On Tue, Oct 01, 2019 at 04:58:30PM +1000, Daniel Axtens wrote: > Hook into vmalloc and vmap, and dynamically allocate real shadow > memory to back the mappings. > > Most mappings in vmalloc space are small, requiring less than a full > page of shadow space. Allocating a full shadow page per mapping would > therefore be wasteful. Furthermore, to ensure that different mappings > use different shadow pages, mappings would have to be aligned to > KASAN_SHADOW_SCALE_SIZE * PAGE_SIZE. > > Instead, share backing space across multiple mappings. Allocate a > backing page when a mapping in vmalloc space uses a particular page of > the shadow region. This page can be shared by other vmalloc mappings > later on. > > We hook in to the vmap infrastructure to lazily clean up unused shadow > memory. > > To avoid the difficulties around swapping mappings around, this code > expects that the part of the shadow region that covers the vmalloc > space will not be covered by the early shadow page, but will be left > unmapped. This will require changes in arch-specific code. > > This allows KASAN with VMAP_STACK, and may be helpful for architectures > that do not have a separate module space (e.g. powerpc64, which I am > currently working on). It also allows relaxing the module alignment > back to PAGE_SIZE. > > Link: https://bugzilla.kernel.org/show_bug.cgi?id=202009 > Acked-by: Vasily Gorbik <gor@xxxxxxxxxxxxx> > Signed-off-by: Daniel Axtens <dja@xxxxxxxxxx> > [Mark: rework shadow allocation] > Signed-off-by: Mark Rutland <mark.rutland@xxxxxxx> Sorry to point this out so late, but your S-o-B should come last in the chain per Documentation/process/submitting-patches.rst. Judging by the rest of that, I think you want something like: Co-developed-by: Mark Rutland <mark.rutland@xxxxxxx> Signed-off-by: Mark Rutland <mark.rutland@xxxxxxx> [shadow rework] Signed-off-by: Daniel Axtens <dja@xxxxxxxxxx> ... leaving yourself as the Author in the headers. Sorry to have made that more complicated! [...] > +static int kasan_depopulate_vmalloc_pte(pte_t *ptep, unsigned long addr, > + void *unused) > +{ > + unsigned long page; > + > + page = (unsigned long)__va(pte_pfn(*ptep) << PAGE_SHIFT); > + > + spin_lock(&init_mm.page_table_lock); > + > + if (likely(!pte_none(*ptep))) { > + pte_clear(&init_mm, addr, ptep); > + free_page(page); > + } There should be TLB maintenance between clearing the PTE and freeing the page here. Thanks, Mark.
