From: Hao Li <hao.li@linux.dev>
To: "Vlastimil Babka (SUSE)" <vbabka@kernel.org>
Cc: Harry Yoo <harry@kernel.org>, Christoph Lameter <cl@gentwo.org>,
David Rientjes <rientjes@google.com>,
Roman Gushchin <roman.gushchin@linux.dev>,
Suren Baghdasaryan <surenb@google.com>,
Alexei Starovoitov <ast@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Johannes Weiner <hannes@cmpxchg.org>,
Michal Hocko <mhocko@kernel.org>,
Shakeel Butt <shakeel.butt@linux.dev>,
Alexander Potapenko <glider@google.com>,
Marco Elver <elver@google.com>,
Dmitry Vyukov <dvyukov@google.com>,
kasan-dev@googlegroups.com, linux-mm@kvack.org,
linux-kernel@vger.kernel.org, cgroups@vger.kernel.org,
stable@vger.kernel.org
Subject: Re: [PATCH v2 01/16] mm/slab: do not limit zeroing to orig_size when only red zoning is enabled
Date: Fri, 12 Jun 2026 11:47:10 +0800 [thread overview]
Message-ID: <aiuArH73S7k_jQ5L@fedora> (raw)
In-Reply-To: <20260610-slab_alloc_flags-v2-1-7190909db118@kernel.org>
On Wed, Jun 10, 2026 at 05:40:03PM +0200, Vlastimil Babka (SUSE) wrote:
> When init (zeroing) on allocation is requested, for kmalloc() we
> generally have to zero the full object size even if a smaller size is
> requested, in order to provide krealloc()'s __GFP_ZERO guarantees.
>
> But if we track the requested size, krealloc() uses that information to
> do the right thing. With red zoning also enabled, any unused size
> became part of the red zone, so it must not be zeroed.
>
> However the check is imprecise, and will trigger also when only
> SLAB_RED_ZONE is enabled without SLAB_STORE_USER. This means enabling
> red zoning alone can compromise krealloc()'s __GFP_ZERO contract.
>
> Fix this by using slub_debug_orig_size() instead, which is the exact
> check for whether the requested size is tracked. We don't need to care
> if red zoning is also enabled or not. Also update and expand the
> comment accordingly.
>
> Fixes: 9ce67395f5a0 ("mm/slub: only zero requested size of buffer for kzalloc when debug enabled")
> Cc: <stable@vger.kernel.org>
> Signed-off-by: Vlastimil Babka (SUSE) <vbabka@kernel.org>
> ---
Reviewed-by: Hao Li <hao.li@linux.dev>
--
Thanks,
Hao
next prev parent reply other threads:[~2026-06-12 3:47 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-10 15:40 [PATCH v2 00/16] mm/slab: introduce alloc_flags and slab_alloc_context Vlastimil Babka (SUSE)
2026-06-10 15:40 ` [PATCH v2 01/16] mm/slab: do not limit zeroing to orig_size when only red zoning is enabled Vlastimil Babka (SUSE)
2026-06-11 4:28 ` Harry Yoo
2026-06-12 3:47 ` Hao Li [this message]
2026-06-10 15:40 ` [PATCH v2 02/16] mm/slab: do not init any kfence objects on allocation Vlastimil Babka (SUSE)
2026-06-11 3:19 ` Harry Yoo
2026-06-11 8:34 ` Vlastimil Babka (SUSE)
2026-06-11 14:47 ` Vlastimil Babka (SUSE)
2026-06-11 15:11 ` Harry Yoo
2026-06-11 16:37 ` Vlastimil Babka (SUSE)
