From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3EF10C25B75 for ; Fri, 31 May 2024 20:59:25 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C82346B00A4; Fri, 31 May 2024 16:59:24 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C32646B00A5; Fri, 31 May 2024 16:59:24 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id AF9DB6B00A6; Fri, 31 May 2024 16:59:24 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 92AD16B00A4 for ; Fri, 31 May 2024 16:59:24 -0400 (EDT) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 40802A0F00 for ; Fri, 31 May 2024 20:59:24 +0000 (UTC) X-FDA: 82179906648.26.B8237AA Received: from sin.source.kernel.org (sin.source.kernel.org [145.40.73.55]) by imf25.hostedemail.com (Postfix) with ESMTP id EBF39A0008 for ; Fri, 31 May 2024 20:59:20 +0000 (UTC) Authentication-Results: imf25.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=RPi+plar; dmarc=pass (policy=none) header.from=kernel.org; spf=pass (imf25.hostedemail.com: domain of kees@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=kees@kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1717189161; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=tyCnrvFMh6anbEP/iCldwwWpslljnnoGi8dia4wymUE=; b=soXQK2mQvcQ4YV4x36IXdJcexxfq94sZNbVmoq38Ioq8G5SJ47PzF8bh2+Gfq2NkVRf00O zMele6Kf+a41uOjNUQ3ZyuZg0UeNkdNf9BbFEi/0Xw18SWGcv1LUjFVJsWmW7VC/gzabSO 1j1iIte5lRUmRgWH0veq9hUyD+D39Fg= ARC-Authentication-Results: i=1; imf25.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=RPi+plar; dmarc=pass (policy=none) header.from=kernel.org; spf=pass (imf25.hostedemail.com: domain of kees@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=kees@kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1717189161; a=rsa-sha256; cv=none; b=4hZvUm1f+6mF2Rt82oLUMcTkTeCgE2WEwgw6e0vLTWAtv6SHtB671EHf5RPNhTX2cUpfls dquHqagKKdgUMngCIvLgmS+ogVXrDRVPjhAI/rMVZ31zxz/72L3GbrBb0vVHYC9q8wnd2U 6kkV8oGKd91VjMR4RbYanTjm3jWOSiI= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by sin.source.kernel.org (Postfix) with ESMTP id 0F2E7CE1D4E; Fri, 31 May 2024 20:59:16 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id CAA8AC116B1; Fri, 31 May 2024 20:59:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1717189154; bh=Lh/cjNZA4vCUPn9FhPgLX85uXMRWMwk57EIVdsl1yUc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=RPi+plarSLmZmS0y099tumxuYiHlY3/14Lz6Y492HHG7LECDbYLrWWeUJ65ELY7Gz 74ChdAs4JgdAgNYZToxGDzgRzQzzBbVKUF+zZg57ZMz4EoHQOdvbHjteo4eoLaHMgU w/2LA8Bql/y1Q8IMB1niy+I4e9kAGva3D7ZBPY/15Dio820tgbY3RtxL9LLafYPIPW 4xs5/mR7VDnXpYON9EZEq35G4n0OtOza6wVtjmg/boixgcT/eUMcioPr9udfSSxZSc WmRo2Sru2qIjGECt5pI27dkB0zXWRrkEfF3TnjaC54zTd5ozucFWGDfHBu3iZJ6noD 03c8pU/HjaCEg== Date: Fri, 31 May 2024 13:59:14 -0700 From: Kees Cook To: Kent Overstreet Cc: Vlastimil Babka , Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , Roman Gushchin , Hyeonggon Yoo <42.hyeyoo@gmail.com>, linux-mm@kvack.org, linux-hardening@vger.kernel.org, "GONG, Ruiqi" , Xiu Jianfeng , Suren Baghdasaryan , Jann Horn , Matteo Rizzo , Thomas Graf , Herbert Xu , julien.voisin@dustri.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v3 2/6] mm/slab: Plumb kmem_buckets into __do_kmalloc_node() Message-ID: <202405311355.B6EBA095@keescook> References: <20240424213019.make.366-kees@kernel.org> <20240424214104.3248214-2-keescook@chromium.org> <202405310943.D9818A4FE@keescook> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: EBF39A0008 X-Stat-Signature: hybfoffaoxkkirn3e8munfztdc8pf87y X-Rspam-User: X-Rspamd-Server: rspam08 X-HE-Tag: 1717189160-885640 X-HE-Meta: U2FsdGVkX18GXUMvXoVJbDMcG7iTYa25P8HzlovLObxpRkHGN4lK6uCfjfuXp4FWvFRoMIidTRy4At8bw5OZAzg4fmX++FDripSzaugQCr2UgMvUE8HvThHwgILyFBEVBeQsJDBuXCn+dti7iKZkGxkS359KnkCXrIxdmSPecF/1x8Kt35gUUZISAgmLc3kQSedLIOu35FMd6ypTplB+hKNgkusF4DMk2WRV7BAMO44YBp8tZ91DMG+lUeW/SRtopLil/b6qjzF97/MEP9XHvRea3XRpweVraD3OTzFfz38vOKE2xu0hHRM6j/l6YBX90KGmuEMI/qpTdDz4sAEM+CPWfKeV1DS/5MW5C3rEuG/Ld4NysVDTPlqRbQuT8jlefetHmWOfxkN0VzrOwJhjwkX17pfluskHs4ap3jUOvLuTX3pzl9+sPq2M/03Lppz1TX1oBq3s6SG3DR+jmTneMUnIQX00bXT/ems2t5ZRQw1E6UHm7SeL8ZubIoSb1x2bN7Bnj9Jn0gBE5eYhAG5wxy3D5AaagZO5IslAXTeR/D9JCD692EBK4P9/e5IHuD8u2IkkHXlVpdWBDRNrO4WVS833KUHoTc8vkIg0N0BUVbaUfPTh41q8ZABL//+r9Aik8al2Ph05bfPs7tOoypaD9H/VxkGGiKDJmleKdDIu8OHw5BPUmfc8PzDBo6lvnaeDVqZD5wfPM0mCHfiX3TNFMZYB1zgopVRAlt3cDcKH5GO0liCNHN6h7XThf3oVEaw0Ft9jfJhlUza8OluQK3MsoqWVUFfwHANIvM2Rdas5H68zcAE5ia5OGTZgCBcq9PuyWIpcgX/p3eoy2fs06w5Ot0SSWYxSXpjP5elDfsxJgsWJOL3vRnnxSExlGBWSEZmpB0Y3MknnbJsfC1T1z3cYaIYOLSkRfITqr3w1QZVcfJKu8j2te+VL2msMg51kB8C2J1WxFexHDi/zI5gggH1 cX6/YzO5 hbFSu8+z6SFzvAWohTfwVm4Gy82CtsxDNX4wnx98voMM+Xj94T8PbAFSTPPnnFMfmIvtBrq06Axx4Aceu9P6ZEtT7oeJsIZGZw6rW/jm9592/5YwQKlxyGCxlQt/RJ9t87loZKS7SDmT3TRHXNjklofkCGIV1XQA08O7gBJ2P1kxpYCvvdWy/jWBojvmcSXle3dkQKtEjMcv2rfNwkUiSNifB14yxe7AuP7fdJ79ku5DOUoEz95nWZ8TrfMi1DNipuLEJW5ie5LhG/hhSN5T/YkPsw67TA9hYrQSmlL6WpqIN2dbIXgL9e2EnWA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, May 31, 2024 at 12:51:29PM -0400, Kent Overstreet wrote: > On Fri, May 31, 2024 at 09:48:49AM -0700, Kees Cook wrote: > > On Fri, May 24, 2024 at 11:01:40AM -0400, Kent Overstreet wrote: > > > On Wed, Apr 24, 2024 at 02:40:59PM -0700, Kees Cook wrote: > > > > To be able to choose which buckets to allocate from, make the buckets > > > > available to the lower level kmalloc interfaces by adding them as the > > > > first argument. Where the bucket is not available, pass NULL, which means > > > > "use the default system kmalloc bucket set" (the prior existing behavior), > > > > as implemented in kmalloc_slab(). > > > > > > I thought the plan was to use codetags for this? That would obviate the > > > need for all this plumbing. > > > > > > Add fields to the alloc tag for: > > > - allocation size (or 0 if it's not a compile time constant) > > > - union of kmem_cache, kmem_buckets, depending on whether the > > > allocation size is constant or not > > > > I want to provide "simple" (low-hanging fruit) coverage that can live > > separately from the codetags-based coverage. The memory overhead for > > this patch series is negligible, but I suspect the codetags expansion, > > while not giant, will be more than some deployments will want. I want > > to avoid an all-or-nothing solution -- which is why I had intended this > > to be available "by default". > > technically there's no reason for your thing to depend on > CONFIG_CODETAGGING at all, that's the infrastructure for finding > codetags for e.g. /proc/allocinfo. you'd just be using the alloc_hoos() > macro and struct alloc_tag as a place to stash the kmem_buckets pointer. It's the overhead of separate kmem_cache and kmem_buckets for every allocation location that I meant. So I'd like the "simple" version for gaining coverage over the currently-being-regularly-exploited cases, and then allow for the "big hammer" solution too. However, I do think I'll still need the codetag infra because of the sections, etc. I think we'll need to pre-build the caches, but maybe that could be avoided by adding some kind of per-site READ_ONCE/lock thingy to create them on demand. We'll see! :) -- Kees Cook