From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A88DDC433EF for ; Sun, 3 Oct 2021 16:27:22 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 3270261A03 for ; Sun, 3 Oct 2021 16:27:22 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 3270261A03 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvack.org Received: by kanga.kvack.org (Postfix) id 604AF6B006C; Sun, 3 Oct 2021 12:27:21 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 58D9A6B0071; Sun, 3 Oct 2021 12:27:21 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 42EE1900002; Sun, 3 Oct 2021 12:27:21 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0117.hostedemail.com [216.40.44.117]) by kanga.kvack.org (Postfix) with ESMTP id 2F5006B006C for ; Sun, 3 Oct 2021 12:27:21 -0400 (EDT) Received: from smtpin30.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id C7095181AEF32 for ; Sun, 3 Oct 2021 16:27:20 +0000 (UTC) X-FDA: 78655656240.30.EFBC6F8 Received: from mail-io1-f45.google.com (mail-io1-f45.google.com [209.85.166.45]) by imf07.hostedemail.com (Postfix) with ESMTP id 95CD010004C3 for ; Sun, 3 Oct 2021 16:27:20 +0000 (UTC) Received: by mail-io1-f45.google.com with SMTP id b78so17574410iof.2 for ; Sun, 03 Oct 2021 09:27:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=gGz/7798TEe0PuD2hstTWSueeSofOrfEOZMUAoLV9NI=; b=WV0sN6CkWLEjLdwaqH+RRv/QPo1wzQrpUkFDjo/lEM+rDQGc2vPvUhIJLz2y/wKY6g gfZt16J8rvw5By+OcqK+o8M9mKb0o9uePR94TvsLfmwsN70xSQHf222+9AgqkpjsOUT+ tNm6DcJhsWlX8fRujhaCcXR1POGSIdvRxwP1uCdBHzxqJKYfUveUVN0OIKeMhyxaKU6T Onf8YTdlCeQefd38znfzSpkM+MX9ki1I5FLMLHmKquuWCT9on+1xZpktQXrQjeP9Kbom ke5zQ5uAGlOCm/0toZB/udeRGm1ExKu2sYVJ9IGHpVb2Uj3Pc6l8oF2RSJzHcmqMHvhm kpHw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=gGz/7798TEe0PuD2hstTWSueeSofOrfEOZMUAoLV9NI=; b=I2Gxb7wqxSYq5afJlgAMAT5DUbN5rvWbyGldk9K6L5SNwJY7yjL8rH/z3yO+tC4yGR Jq2jft1MkbJHVmxwdyYxQxdx4o8snLrKgYKdhVBkYtMN/ixZktd30RtwLbiAyOtbrSZp 60LxX+pV/8XHTQbBaBTatECV50fHgqWmaevU5fn0805TwQyv6mvIsc9OT+xBB4IVxcmS RweSO0tsrhSIjGt2BnrdfFtdR7AhBLndaAWUTNUf0frTavyWN1O6vuhXm+lH8P80B0Ed j5tNT1LNTwxTeExbe/ZAtPhhdrMcRmGEfV+Ihb0FOztBzlyCSEkbygnKbNZ0cvM+svJV 18Gg== X-Gm-Message-State: AOAM533o9zyu6/zNxEkHvQo39BRFmT/4sAkMIycjYFt2w7slkT9OgKK1 NkSScbpyVpKht2cpSjkdqw7WPPW73PtWJnZywbo= X-Google-Smtp-Source: ABdhPJwJ4NlNl/UT98Bv7qSDY/uujcrXZHzqmF3GH8oLkQdIoJYtV0c28VvBpNU+1poxsUyNx8qX1pgDqblDPkMqkQA= X-Received: by 2002:a02:7b01:: with SMTP id q1mr7320811jac.121.1633278439943; Sun, 03 Oct 2021 09:27:19 -0700 (PDT) MIME-Version: 1.0 References: <20211001024105.3217339-1-willy@infradead.org> In-Reply-To: From: Andrey Konovalov Date: Sun, 3 Oct 2021 18:27:09 +0200 Message-ID: Subject: Re: [PATCH] kasan: Fix tag for large allocations when using CONFIG_SLAB To: Matthew Wilcox Cc: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Andrew Morton , kasan-dev , Linux Memory Management List , LKML Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 95CD010004C3 X-Stat-Signature: ohwk7tjuyt8wq9tfkkno9n9rosofkg5p Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=WV0sN6Ck; spf=pass (imf07.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.166.45 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com; dmarc=pass (policy=none) header.from=gmail.com X-Rspamd-Server: rspam06 X-HE-Tag: 1633278440-731407 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, Oct 1, 2021 at 4:06 PM Matthew Wilcox wrote: > > On Fri, Oct 01, 2021 at 03:29:29PM +0200, Andrey Konovalov wrote: > > On Fri, Oct 1, 2021 at 4:42 AM Matthew Wilcox (Oracle) > > wrote: > > > > > > If an object is allocated on a tail page of a multi-page slab, kasan > > > will get the wrong tagbecause page->s_mem is NULL for tail pages. > > > > Interesting. Is this a known property of tail pages? Why does this > > happen? I failed to find this exception in the code. > > Yes, it's a known property of tail pages. kmem_getpages() calls > __alloc_pages_node() which returns a pointer to the head page. > All the tail pages are initialised to point to the head page. > Then in alloc_slabmgmt(), we set ->s_mem of the head page, but > we never set ->s_mem of the tail pages. Instead, we rely on > people always passing in the head page. I have a patch in the works > to change the type from struct page to struct slab so you can't > make this mistake. That was how I noticed this problem. Ah, so it's not "the tail page", it's "a tail page". Meaning any page but the head page. Got it. > > The tag value won't really be "wrong", just unexpected. But if s_mem > > is indeed NULL for tail pages, your fix makes sense. > > > > > I'm not quite sure what the user-visible effect of this might be. > > > > Everything should work, as long as tag values are assigned > > consistently based on the object address. > > OK, maybe this doesn't need to be backported then? Actually, why > subtract s_mem in the first place? Can we just avoid that for all > tag calculations? We could avoid it. To me, it seems cleaner to assign tags based on the object index rather than on the absolute address. But either way should work. There's no security nor stability impact from this issue, so probably not so much incentive to backport. But the patch makes sense. Thanks!