2026-06-10 15:40 ` [PATCH v2 03/16] mm/slab: stop inlining __slab_alloc_node() Vlastimil Babka (SUSE)
2026-06-12 3:48 ` Hao Li
2026-06-10 15:40 ` [PATCH v2 04/16] mm/slab: introduce slab_alloc_context Vlastimil Babka (SUSE)
2026-06-11 4:49 ` Harry Yoo
2026-06-12 3:10 ` Hao Li
2026-06-10 15:40 ` [PATCH v2 05/16] mm/slab: introduce alloc_flags and SLAB_ALLOC_TRYLOCK Vlastimil Babka (SUSE)
2026-06-11 4:57 ` Harry Yoo
2026-06-11 6:40 ` Harry Yoo
2026-06-11 8:51 ` Vlastimil Babka (SUSE)
2026-06-12 3:49 ` Hao Li
2026-06-10 15:40 ` [PATCH v2 06/16] mm/slab: add alloc_flags to slab_alloc_context Vlastimil Babka (SUSE)
2026-06-11 5:06 ` Harry Yoo
2026-06-12 3:50 ` Hao Li
2026-06-10 15:40 ` [PATCH v2 07/16] mm/slab: replace struct partial_context with slab_alloc_context Vlastimil Babka (SUSE)
2026-06-11 6:05 ` Harry Yoo
2026-06-12 4:04 ` Hao Li
2026-06-10 15:40 ` [PATCH v2 08/16] mm/slab: pass alloc_flags to new slab allocation Vlastimil Babka (SUSE)
2026-06-11 7:52 ` Harry Yoo
2026-06-12 5:26 ` Hao Li
2026-06-10 15:40 ` [PATCH v2 09/16] mm/slab: pass alloc_flags through slab_post_alloc_hook() chain Vlastimil Babka (SUSE)
2026-06-10 15:40 ` [PATCH v2 10/16] mm/slab: replace slab_alloc_node() parameters with slab_alloc_context Vlastimil Babka (SUSE)
2026-06-12 5:28 ` Hao Li
2026-06-10 15:40 ` [PATCH v2 11/16] mm/slab: allow kmem_cache_alloc_bulk() with any gfp flags Vlastimil Babka (SUSE)
2026-06-12 3:21 ` Hao Li
2026-06-10 15:40 ` [PATCH v2 12/16] mm/slab: pass slab_alloc_context to __do_kmalloc_node() Vlastimil Babka (SUSE)
2026-06-12 5:34 ` Hao Li
2026-06-10 15:40 ` [PATCH v2 13/16] mm/slab: allow __GFP_NOMEMALLOC and __GFP_NOWARN for kmalloc_nolock() Vlastimil Babka (SUSE)
2026-06-12 6:57 ` Hao Li
2026-06-10 15:40 ` [PATCH v2 14/16] mm/slab: introduce kmalloc_flags() Vlastimil Babka (SUSE)
2026-06-12 8:02 ` Hao Li
2026-06-10 15:40 ` [PATCH v2 15/16] mm/slab: remove __GFP_NO_OBJ_EXT usage from alloc_slab_obj_exts() Vlastimil Babka (SUSE)
2026-06-11 16:28 ` Vlastimil Babka (SUSE)
2026-06-12 6:54 ` Hao Li
2026-06-10 15:40 ` [PATCH v2 16/16] mm/slab: replace __GFP_NO_OBJ_EXT with SLAB_ALLOC_NO_RECURSE for sheaves Vlastimil Babka (SUSE)
2026-06-12 8:16 ` Hao Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aiuArH73S7k_jQ5L@fedora \
--to=hao.li@linux.dev \
--cc=akpm@linux-foundation.org \
--cc=ast@kernel.org \
--cc=cgroups@vger.kernel.org \
--cc=cl@gentwo.org \
--cc=dvyukov@google.com \
--cc=elver@google.com \
--cc=glider@google.com \
--cc=hannes@cmpxchg.org \
--cc=harry@kernel.org \
--cc=kasan-dev@googlegroups.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mhocko@kernel.org \
--cc=rientjes@google.com \
--cc=roman.gushchin@linux.dev \
--cc=shakeel.butt@linux.dev \
--cc=stable@vger.kernel.org \
--cc=surenb@google.com \
--cc=vbabka@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.