[PATCH v4 13/16] usercopy: Remove folio references from check_heap

Linux Hardening
 help / color / mirror / Atom feed

* [PATCH v4 13/16] usercopy: Remove folio references from check_heap_object()
       [not found] <20251113000932.1589073-1-willy@infradead.org>
@ 2025-11-13  0:09 ` Matthew Wilcox (Oracle)
  2025-11-24  6:14   ` Harry Yoo
  2025-11-24 21:06   ` Kees Cook
  0 siblings, 2 replies; 3+ messages in thread
From: Matthew Wilcox (Oracle) @ 2025-11-13  0:09 UTC (permalink / raw)
  To: Vlastimil Babka, Andrew Morton
  Cc: Matthew Wilcox (Oracle), Christoph Lameter, David Rientjes,
	Roman Gushchin, Harry Yoo, linux-mm, Kees Cook,
	Gustavo A. R. Silva, linux-hardening

Use page_slab() instead of virt_to_folio() followed by folio_slab().
We do end up calling compound_head() twice for non-slab copies, but that
will not be a problem once we allocate memdescs separately.

Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: Kees Cook <kees@kernel.org>
Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Cc: linux-hardening@vger.kernel.org
---
 mm/usercopy.c | 24 ++++++++++++++++--------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/mm/usercopy.c b/mm/usercopy.c
index dbdcc43964fb..5de7a518b1b1 100644
--- a/mm/usercopy.c
+++ b/mm/usercopy.c
@@ -164,7 +164,8 @@ static inline void check_heap_object(const void *ptr, unsigned long n,
 {
 	unsigned long addr = (unsigned long)ptr;
 	unsigned long offset;
-	struct folio *folio;
+	struct page *page;
+	struct slab *slab;
 
 	if (is_kmap_addr(ptr)) {
 		offset = offset_in_page(ptr);
@@ -189,16 +190,23 @@ static inline void check_heap_object(const void *ptr, unsigned long n,
 	if (!virt_addr_valid(ptr))
 		return;
 
-	folio = virt_to_folio(ptr);
-
-	if (folio_test_slab(folio)) {
+	page = virt_to_page(ptr);
+	slab = page_slab(page);
+	if (slab) {
 		/* Check slab allocator for flags and size. */
-		__check_heap_object(ptr, n, folio_slab(folio), to_user);
-	} else if (folio_test_large(folio)) {
-		offset = ptr - folio_address(folio);
-		if (n > folio_size(folio) - offset)
+		__check_heap_object(ptr, n, slab, to_user);
+	} else if (PageCompound(page)) {
+		page = compound_head(page);
+		offset = ptr - page_address(page);
+		if (n > page_size(page) - offset)
 			usercopy_abort("page alloc", NULL, to_user, offset, n);
 	}
+
+	/*
+	 * We cannot check non-compound pages.  They might be part of
+	 * a large allocation, in which case crossing a page boundary
+	 * is fine.
+	 */
 }
 
 DEFINE_STATIC_KEY_MAYBE_RO(CONFIG_HARDENED_USERCOPY_DEFAULT_ON,
-- 
2.47.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH v4 13/16] usercopy: Remove folio references from check_heap_object()
  2025-11-13  0:09 ` [PATCH v4 13/16] usercopy: Remove folio references from check_heap_object() Matthew Wilcox (Oracle)
@ 2025-11-24  6:14   ` Harry Yoo
  2025-11-24 21:06   ` Kees Cook
  1 sibling, 0 replies; 3+ messages in thread
From: Harry Yoo @ 2025-11-24  6:14 UTC (permalink / raw)
  To: Matthew Wilcox (Oracle)
  Cc: Vlastimil Babka, Andrew Morton, Christoph Lameter, David Rientjes,
	Roman Gushchin, linux-mm, Kees Cook, Gustavo A. R. Silva,
	linux-hardening

On Thu, Nov 13, 2025 at 12:09:27AM +0000, Matthew Wilcox (Oracle) wrote:
> Use page_slab() instead of virt_to_folio() followed by folio_slab().
> We do end up calling compound_head() twice for non-slab copies, but that
> will not be a problem once we allocate memdescs separately.
> 
> Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org>
> Cc: Kees Cook <kees@kernel.org>
> Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org>
> Cc: linux-hardening@vger.kernel.org
> ---

Looks good to me,
Reviewed-by: Harry Yoo <harry.yoo@oracle.com>

-- 
Cheers,
Harry / Hyeonggon

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH v4 13/16] usercopy: Remove folio references from check_heap_object()
  2025-11-13  0:09 ` [PATCH v4 13/16] usercopy: Remove folio references from check_heap_object() Matthew Wilcox (Oracle)
  2025-11-24  6:14   ` Harry Yoo
@ 2025-11-24 21:06   ` Kees Cook
  1 sibling, 0 replies; 3+ messages in thread
From: Kees Cook @ 2025-11-24 21:06 UTC (permalink / raw)
  To: Matthew Wilcox (Oracle)
  Cc: Vlastimil Babka, Andrew Morton, Christoph Lameter, David Rientjes,
	Roman Gushchin, Harry Yoo, linux-mm, Gustavo A. R. Silva,
	linux-hardening

On Thu, Nov 13, 2025 at 12:09:27AM +0000, Matthew Wilcox (Oracle) wrote:
> Use page_slab() instead of virt_to_folio() followed by folio_slab().
> We do end up calling compound_head() twice for non-slab copies, but that
> will not be a problem once we allocate memdescs separately.
> 
> Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org>

Reviewed-by: Kees Cook <kees@kernel.org>

-- 
Kees Cook

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2025-11-24 21:06 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <20251113000932.1589073-1-willy@infradead.org>
2025-11-13  0:09 ` [PATCH v4 13/16] usercopy: Remove folio references from check_heap_object() Matthew Wilcox (Oracle)
2025-11-24  6:14   ` Harry Yoo
2025-11-24 21:06   ` Kees Cook

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox