From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 74B7EC19F2A for ; Thu, 11 Aug 2022 09:31:56 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A69468E0002; Thu, 11 Aug 2022 05:31:55 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A18518E0001; Thu, 11 Aug 2022 05:31:55 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8E0228E0002; Thu, 11 Aug 2022 05:31:55 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 7FD118E0001 for ; Thu, 11 Aug 2022 05:31:55 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 5369FAB1DF for ; Thu, 11 Aug 2022 09:31:55 +0000 (UTC) X-FDA: 79786794990.18.742A229 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) by imf06.hostedemail.com (Postfix) with ESMTP id C0E8018016C for ; Thu, 11 Aug 2022 09:31:54 +0000 (UTC) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 35F335C70F; Thu, 11 Aug 2022 09:31:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1660210313; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rF+k9eDGRl2XR235Pzqvbau2Y08myECs6AhHVzgotHk=; b=pq4UUdvCLhg6OSuHcnu72zbjUvF/b4QH0OAx+OVxfk/M5Rwn2gmm9V1IxPqtFEOW71aU7W MTs9ZmmcZQAqBDsC1qLOovfsLWngc3opHyq69o6a+R5kcz1B2O9i5VlKWkFJl8N1utFaHJ EW7u5H/stPeGYRVN0vrKMRW5EUJlm6o= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1660210313; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rF+k9eDGRl2XR235Pzqvbau2Y08myECs6AhHVzgotHk=; b=egvmLY85DU+veppAAo4BvoyC0Xiw+Vi3FIj+oi/gB1eCRAMyEse508mcsX4OCGpKP3Ohp1 fa21THKDPRn1kZBA== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id F01821342A; Thu, 11 Aug 2022 09:31:52 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id /f3ZOYjM9GJacAAAMHmgww (envelope-from ); Thu, 11 Aug 2022 09:31:52 +0000 Message-ID: Date: Thu, 11 Aug 2022 11:31:52 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.1.0 From: vbabka@suse.cz Subject: Re: [PATCH v2] Introduce sysfs interface to disable kfence for selected slabs. Content-Language: en-US To: Imran Khan , glider@google.com, elver@google.com, dvyukov@google.com, cl@linux.com, penberg@kernel.org, rientjes@google.com, iamjoonsoo.kim@lge.com, akpm@linux-foundation.org, roman.gushchin@linux.dev, 42.hyeyoo@gmail.com Cc: linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org References: <20220811085938.2506536-1-imran.f.khan@oracle.com> In-Reply-To: <20220811085938.2506536-1-imran.f.khan@oracle.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1660210315; a=rsa-sha256; cv=none; b=Rw0y0oajlS3SxdEq1DuyN6fQzqBqOr5oW2N51e+Hr+qk4tPL4pU+M0XtVAybaRWqOfRF+5 8pBDcF+Hve7uCZjk35kZz6RgZvS2BL5jHv3i+4sZnjn8h7WbneYkvZlzuukfgxyrq+YF8a id074k1Vq0VKwWjX8/D0fUVJkdPWFcM= ARC-Authentication-Results: i=1; imf06.hostedemail.com; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=pq4UUdvC; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=egvmLY85; spf=pass (imf06.hostedemail.com: domain of vbabka@suse.cz designates 195.135.220.29 as permitted sender) smtp.mailfrom=vbabka@suse.cz; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1660210315; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=rF+k9eDGRl2XR235Pzqvbau2Y08myECs6AhHVzgotHk=; b=W94SynXyaTVfzJRQAwfJOEU5amt9Ma5owV+YnC0Oxla0q1q/4/SqqH5prW6CeSw1gAEL0b 8zfWLUVEBUPFgnIga/UVkmuKaDO9h+SfmbjgmUSgWx+0JQ+VNJHfa3A1kc8l3iPPNkhqMm AqdWSKUXDzV9nNjhv87TVziSVHk0re0= X-Rspam-User: X-Stat-Signature: 17h965n5tc1pxrwkdftc49pwnrwzsc3f X-Rspamd-Queue-Id: C0E8018016C Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=pq4UUdvC; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=egvmLY85; spf=pass (imf06.hostedemail.com: domain of vbabka@suse.cz designates 195.135.220.29 as permitted sender) smtp.mailfrom=vbabka@suse.cz; dmarc=none X-Rspamd-Server: rspam01 X-HE-Tag: 1660210314-803674 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 8/11/22 10:59, Imran Khan wrote: > By default kfence allocation can happen for any slab object, whose size > is up to PAGE_SIZE, as long as that allocation is the first allocation > after expiration of kfence sample interval. But in certain debugging > scenarios we may be interested in debugging corruptions involving > some specific slub objects like dentry or ext4_* etc. In such cases > limiting kfence for allocations involving only specific slub objects > will increase the probablity of catching the issue since kfence pool > will not be consumed by other slab objects. So you want to enable specific caches for kfence. > This patch introduces a sysfs interface '/sys/kernel/slab//skip_kfence' > to disable kfence for specific slabs. Having the interface work in this > way does not impact current/default behavior of kfence and allows us to > use kfence for specific slabs (when needed) as well. The decision to > skip/use kfence is taken depending on whether kmem_cache.flags has > (newly introduced) SLAB_SKIP_KFENCE flag set or not. But this seems everything is still enabled and you can selectively disable. Isn't that rather impractical? How about making this cache flag rather denote that KFENCE is enabled (not skipped), set it by default only for for caches with size <= 1024, then you can drop the size check in __kfence_alloc and rely only on the flag? And if you need, you can also enable a cache with size > 1024 with the sysfs interface, to override the limit, which isn't possible now. (I don't think changing the limit to always act on s->object_size instead of e.g. size passed to kmalloc() that it can pick up now, will change anything in practice) Then you can also have a kernel boot param that tells kfence to set the flag on no cache at all, and you can easily enable just the specific caches you want. Or make a parameter that lets you override the 1024 size limit globally, and if you set it to 0, it means no cache is enabled for kfence? > Signed-off-by: Imran Khan > --- > > Changes since v1: > - Remove RFC tag > > include/linux/slab.h | 6 ++++++ > mm/kfence/core.c | 7 +++++++ > mm/slub.c | 27 +++++++++++++++++++++++++++ > 3 files changed, 40 insertions(+) > > diff --git a/include/linux/slab.h b/include/linux/slab.h > index 0fefdf528e0d..947d912fd08c 100644 > --- a/include/linux/slab.h > +++ b/include/linux/slab.h > @@ -119,6 +119,12 @@ > */ > #define SLAB_NO_USER_FLAGS ((slab_flags_t __force)0x10000000U) > > +#ifdef CONFIG_KFENCE > +#define SLAB_SKIP_KFENCE ((slab_flags_t __force)0x20000000U) > +#else > +#define SLAB_SKIP_KFENCE 0 > +#endif > + > /* The following flags affect the page allocator grouping pages by mobility */ > /* Objects are reclaimable */ > #define SLAB_RECLAIM_ACCOUNT ((slab_flags_t __force)0x00020000U) > diff --git a/mm/kfence/core.c b/mm/kfence/core.c > index c252081b11df..8c08ae2101d7 100644 > --- a/mm/kfence/core.c > +++ b/mm/kfence/core.c > @@ -1003,6 +1003,13 @@ void *__kfence_alloc(struct kmem_cache *s, size_t size, gfp_t flags) > return NULL; > } > > + /* > + * Skip allocations for this slab, if KFENCE has been disabled for > + * this slab. > + */ > + if (s->flags & SLAB_SKIP_KFENCE) > + return NULL; > + > if (atomic_inc_return(&kfence_allocation_gate) > 1) > return NULL; > #ifdef CONFIG_KFENCE_STATIC_KEYS > diff --git a/mm/slub.c b/mm/slub.c > index 862dbd9af4f5..ee8b48327536 100644 > --- a/mm/slub.c > +++ b/mm/slub.c > @@ -5745,6 +5745,30 @@ STAT_ATTR(CPU_PARTIAL_NODE, cpu_partial_node); > STAT_ATTR(CPU_PARTIAL_DRAIN, cpu_partial_drain); > #endif /* CONFIG_SLUB_STATS */ > > +#ifdef CONFIG_KFENCE > +static ssize_t skip_kfence_show(struct kmem_cache *s, char *buf) > +{ > + return sysfs_emit(buf, "%d\n", !!(s->flags & SLAB_SKIP_KFENCE)); > +} > + > +static ssize_t skip_kfence_store(struct kmem_cache *s, > + const char *buf, size_t length) > +{ > + int ret = length; > + > + if (buf[0] == '0') > + s->flags &= ~SLAB_SKIP_KFENCE; > + else if (buf[0] == '1') > + s->flags |= SLAB_SKIP_KFENCE; > + else > + ret = -EINVAL; > + > + return ret; > +} > +SLAB_ATTR(skip_kfence); > + > +#endif > + > static struct attribute *slab_attrs[] = { > &slab_size_attr.attr, > &object_size_attr.attr, > @@ -5812,6 +5836,9 @@ static struct attribute *slab_attrs[] = { > &failslab_attr.attr, > #endif > &usersize_attr.attr, > +#ifdef CONFIG_KFENCE > + &skip_kfence_attr.attr, > +#endif > > NULL > }; > > base-commit: 40d43a7507e1547dd45cb02af2e40d897c591870