From: Igor Stoppa <igor.stoppa@huawei.com>
To: Randy Dunlap <rdunlap@infradead.org>,
jglisse@redhat.com, keescook@chromium.org, mhocko@kernel.org,
labbott@redhat.com, hch@infradead.org, willy@infradead.org
Cc: cl@linux.com, linux-security-module@vger.kernel.org,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
kernel-hardening@lists.openwall.com
Subject: Re: [PATCH 4/6] Protectable Memory
Date: Sun, 11 Feb 2018 03:04:57 +0200 [thread overview]
Message-ID: <b355e37e-4bc1-526b-8853-5401588f177f@huawei.com> (raw)
In-Reply-To: <921d4c76-703f-dd41-0451-599441d23c1d@infradead.org>
On 05/02/18 00:06, Randy Dunlap wrote:
> On 02/04/2018 08:47 AM, Igor Stoppa wrote:
[...]
>> + * pmalloc_create_pool - create a new protectable memory pool -
>
> Drop trailing " -".
yes
>> + * @name: the name of the pool, must be unique
>
> Is that enforced? Will return NULL if @name is duplicated?
ok, I'll state it more clearly that it's enforced
[...]
>> + * @pool: handler to the pool to be used for memory allocation
>
> handle (I think)
yes, also for all the other ones
[...]
>> + * avoid sleping during allocation.
>
> sleeping
yes
[...]
>> + * opposite to what is allocated on-demand when pmalloc runs out of free
>
> opposed to
yes
>> + * space already existing in the pool and has to invoke vmalloc.
>> + *
>> + * Returns true if the vmalloc call was successful, false otherwise.
>
> Where is the allocated memory (pointer)? I.e., how does the caller know
> where that memory is?
> Oh, that memory isn't yet available to the caller until it calls pmalloc(), right?
yes, it's a way to:
- preemptively beef up the pool, before entering atomic context
(unlikely that it will be needed, but possible), so that there is no
need to allocate extra pages (assuming one can estimate the max memory
that will be requested)
- avoid fragmentation caused by allocating smaller groups of pages
I'll add explanation for this.
[...]
>> + * @size: amount of memory (in bytes) requested
>> + * @gfp: flags for page allocation
>> + *
>> + * Allocates memory from an unprotected pool. If the pool doesn't have
>> + * enough memory, and the request did not include GFP_ATOMIC, an attempt
>> + * is made to add a new chunk of memory to the pool
>> + * (a multiple of PAGE_SIZE), in order to fit the new request.
>
> fill
> What if @size is > PAGE_SIZE?
Nothing special, it gets rounded up to the nearest multiple of
PAGE_SIZE. vmalloc doesn't have only drawbacks ;-)
[...]
>> + * Returns the pointer to the memory requested upon success,
>> + * NULL otherwise (either no memory available or pool already read-only).
>
> It would be good to use the
> * Return:
> kernel-doc notation for return values.
yes, good point, I'm fixing it everywhere in the patchset
[...]
>> + * will be availabel for further allocations.
>
> available
yes
[...]
>> +/**
>
> /** means that the following comments are kernel-doc notation, but these
> comments are not, so just use /* there, please.
yes, also to the others
[...]
>> + /* is_pmalloc_object gets called pretty late, so chances are high
>> + * that the object is indeed of vmalloc type
>> + */
>
> Multi-line comment style is
> /*
> * comment1
> * comment..N
> */
yes, also to the others
--
igor
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2018-02-11 1:05 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-04 16:47 [RFC PATCH v14 0/6] mm: security: ro protection for dynamic data Igor Stoppa
2018-02-04 16:47 ` [PATCH 1/6] genalloc: track beginning of allocations Igor Stoppa
2018-02-04 22:34 ` Randy Dunlap
2018-02-05 3:45 ` Matthew Wilcox
2018-02-09 14:28 ` Igor Stoppa
2018-02-09 16:18 ` Igor Stoppa
2018-02-09 17:15 ` Randy Dunlap
2018-02-04 16:47 ` [PATCH 2/6] genalloc: selftest Igor Stoppa
2018-02-04 22:19 ` Randy Dunlap
2018-02-04 23:03 ` Matthew Wilcox
2018-02-05 0:14 ` Randy Dunlap
2018-02-09 14:30 ` Igor Stoppa
2018-02-10 22:59 ` Igor Stoppa
2018-02-07 20:25 ` kbuild test robot
2018-02-11 2:01 ` Igor Stoppa
2018-02-04 16:47 ` [PATCH 3/6] struct page: add field for vm_struct Igor Stoppa
2018-02-04 16:47 ` [PATCH 4/6] Protectable Memory Igor Stoppa
2018-02-04 22:06 ` Randy Dunlap
2018-02-11 1:04 ` Igor Stoppa [this message]
2018-02-07 10:03 ` kbuild test robot
2018-02-07 22:21 ` kbuild test robot
2018-02-04 17:00 ` [PATCH 5/6] Pmalloc: self-test Igor Stoppa
2018-02-04 17:00 ` [PATCH 6/6] Documentation for Pmalloc Igor Stoppa
2018-02-04 21:37 ` Randy Dunlap
2018-02-09 16:41 ` Igor Stoppa
2018-02-07 17:18 ` [PATCH 5/6] Pmalloc: self-test kbuild test robot
2018-02-11 1:28 ` Igor Stoppa
-- strict thread matches above, loose matches on Subject: below --
2018-02-12 16:52 [RFC PATCH v16 0/6] mm: security: ro protection for dynamic data Igor Stoppa
2018-02-12 16:52 ` [PATCH 4/6] Protectable Memory Igor Stoppa
2018-02-11 3:19 [RFC PATCH v15 0/6] mm: security: ro protection for dynamic data Igor Stoppa
2018-02-11 3:19 ` [PATCH 4/6] Protectable Memory Igor Stoppa
2018-02-11 12:37 ` Mike Rapoport
2018-02-12 11:26 ` Igor Stoppa
2018-02-12 11:43 ` Mike Rapoport
2018-02-12 12:53 ` Mike Rapoport
2018-02-12 13:41 ` Igor Stoppa
2018-02-12 15:31 ` Mike Rapoport
2018-02-12 15:41 ` Igor Stoppa
2018-02-03 19:42 [RFC PATCH v13 0/6] mm: security: ro protection for dynamic data Igor Stoppa
2018-02-03 19:42 ` [PATCH 4/6] Protectable Memory Igor Stoppa
2018-01-30 15:14 [RFC PATCH v12 0/6] mm: security: ro protection for dynamic data Igor Stoppa
2018-01-30 15:14 ` [PATCH 4/6] Protectable Memory Igor Stoppa
2018-02-02 5:41 ` kbuild test robot
2018-02-02 5:53 ` kbuild test robot
2018-01-24 17:56 [RFC PATCH v11 0/6] mm: security: ro protection for dynamic data Igor Stoppa
2018-01-24 17:56 ` [PATCH 4/6] Protectable Memory Igor Stoppa
2018-01-24 19:10 ` [kernel-hardening] " Jann Horn
2018-01-26 5:35 ` Matthew Wilcox
2018-02-02 18:39 ` Christopher Lameter
2018-02-03 15:38 ` Igor Stoppa
2018-02-03 19:57 ` Igor Stoppa
2018-02-03 20:12 ` Boris Lukashev
2018-02-03 20:32 ` Igor Stoppa
2018-02-03 22:29 ` Boris Lukashev
2018-02-04 15:05 ` Igor Stoppa
2018-02-12 23:27 ` Kees Cook
2018-02-13 0:40 ` Laura Abbott
2018-02-13 15:20 ` Igor Stoppa
2018-01-26 19:41 ` Igor Stoppa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b355e37e-4bc1-526b-8853-5401588f177f@huawei.com \
--to=igor.stoppa@huawei.com \
--cc=cl@linux.com \
--cc=hch@infradead.org \
--cc=jglisse@redhat.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=labbott@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mhocko@kernel.org \
--cc=rdunlap@infradead.org \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox