From patchwork Fri Feb 10 08:32:07 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hoeun Ryu <hoeun.ryu@gmail.com>
X-Patchwork-Id: 9566143
Return-Path: 
 <kernel-hardening-return-6445-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	45D3260216 for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Fri, 10 Feb 2017 08:33:30 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 333F728551
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Fri, 10 Feb 2017 08:33:30 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 25F0528556; Fri, 10 Feb 2017 08:33:30 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,
	DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_MED,
	T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id 6267E28551
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Fri, 10 Feb 2017 08:33:28 +0000 (UTC)
Received: (qmail 23559 invoked by uid 550); 10 Feb 2017 08:33:27 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 22505 invoked from network); 10 Feb 2017 08:33:26 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id;
	bh=7Zl1IsROBzJmtLMrF6cZyAIIvFBvkhkdO7PRVCjSQck=;
	b=N1Zavc46IByppO5tzYFSjO92Q6sjFTys99Rx7SUuwwJVphW9D0ZJLnc6qlYfEEqHGj
	QEcnTrUjZefRV2i9FL76b6i9cNdT9jNorB2+pYtjMeAmN/d6Gqd2ZZmwSvCXN52bmt0d
	tpBRJSf/weVZ6aCvxJvFGVNVjACO/xEq3pMbBY3a7yEbRRIWbAAxWY3QpBOrnCnMK38d
	qqlbvTgcrydDY6fu5+l2wLDS1kuJrVA+8cqvUmPLhcZ78W1KUCP8QULUrdiNfxyt4WJp
	KGbjGi03mkAc4kSnHwryoo9Xo9Y7Sku1PzhUpYZcvn5vbA3Qg/RcI8u4fCoFvtcZyv4B
	7Ihg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id;
	bh=7Zl1IsROBzJmtLMrF6cZyAIIvFBvkhkdO7PRVCjSQck=;
	b=tp/FUG95p/bET8j482bMpQdJ0c1O2Zx+s6YWm4t+eYKh2A5TI8qK4rDw9O2CWYwqgN
	o4j8SsZDTPfM5/z7gNU2Sb06g/Zt8Pq2z4O0sygsEgxYHCBwlz5G0pGS/vMgdRmfUj7J
	hO8AqhvIhcgzeCo/FhnahRzu5Ml54j5KsLI6kp6Ttf/6FMT6liP65mKbWtW9JTw6vBqk
	WTGpVpM3c2oQ1Vm/B9+EPuv2Qgif8vyQ4EGwft/G56G7DSPS0XbQBS3G2KTrJOLXp1MX
	O+9cPpDBK/NfTPPMwSeZciYYcbn6BYHkP5JRucQgiJ3k4Rrj+SviiX1DP3viMY7uFHkQ
	M9lw==
X-Gm-Message-State: 
 AMke39nS2GzAZpZx6AC5hUVITr/jC/13Kz6SBCvzM6S24PvY2dWRjcAzvEcEfEAnlj44Pw==
X-Received: by 10.99.133.65 with SMTP id u62mr9309008pgd.70.1486715594656;
	Fri, 10 Feb 2017 00:33:14 -0800 (PST)
From: Hoeun Ryu <hoeun.ryu@gmail.com>
To: Andrew Morton <akpm@linux-foundation.org>,
	Michal Hocko <mhocko@suse.com>, Ingo Molnar <mingo@kernel.org>,
	Andy Lutomirski <luto@kernel.org>, Kees Cook <keescook@chromium.org>,
	"Eric W. Biederman" <ebiederm@xmission.com>,
	Oleg Nesterov <oleg@redhat.com>
Cc: linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com,
	Hoeun Ryu <hoeun.ryu@gmail.com>
Date: Fri, 10 Feb 2017 17:32:07 +0900
Message-Id: <1486715554-12772-1-git-send-email-hoeun.ryu@gmail.com>
X-Mailer: git-send-email 2.7.4
Subject: [kernel-hardening] [PATCH v3] fork: free vmapped stacks in cache
	when cpus are offline
X-Virus-Scanned: ClamAV using ClamSMTP

Using virtually mapped stack, kernel stacks are allocated via vmalloc.
In the current implementation, two stacks per cpu can be cached when
tasks are freed and the cached stacks are used again in task duplications.
but the cached stacks may remain unfreed even when cpu are offline.
 By adding a cpu hotplug callback to free the cached stacks when a cpu
goes offline, the pages of the cached stacks are not wasted.

Signed-off-by: Hoeun Ryu <hoeun.ryu@gmail.com>
---
Changes in v3:
 fix misuse of per-cpu api
 fix location of function definition within CONFIG_VMAP_STACK

Changes in v2:
 remove cpuhp callback for `startup`, only `teardown` callback is installed.

 kernel/fork.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/kernel/fork.c b/kernel/fork.c
index 937ba59..8fad87ba 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -168,6 +168,24 @@ void __weak arch_release_thread_stack(unsigned long *stack)
  */
 #define NR_CACHED_STACKS 2
 static DEFINE_PER_CPU(struct vm_struct *, cached_stacks[NR_CACHED_STACKS]);
+
+static int free_vm_stack_cache(unsigned int cpu)
+{
+	struct vm_struct **cached_vm_stacks = per_cpu_ptr(cached_stacks, cpu);
+	int i;
+
+	for (i = 0; i < NR_CACHED_STACKS; i++) {
+		struct vm_struct **vm_stack = &cached_vm_stacks[i];
+
+		if (*vm_stack == NULL)
+			continue;
+
+		vfree((*vm_stack)->addr);
+		*vm_stack = NULL;
+	}
+
+	return 0;
+}
 #endif
 
 static unsigned long *alloc_thread_stack_node(struct task_struct *tsk, int node)
@@ -456,6 +474,11 @@ void __init fork_init(void)
 	for (i = 0; i < UCOUNT_COUNTS; i++) {
 		init_user_ns.ucount_max[i] = max_threads/2;
 	}
+
+#ifdef CONFIG_VMAP_STACK
+	cpuhp_setup_state(CPUHP_AP_ONLINE_DYN, "vm_stack_cache",
+			  NULL, free_vm_stack_cache);
+#endif
 }
 
 int __weak arch_dup_task_struct(struct task_struct *dst,