From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.3 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,NICE_REPLY_A, SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id DD49CC4332B for ; Mon, 15 Mar 2021 16:43:16 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 842EE64F2B for ; Mon, 15 Mar 2021 16:43:16 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 842EE64F2B Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 1B8CC6B0070; Mon, 15 Mar 2021 12:43:16 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 18E506B0071; Mon, 15 Mar 2021 12:43:16 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0080A6B0072; Mon, 15 Mar 2021 12:43:15 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0224.hostedemail.com [216.40.44.224]) by kanga.kvack.org (Postfix) with ESMTP id D8B286B0070 for ; Mon, 15 Mar 2021 12:43:15 -0400 (EDT) Received: from smtpin12.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id 872F1124F for ; Mon, 15 Mar 2021 16:43:15 +0000 (UTC) X-FDA: 77922678750.12.F794AD7 Received: from mail-lf1-f45.google.com (mail-lf1-f45.google.com [209.85.167.45]) by imf08.hostedemail.com (Postfix) with ESMTP id F10588056F56 for ; Mon, 15 Mar 2021 16:23:41 +0000 (UTC) Received: by mail-lf1-f45.google.com with SMTP id r3so49624381lfc.13 for ; Mon, 15 Mar 2021 09:23:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=qaNMP0alddEd7JtTl8zS7eqKdx15H1y0B//YrDmf5gY=; b=LPWDZEv6rFVCaqvd1m66r/0dCJ9+wI1htfwLgUiweWo4tBsrQS/Clt/YfyYSgWds0j pLF3RXqCPu7lfYFiAU4YcwGKr82Bko8tz48NmEpPJmKLzNAOXyxR3fcM2tuqVvTXnyL2 eraOHdXKq+S1rztoBhLn66mglA8ev18HI+HfueBneYeHL1Il/+ulzqVSeFfSOc3oykzW voyajZhA03rPkzuV69doQwzdLCR5+1DUjaY5uSAaBsYYzm/U478f4hdLvz5HUcWgTbf+ PJOiv2cCiapdgcwqIOXeuJmKFamorucxMBNInCeMt+Fy1HZci6gfNYsJ6hkvf4VZ5g4o lD9Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=qaNMP0alddEd7JtTl8zS7eqKdx15H1y0B//YrDmf5gY=; b=b0NN+H6wRhmL0fpARs+GmmMgwTuP+jaHs/wc0z7RB+igegUQWsxHbCzlzVRuS3af5C 0pvhAByykSXMHx1CyrCNLSN7l7levxG3+bNVV/cVsAKjpxXa6LOZNS7RJ7Hk2gdIzHRb S83NlBRqOFcAEBiHeuqjx0//ejlvLO94j7tTKS4GU8u4TRhAUYqWJaGLUQ3aMm7PIMsW 5YXLUVmdpxnPwNN3PZj1GCBd9zFkSLRoO3abk8pXjK52vlJx/eVaMPWOYqX4G4MNma1w as5W+MNlQD6ISbnmpfwWyjHgQRWDAmzzJwGYMFIB/gTmei3LTEzD/QQvw7kVbGxcFUR8 r0lA== X-Gm-Message-State: AOAM5323N8hIbzc9ba7SRFQFcb9Jr6wPnP0UmglgGip+xMnA8Dzihl/t Yp826XDWp2EyJ/rzYjWhXnY= X-Google-Smtp-Source: ABdhPJwrRgvcueCrrRfFRNvh6SNhQrQLTbWu4vNI/52vmnCHyrzJ41jNBtioVGBVOFSq1oTgBldG4A== X-Received: by 2002:ac2:43a3:: with SMTP id t3mr8229109lfl.340.1615825420417; Mon, 15 Mar 2021 09:23:40 -0700 (PDT) Received: from [192.168.1.39] (88-114-223-25.elisa-laajakaista.fi. [88.114.223.25]) by smtp.gmail.com with ESMTPSA id e15sm2986504ljg.54.2021.03.15.09.23.39 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 15 Mar 2021 09:23:39 -0700 (PDT) Subject: Re: [PATCH v4] mm/vmalloc: randomize vmalloc() allocations To: Uladzislau Rezki Cc: linux-hardening@vger.kernel.org, akpm@linux-foundation.