On Tue, Mar 06, 2018 at 07:31:16PM +0100, Andrey Konovalov wrote:
> On Mon, Mar 5, 2018 at 3:32 PM, Mark Rutland <mark.rutland@xxxxxxx> wrote:
> > On Fri, Mar 02, 2018 at 08:44:26PM +0100, Andrey Konovalov wrote:
> >> +static DEFINE_PER_CPU(u32, prng_state);
> >> +
> >> +void khwasan_init(void)
> >> +{
> >> + int cpu;
> >> +
> >> + for_each_possible_cpu(cpu) {
> >> + per_cpu(prng_state, cpu) = get_random_u32();
> >> + }
> >> + WRITE_ONCE(khwasan_enabled, 1);
> >> +}
> >> +
> >> +static inline u8 khwasan_random_tag(void)
> >> +{
> >> + u32 state = this_cpu_read(prng_state);
> >> +
> >> + state = 1664525 * state + 1013904223;
> >> + this_cpu_write(prng_state, state);
> >> +
> >> + return (u8)state;
> >> +}
> >
> > Have you considered preemption here? Is the assumption that it happens
> > sufficiently rarely that cross-contaminating the prng state isn't a
> > problem?
>
> Hi Mark!
>
> Yes, I have. If a preemption happens between this_cpu_read and
> this_cpu_write, the only side effect is that we'll give a few
> allocated in different contexts objects the same tag. Sine KHWASAN is
> meant to be used a probabilistic bug-detection debug feature, this
> doesn't seem to have serious negative impact.
Sure, just wanted to check that was the intent.
> I'll add a comment about this though.
That would be great!
Thanks,
Mark.
