review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Peter Collingbourne <pcc@google.com>
	Wed, 2 Jun 2021 23:52:30 +0000 (16:52 -0700)
committer	Will Deacon <will@kernel.org>
	Fri, 4 Jun 2021 18:32:21 +0000 (19:32 +0100)
commit	c275c5c6d50a0518cdb0584e85905d10e7cefc6e
tree	b621c3297979537bc51d124dbf57ebc932b98ca2	tree \| snapshot
parent	013bb59dbb7cf876449df860946458a595a96d51	commit \| diff

kasan: disable freed user page poisoning with HW tags

Poisoning freed pages protects against kernel use-after-free. The
likelihood of such a bug involving kernel pages is significantly higher
than that for user pages. At the same time, poisoning freed pages can
impose a significant performance cost, which cannot always be justified
for user pages given the lower probability of finding a bug. Therefore,
disable freed user page poisoning when using HW tags. We identify
"user" pages via the flag set GFP_HIGHUSER_MOVABLE, which indicates
a strong likelihood of not being directly accessible to the kernel.

Signed-off-by: Peter Collingbourne <pcc@google.com>
Reviewed-by: Andrey Konovalov <andreyknvl@gmail.com>
Link: https://linux-review.googlesource.com/id/I716846e2de8ef179f44e835770df7e6307be96c9
Link: https://lore.kernel.org/r/20210602235230.3928842-5-pcc@google.com
Signed-off-by: Will Deacon <will@kernel.org>

include/linux/gfp.h		diff \| blob \| history
include/linux/page-flags.h		diff \| blob \| history
include/trace/events/mmflags.h		diff \| blob \| history
mm/kasan/hw_tags.c		diff \| blob \| history
mm/page_alloc.c		diff \| blob \| history