From: Marco Elver <elver@google.com>
To: andrey.konovalov@linux.dev
Cc: Alexander Potapenko <glider@google.com>,
Andrey Konovalov <andreyknvl@gmail.com>,
Dmitry Vyukov <dvyukov@google.com>,
Andrey Ryabinin <ryabinin.a.a@gmail.com>,
kasan-dev@googlegroups.com,
Evgenii Stepanov <eugenis@google.com>,
Breno Leitao <leitao@debian.org>,
Alexander Lobakin <alobakin@pm.me>,
Andrew Morton <akpm@linux-foundation.org>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
Andrey Konovalov <andreyknvl@google.com>
Subject: Re: [PATCH mm 00/21] kasan: save mempool stack traces
Date: Tue, 2 Jan 2024 13:54:08 +0100 [thread overview]
Message-ID: <CANpmjNOaeKRZKtJusQu9Ag2=ifwPS+L9-ZGL77dRzDFPGu_DOQ@mail.gmail.com> (raw)
In-Reply-To: <cover.1703024586.git.andreyknvl@google.com>
On Tue, 19 Dec 2023 at 23:29, <andrey.konovalov@linux.dev> wrote:
>
> From: Andrey Konovalov <andreyknvl@google.com>
>
> This series updates KASAN to save alloc and free stack traces for
> secondary-level allocators that cache and reuse allocations internally
> instead of giving them back to the underlying allocator (e.g. mempool).
>
> As a part of this change, introduce and document a set of KASAN hooks:
>
> bool kasan_mempool_poison_pages(struct page *page, unsigned int order);
> void kasan_mempool_unpoison_pages(struct page *page, unsigned int order);
> bool kasan_mempool_poison_object(void *ptr);
> void kasan_mempool_unpoison_object(void *ptr, size_t size);
>
> and use them in the mempool code.
>
> Besides mempool, skbuff and io_uring also cache allocations and already
> use KASAN hooks to poison those. Their code is updated to use the new
> mempool hooks.
>
> The new hooks save alloc and free stack traces (for normal kmalloc and
> slab objects; stack traces for large kmalloc objects and page_alloc are
> not supported by KASAN yet), improve the readability of the users' code,
> and also allow the users to prevent double-free and invalid-free bugs;
> see the patches for the details.
>
> There doesn't appear to be any conflicts with the KASAN patches that are
> currently in mm, but I rebased the patchset on top just in case.
>
> Changes RFC->v1:
> - New patch "mempool: skip slub_debug poisoning when KASAN is enabled".
> - Replace mempool_use_prealloc_only API with mempool_alloc_preallocated.
> - Avoid triggering slub_debug-detected corruptions in mempool tests.
>
> Andrey Konovalov (21):
> kasan: rename kasan_slab_free_mempool to kasan_mempool_poison_object
> kasan: move kasan_mempool_poison_object
> kasan: document kasan_mempool_poison_object
> kasan: add return value for kasan_mempool_poison_object
> kasan: introduce kasan_mempool_unpoison_object
> kasan: introduce kasan_mempool_poison_pages
> kasan: introduce kasan_mempool_unpoison_pages
> kasan: clean up __kasan_mempool_poison_object
> kasan: save free stack traces for slab mempools
> kasan: clean up and rename ____kasan_kmalloc
> kasan: introduce poison_kmalloc_large_redzone
> kasan: save alloc stack traces for mempool
> mempool: skip slub_debug poisoning when KASAN is enabled
> mempool: use new mempool KASAN hooks
> mempool: introduce mempool_use_prealloc_only
> kasan: add mempool tests
> kasan: rename pagealloc tests
> kasan: reorder tests
> kasan: rename and document kasan_(un)poison_object_data
> skbuff: use mempool KASAN hooks
> io_uring: use mempool KASAN hook
>
> include/linux/kasan.h | 161 +++++++-
> include/linux/mempool.h | 1 +
> io_uring/alloc_cache.h | 5 +-
> mm/kasan/common.c | 221 ++++++----
> mm/kasan/kasan_test.c | 870 +++++++++++++++++++++++++++-------------
> mm/mempool.c | 67 +++-
> mm/slab.c | 10 +-
> mm/slub.c | 4 +-
> net/core/skbuff.c | 10 +-
> 9 files changed, 954 insertions(+), 395 deletions(-)
Acked-by: Marco Elver <elver@google.com>
prev parent reply other threads:[~2024-01-02 12:54 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-19 22:28 andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 01/21] kasan: rename kasan_slab_free_mempool to kasan_mempool_poison_object andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 02/21] kasan: move kasan_mempool_poison_object andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 03/21] kasan: document kasan_mempool_poison_object andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 04/21] kasan: add return value for kasan_mempool_poison_object andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 05/21] kasan: introduce kasan_mempool_unpoison_object andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 06/21] kasan: introduce kasan_mempool_poison_pages andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 07/21] kasan: introduce kasan_mempool_unpoison_pages andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 08/21] kasan: clean up __kasan_mempool_poison_object andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 09/21] kasan: save free stack traces for slab mempools andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 10/21] kasan: clean up and rename ____kasan_kmalloc andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 11/21] kasan: introduce poison_kmalloc_large_redzone andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 12/21] kasan: save alloc stack traces for mempool andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 13/21] mempool: skip slub_debug poisoning when KASAN is enabled andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 14/21] mempool: use new mempool KASAN hooks andrey.konovalov
2023-12-19 22:28 ` [PATCH mm 15/21] mempool: introduce mempool_use_prealloc_only andrey.konovalov
2023-12-19 22:29 ` [PATCH mm 16/21] kasan: add mempool tests andrey.konovalov
2023-12-19 22:29 ` [PATCH mm 17/21] kasan: rename pagealloc tests andrey.konovalov
2023-12-19 22:29 ` [PATCH mm 18/21] kasan: reorder tests andrey.konovalov
2023-12-19 22:29 ` [PATCH mm 19/21] kasan: rename and document kasan_(un)poison_object_data andrey.konovalov
2023-12-19 22:29 ` [PATCH mm 20/21] skbuff: use mempool KASAN hooks andrey.konovalov
2023-12-19 22:29 ` [PATCH mm 21/21] io_uring: use mempool KASAN hook andrey.konovalov
2024-01-02 12:54 ` Marco Elver [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CANpmjNOaeKRZKtJusQu9Ag2=ifwPS+L9-ZGL77dRzDFPGu_DOQ@mail.gmail.com' \
--to=elver@google.com \
--cc=akpm@linux-foundation.org \
--cc=alobakin@pm.me \
--cc=andrey.konovalov@linux.dev \
--cc=andreyknvl@gmail.com \
--cc=andreyknvl@google.com \
--cc=dvyukov@google.com \
--cc=eugenis@google.com \
--cc=glider@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=leitao@debian.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=ryabinin.a.a@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox