[kernel-hardening] [PATCHv2 4/4] slub: Relax CMPXCHG consistency restrictions

kernel-hardening.lists.openwall.com archive mirror
 help / color / mirror / Atom feed

From: Laura Abbott <labbott@fedoraproject.org>
To: Christoph Lameter <cl@linux.com>,
	Pekka Enberg <penberg@kernel.org>,
	David Rientjes <rientjes@google.com>,
	Joonsoo Kim <js1304@gmail.com>,
	Andrew Morton <akpm@linux-foundation.org>
Cc: Laura Abbott <labbott@fedoraproject.org>,
	linux-mm@kvack.org, linux-kernel@vger.kernel.org,
	kernel-hardening@lists.openwall.com,
	Kees Cook <keescook@chromium.org>
Subject: [kernel-hardening] [PATCHv2 4/4] slub: Relax CMPXCHG consistency restrictions
Date: Mon, 15 Feb 2016 10:44:24 -0800	[thread overview]
Message-ID: <1455561864-4217-5-git-send-email-labbott@fedoraproject.org> (raw)
In-Reply-To: <1455561864-4217-1-git-send-email-labbott@fedoraproject.org>


When debug options are enabled, cmpxchg on the page is disabled. This is
because the page must be locked to ensure there are no false positives
when performing consistency checks. Some debug options such as poisoning
and red zoning only act on the object itself. There is no need to
protect other CPUs from modification on only the object. Allow cmpxchg
to happen with poisoning and red zoning are set on a slab.

Credit to Mathias Krause for the original work which inspired this series

Signed-off-by: Laura Abbott <labbott@fedoraproject.org>
---
 mm/slub.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/mm/slub.c b/mm/slub.c
index 01606ff..0323e53 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -164,6 +164,14 @@ static inline bool kmem_cache_has_cpu_partial(struct kmem_cache *s)
 				SLAB_POISON | SLAB_STORE_USER)
 
 /*
+ * These debug flags cannot use CMPXCHG because there might be consistency
+ * issues when checking or reading debug information
+ */
+#define SLAB_NO_CMPXCHG (SLAB_CONSISTENCY_CHECKS | SLAB_STORE_USER | \
+				SLAB_TRACE)
+
+
+/*
  * Debugging flags that require metadata to be stored in the slab.  These get
  * disabled when slub_debug=O is used and a cache's min order increases with
  * metadata.
@@ -3377,7 +3385,7 @@ static int kmem_cache_open(struct kmem_cache *s, unsigned long flags)
 
 #if defined(CONFIG_HAVE_CMPXCHG_DOUBLE) && \
     defined(CONFIG_HAVE_ALIGNED_STRUCT_PAGE)
-	if (system_has_cmpxchg_double() && (s->flags & SLAB_DEBUG_FLAGS) == 0)
+	if (system_has_cmpxchg_double() && (s->flags & SLAB_NO_CMPXCHG) == 0)
 		/* Enable fast mode */
 		s->flags |= __CMPXCHG_DOUBLE;
 #endif
@@ -4889,7 +4897,6 @@ static ssize_t red_zone_store(struct kmem_cache *s,
 
 	s->flags &= ~SLAB_RED_ZONE;
 	if (buf[0] == '1') {
-		s->flags &= ~__CMPXCHG_DOUBLE;
 		s->flags |= SLAB_RED_ZONE;
 	}
 	calculate_sizes(s, -1);
@@ -4910,7 +4917,6 @@ static ssize_t poison_store(struct kmem_cache *s,
 
 	s->flags &= ~SLAB_POISON;
 	if (buf[0] == '1') {
-		s->flags &= ~__CMPXCHG_DOUBLE;
 		s->flags |= SLAB_POISON;
 	}
 	calculate_sizes(s, -1);
-- 
2.5.0

next prev parent reply	other threads:[~2016-02-15 18:44 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-02-15 18:44 [kernel-hardening] [PATCHv2 0/4] Improve performance for SLAB_POISON Laura Abbott
2016-02-15 18:44 ` [kernel-hardening] [PATCHv2 1/4] slub: Drop lock at the end of free_debug_processing Laura Abbott
2016-02-16 16:28   ` [kernel-hardening] " Christoph Lameter
2016-02-24 14:22   ` Paolo Bonzini
2016-02-24 18:09     ` Laura Abbott
2016-02-15 18:44 ` [kernel-hardening] [PATCHv2 2/4] slub: Fix/clean free_debug_processing return paths Laura Abbott
2016-02-16 16:30   ` [kernel-hardening] " Christoph Lameter
2016-02-15 18:44 ` [kernel-hardening] [PATCHv2 3/4] slub: Convert SLAB_DEBUG_FREE to SLAB_CONSISTENCY_CHECKS Laura Abbott
2016-02-16 16:32   ` [kernel-hardening] " Christoph Lameter
2016-02-15 18:44 ` Laura Abbott [this message]
2016-02-16 16:33   ` [kernel-hardening] Re: [PATCHv2 4/4] slub: Relax CMPXCHG consistency restrictions Christoph Lameter
2016-02-18  8:39 ` [kernel-hardening] Re: [PATCHv2 0/4] Improve performance for SLAB_POISON Joonsoo Kim

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:01606ff dfblob:0323e53 )
 OR (
bs:"[kernel-hardening] [PATCHv2 4/4] slub: Relax CMPXCHG consistency restrictions" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1455561864-4217-5-git-send-email-labbott@fedoraproject.org \
    --to=labbott@fedoraproject.org \
    --cc=akpm@linux-foundation.org \
    --cc=cl@linux.com \
    --cc=js1304@gmail.com \
    --cc=keescook@chromium.org \
    --cc=kernel-hardening@lists.openwall.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=penberg@kernel.org \
    --cc=rientjes@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).