From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A06EDD10BE3 for ; Sat, 26 Oct 2024 05:46:17 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3363E6B0089; Sat, 26 Oct 2024 01:46:17 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 2E6036B008A; Sat, 26 Oct 2024 01:46:17 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 187346B008C; Sat, 26 Oct 2024 01:46:17 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id EEC5D6B0089 for ; Sat, 26 Oct 2024 01:46:16 -0400 (EDT) Received: from smtpin23.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id A9E3DC145E for ; Sat, 26 Oct 2024 05:45:54 +0000 (UTC) X-FDA: 82714667322.23.0130B76 Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175]) by imf15.hostedemail.com (Postfix) with ESMTP id E2934A0024 for ; Sat, 26 Oct 2024 05:45:53 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=CA3nqK4a; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf15.hostedemail.com: domain of rientjes@google.com designates 209.85.214.175 as permitted sender) smtp.mailfrom=rientjes@google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1729921521; a=rsa-sha256; cv=none; b=AmH3q/PmyscXmD+xJguTuThwnVc3ddyH0mXZJCTY8lMvJwtxnCxfY26nZBg2A7vBLhQsu/ ni0kPTUQcMSepiqvovrSX8clQcfzk+R4vqhqIfYO/vpp1HfdWT2TqKEjfhbCPQ5F7/F1D1 Y2vn8EqhUuas0qvPk2l1iV9f84ubU5g= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=CA3nqK4a; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf15.hostedemail.com: domain of rientjes@google.com designates 209.85.214.175 as permitted sender) smtp.mailfrom=rientjes@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1729921521; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=eY8ZkEywyfjVgvKb0PE6wkcMqGE2Q4geJi7aoCgEDmQ=; b=J8ra+3p4nqhet44CVyY1NQF6o1HgwHXrmowMFFDxPQK+t90T9W/MZFC/XyUvI8nqxnIMvK Qm91C4vM5tzdwMFkcvwplMVbHCvjB+dtXuLyrYITRe2vvnLvz6+V46yOPxGomU0dop2lsW rDUg1kOAv44KNS/8MkvhCLbkrm0OmUU= Received: by mail-pl1-f175.google.com with SMTP id d9443c01a7336-20c87b0332cso53955ad.1 for ; Fri, 25 Oct 2024 22:46:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1729921573; x=1730526373; darn=kvack.org; h=mime-version:references:message-id:in-reply-to:subject:cc:to:from :date:from:to:cc:subject:date:message-id:reply-to; bh=eY8ZkEywyfjVgvKb0PE6wkcMqGE2Q4geJi7aoCgEDmQ=; b=CA3nqK4aLBOh/63RW9ah4AJ5poQXIsLzl0SJPbI2fHnkPyjNGqRB+IWzdpddrvZolp Uek3OWgCzTEexoDcIipwYgUuxiL+SWIQHVvI4MYguPYtuyurGpHIgPtbrVVbaNGqwqgF 0bIpUni26jzmk8jM/b7qNTcnral/rfVkWXKfbISnIyVsJA/PMaFqJV55bRopSzC4w9ed 4KUy4Baaxm1UM/9n7Zx/yWGBqf2HullrBgZR5bNlyFKz45qX//d1GT+xrPxi9hPaFBPX 384b8i/qWPQjcd67KRzmbGgEZZ3bS2qCzDcF5PIV5ru61U3dyayAbsSDCSuMh7W4toh0 4cCw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1729921573; x=1730526373; h=mime-version:references:message-id:in-reply-to:subject:cc:to:from :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=eY8ZkEywyfjVgvKb0PE6wkcMqGE2Q4geJi7aoCgEDmQ=; b=aT9kTZhdJ95qy7hydMRt+L1IrdRs06H5bARtWF3wOHNQjY4ZPVXtCVT57fnE/TADA3 wqBhGMsUbSGhcqQl+HEo1LUMYzWrb4lPy8ZM+g8jEHYXxnkIOpRYcp9ke9NCrudN6p1j vU+piHskcFN0jlHfbC94p4COc21ZKVOmFzKCfoNcZlLrXr8GBQqxulSDui4tB6obJjy9 sM6tGQL2i5l/w0ZIW1u3XllFHR47R4+pDWLrhASeBeNRX18EzdCOThPXZjkSM5lGpWNl pvaQ7bGBegvMHx11zr4jUbE9Fn1l9bwVQzFRdWcVZK78WOXAIUdn/xQ6aQvWAO08lYZZ KOcQ== X-Forwarded-Encrypted: i=1; AJvYcCVTnuhjkZjn820FoD7zdsBHKxrBHtvivME8ctDmBAY7qNInIf3Rq1Ihr8uFFQDbm4VsDuzOeoGgvw==@kvack.org X-Gm-Message-State: AOJu0Yxo3jn2xoTWw1WXbWI+1RUCkqhwxHQd4btrEqI/Jhiok//hpt9y Xw5v745yZHSBL1AwjH4D3Ekc+WmxR7to+4duNOnrWP3rxnXIw66O0DeS42CrqQ== X-Google-Smtp-Source: AGHT+IHQJgLq26FeZB3qU743EYM2bPcmmi3fesK4osKTr3JrdwHB+K8I+X1vHhJIGYtKvNJXamqCdQ== X-Received: by 2002:a17:902:fb84:b0:200:97b5:dc2b with SMTP id d9443c01a7336-210c7b885b5mr803385ad.15.1729921573136; Fri, 25 Oct 2024 22:46:13 -0700 (PDT) Received: from [2620:0:1008:15:a73a:2b46:3ef7:2150] ([2620:0:1008:15:a73a:2b46:3ef7:2150]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-210bc02ea63sm18221395ad.220.2024.10.25.22.46.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 25 Oct 2024 22:46:09 -0700 (PDT) Date: Fri, 25 Oct 2024 22:46:09 -0700 (PDT) From: David Rientjes To: Qun-Wei Lin cc: Christoph Lameter , Pekka Enberg , Joonsoo Kim , Andrew Morton , Vlastimil Babka , Roman Gushchin , Hyeonggon Yoo <42.hyeyoo@gmail.com>, Matthias Brugger , AngeloGioacchino Del Regno , Danilo Krummrich , catalin.marinas@arm.com, surenb@google.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, linux-mediatek@lists.infradead.org, bpf@vger.kernel.org, Casper Li , Chinwen Chang , Andrew Yang , John Hsu , wsd_upstream@mediatek.com Subject: Re: [PATCH] mm: krealloc: Fix MTE false alarm in __do_krealloc In-Reply-To: <20241025085811.31310-1-qun-wei.lin@mediatek.com> Message-ID: <3740cf07-594a-d484-29de-5d76e2e97be3@google.com> References: <20241025085811.31310-1-qun-wei.lin@mediatek.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Rspam-User: X-Rspamd-Queue-Id: E2934A0024 X-Rspamd-Server: rspam01 X-Stat-Signature: m7h6u487q9fi76mhwe1s5wai7kekixcd X-HE-Tag: 1729921553-787563 X-HE-Meta: U2FsdGVkX19n30hX+ce7ECylhxHDQob5Ojz8r0UXrczvKcv8U6fW4bowILUzJmRaFSI3SQSc4HuhtDccTrxrsSiBmfO7dm94uNp0X7Y2yG5S3JUXLGsgy4LE1NS8P/Z/nAMypaXStxjei/6UmkBYbyzz4Ta1bCJY9uihMx6byhTtmDmIY2TVk0CijRzPvRRcwXevrxxbxy8To1MG5x76wflgEmJMguDvoLk1uoLxBlL/zRFDsUrIfnoowSRz9oGcSAkXkcbY0nwEK2YE9Sntjp6svC5hsRjb4RRXKVZMyi1P22r8P/Im4J2c8GQMdYcGO5jStEsh3wHB/ZJJetfzQRK83qJkPJwMmymYLefUIRn3Cy48Ibed41b9Y07toiuWVUXi8C9iuRqwXaKQ5msAYUrrGupjW21HuyVyErKOoVXkQe1mnEAcXuOV/7Li5bjq4wkvVy7bah6iImU9rsPjqYAQyhlevUw8kjYmnnPkP9uBeMpOunCdcmAPhkq/49CmVgXj0nh5NyuK/wMZOtbHKruBc6L46Datps1nkSVjw9mkekPhr3hGRYiI8qYvbn2IZokgYZGCkkds3HSiZVFhnuV+6hSsNc5VX97je1OGA5N0WtmOYi12yjlGSF/itim1ovB8UGnhwCHsoXKO//7gyXtK/wkdEujXj0lygJ57MS3+dpV9jTjB113/McM7Wq99cNW6sdeNPlofd8OCvbXEzzasBdKpFV4HnYkq47alFd/RUGc7IxjItXOl0BdVaQH2XmP/g1w6iLoUInzDGcSATRFq8ScXAU8GcIVmrXsSzNRj6DQbzU5r0e5b5TZKQk5+CgflX1gFKDx5xAcAs64D+jz2Jn226Qc+25E5rFg+iLoxrUBcc/7BtpYYsF1yrQddIcgzS3QRU3bV5L40HkdOQu2zIhi9SZxl+dJW3OEmwKIp+q105ycn3IxM5nyWQ1sKJsTlnIVD5ebvLluLfm8 T8tJPht5 m1s+1rE3U6xiRgbddFY5aEDumqEoErkGMgqkA23WxgJ8yvcprpMmL7Cumymce9pe9MU1lAGF3L0XEvJLchez5tgqJpS768wnGWWl7msqmxqe0qjVymf6VeZqS2D1nbxTivh6h/e5mrT2OLZmQxC8/QpRtrkXsc8E7ohGksraMOHsFj2PgnKONIZUgdQ8Rrcaxd0Fy4CoNfJawUUBlL0aa1r+aMfdu1lLKbnOdr6raPZI8FyGMfoELIxlJ6TVi6Yzd1S8+is/dzQ6z0DOwtyIm1BMVQmVq0k355/c9B3oYDxp2UsRgPZUQiftUDvNLF7Yc5ahJ/OuOsvzP5YN+HHuFQI1fWP8ulHazeLAbSAnF4mG8XWa5Z12ILfpQJ4U8hqaRrEYTonNNMlfRcyHzWb0LLRYzr6Az8SPxLqvfr0qwYq0FIwFGmLwsI3J8vqaWPakZLuHvYwN29fCNZw5XowQaY78YeLH2ZxXpibGN5/dagSNChw1Hqa2N6M+dBQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.012395, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, 25 Oct 2024, Qun-Wei Lin wrote: > This patch addresses an issue introduced by commit 1a83a716ec233 ("mm: > krealloc: consider spare memory for __GFP_ZERO") which causes MTE > (Memory Tagging Extension) to falsely report a slab-out-of-bounds error. > > The problem occurs when zeroing out spare memory in __do_krealloc. The > original code only considered software-based KASAN and did not account > for MTE. It does not reset the KASAN tag before calling memset, leading > to a mismatch between the pointer tag and the memory tag, resulting > in a false positive. > > Example of the error: > ================================================================== > swapper/0: BUG: KASAN: slab-out-of-bounds in __memset+0x84/0x188 > swapper/0: Write at addr f4ffff8005f0fdf0 by task swapper/0/1 > swapper/0: Pointer tag: [f4], memory tag: [fe] > swapper/0: > swapper/0: CPU: 4 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12. > swapper/0: Hardware name: MT6991(ENG) (DT) > swapper/0: Call trace: > swapper/0: dump_backtrace+0xfc/0x17c > swapper/0: show_stack+0x18/0x28 > swapper/0: dump_stack_lvl+0x40/0xa0 > swapper/0: print_report+0x1b8/0x71c > swapper/0: kasan_report+0xec/0x14c > swapper/0: __do_kernel_fault+0x60/0x29c > swapper/0: do_bad_area+0x30/0xdc > swapper/0: do_tag_check_fault+0x20/0x34 > swapper/0: do_mem_abort+0x58/0x104 > swapper/0: el1_abort+0x3c/0x5c > swapper/0: el1h_64_sync_handler+0x80/0xcc > swapper/0: el1h_64_sync+0x68/0x6c > swapper/0: __memset+0x84/0x188 > swapper/0: btf_populate_kfunc_set+0x280/0x3d8 > swapper/0: __register_btf_kfunc_id_set+0x43c/0x468 > swapper/0: register_btf_kfunc_id_set+0x48/0x60 > swapper/0: register_nf_nat_bpf+0x1c/0x40 > swapper/0: nf_nat_init+0xc0/0x128 > swapper/0: do_one_initcall+0x184/0x464 > swapper/0: do_initcall_level+0xdc/0x1b0 > swapper/0: do_initcalls+0x70/0xc0 > swapper/0: do_basic_setup+0x1c/0x28 > swapper/0: kernel_init_freeable+0x144/0x1b8 > swapper/0: kernel_init+0x20/0x1a8 > swapper/0: ret_from_fork+0x10/0x20 > ================================================================== > > Fixes: 1a83a716ec233 ("mm: krealloc: consider spare memory for > __GFP_ZERO") > Signed-off-by: Qun-Wei Lin Acked-by: David Rientjes