The patch titled
Subject: mm-security-introduce-init_on_alloc=1-and-init_on_free=1-boot-options-v8
has been added to the -mm tree. Its filename is
mm-security-introduce-init_on_alloc=1-and-init_on_free=1-boot-options-v8.patch
This patch should soon appear at
http://ozlabs.org/~akpm/mmots/broken-out/mm-security-introduce-init_on_alloc%3D1-and-init_on_free%3D1-boot-options-v8.patch
and later at
http://ozlabs.org/~akpm/mmotm/broken-out/mm-security-introduce-init_on_alloc%3D1-and-init_on_free%3D1-boot-options-v8.patch
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next and is updated
there every 3-4 working days
------------------------------------------------------
From: Alexander Potapenko <glider@xxxxxxxxxx>
Subject: mm-security-introduce-init_on_alloc=1-and-init_on_free=1-boot-options-v8
Link: http://lkml.kernel.org/r/20190626121943.131390-2-glider@xxxxxxxxxx
Signed-off-by: Alexander Potapenko <glider@xxxxxxxxxx>
Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>
To: Christoph Lameter <cl@xxxxxxxxx>
To: Kees Cook <keescook@xxxxxxxxxxxx>
Cc: Masahiro Yamada <yamada.masahiro@xxxxxxxxxxxxx>
Cc: Michal Hocko <mhocko@xxxxxxxxxx>
Cc: James Morris <jmorris@xxxxxxxxx>
Cc: "Serge E. Hallyn" <serge@xxxxxxxxxx>
Cc: Nick Desaulniers <ndesaulniers@xxxxxxxxxx>
Cc: Kostya Serebryany <kcc@xxxxxxxxxx>
Cc: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
Cc: Sandeep Patil <sspatil@xxxxxxxxxxx>
Cc: Laura Abbott <labbott@xxxxxxxxxx>
Cc: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
Cc: Jann Horn <jannh@xxxxxxxxxx>
Cc: Mark Rutland <mark.rutland@xxxxxxx>
Cc: Marco Elver <elver@xxxxxxxxxx>
Cc: Qian Cai <cai@xxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
kernel/kexec_core.c | 2 +-
mm/dmapool.c | 2 ++
mm/page_alloc.c | 8 ++++++++
mm/slub.c | 18 ++++++++++++++----
4 files changed, 25 insertions(+), 5 deletions(-)
--- a/kernel/kexec_core.c~mm-security-introduce-init_on_alloc=1-and-init_on_free=1-boot-options-v8
+++ a/kernel/kexec_core.c
@@ -313,7 +313,7 @@ static struct page *kimage_alloc_pages(g
arch_kexec_post_alloc_pages(page_address(pages), count,
gfp_mask);
- if (want_init_on_alloc(gfp_mask))
+ if (gfp_mask & __GFP_ZERO)
for (i = 0; i < count; i++)
clear_highpage(pages + i);
}
--- a/mm/dmapool.c~mm-security-introduce-init_on_alloc=1-and-init_on_free=1-boot-options-v8
+++ a/mm/dmapool.c
@@ -428,6 +428,8 @@ void dma_pool_free(struct dma_pool *pool
}
offset = vaddr - page->vaddr;
+ if (want_init_on_free())
+ memset(vaddr, 0, pool->size);
#ifdef DMAPOOL_DEBUG
if ((dma - page->dma) != offset) {
spin_unlock_irqrestore(&pool->lock, flags);
--- a/mm/page_alloc.c~mm-security-introduce-init_on_alloc=1-and-init_on_free=1-boot-options-v8
+++ a/mm/page_alloc.c
@@ -154,6 +154,10 @@ static int __init early_init_on_alloc(ch
if (!buf)
return -EINVAL;
ret = kstrtobool(buf, &bool_result);
+ if (bool_result && IS_ENABLED(CONFIG_PAGE_POISONING)) {
+ pr_warn("mem auto-init: Disabling init_on_alloc: CONFIG_PAGE_POISONING is on\n");
+ bool_result = false;
+ }
if (bool_result)
static_branch_enable(&init_on_alloc);
else
@@ -170,6 +174,10 @@ static int __init early_init_on_free(cha
if (!buf)
return -EINVAL;
ret = kstrtobool(buf, &bool_result);
+ if (bool_result && IS_ENABLED(CONFIG_PAGE_POISONING)) {
+ pr_warn("mem auto-init: Disabling init_on_free: CONFIG_PAGE_POISONING is on\n");
+ bool_result = false;
+ }
if (bool_result)
static_branch_enable(&init_on_free);
else
--- a/mm/slub.c~mm-security-introduce-init_on_alloc=1-and-init_on_free=1-boot-options-v8
+++ a/mm/slub.c
@@ -1282,8 +1282,9 @@ out:
if ((static_branch_unlikely(&init_on_alloc) ||
static_branch_unlikely(&init_on_free)) &&
(slub_debug & SLAB_POISON)) {
- pr_warn("disabling SLAB_POISON: can't be used together with memory auto-initialization\n");
- slub_debug &= ~SLAB_POISON;
+ pr_warn("mem auto-init: Disabling init_on_alloc/init_on_free: can't be used together with SLAB_POISON\n");
+ static_branch_disable(&init_on_alloc);
+ static_branch_disable(&init_on_free);
}
return 1;
}
@@ -1432,12 +1433,21 @@ static inline bool slab_free_freelist_ho
void *object;
void *next = *head;
void *old_tail = *tail ? *tail : *head;
+ int rsize;
if (slab_want_init_on_free(s))
do {
object = next;
next = get_freepointer(s, object);
- memset(object, 0, s->size);
+ /*
+ * Clear the object and the metadata, but don't touch
+ * the redzone.
+ */
+ memset(object, 0, s->object_size);
+ rsize = (s->flags & SLAB_RED_ZONE) ? s->red_left_pad
+ : 0;
+ memset((char *)object + s->inuse, 0,
+ s->size - s->inuse - rsize);
set_freepointer(s, object, next);
} while (object != old_tail);
@@ -2751,7 +2761,7 @@ redo:
* initialized by zeroing out freelist pointer.
*/
if (unlikely(slab_want_init_on_free(s)) && object)
- *(void **)object = NULL;
+ memset(object + s->offset, 0, sizeof(void *));
if (unlikely(slab_want_init_on_alloc(gfpflags, s)) && object)
memset(object, 0, s->object_size);
_
Patches currently in -mm which might be from glider@xxxxxxxxxx are
mm-security-introduce-init_on_alloc=1-and-init_on_free=1-boot-options.patch
mm-security-introduce-init_on_alloc=1-and-init_on_free=1-boot-options-v8.patch
mm-init-report-memory-auto-initialization-features-at-boot-time.patch
lib-introduce-test_meminit-module.patch
lib-test_meminitc-minor-test-fixes.patch
