From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 923FEC3DA4A for ; Fri, 2 Aug 2024 19:35:26 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 130136B00AA; Fri, 2 Aug 2024 15:35:26 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 0964F6B00AC; Fri, 2 Aug 2024 15:35:26 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E4EB06B00AD; Fri, 2 Aug 2024 15:35:25 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id BE1106B00AA for ; Fri, 2 Aug 2024 15:35:25 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 52544A7515 for ; Fri, 2 Aug 2024 19:35:25 +0000 (UTC) X-FDA: 82408309410.03.088B5D2 Received: from mail-wr1-f54.google.com (mail-wr1-f54.google.com [209.85.221.54]) by imf03.hostedemail.com (Postfix) with ESMTP id 69DC020024 for ; Fri, 2 Aug 2024 19:35:23 +0000 (UTC) Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=A3yyIQjt; spf=pass (imf03.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.221.54 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1722627277; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=hYUx5VYfzdcL2cZbcEL5FqwVX5ykzwG2TQHVubtZro0=; b=8ROkLKjjdULMiYj9fWyLyeBYGAhkNOHIuS8meSewCV+ETv8n1fHVU7t/+f1nISNCx+s9a/ loH1nQk7dYxHZPTA5IIxgtzV0aLrXctRVP2ThJrz1VoZYshEoi4qafaO1NO6OYn5IsLBtB PfMFVGFr/odJrJd2aD1OvAg9BmMvqsw= ARC-Authentication-Results: i=1; imf03.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=A3yyIQjt; spf=pass (imf03.hostedemail.com: domain of andreyknvl@gmail.com designates 209.85.221.54 as permitted sender) smtp.mailfrom=andreyknvl@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1722627277; a=rsa-sha256; cv=none; b=BUY7WlVA/BhBaNyFRAX1M3ddxFVgFn6tbOxkUZbqhtDD/D206vW61gx+Lx9efly15IrV7C RmtZJbhHGmqkbVYQNjUh5rjYpOLdEd4MUD3vZvFWxO+HvDN5ikJOPIv1fH/Ciu+lbmKcoq sse4h1tnaaXKAawp0cTPnHD3dMUXB6U= Received: by mail-wr1-f54.google.com with SMTP id ffacd0b85a97d-3684e8220f9so1979628f8f.1 for ; Fri, 02 Aug 2024 12:35:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722627322; x=1723232122; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=hYUx5VYfzdcL2cZbcEL5FqwVX5ykzwG2TQHVubtZro0=; b=A3yyIQjtKiQEEB4J0Hmyszus6QciS23xUY8hYQfuOGwkoFVTtJqxRiCUpB3OFlcDjk GLy7UACm5j2M/cM1Nr8T/RF+i29sPJafv943a/Am2Uz+TALx58/zVX6/tcsNrLJ61ndy t7q/lQ0gaMZtHcBnXRQeum9v6k6Ski85dy6qqbYXfM+co3SvFsp5ilrtEC10Vg8NTReu 93C2M2iy2kXIWqbINFekZvEwxfAQ+P1g2fUBYvxOMj7ndv1Jx4Tg1lJaoxLRjnDLJSEs 39WkrSiaPgCoX36G1Kx0Fcuhh24nFjVl81SLAGAY4cIGPRga2idy+dQtMHgymv99mJgt MMxA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722627322; x=1723232122; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hYUx5VYfzdcL2cZbcEL5FqwVX5ykzwG2TQHVubtZro0=; b=LYOMG9y9B7SsNagPg+xtGYHa+O5ikQM/Cv1n7wFPL/ESfkXe/nmCHGbCFyqg0GKv3Y iOaS9+TnuGTkGF5ZwzstiI1NrSvlVgLmyBdCX3Gvfv/HpnudQE0a/PFTI6U3XkHj746g wBpp60iN4zJACHm4g0DZtqzc/S2p/fvasdb4F25IEIS5InEfwe7fIyg8wY5wS9u63mw/ JTQXZQmQFX0+dFNxyNnFFqcv8FFz0v4v0xBJzxVHeqlFA/pCima/hO7yQNK35L0+IXoz fM4KkfsSrsekVrHPGWwoe1aj7bA+OU+Te3UjE2oam61LVQMGOeKYNqc28cPLfgscBqCs A7Rw== X-Forwarded-Encrypted: i=1; AJvYcCVUwdBIwOj5rz7LWCdCm1asORo3Cei/QPfKjpE1kWUPhRJGq0AFia/HkSqfeRAiklSoozwNjEum/A8OTRRYLhB378Y= X-Gm-Message-State: AOJu0Yyq3tgbH6AkToKlGO2kPqyw+pBdyRcz6nbLGGm1F/PvxCaoddNM Rf4cMbTxFXI3zoksYQxNs30HIAtZH/qb+JiFrL480nhm/v93yKJN2WjBv+lx8ySe1LPo5ZJHrLD VTQeyzJAVnWcL4JZYQ89YVvRfwdM= X-Google-Smtp-Source: AGHT+IFkYyINSiZFkbDWCMcpm7ALPjDI8in2ngnFEDBwMRL8khCi4/w1CXQrLIWYQQDM9gxGJvydpO5FPCEPQCBmnsA= X-Received: by 2002:adf:ef4f:0:b0:36b:c65c:661e with SMTP id ffacd0b85a97d-36bc65c66b1mr1411494f8f.13.1722627321544; Fri, 02 Aug 2024 