From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id EB138C77B73 for ; Mon, 24 Apr 2023 13:49:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 84ECC6B007B; Mon, 24 Apr 2023 09:49:59 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7FEE16B007D; Mon, 24 Apr 2023 09:49:59 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6519D6B007E; Mon, 24 Apr 2023 09:49:59 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 547256B007B for ; Mon, 24 Apr 2023 09:49:59 -0400 (EDT) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 21F8980195 for ; Mon, 24 Apr 2023 13:49:59 +0000 (UTC) X-FDA: 80716418118.07.70BAF88 Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by imf19.hostedemail.com (Postfix) with ESMTP id 0D12F1A001E for ; Mon, 24 Apr 2023 13:49:54 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b=NE5sA556; arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}"); spf=pass (imf19.hostedemail.com: domain of aleksander.lobakin@intel.com designates 192.55.52.88 as permitted sender) smtp.mailfrom=aleksander.lobakin@intel.com; dmarc=pass (policy=none) header.from=intel.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1682344195; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=dcp9STYLO2yK6BgKCtseqlqGb7m7fprOdiUKhmTwUmg=; b=1IsZRZXTgaf2VFAdmpfVIBuCVKOqpGU1fXPw4Y2aS1qZsSP3TsG4BGw1VER2vFKjkX3pmv umSh0VeK2+5cvF3qSnYbsgLRwP6jPLgpM33hJ/YOkWN6paUKP0y+tqkQbex9nSS7IDM3I0 ZsE+O1SKyQ5ObjXY4jmwt8U/rGIyxw4= ARC-Authentication-Results: i=2; imf19.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b=NE5sA556; arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}"); spf=pass (imf19.hostedemail.com: domain of aleksander.lobakin@intel.com designates 192.55.52.88 as permitted sender) smtp.mailfrom=aleksander.lobakin@intel.com; dmarc=pass (policy=none) header.from=intel.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1682344195; a=rsa-sha256; cv=fail; b=qx0iFzciQvT+2xVR0zbj5+6b0z7FK9uXTMfuGPZ+xcCwEFVuwxMXRAWwa/svnlzTIV5Aw2 oQC6GMK9jc2vtrEGuZFLSKTSjV8bqdPAdIzXfCaz+b3PsgI/5+he0wZ0skaRZuISDGNpjI DiNE+XDpYLs28RYc5Kdw+vTNzNDlILo= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1682344195; x=1713880195; h=message-id:date:subject:to:cc:references:from: in-reply-to:content-transfer-encoding:mime-version; bh=dwhya9lMyO0ExAN9LpnV5VJ0gssIuNsSvJWOYNfOeL8=; b=NE5sA556e5GNzqBm79XtB3HcOp5DRtZrts6HjmVV0wr4k/3i3uLcpx/Q vFkUQakHkut6UJG9e6BHzeHCFeGXNOVjDgJQ9FkspYMkZQ5POeFOQxHlg ZHxSnArJXn7KtRHMfcPpx1YiqenInw3oC9Bmpq001T8RKu7O1ByUW6Zdk 9t+bhy4UCSVfHSA6wAxXmuwC+uUG+OzMrjA+lLWKWSq2e7aWOq+mItxbI A7a/AHQrS/oPxUsHkORQE9nilyAYx2doYv5bIgmhdyHTFh9AS7jA9dS2R bDCy1ReBFTc3nM8xKiEEjI2ngE36CBJjB14rT8PYKw5QJ7WRbTwc8qGu0 Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10690"; a="374403534" X-IronPort-AV: E=Sophos;i="5.99,222,1677571200"; d="scan'208";a="374403534" Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Apr 2023 06:48:25 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10690"; a="939332988" X-IronPort-AV: E=Sophos;i="5.99,222,1677571200"; d="scan'208";a="939332988" Received: from fmsmsx603.amr.corp.intel.com ([10.18.126.83]) by fmsmga006.fm.intel.com with ESMTP; 24 Apr 2023 06:48:25 -0700 Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Mon, 24 Apr 2023 06:48:24 -0700 Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Mon, 24 Apr 2023 06:48:24 -0700 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23 via Frontend Transport; Mon, 24 Apr 2023 06:48:24 -0700 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.168) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.23; Mon, 24 Apr 2023 06:48:20 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=P2hHkFMUPW75Uf5UXsrv9SrfWE1HP9L5/84ue142Dl3CEoGkFW5e9k0HmxIqg+CfGwdSmjYPPk/cxv+RTvXHMLbTOsqplK7XbNahVxyAXXm680/C5PNDILuP1ZnnFIaf8Blut+weuG3rq9wqE7opndkcFakE06XfGRTMC16yCACLu4xWQBSgtnrQiDsd24whiEB4sdRe4s9rZsV7BEpTs1LKmXJM4YKReUkxXk8b5OAUYfm5C2qcAvjplr09rYJmL1r2dNbGDslM5ymU4Es1FYSYaceaKp0OpGIISjPsr3/GtnaOOLBY2hREiwmDdDYBzYtWcogTycxyqV80q6vDTA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dcp9STYLO2yK6BgKCtseqlqGb7m7fprOdiUKhmTwUmg=; b=fKdU7B6gizqUeRXsMdTX4BNkOKAj/flC1KQf/XTXiqBEYK/+aTEhe6l+SvVi5Qo/0hMyis9WI974UQZKL/qLbKzko7/MW5vQft1Z98ehhqXBb7iyf0/lWDNmo+ue+tj/N1jXSj8FDXknFjHXF/IdMJePp782k6pAYMiqvoLVxgZwii4Wi/i1xxELkvf7UA2hdovpJaFWNH8d2IeXRxW/xDJmQ/JVsPQxMXMX+5vt3UHBz0nHpBQ3IE4ObVbCSO6gBTuIjVlw662p+8r27bRu82CknF/tBpWW6kbQMXIYP6PApiGW9RLUjj2tbY5TKX7dQpmmaKxAlyyivGjufob6/Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from DM6PR11MB3625.namprd11.prod.outlook.com (2603:10b6:5:13a::21) by BL1PR11MB5447.namprd11.prod.outlook.com (2603:10b6:208:315::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.33; Mon, 24 Apr 2023 13:48:19 +0000 Received: from DM6PR11MB3625.namprd11.prod.outlook.com ([fe80::4c38:d223:b2ac:813e]) by DM6PR11MB3625.namprd11.prod.outlook.com ([fe80::4c38:d223:b2ac:813e%5]) with mapi id 15.20.6319.032; Mon, 24 Apr 2023 13:48:18 +0000 Message-ID: Date: Mon, 24 Apr 2023 15:46:30 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 Subject: Re: [PATCH RFC] Randomized slab caches for kmalloc() Content-Language: en-US To: Gong Ruiqi CC: Hyeonggon Yoo <42.hyeyoo@gmail.com>, Dennis Zhou , Tejun Heo , Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , Vlastimil Babka , Roman Gushchin , Alexander Potapenko , Marco Elver , Dmitry Vyukov , , , , Kees Cook , , Paul Moore , , James Morris , Wang Weiyang , Xiu Jianfeng References: <20230315095459.186113-1-gongruiqi1@huawei.com> <36019eb3-4b71-26c4-21ad-b0e0eabd0ca5@intel.com> From: Alexander Lobakin In-Reply-To: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit X-ClientProxiedBy: FR0P281CA0211.