Re: [PATCH v13 19/25] kasan: add hooks implementation for tag-based mode
From: Vincenzo Frascino
Date: Tue Dec 11 2018 - 11:22:56 EST
Hi Andrey,
On 06/12/2018 12:24, Andrey Konovalov wrote:
> This commit adds tag-based KASAN specific hooks implementation and
> adjusts common generic and tag-based KASAN ones.
>
> 1. When a new slab cache is created, tag-based KASAN rounds up the size of
> the objects in this cache to KASAN_SHADOW_SCALE_SIZE (== 16).
>
> 2. On each kmalloc tag-based KASAN generates a random tag, sets the shadow
> memory, that corresponds to this object to this tag, and embeds this
> tag value into the top byte of the returned pointer.
>
> 3. On each kfree tag-based KASAN poisons the shadow memory with a random
> tag to allow detection of use-after-free bugs.
>
> The rest of the logic of the hook implementation is very much similar to
> the one provided by generic KASAN. Tag-based KASAN saves allocation and
> free stack metadata to the slab object the same way generic KASAN does.
>
> Reviewed-by: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>
> Reviewed-by: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
> Signed-off-by: Andrey Konovalov <andreyknvl@xxxxxxxxxx>
> ---
> mm/kasan/common.c | 116 ++++++++++++++++++++++++++++++++++++++--------
> mm/kasan/kasan.h | 8 ++++
> mm/kasan/tags.c | 48 +++++++++++++++++++
> 3 files changed, 153 insertions(+), 19 deletions(-)
>
[...]
> @@ -265,6 +290,8 @@ void kasan_cache_create(struct kmem_cache *cache, unsigned int *size,
> return;
> }
>
> + cache->align = round_up(cache->align, KASAN_SHADOW_SCALE_SIZE);
> +
Did you consider to set ARCH_SLAB_MINALIGN instead of this round up?
--
Regards,
Vincenzo