12:35:21 -0700 (PDT) MIME-Version: 1.0 References: <20240730-kasan-tsbrcu-v5-0-48d3cbdfccc5@google.com> <20240730-kasan-tsbrcu-v5-2-48d3cbdfccc5@google.com> In-Reply-To: From: Andrey Konovalov Date: Fri, 2 Aug 2024 21:35:10 +0200 Message-ID: Subject: Re: [PATCH v5 2/2] slub: Introduce CONFIG_SLUB_RCU_DEBUG To: Jann Horn Cc: Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , Vincenzo Frascino , Andrew Morton , Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Vlastimil Babka , Roman Gushchin , Hyeonggon Yoo <42.hyeyoo@gmail.com>, Marco Elver , kasan-dev@googlegroups.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Stat-Signature: xk1rmoifk7z7tfndyktjhh7iepxwjhgu X-Rspam-User: X-Rspamd-Queue-Id: 69DC020024 X-Rspamd-Server: rspam02 X-HE-Tag: 1722627323-559887 X-HE-Meta: U2FsdGVkX1/AKgs+L9QREfwI6yegB+TRslp30lhvw7sv3giJxugMN6LOS6DLTrVLiiIBRnSzrxBgXdxH4q8vDBaNPro6/tvs6j5LEZKtyGTiUcQJns/RCiqwwZCVLk263Sh1NH1XDvSsGw/zJqgtw5lLueWvB1UFxv9P8CNDDuTFgUVh+uLFksLlS8u98NDhx9iEEDn10O94UvNEJ+yy/7CWqPjwbQlb6FoDEgC6GrLbnmS/tJuynh2mZYNZMQ6v4d8Ph8gqf4zNLzFNgTy7hBquEMwsDUKodV81bTv5twjjwxUMPI8KOPNDnNdkD45E2NGoYXJjoJ9/6qfcKXNM2aG785UfyPTZoik2tpP2cUn+X21wLmX+4bJF/Wey4oKMFAAT1vOw9R7Ew1wlVLvTRlVg7xS0hSR077Td8eaeJFB6Ut5nR3A9aUZ3G3mF1R/IsrRSlDixdgGB775VyEiCpTU8LudvdjRkiGLZ9JEpUPZypgJPWTmSQ9tf683FMKXBUXR6Pu+A4VMW9GRPv8U+LRxNE4ePZcYE8xsJ9Ka7rdcKoex5kTTrudy7ApxbtQu/q7I4t4YoSHESbDclhOlu8uGemFgBEY6NAJnJHj57+p6vAJIFhICQbZYxnlofdIv0RrmFNpcEv9NR0XeeRvHkityB9KwL0Aqziud6yOmOGtPwoqrN8CzAHsK+a9BsJRWrQg2sJd9F7334JFh0qS1+26wwEbXQbJbdEkChiGsAEIBHd4V1qiOwDkpBx7gUFP67hxySTxNSi7UOcLIyvIPKFgp6CXiJSCgcnhquqaGLYVNwchg15bi6K6+0LAljc8cPjXeeY0twdjZ4KBByHin8Fx5JuF1ukNZKiqPpBEcH7YtNPzQ0IxjpblPs7OpphrgHCQmjOU+O7+xIIjfkhHc9/2PV9cO4t7hxZB9p038O8B3jW0dLojEZI2O8ttNc1t4rNlel9xE96Bs6zcvFTBN mP8I12Hc +fYMGDslD2kmcZcW3+uTSTtb7vghZHe3IYlWQE7zfoWDm3l8NI/U6bF4tS2VX7U92fyd/sATUrC7E6t9LJ2AkrzRk/oi8lFzzcoenLY88J88hGq6FjY2VRMDnaWYlsCtYU1RKHvP0lqeW0mfuweUcW0Cmm1HwMAvpCfQZ2woshaxNsxk20xIsQm/GwslDyeZKDViTJ2bLphpV4tbh86/xqgsRbIWCgMfUnZuzpCV+RTDAJKEr90PDqEx8UKtoCyyZ1p31eFb1+b4/5wncfakn6zNCflIwGP5lO0BcS2aWUnI7TTfy4/18EF9ycO8aWyOcuPHJYf0XJ1/zoF7mZts6Q5dBG2cWmPN2x1SM2jd4Afk1mxLq5tbqONplLdh+JTHiqDabdfCfnTV4Nd2TPyzdQN1cFMQAyH3/VZPXe+pbtl/lf52ep377ELo+Ag== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, Aug 2, 2024 at 1:23=E2=80=AFPM Jann Horn wrote: > > On Fri, Aug 2, 2024 at 11:09=E2=80=AFAM Jann Horn wrot= e: > > I guess I could also change the API to pass something different - like > > a flag meaning "the object is guaranteed to no longer be in use". > > There is already code in slab_free_hook() that computes this > > expression, so we could easily pass that to KASAN and then avoid doing > > the same logic in KASAN again... I think that would be the most > > elegant approach? > > Regarding this, I think I'll add something like this on top of this patch= in v6: > > diff --git a/include/linux/kasan.h b/include/linux/kasan.h > index b63f5351c5f3..50bad011352e 100644 > --- a/include/linux/kasan.h > +++ b/include/linux/kasan.h > @@ -201,16 +201,17 @@ bool __kasan_slab_free(struct kmem_cache *s, > void *object, bool init, > /** > * kasan_slab_free - Possibly handle slab object freeing. > * @object: Object to free. > + * @still_accessible: Whether the object contents are still accessible. > * > * This hook is called from the slab allocator to give KASAN a chance to= take > * ownership of the object and handle its freeing. > * kasan_slab_pre_free() must have already been called on the same objec= t. > * > * @Return