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:ac::6) To DM6PR11MB3625.namprd11.prod.outlook.com (2603:10b6:5:13a::21) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6PR11MB3625:EE_|BL1PR11MB5447:EE_ X-MS-Office365-Filtering-Correlation-Id: 69454748-e253-4595-5765-08db44ca8f41 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: WfnM/suNFEt9asxGVmy5fvO0F48tJ6O7MJq2LL/9CxXALz9jkC/DR7SwoJlyfX5/C2TLSLWXLMkyiCu4wnybHqN93AgvbUNBzcHJ5eHeRnrhhcEdMQYh34yj+kK0PtYZU29PgckhP88M/3AX3/LqIKUyczrY2GbKIpm9R4x7szuS+R1pd28H/1nQdGiwI6Tb5D2DXkAfgLLVA0bh93k9Qxdcl0cViu5+2rsRSS31lQofCSsxbZEohP7ghplH5ABCbT86nYWqhpCVCVva1lrxNncGWiJFAGNNAFeSZ/nDhRn5WKybDGJt+neCRqKjySB/x7lrutdyEIdXrScPZWfJw8sYXGsp/USJQK49VpqMDTTkWlR9Vsni5SoIYCTNnvNn1mvwP/y0SfyvewOUj76he6n9GQ2XtjSg6saxakDYxBR1CKXjSinN6OgYwz+bZoyPQ19LzyIzJvw29VxX7SztZfx0fnzsIeRoq5nOUHNJxAmG2L9rGzTOSI3i4rUdS2OzxQvhv3CmQTC6Sfk868c5pkTMXmtIctsPfr78qK/g3WoRyuvFWwX6ruigJaatNt74WxqjT535FXeCSY4dWNZl/xSWPRQo/kJ6quqW82m4imDbNKZxB0uAwHfnggM0BLCQpsrAwxovqfpViEI+wutVsA== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR11MB3625.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(136003)(39860400002)(366004)(376002)(346002)(396003)(451199021)(2906002)(66476007)(66556008)(66946007)(6916009)(316002)(4326008)(7416002)(8676002)(8936002)(5660300002)(41300700001)(36756003)(31696002)(86362001)(6512007)(26005)(186003)(53546011)(38100700002)(478600001)(6486002)(6666004)(31686004)(2616005)(6506007)(82960400001)(54906003)(45980500001)(43740500002);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?cDZOMGFneFZQVjFHZnd2SHdBeUpSUFl3OGtrV3gwV3ZqaG9KdnlwRVBGOEdq?= =?utf-8?B?SzRsbEdXaTd0WlZyVDRseHp3SEx3MHdTV2dURXM1anBHV1hNRUdMYUVCTDl2?= =?utf-8?B?am52WjNyMURPU2xYanYyZ0ZCNm42Yi9BWXNDbFlSNzdEbEgzZysvSjE4OFQz?= =?utf-8?B?T25qMGlFUUlUTkdxT0hBWmFvaUxEMk5SaGV4dG1DUGFudGdXQ24wWHhua0l0?= =?utf-8?B?MSttb1JYOEQ1YXk4ZGYraWgvb09zUTFRQ0h6NWNvK3ZXRkpBTzc2VnZJSU1S?= =?utf-8?B?MWE2MEhyYm04LzNsWDRyVy9hZDlpVXhsTFNMczJ5bDd2Wkh6VGtDamZCMWh2?= =?utf-8?B?VC82WEx3Z0RKM09hQVlGODFHSUZKcmNRTVFpTnFzenBDdGUyNnZ0YmdVd2Jk?= =?utf-8?B?Y1NQTmZETGN2bnlJU0RnZFhRMjlqZ3ovVHNUVDlkcDFUUjRIYU5DK1Y4RGhJ?= =?utf-8?B?RDFNN1hhOVVuWm5ZVWZtaXY0Ujg4QnFGVlAzYk53bnJWUjZKOEwrOFkreHlF?= =?utf-8?B?TG5INjI2V3pJelp4YVhOMkMzN2l1VUYvdllQa0hmY0UzMVBDNE9ubVBicFd6?= =?utf-8?B?ZU5PRE1hbjUvVlRNTytneXoyRTg3b2tjaW90U2lhdGZwNnZibnh1VmRqbS9C?= =?utf-8?B?cHN2VCtqcGVybVpYUlhPenI4RjBrclhXZy9PbVlWL05IZ1gyS2dqcmFqaTFx?= =?utf-8?B?RjE4ZFVwdnliUDlDeldNbnp0RVh4Q29TNHRmNk50M1VqYU5lY1dqM3FURTlD?= =?utf-8?B?TmwyYVNzYjhKZkpRVDMzWFdwM1FmWU5Rak0va3VjM2JGVWZzeldOV3oxNTRi?= =?utf-8?B?RkIyRHV4RE9pQU5pdFN6VGxocVVUZmlycHdnRWFrM1VBYVB5Sm1tRmU5bUpY?= =?utf-8?B?KzhPbG5vZWtUeUFqVXpKenY2U21saWNXbXNFWHF4aVNoSGJFWkpkR2lvWFRV?= =?utf-8?B?MktlQStCQlcwOFFaSFdnL0VxSkZteXZLVUMvNnJCSG5lc2tFcjgrVU1kQm44?= =?utf-8?B?V1pBWW9oSHhiMG5TbGYxWTFFYWtHM3hEeVZQSm5XMDUyTnZ2dnNtVm9vRHg3?= =?utf-8?B?TFY1UGtkYWF1d1RpOUJZWTcwN0Q0enN3T1VqWFNDRlBDODk3MmZ2cVpjMWti?= =?utf-8?B?c3VmTEZERlA0em12b3phRTBhcmZyVEUwQ2dkS2xPR2pBbEZQR1llWWI1Vk55?= =?utf-8?B?QUJJYXlaZVZUYm1UWGhWOEduaXBpMTRMSEdWdncyTEloaHF3c2JZRWdRTGt2?= =?utf-8?B?OU5BbjNBbmtvbHhISXZSdFIzNjlBbDBOc3hvYzNtblhQaUoyVTBjMGpkMEM0?= =?utf-8?B?UG1NcXBmV0hIaWdLYUxPYXc0RmxPb1I5OUp3WXZEYjhWUHdDVHkzRWZINFl1?