Re: [PATCH v3 3/3] KEYS: Use kvmalloc() to better handle large buffer allocation

From: Eric Biggers
Date: Fri Mar 13 2020 - 12:43:11 EST

Next message: Enric Balletbo i Serra: "Re: [PATCH v4 2/4] platform/chrome: Add Type C connector class driver"
Previous message: Paul Moore: "Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon"
In reply to: Waiman Long: "[PATCH v3 3/3] KEYS: Use kvmalloc() to better handle large buffer allocation"
Next in thread: Waiman Long: "Re: [PATCH v3 3/3] KEYS: Use kvmalloc() to better handle large buffer allocation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Mar 13, 2020 at 11:21:02AM -0400, Waiman Long wrote:
> For large multi-page temporary buffer allocation, the security/keys
> subsystem don't need contiguous physical pages. It will work perfectly
> fine with virtually mapped pages.
>
> Replace the kmalloc() call by kvmalloc() and provide a __kvzfree()
> helper function to clear and free the kvmalloc'ed buffer. This will
> reduce the chance of memory allocation failure just because of highly
> fragmented pages.
>
> Suggested-by: David Howells <dhowells@xxxxxxxxxx>
> Signed-off-by: Waiman Long <longman@xxxxxxxxxx>
> ---
> security/keys/internal.h | 14 ++++++++++++++
> security/keys/keyctl.c | 10 +++++-----
> 2 files changed, 19 insertions(+), 5 deletions(-)
>
> diff --git a/security/keys/internal.h b/security/keys/internal.h
> index ba3e2da14cef..855b11eb73ee 100644
> --- a/security/keys/internal.h
> +++ b/security/keys/internal.h
> @@ -16,6 +16,8 @@
> #include <linux/keyctl.h>
> #include <linux/refcount.h>
> #include <linux/compat.h>
> +#include <linux/mm.h>
> +#include <linux/vmalloc.h>
>
> struct iovec;
>
> @@ -349,4 +351,16 @@ static inline void key_check(const struct key *key)
>
> #endif
>
> +/*
> + * Helper function to clear and free a kvmalloc'ed memory object.
> + */
> +static inline void __kvzfree(const void *addr, size_t len)
> +{
> + if (is_vmalloc_addr(addr)) {
> + memset((void *)addr, 0, len);
> + vfree(addr);
> + } else {
> + kzfree(addr);
> + }
> +}

Since this takes the length as a parameter, it can be simplified to:

static inline void __kvzfree(const void *addr, size_t len)
{
if (addr) {
memset((void *)addr, 0, len);
kvfree(addr);
}
}

> if (!tmpbuf || unlikely(ret > tmpbuflen)) {
> if (unlikely(tmpbuf))
> - kzfree(tmpbuf);
> + __kvzfree(tmpbuf, tmpbuflen);

Both kzfree() and __kvzfree() handle a NULL pointer, so there's no need for the
NULL check first.

> @@ -920,7 +920,7 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen)
> ret = -EFAULT;
> }
> if (tmpbuf)
> - kzfree(tmpbuf);
> + __kvzfree(tmpbuf, tmpbuflen);

Likewise here. No need for the NULL check.

- Eric

Next message: Enric Balletbo i Serra: "Re: [PATCH v4 2/4] platform/chrome: Add Type C connector class driver"
Previous message: Paul Moore: "Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon"
In reply to: Waiman Long: "[PATCH v3 3/3] KEYS: Use kvmalloc() to better handle large buffer allocation"
Next in thread: Waiman Long: "Re: [PATCH v3 3/3] KEYS: Use kvmalloc() to better handle large buffer allocation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]