From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D0F22C3DA4A for ; Sat, 27 Jul 2024 00:47:23 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 47A1F6B0089; Fri, 26 Jul 2024 20:47:23 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 42AA36B008A; Fri, 26 Jul 2024 20:47:23 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3187C6B008C; Fri, 26 Jul 2024 20:47:23 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 154A06B0089 for ; Fri, 26 Jul 2024 20:47:23 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id AC427C0181 for ; Sat, 27 Jul 2024 00:47:22 +0000 (UTC) X-FDA: 82383693924.10.B219EA3 Received: from mail-wr1-f45.google.com (mail-wr1-f45.google.com [209.85.221.45]) by imf04.hostedemail.com (Postfix) with ESMTP id C3B2B4000B for ; Sat, 27 Jul 2024 00:47:20 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=GlEXwN97; spf=pass (imf04.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.221.45 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1722041215; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=haWFi9tHwV99EGj7kzUlZrC7I03HetpVb9XSQZ78wj4=; b=fao8u8TKAo1cAv0ddliUWs210qIzY+vRCs5l5+YjcVSjdHCfSiLWE3gKRiSWZz7MZRvxlD CDny/9moSP9WBc9NpUelcoQhRLjv+ExbkXgPz/SncP+74CK3lhC00CNWlKOSFQ814bp6D5 llGXKf8WcSS7vc1DQqAAJUoXHHM5EmQ= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=GlEXwN97; spf=pass (imf04.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.221.45 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1722041215; a=rsa-sha256; cv=none; b=bVBdSQI0EvAxVf/SKFeRWzue+EN7w4UMpIUki5k0h5mesYKsiGYh7wvPLvKv3Yw8o5oPou kH2UwmnmGS6G4beK1egbZgwOOgy93pO6Dsl6XGb8oAHaPLUa2XAoe/P9LgzL5rpOVcUsVw GrtBtmtIGkZNYrsqy/RemDjZgbBvKbA= Received: by mail-wr1-f45.google.com with SMTP id ffacd0b85a97d-3687ea0521cso164176f8f.1 for ; Fri, 26 Jul 2024 17:47:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722041239; x=1722646039; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=haWFi9tHwV99EGj7kzUlZrC7I03HetpVb9XSQZ78wj4=; b=GlEXwN97WEDXO0ga/A6pNPDw1axNEtcwmoCIYzqqRBlOoLmx920YVRjJULlka5ukgB gk9Kh7la1Or2/OAN4PH6rY2LVqgEDnJTK9jwJ34VIeWnfov2+GcwpSHhzaZwKtkf3RYK jf/MBSRVmsb5ZLCWNqIQBiLnjJfku7+jVdl87i+dtkdR+zhYLapK6Vd2+sqJG4rTZxPz 34+5tyWczcJLyHFo2B7Te/wEZnNx24UcHOacoFyG8obyPWyyom0z2m/Sb6slU6Mzafrs m/Fvk7rrLQmyZ89aA34LRLKxzmjogx4duSj4qvr68gqtbvRXG1B3UNRXFP8kr45LtnZZ MvjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722041239; x=1722646039; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=haWFi9tHwV99EGj7kzUlZrC7I03HetpVb9XSQZ78wj4=; b=vsU22PJhfL7BnYb/Zc3y2Vahd+KNyvWZjp58gu3R9aien7FvHV2R/ZSZ0Awc9Sku5+ X91Y/s0hUvu7T4j4fughtaEPb7jSih2Sg8yjugYA/6rw8DslNGdUtWP6Kva+GfWuqT1a C2Jrpa80RobLo3IJvYA7wNWsvnVW3ggP9qnX6B+vWFNeZ3AkiOuhPJoSegVBdAD+Ff8E by9AzchKfH6jkuNNJRPIWpS1o+Yuz0u/Ri4wpdV0Er9TUZj1dEDCsOazYWGKdGYs7YjQ PtJWIZtoOAPkwFACEaWk+UoMVAqPYvXwOqIruBdc+2tzxW0c9h03eBpKYX46mUoMBTV2 ohZg== X-Forwarded-Encrypted: i=1; AJvYcCXw783qWq6CjRKtfFSVa8Jxa4eE5e1Qz4M3e0cR/FemGRECUpG87tfsl0kAb/lO9Bu3/CvpjG+EVF+llntfBNGJIaE= X-Gm-Message-State: AOJu0Ywx+25jgfevvr/87lwlBpu0k/QdUwYuB9AQFsS2CotbDWUu8Cxu e7hUV+HDA/xB8gz4YOE2ZTT5Od2yDxWh5P4KIzu++Yy1WxMxyAu2ip6NeBK1co0jMFdRQfWlehH 0xDsF3EStzsNSkzyEcjhHsHwMmLA= X-Google-Smtp-Source: AGHT+IEiY7g7wAj5nP6kbHVgwpz5Qfh9lrukpcSjdRBU2Y5TeP6KT1oDMsMyvrW4ZMNJxSRVb8X1iG1Zuv4hh6ODVxU= X-Received: by 2002:a5d:5305:0:b0:368:4910:8f43 with SMTP id ffacd0b85a97d-36b5cf2549emr916897f8f.3.1722041238862; Fri, 26 Jul 2024 17:47:18 -0700 (PDT) MIME-Version: 1.0 References: <20240725-kasan-tsbrcu-v3-0-51c92f8f1101@google.com> <20240725-kasan-tsbrcu-v3-1-51c92f8f1101@google.com> In-Reply-To: From: Andrey Konovalov Date: Sat, 27 Jul 2024 02:47:07 +0200 Message-ID: Subject: Re: [PATCH v3 1/2] kasan: catch invalid free before SLUB reinitializes the object To: Jann Horn Cc: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Vincenzo Frascino , Andrew Morton , Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Vlastimil Babka , Roman Gushchin , Hyeonggon Yoo <42.hyeyoo@gmail.com>, Marco Elver , kasan-dev@googlegroups.