= =?utf-8?B?cGZsZnZIQm15dTVvcGNVQlNGaXgrNHJuRmQwcXNkS1lyYXNMR2xWUkUzYmo1?= =?utf-8?B?TVZkbDVqaU5qeEQ3YndmZjlKc0RGMkNQdmUyZTZ1N3BjblV1SHdLUWQ0Nktu?= =?utf-8?B?Vit1VWJSTm9SeUhUSzZUd0FzVVdiMWFaMjRHY3V5Ryt0SkJySFc3YmhBQ2Jw?= =?utf-8?B?alhRYTNJeFVZb0JLYmd3UFVTcjF3NFZoSWpIM3FvUUVMTWNoU0RrSXg4bjJL?= =?utf-8?B?MVc3NmxaaEJCd1JRaUlPTUVjbVpZZmxoRXBsOXYwMEpCektod1RtQytHU1l2?= =?utf-8?B?OUk1SHhRSHMwbHpCSTZZZU1XQ0t0dU4yclFXSzZyVk5GalBpc3lDb3RJNlJ3?= =?utf-8?B?b21udjNwNnd3bUsvQ3g5UlRwZ292ajFxWHZwUXdQbzVyVlFkek1aQ2VUTFdy?= =?utf-8?B?YzcyMWRiU1JmVjV1YXhpN2xwYjY5Mk9hUm9naWxGU2NaQXJUamZNUWJJZk5M?= =?utf-8?B?ak81OFdCblVxbmZTMzQ0RTB4VGpEVlA0bncxL25ic3VwUFhsM2YxL2Q3SURw?= =?utf-8?B?WFhQQktMeUZxUXVWSW1JcFdkSnJqME1BeTFnakNqcStSOHU4TnNja0U3dFlh?= =?utf-8?B?QW9Cd3BxeVFLNDJYT3pzMDRRVzVjaEhxWk1JZzNoSkx0bmwwcHRjLzI4Rjcw?= =?utf-8?B?R2NmYm1MdWlVUklDZ3FFVW94MzFDUnovWk9PaGFhOUlUQmgxRVRTVUcwVlFy?= =?utf-8?B?bERGdkVNTUlkUVkxTUdoOEFYdEl4aUtUSTRHdFBSSk80MFI3NGVBajQwYWc0?= =?utf-8?B?d2c9PQ==?= X-MS-Exchange-CrossTenant-Network-Message-Id: 69454748-e253-4595-5765-08db44ca8f41 X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB3625.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Apr 2023 13:48:18.5578 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: bBEUQjZYgrSsCb4qLNjexKvAOM87Ta/ONZv5b2ppNQXN4EQ58SZeg4U13QyuF5BYlHthQFiBh/9nO2RdIb2vM1y/i8UBgoRucxenxkgvxQ8= X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR11MB5447 X-OriginatorOrg: intel.com X-Rspam-User: X-Rspamd-Server: rspam03 X-Stat-Signature: z61a6ny4iaiyjknuzgpu14ewfwbjnugb X-Rspamd-Queue-Id: 0D12F1A001E X-HE-Tag: 1682344194-124187 X-HE-Meta: U2FsdGVkX1+7+1eyTcOQHKt7e/ktWJI1dSibyDyMPqBXwpuFWkiGDos6RiHUutt13RKPm7OBvQ+8KBP+pUcWSXkKYjX5hz0lhM7J15c55ZsXo74/xOuP88yqkiucIcGmiJvQ+IJICQ0gHgYbkm4capOBSKmnbB7C3V4a2fVyyK+xmO7aJy2rSYdrwttiLeswWc767z/Ns/6uqpV8R5BcEFNjf9G3Bmx3GMUZil9+yZOnOeM4VeHX/zA0HKNY45SpWbS9XNmT7YSljN+yJsS+5+/qKXW0dF42AeAONIl2iFNTJuY9NmN61TwOGgBE9SiJUqq64qIMre2jR8/fTFanYsB8ieUDOZpTbrTxTOMUfRNJjdEKfJyCJl3JXwtwz7rf5hEpv0mGVmdg9p30DNurQedON/LjLHhGh+EHr9x2XrqWt97ONQWK1MrWe0fM6eVv36o31bqRcsfd4LZxqSXlhYfdyUQiicBzP34vFHPhr3kwsL64JffEx4GmUYajUtNAUEpRy6Em/Mgr1sswhySm0rRa6FC7jTzUrOUk0aMLgRiTlv/25QFy+8gRXA+HYNpyeEYkwotyIGaRCwU5irDYE2CFgEBFXx9wBeE66jKEqBYjV+a2+7XQv5DU9TyZPDNFBucZB0nXWXy3t7XM3/yIozyoA4wAKLakLsEe1NFxwfM+c1ttOMSoMDL+i55rrSF50jD9kw2o11rIXeqtQHC2F7/+CczG35XpLON1wWJ48318D71cgd2vORrJmGG6w0dKZhpBP+IzyM4g0PC0IXzUMaHF7yXOkthrwqILDcad0oSAGa92vYRggIn4kpfswdiWoIm078pF+BS3b6ovYypWfId3bZig7rz4z5ho6S9vHatvC6EmAqcDomgwuQc1vVi2qBRLciQwXltbxQeSk1+jy+sMj//otGkmnhqdL1d7qiI9YCV2F6eXlJLZ2ipXw5Rmtx/lLAtpLzXVEaakl7W WL1gyn3c kavZDXtDmBjPmBK36iuUt7nl07eiZ7R8mU4uLB2vCVD4druwnN5lGm9q3FJau1qstWUmUux8VSOZ2G2Od8GYDjpEniHd1TMXQ2FnxSoppalvJs/UFNVV/Vv/+5Idkz/xblvmHMCFwplhYG7CS1JhsnKRTje4YKKXG1nOWIRAkEY+tB+wdNYMcUvKBKy6QiNE6G15fnwym0/85maxaD4vIPsfeCeqWOK3KL+Ujs560nzSvHWDXiHzCSoYDKzXQJL5Ly830Ag1zdf26i9IPweLN7i2WpzDy95jAExYz3Q097j6H630DefEIMyL3W5oJ6QkhriWX68jm/pxo87lZCkkyPhnD7o+IWErkGRhI2Sx7uStzQsIEPE8K5Zh8+nI/REyOEa29ykj4siSUP6XjpM2z3PChZdhtvCigQUboOkiTnKAjUyPcjDO0fTYJAddU3kCspvs+ X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Gong, Ruiqi Date: Mon, 24 Apr 2023 10:54:33 +0800 > Sorry for the late reply. I just came back from my paternity leave :) > > On 2023/04/05 23:15, Alexander Lobakin wrote: >> From: Hyeonggon Yoo <42.hyeyoo@gmail.com> >> Date: Wed, 5 Apr 2023 21:26:47 +0900 >> >>> ... >>> >>> I'm not yet sure if this feature is appropriate for mainline kernel. >>> >>> I have few questions: >>> >>> 1) What is cost of this configuration, in terms of memory overhead, or >>> execution time? >>> >>> >>> 2) The actual cache depends on caller which is static at build time, not >>> runtime. >>> >>>     What about using (caller ^ (some subsystem-wide random sequence)), >>> >>>     which is static at runtime? >> >> Why can't we just do >> >> random_get_u32_below(CONFIG_RANDOM_KMALLOC_CACHES_NR) >> >> ? > > This makes the cache selection "dynamic", i.e. each kmalloc() will > randomly pick a different cache at each time it's executed. The problem > of this approach is that it only reduces the probability of the cache > being sprayed by the attacker, and the attacker can bypass it by simply > repeating the attack multiple times in a brute-force manner. > > Our proposal is to make the randomness be with respect to the code > address rather than time, i.e. allocations in different code paths would > most likely pick different caches, although kmalloc() at each place > would use the same cache copy whenever it is executed. In this way, the > code path that the attacker uses would most likely pick a different > cache than which the targeted subsystem/driver would pick, which means > in most of cases the heap spraying is unachievable. Ah, I see now. Thanks for the explanation, made it really clear. > >> It's fast enough according to Jason... `_RET_IP_ % nr` doesn't sound >> "secure" to me. It really is a compile-time constant, which can be >> calculated (or not?) manually. Even if it wasn't, `% nr` doesn't sound >> good, there should be at least hash_32(). > > Yes, `_RET_IP_ % nr` is a bit naive. Currently the patch is more like a > PoC so I wrote this. Indeed a proper hash function should be used here. > > And yes _RET_IP_ could somehow be manually determined especially for > kernels without KASLR, and I think adding a per-boot random seed into > the selection could solve this. I recall how it is done for kCFI/FineIBT in the x86 code -- it also uses per-boot random seed (although it gets patched into the code itself each time, when applying alternatives). So probably should be optimal enough. The only thing I'm wondering is where to store this per-boot seed :D It's generic code, so you can't patch it directly. OTOH storing it in .data/.bss can make it vulnerable to attacks... Can't it? > > I will implement these in v2. Thanks! > >> >> Thanks, >> Olek >> Thanks, Olek