From: Andrey Ryabinin <ryabinin.a.a@gmail.com>
To: Alexander Gordeev <agordeev@linux.ibm.com>,
Harry Yoo <harry.yoo@oracle.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Daniel Axtens <dja@axtens.net>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
kasan-dev@googlegroups.com, linux-s390@vger.kernel.org,
stable@vger.kernel.org
Subject: Re: [PATCH v3 1/1] kasan: Avoid sleepable page allocation from atomic context
Date: Tue, 6 May 2025 16:55:20 +0200 [thread overview]
Message-ID: <d77f4afd-5d4e-4bd0-9c83-126e8ef5c4ed@gmail.com> (raw)
In-Reply-To: <aBoGFr5EaHFfxuON@li-008a6a4c-3549-11b2-a85c-c5cc2836eea2.ibm.com>
On 5/6/25 2:52 PM, Alexander Gordeev wrote:
> On Wed, Apr 30, 2025 at 08:04:40AM +0900, Harry Yoo wrote:
>
>>>
>>> +struct vmalloc_populate_data {
>>> + unsigned long start;
>>> + struct page **pages;
>>> +};
>>> +
>>> static int kasan_populate_vmalloc_pte(pte_t *ptep, unsigned long addr,
>>> - void *unused)
>>> + void *_data)
>>> {
>>> - unsigned long page;
>>> + struct vmalloc_populate_data *data = _data;
>>> + struct page *page;
>>> + unsigned long pfn;
>>> pte_t pte;
>>>
>>> if (likely(!pte_none(ptep_get(ptep))))
>>> return 0;
>>>
>>> - page = __get_free_page(GFP_KERNEL);
>>> - if (!page)
>>> - return -ENOMEM;
>>> -
>>> - __memset((void *)page, KASAN_VMALLOC_INVALID, PAGE_SIZE);
>>> - pte = pfn_pte(PFN_DOWN(__pa(page)), PAGE_KERNEL);
>>> + page = data->pages[PFN_DOWN(addr - data->start)];
>>> + pfn = page_to_pfn(page);
>>> + __memset(pfn_to_virt(pfn), KASAN_VMALLOC_INVALID, PAGE_SIZE);
>>> + pte = pfn_pte(pfn, PAGE_KERNEL);
>>>
>>> spin_lock(&init_mm.page_table_lock);
>>> - if (likely(pte_none(ptep_get(ptep)))) {
>>> + if (likely(pte_none(ptep_get(ptep))))
>>> set_pte_at(&init_mm, addr, ptep, pte);
>>> - page = 0;
>>
>> With this patch, now if the pte is already set, the page is leaked?
>
> Yes. But currently it is leaked for previously allocated pages anyway,
> so no change in behaviour (unless I misread the code).
Current code doesn't even allocate page if pte set, and if set pte discovered only after
taking spinlock, the page will be freed, not leaked.
Whereas, this patch leaks page for every single !pte_none case. This will build up over time
as long as vmalloc called.
>
>> Should we set data->pages[PFN_DOWN(addr - data->start)] = NULL
>> and free non-null elements later in __kasan_populate_vmalloc()?
>
> Should the allocation fail on boot, the kernel would not fly anyway.
This is not boot code, it's called from vmalloc() code path.
> If for whatever reason we want to free, that should be a follow-up
> change, as far as I am concerned.
>
We want to free it, because we don't want unbound memory leak.
next prev parent reply other threads:[~2025-05-06 14:56 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-29 16:08 [PATCH v3 0/1] " Alexander Gordeev
2025-04-29 16:08 ` [PATCH v3 1/1] " Alexander Gordeev
2025-04-29 23:04 ` Harry Yoo
2025-05-06 12:52 ` Alexander Gordeev
2025-05-06 14:55 ` Andrey Ryabinin [this message]
2025-05-06 15:11 ` Alexander Gordeev
2025-04-30 0:08 ` Andrew Morton
2025-05-01 0:51 ` kernel test robot
2025-05-01 3:22 ` kernel test robot
2025-05-01 9:04 ` kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d77f4afd-5d4e-4bd0-9c83-126e8ef5c4ed@gmail.com \
--to=ryabinin.a.a@gmail.com \
--cc=agordeev@linux.ibm.com \
--cc=akpm@linux-foundation.org \
--cc=dja@axtens.net \
--cc=harry.yoo@oracle.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-s390@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox