From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A4976C6379F for ; Tue, 14 Feb 2023 17:27:57 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3F87A6B0081; Tue, 14 Feb 2023 12:27:57 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 3A84C6B0085; Tue, 14 Feb 2023 12:27:57 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 270C96B0088; Tue, 14 Feb 2023 12:27:57 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 170376B0081 for ; Tue, 14 Feb 2023 12:27:57 -0500 (EST) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id DA099120D71 for ; Tue, 14 Feb 2023 17:27:56 +0000 (UTC) X-FDA: 80466580152.05.A4FC48A Received: from mail-pg1-f177.google.com (mail-pg1-f177.google.com [209.85.215.177]) by imf28.hostedemail.com (Postfix) with ESMTP id F00E9C0016 for ; Tue, 14 Feb 2023 17:27:54 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=Ys1x9uEK; spf=pass (imf28.hostedemail.com: domain of keescook@chromium.org designates 209.85.215.177 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1676395675; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=4z/tD1lWs3iqZhTLhoCdz9qidIMqh/iqk3ouPbYGchw=; b=ep2QFTHR/ODH1kOSMW6nhfDq+uisBAedcK8dxieHGa40Gwx3uQ8EaVWmCJZhGaKESKI1wN w627i3CGHSivcOO/esyaOca996hPeV9Gv7u0/+sBLalCweLp2o0jMnegw26LGXFfDWoQyr lnwvCYp8u8B8ZkbllZPTzYLalpb9aOU= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=Ys1x9uEK; spf=pass (imf28.hostedemail.com: domain of keescook@chromium.org designates 209.85.215.177 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1676395675; a=rsa-sha256; cv=none; b=EjLWPexY/rynnpaZeehUrLXLnGo4GAqUD+WluLNFSj/OYctqfnnEspPpIQU8ol8H9ml3dq /9nlg68TjZljJSB/rQsQn6+u6JzOcMi93Sp5fl2Plh9xL40NhIIbh0yrWIeADT3kqRw5Qd cIkkiRvW4nMyiSX1PLr9j7oMNo6QDtM= Received: by mail-pg1-f177.google.com with SMTP id r18so10685721pgr.12 for ; Tue, 14 Feb 2023 09:27:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=in-reply-to:content-disposition:mime-version:references:subject:cc :to:from:date:message-id:from:to:cc:subject:date:message-id:reply-to; bh=4z/tD1lWs3iqZhTLhoCdz9qidIMqh/iqk3ouPbYGchw=; b=Ys1x9uEKNmx/xFXtuBky5R7Pot5G5/ZB5NHSiX9Bho0s9k5YLk4wx+ZpSMP+I5KiAr 8Dml4HdVk4F/JAibrLkif6ueAnnS6FBztP4o3wd2Wao5PfyIoNxZFPq+kreVvXNIyLO2 TbAgZU2P8n6BYV1hcN4UKYDA4kjEKE6mWT3lw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:subject:cc :to:from:date:message-id:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=4z/tD1lWs3iqZhTLhoCdz9qidIMqh/iqk3ouPbYGchw=; b=g8HG4QKgQkT6U1S3qK9U+7/bogIJeiL22dAEmpn4CF+JZ0ARIsyuYq/bCZ56mNG0Zh MdCp38PHWIb7QTbXPeyhcqdNy5DFRzHy7DUq1ZsCYAIfHIzFzHavCOHolSOLlHsu85PH hBgVrvePaf1vZLAtLLMu8cyOtjr/9pZ1qNPN0xS5RHlS9lv6+cgAmqdqvppfgQSHKATo q7jtqfQkHtfu4BFLqN9LlYP5gOBiyjR3JIBzAST9Z4psTdIi3nlJjQXsVmh4X9iC+/AJ yO3AjUDrpFppWAIkYdPQc28CR7JVqkCGoLZPz26wgDAArqf1uQRhx2rq+uuk1uf1hwjk cJCQ== X-Gm-Message-State: AO0yUKULVqUYao0kT2j9xgq6BP8Co+Qo9FmAcedl2+ZX13r8375bt+tC RT3O5WmbTaX4P2oPA8LgY4enP9mw/DGPvuwv X-Google-Smtp-Source: AK7set+DsC+4BbHcXcFv0KKcntwhdI7NVFQqT87ovOltDjEphAAcDPL60hNtFjP0y7pHEStkb0s/Bg== X-Received: by 2002:aa7:9f12:0:b0:5a8:515a:eb9f with SMTP id g18-20020aa79f12000000b005a8515aeb9fmr2416399pfr.2.1676395673638; Tue, 14 Feb 2023 09:27:53 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id f5-20020aa78b05000000b005a8512c9988sm10345490pfd.93.2023.02.14.09.27.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Feb 2023 09:27:53 -0800 (PST) Message-ID: <63ebc499.a70a0220.9ac51.29ea@mx.google.com> X-Google-Original-Message-ID: <202302140916.@keescook> Date: Tue, 14 Feb 2023 09:27:52 -0800 From: Kees Cook To: Vlastimil Babka Cc: Andrew Morton , Alexander Halbuer , "linux-hardening@vger.kernel.org" , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Mel Gorman Subject: Re: [PATCH] mm: reduce lock contention of pcp buffer refill References: <20230201162549.68384-1-halbuer@sra.uni-hannover.de> <20230202152501.297639031e96baad35cdab17@linux-foundation.org> <70fc9040-f976-0314-46e8-d9ddad82ccf5@suse.cz> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <70fc9040-f976-0314-46e8-d9ddad82ccf5@suse.cz> X-Rspam-User: X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: F00E9C0016 X-Stat-Signature: aaxwejnaxywpc7knazb8weazm4q1w3z4 X-HE-Tag: 1676395674-633434 X-HE-Meta: U2FsdGVkX1+7+IhvM1KxfBKBqrRcO2hA6Wo5ZIKvt2HwT8Bn5cXl3JWA61g1Rvbl/CsjhikkqwU7CzvKc0107X9ki7U9+ROKk98AfBOxTWJ4yeCWtZQ2x766pDMjoRxqVPESUcGhNVMZ3TyIoNCjCpFWhVzQetBcUwjZ+/LmP5Xi3IDSmwvFYjlreGBEhD6nXgAdOFNHsjSt/3+UxPfE3r8xAtXhXxgLj5i45JVkjGW/5RtJtCJNkk/hkbyhcMccjHJVNBj/IpK4AGzh5hhV6uj7+YrGmUDhJpchAeG76CrNNxVsVx5XY1BEzGC0t+hdkIgn1X/GQgx/5xDxOd/2BkJXHr8OoYURbGMELDUSBtzdMVuLcHOWmUDhR6QTue7MiCQLBkdQj68PvL8GJS8VQivKAvWXNa8MuTpvoL3Rl4X3wYwHT8OnzCKdMl5mZkXVJNSGOecdFIv7zEtwTn1K7d9d21raksQCUb/0GuM1KTx64hcBqrPfl/VYIHkVihpnuQTkOnwdHhODJUGqxwDmO3XnTu0XrQWfZ6OSFVbGUywhZLvua0iAbruO1dPIOO9I1/FiCc/HuwzJ8ujNBLTWhD4RGOtV+4VPk1N4YSWHHlxzolLTwT6oW61cl/phwESE+v7ehp/2/F9Hx4pzFT2TZ2HRCcd1rnnLwUxR6AyfzzvPRD8vAcs5NvOC7rcdf6DHAUyCf45+kclBuTpUMSsy4KwXOY9W/QsMEufKnzwQHUhxAjN6II2RDemXjSRMlSgtL2neI7pn9ohJcCm4xNQzVIqc2lZk/d1sOcIrYST4nClglkim5Z1m/LR+LuLM+EZRzs9zOLr0kdSxhB6i5GQQG/sDwjY9jYeGVkLBx/AxTmUhblViG/FGL9uDZnvgVlXSsUzoFWniZTewWLDovywy4BkMCIOCDPxKpjLyr6zd4sN/3OIXwJsDI0t3jNwFY0BYl6k36jPXAzNbMnjxNJ7 Eo/03n+0 4e0+/Lf+GiqvroXFh7Z21qMzJU9jWvxgWqVVcEPu5KdeFXmPx6OavK/R5icOHbCZS7su5mMuh8GUmYW0+WK/KlA7Grif78a524jen7dqyebjnIw6ctyPvgyo8GepRDhim7JC68p5llGDVxrs8JcXWAQbZvUDxIEkwLkIvB11ZqBhWDO8vabFQxxYyF8h+5sD8He6JzCRST9OH4pQ/0aKdXGXpQG3RZ6Pb3uap8A0llRBashwRm2fmX0zdPtOogm/tHt1Ls+9z7mTtbUf+k8XNJXOUjzEYdP0UN77nhkYC4kV3wkWJwAPU2wlBwK5H1FaJzE2FDhWFJF435nT1H4DYFGDiwR3X4rUpYc/maHSTm8pCZ8CcRqTWYKbhLw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, Feb 08, 2023 at 11:45:14AM +0100, Vlastimil Babka wrote: > But I wonder also what kernel hardening folks think here - are the hardened > kernels usually built with DEBUG_VM or debug_pagealloc enabled, or would you > like to hook some other kernel option for keeping the checks on page/alloc > free active? And should those checks be done on every alloc/free, including > pcplist cached allocations? What we're depending on for heap-related (i.e. both page allocator and slab) hardening currently is: - CONFIG_SLAB_FREELIST_HARDENED - pointer obfuscation (SLUB) -- freelist_ptr(), set_freepointer() - pool membership verification (SLUB and SLAB) -- cache_from_obj() - consecutive double free detection (SLUB and SLAB) -- __free_one() - allocation order randomization - CONFIG_SLAB_FREELIST_RANDOM (SLUB and SLAB) - CONFIG_SHUFFLE_PAGE_ALLOCATOR (page allocator) - memory wiping (both slab and page allocator) - init_on_alloc / CONFIG_INIT_ON_ALLOC_DEFAULT_ON - init_on_free / CONFIG_INIT_ON_FREE_DEFAULT_ON I'd be nice to gain slab redzone verification, but that seems expensive enough that anyone interested in that level of hardening has likely turned on full KASAN. -- Kees Cook