWDUd5X6GjbEhM=; b=FEMzn7rKuCQZdnf+ZpsuCCxttPaoZGzoPsKeMgCc9g/gyUrz6ONuOOma7YkdNCCXDT cYVSAniAjyydS/OPSLv8xutOAVNrZ1dAQyxJDA8BgX6ImHowXVUabGRTNoMH2Xhd/5uN fxgHIMjYD97KSu9UxuCQ9LD3O8GGwUCrihosA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694812385; x=1695417185; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=AZHk7vThpLpskZtqajJEmCcHKvsPyXWDUd5X6GjbEhM=; b=Tx/q4/jAaJAI0SSZmCRa365REPjhccmlY06OV5thf7Si3SXYQ99YW56mayWucBoKKJ 8sV+SDSwTFjoSELbNre4bVyXvEqeFmW+EMy4ZaKL9cYLAZLoPzqQGdHAzGHkR4D/PDa0 Yi7v4SxG3e9jLE3PpIqLPmvqvbLctI9glNelXsUNk5d/kz4frOJyaRsEx8MW2Y1/TKxv hpKtkti/w86M3v8Tle0vr9aUEE3UonDiYdZvceMsRiBTAePxRaQS1pEon+2erHdrdPiV 8Es6udmiqOL7PCNWkDFfFuWGGbc1bVEErur2kQTZc0EM766Bpn7dfMX8hP7BAQOTkYdq UZYw== X-Gm-Message-State: AOJu0Yy2rWXn9JN+pUTEyfGIJZz6Q4h7lBmDE5n0sTpGtnLm5f+Pn+W5 3/mC3yi7CwZJLQ+A8JhvpOJlcQ== X-Google-Smtp-Source: AGHT+IHm6HySe6IHe1hP6qL3CE05/JQnD5U2WP+Yncfwbd9pJNQNoXCcc43i0dypm9WA1Axo89FeCA== X-Received: by 2002:a17:90b:1952:b0:268:14a0:f8a with SMTP id nk18-20020a17090b195200b0026814a00f8amr2739464pjb.39.1694812384792; Fri, 15 Sep 2023 14:13:04 -0700 (PDT) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id ie18-20020a17090b401200b0026971450601sm3428843pjb.7.2023.09.15.14.13.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Sep 2023 14:13:04 -0700 (PDT) Date: Fri, 15 Sep 2023 14:13:03 -0700 From: Kees Cook To: Matteo Rizzo Cc: cl@linux.com, penberg@kernel.org, rientjes@google.com, iamjoonsoo.kim@lge.com, akpm@linux-foundation.org, vbabka@suse.cz, roman.gushchin@linux.dev, 42.hyeyoo@gmail.com, linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-hardening@vger.kernel.org, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, corbet@lwn.net, luto@kernel.org, peterz@infradead.org, jannh@google.com, evn@google.com, poprdi@google.com, jordyzomer@google.com, ardb@google.com Subject: Re: [RFC PATCH 10/14] x86: Create virtual memory region for SLUB Message-ID: <202309151410.E65B8300F@keescook> References: <20230915105933.495735-1-matteorizzo@google.com> <20230915105933.495735-11-matteorizzo@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230915105933.495735-11-matteorizzo@google.com> X-Rspamd-Queue-Id: DA0A01A001E X-Rspam-User: X-Stat-Signature: sacqomunxz1fpxydxmy14ratgxghip9i X-Rspamd-Server: rspam01 X-HE-Tag: 1694812385-525960 X-HE-Meta: U2FsdGVkX1+SZjkI2tMgJ2z6+xW/tQan+xWclNksePj0pcSGSfrb8oBCyv6WBeCj5IQmN69h2AXqGeIbgkaWihO4yAwypsiTmQFJloEsemjyiRrkC2Qq9W8VCKathX545628jtC8YILWhsXjiRjQ5qrAGNjRqbE+C4Eq2fzYRi89FT8fvRxvpl4yV87lKAVrLkCB+GdwU5Q9F+vWMTmj1apF5RcjZQvkMSAN32Ai3QOHLcWeozzr3aQUI6uHv4/dDXy4I/ddXlvgOd7Al2VpUK6PS847IzFOiIfCMbOoPwJuFyl//WCznct/O9M7DUXn5GPTsVLwemdVhp8mP5tGLHxjhMTnXCgB38l3kll0+y8rmaCh6os08pLWdzgpM2siwZvPAySoXYuiKwxX1JTyHctfVCCqHGATCso7UhQSkBfucWMhjkf9OBQTSQ5NkhpcV7DQrC7I46FbRjZuzbHE0/LstAm2NV2UXHBqhxnHc+5A2PkS3ZxniLZT0s9/49j1MuFgxL8WjlSplq22AieNaCAl/UXULd+6tJaKE9iFcSW7/Sytb6oIQMDRxPLio15SiJg/PlCZ+s9I1VZV8+7+DCzHRAH1FDnKeQZwGOobRfNjUgHeeRBQjliDV/vBkuxsjgcAfouiLiBUn8lvaWYdNvq+YkGbGgv3QcJ5TmcSuFXNnHW3m7AWN6xU5ou+KJKigyXYnYZr3Dy/Hlan9/+CPDemvKbcio9G8k0+dMGMxjH375bq3GQHSscGOjp6NXBWh+RSdpEa9HW/GcMB0m7i6G+wR40v31J/uBq8xY6UrTFBil28R0uuZy7EGWPViVk4OWWFqo+H3R6tM1IA77laMZsaPWr0UgGiK34Mnsm15IRlRhzVRrY0Us5bBtRuGDwIDo7X1bqLXjuvuxTfplYnITFSFDjmJsRVJRO6x9JI8XZlR9D85Alr7uCFn8SF6er120Q7kfykA2OpWgmB6dL 0wf+vQDs bmPTgVgvSRWhLwaKNRIA5zFbWAL4Z6AEm7KFJXtFn+3Hlu6v0oL+Uu+mK6Ztb+SETtfyhLm3jgp6vNcV74W4lA7h2K6qRZwjoBZ9OoZUaEyr1V0lHVtyUeazUwK+cf0GbYxD7Nnu6ur8i0ycOWPgRBHeGedNC134i6L41x8Ne2VgXnga+/72v6DoqyDLq1iWN4x8CdLzRGqA8rFaFXzZIicwu/l7QMtMbs1TadleC2135O5nUvFaGBQwZgHBKojrYl+4gHXMJykF39D280y66sKAlNMjSbGU+hP2YXSOVlbfhJyfqnu1rtNis+XOfE0j4O+9GE37TeDQa1mSdLlJXkigajfHBvxnbLtAK0H+zF7F4lK/HACUASgJ+WnROHtUurkyKXc4Y4PTzLFWcSUoeiyv5wBkQmFzuDUezLUoMeywQwxbxhWlWv57n+nxGXklDDHgwjVtQv+Nbpf/drdFbVCTNwqHVhtF1jPYHBdvy5JyxHY+6MiR18t9KAry0RbHBKuhD X-Bogosity: Ham, tests=bogofilter, spamicity=0.000054, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, Sep 15, 2023 at 10:59:29AM +0000, Matteo Rizzo wrote: > From: Jann Horn > > SLAB_VIRTUAL reserves 512 GiB of virtual memory and uses them for both > struct slab and the actual slab memory. The pointers returned by > kmem_cache_alloc will point to this range of memory. I think the 512 GiB limit may be worth mentioning in the Kconfig help text. And in the "640K is enough for everything" devil's advocacy, why is 512 GiB enough here? Is there any greater risk of a pathological allocation pattern breaking a system any more (or less) than is currently possible? > > Signed-off-by: Jann Horn But, yes, I'm still a fan, and I think it interacts well here with the rest of the KASLR initialization: Reviewed-by: Kees Cook Have you tried to make this work on arm64? I imagine it should be roughly as easy? -- Kees Cook