Re: [PATCH] mm/vmalloc: randomize vmalloc() allocations
From: Topi Miettinen
Date: Wed Dec 02 2020 - 16:29:40 EST
On 2.12.2020 20.53, Matthew Wilcox wrote:
On Tue, Dec 01, 2020 at 11:45:47PM +0200, Topi Miettinen wrote:
+ /* Randomize allocation */
+ if (randomize_vmalloc) {
+ voffset = get_random_long() & (roundup_pow_of_two(vend - vstart) - 1);
+ voffset = PAGE_ALIGN(voffset);
+ if (voffset + size > vend - vstart)
+ voffset = vend - vstart - size;
+ } else
+ voffset = 0;
+
/*
* If an allocation fails, the "vend" address is
* returned. Therefore trigger the overflow path.
*/
- addr = __alloc_vmap_area(size, align, vstart, vend);
+ addr = __alloc_vmap_area(size, align, vstart + voffset, vend);
spin_unlock(&free_vmap_area_lock);
What if there isn't any free address space between vstart+voffset and
vend, but there is free address space between vstart and voffset?
Seems like we should add:
addr = __alloc_vmap_area(size, align, vstart + voffset, vend);
+ if (!addr)
+ addr = __alloc_vmap_area(size, align, vstart, vend);
spin_unlock(&free_vmap_area_lock);
How about:
addr = __alloc_vmap_area(size, align, vstart + voffset, vend);
+ if (!addr)
+ addr = __alloc_vmap_area(size, align, vstart, vstart + voffset + size);
spin_unlock(&free_vmap_area_lock);
That way the search would not be redone for the area that was already
checked and rejected.
Perhaps my previous patch for mmap() etc. randomization could also
search towards higher addresses instead of trying random addresses five
times in case of clashes.
-Topi