true if KASAN took ownership of the object; false otherwise. > */ > static __always_inline bool kasan_slab_free(struct kmem_cache *s, > void *object, bool init, > - bool after_rcu_delay) > + bool still_accessible) > { > if (kasan_enabled()) > return __kasan_slab_free(s, object, init, after_rcu_delay= ); > @@ -410,7 +411,7 @@ static inline bool kasan_slab_pre_free(struct > kmem_cache *s, void *object) > } > > static inline bool kasan_slab_free(struct kmem_cache *s, void *object, > - bool init, bool after_rcu_delay) > + bool init, bool still_accessible) > { > return false; > } > diff --git a/mm/kasan/common.c b/mm/kasan/common.c > index 71a20818b122..ed4873e18c75 100644 > --- a/mm/kasan/common.c > +++ b/mm/kasan/common.c > @@ -230,14 +230,14 @@ static bool check_slab_allocation(struct > kmem_cache *cache, void *object, > } > > static inline void poison_slab_object(struct kmem_cache *cache, void *ob= ject, > - bool init, bool after_rcu_delay) > + bool init, bool still_accessible) > { > void *tagged_object =3D object; > > object =3D kasan_reset_tag(object); > > /* RCU slabs could be legally used after free within the RCU peri= od. */ > - if (unlikely(cache->flags & SLAB_TYPESAFE_BY_RCU) && !after_rcu_d= elay) > + if (unlikely(still_accessible)) > return; > > kasan_poison(object, round_up(cache->object_size, KASAN_GRANULE_S= IZE), > @@ -256,12 +256,12 @@ bool __kasan_slab_pre_free(struct kmem_cache > *cache, void *object, > } > > bool __kasan_slab_free(struct kmem_cache *cache, void *object, bool init= , > - bool after_rcu_delay) > + bool still_accessible) > { > if (!kasan_arch_is_ready() || is_kfence_address(object)) > return false; > > - poison_slab_object(cache, object, init, after_rcu_delay); > + poison_slab_object(cache, object, init, still_accessible); > > /* > * If the object is put into quarantine, do not let slab put the = object > diff --git a/mm/slub.c b/mm/slub.c > index 49571d5ded75..a89f2006d46e 100644 > --- a/mm/slub.c > +++ b/mm/slub.c > @@ -2221,31 +2221,34 @@ static __always_inline > bool slab_free_hook(struct kmem_cache *s, void *x, bool init, > bool after_rcu_delay) > { > + /* Are the object contents still accessible? */ > + bool still_accessible =3D (s->flags & SLAB_TYPESAFE_BY_RCU) && > !after_rcu_delay; > + > kmemleak_free_recursive(x, s->flags); > kmsan_slab_free(s, x); > > debug_check_no_locks_freed(x, s->object_size); > > if (!(s->flags & SLAB_DEBUG_OBJECTS)) > debug_check_no_obj_freed(x, s->object_size); > > /* Use KCSAN to help debug racy use-after-free. */ > - if (!(s->flags & SLAB_TYPESAFE_BY_RCU) || after_rcu_delay) > + if (!still_accessible) > __kcsan_check_access(x, s->object_size, > KCSAN_ACCESS_WRITE | KCSAN_ACCESS_AS= SERT); > > if (kfence_free(x)) > return false; > > /* > * Give KASAN a chance to notice an invalid free operation before= we > * modify the object. > */ > if (kasan_slab_pre_free(s, x)) > return false; > > #ifdef CONFIG_SLUB_RCU_DEBUG > - if ((s->flags & SLAB_TYPESAFE_BY_RCU) && !after_rcu_delay) { > + if (still_accessible) { > struct rcu_delayed_free *delayed_free; > > delayed_free =3D kmalloc(sizeof(*delayed_free), GFP_NOWAI= T); > @@ -2289,7 +2292,7 @@ bool slab_free_hook(struct kmem_cache *s, void > *x, bool init, > s->size - inuse - rsize); > } > /* KASAN might put x into memory quarantine, delaying its reuse. = */ > - return !kasan_slab_free(s, x, init, after_rcu_delay); > + return !kasan_slab_free(s, x, init, still_accessible); > } > > static __fastpath_inline Ok, let's do it like this. Thank you!