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andy Lutomirski , Jann Horn , Kees Cook , Linux API , Matthew Wilcox , Mike Rapoport References: <20210309135757.5406-1-toiwoton@gmail.com> <20210314172312.GA2085@pc638.lan> <20210315153510.GA1865@pc638.lan> From: Topi Miettinen Message-ID: <4649f69d-b7cd-d1a6-26e0-9b8bf3b17df5@gmail.com> Date: Mon, 15 Mar 2021 18:23:37 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.0 MIME-Version: 1.0 In-Reply-To: <20210315153510.GA1865@pc638.lan> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: F10588056F56 X-Stat-Signature: eczjyhkap4bujsxxdym944o188rfowiz Received-SPF: none (gmail.com>: No applicable sender policy available) receiver=imf08; identity=mailfrom; envelope-from=""; helo=mail-lf1-f45.google.com; client-ip=209.85.167.45 X-HE-DKIM-Result: pass/pass X-HE-Tag: 1615825421-509238 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 15.3.2021 17.35, Uladzislau Rezki wrote: >> On 14.3.2021 19.23, Uladzislau Rezki wrote: >>> Also, using vmaloc test driver i can trigger a kernel BUG: >>> >>> >>> [ 24.627577] kernel BUG at mm/vmalloc.c:1272! >> >> It seems that most tests indeed fail. Perhaps the vmalloc subsystem isn't >> very robust in face of fragmented virtual memory. What could be done to fix >> that? >> > Your patch is broken in context of checking "vend" when you try to > allocate next time after first attempt. Passed "vend" is different > there comparing what is checked later to figure out if an allocation > failed or not: > > > if (unlikely(addr == vend)) > goto overflow; > Thanks, I'll fix that. > >> >> In this patch, I could retry __alloc_vmap_area() with the whole region after >> failure of both [random, vend] and [vstart, random] but I'm not sure that >> would help much. Worth a try of course. >> > There is no need in your second [vstart, random]. If a first bigger range > has not been successful, the smaller one will never be success anyway. The > best way to go here is to repeat with real [vsart:vend], if it still fails > on a real range, then it will not be possible to accomplish an allocation > request with given parameters. > >> >> By the way, some of the tests in test_vmalloc.c don't check for vmalloc() >> failure, for example in full_fit_alloc_test(). >> > Where? Something like this: diff --git a/lib/test_vmalloc.c b/lib/test_vmalloc.c index 5cf2fe9aab9e..27e5db9a96b4 100644 --- a/lib/test_vmalloc.c +++ b/lib/test_vmalloc.c @@ -182,9 +182,14 @@ static int long_busy_list_alloc_test(void) if (!ptr) return rv; - for (i = 0; i < 15000; i++) + for (i = 0; i < 15000; i++) { ptr[i] = vmalloc(1 * PAGE_SIZE); + if (!ptr[i]) + goto leave; + } + + for (i = 0; i < test_loop_count; i++) { ptr_1 = vmalloc(100 * PAGE_SIZE); if (!ptr_1) @@ -236,7 +241,11 @@ static int full_fit_alloc_test(void) for (i = 0; i < junk_length; i++) { ptr[i] = vmalloc(1 * PAGE_SIZE); + if (!ptr[i]) + goto error; junk_ptr[i] = vmalloc(1 * PAGE_SIZE); + if (!junk_ptr[i]) + goto error; } for (i = 0; i < junk_length; i++) @@ -256,8 +265,10 @@ static int full_fit_alloc_test(void) rv = 0; error: - for (i = 0; i < junk_length; i++) + for (i = 0; i < junk_length; i++) { vfree(ptr[i]); + vfree(junk_ptr[i]); + } vfree(ptr); vfree(junk_ptr); -Topi