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam03 X-Rspam-User: X-Rspamd-Queue-Id: C3B2B4000B X-Stat-Signature: zsj6sm17o7cyum3x4d9a1p4z8zoh98fm X-HE-Tag: 1722041240-477293 X-HE-Meta: U2FsdGVkX181PHB8RbPv5XzMM1+wZU5hfsfoqJEkQwoHDa4exeo8eTtUKEgqAV4E9/ENP7h/xEQanXEStUMMpRAQSU21V5ldBgGPsGYk5vWmMk8jgynPJJfF2IHJ1SL3o/AjaKZ14cqD/nUjrIummIbPIL7LSdmu10bV3h4qp3cOBmqnTB8gQlluC/rC98fMjUEbQqhxT8cLZSIGTEUQpnXG9WvbHUarfowkRZlz/IPn4NU8REAYxySBYQHKdoIqaep1BfBnQjsnhJGJNktDJyO+sVtErC03x+h/YmeD0kYGNidDbuwj1WVPrjmgErYRCiPsqSY6phlB2n0LdLC7sy6B0WnCXuy+8IekFk0ja2FCRTWYPrDEOSxvIySn8RYBLZ1twOnUEmigHGznLOoK8FreAbFkdULfO/1CIQoAQ0ngysU4vt/4qiew9p2lExpuxod5aeV/Oxn6UaAsq0jzYM8U2sqb732vE4XaCFZwvgt/8cQ92o7UvAV+E0xTS3RUK9BE7kRZVFrOLaaW60Qwo1kOD2FbMrDpGrDmaFRlWQtrfatWJKkT9ZJbYL8oCNMq+bxQ0R2rlcB9ntklAzVdapZsaQdYfXaPkV9GfQqFh0vM1pqgP2TjKsXV6e/ebtpARLu6KcuRrChzQgSkYIF4hc7bJ2Jkmx9IHFnFk00d6H75rFzjlHprAlozXs2ReMkD1dkgisAnNTzY7cjk0Wwd6RWN2NhGi90dY1trY4vpFNSWvy+XXM9aHHQgBR+ti+kqL4T5/7iaLEE4hgBV3V+LX9WJTQiReNyaGmNywB+44bZrl56cG0NRman0axKeCQIhuUbqCfRRv6aO6PByTI9TYPNkL33B36lkORvohfGU8LUc6BYq4DdoTHn3Ze0mQR2UTyAh5M9F5fuqVn+R+dolVi9/qtCZ4W77lYZctaxSUnwBG1vAel44UPtS+7m28yLUxWYPnMEtKG0+LHfwXcr h3xbrRJA eB1NUmqhZtVGPwg9f/sRQVzXDxdqA4x0qs3K3RocD0bGTiZvYpOCyd6FkjIZAPVPio60zvNVUg99iYfeXTtPe5K3yQdYUSw1+qHHImmEKyssN/b0A2QNbSEv1JraqV/gXwnYUYo8KNhT/Zc9+xIhDTAxe1zmiwwOUKKL611Q8N5uter+KgWTWrkh1RqsRA/SktR1pzFk7MX2FcpLfwfX4uyRcjyLVjy2IgWNR5wgSzXUVaJJNzzQuQuOVUpPmRsDmqQM2LzKTc4suak8CkpbV870MbwfvNLiau8knk6bDv/nNmff0jK0Ck8rZfshO1WGdripvc20q0EmCPwIkvzwezfMOGgEUa6rrMgko6CkO4Yt2+0sde8FIO9/AwkCFAGrdgFXRADJ/rQKq+MI= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, Jul 26, 2024 at 3:52=E2=80=AFPM Jann Horn wrote: > > > Do we still need this patch? > > I just tried removing this patch from the series; without it, the > kmem_cache_invalid_free kunit test fails because the kmem_cache_free() > no longer synchronously notices that the pointer is misaligned. I > guess I could change the testcase like this to make the tests pass > without this patch, but I'd like to hear from you or another KASAN > person whether you think that's a reasonable change: Ah, I see. I think detecting a bug earlier if we can is better. So I don't mind keeping this patch, was just confused by the commit message. Adding on top of my comments from before: I think if you move check_slab_free() out of poison_slab_object() (but add to __kasan_mempool_poison_object()), and move is_kfence_address() and kasan_arch_is_ready() to poison_slab_object()'s callers, you won't even need the free_validation_result enum, so the patch should become simpler. You can also rename check_slab_free() to check_slab_allocation() to make it be named similarly to the already existing check_page_allocation(). (I think we should also later move kasan_arch_is_ready() out of check_page_allocation() into the high-level hooks for consistency; it also seems cleaner to have all of these ignore checks in the high-level functions instead of lower-level inlined ones.) Thanks!