From patchwork Fri Feb 10 23:40:38 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hoeun Ryu <hoeun.ryu@gmail.com>
X-Patchwork-Id: 9567605
Return-Path: 
 <kernel-hardening-return-6517-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	9E98B601EA for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Fri, 10 Feb 2017 23:44:05 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 90DE1285D5
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Fri, 10 Feb 2017 23:44:05 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 8565B285F2; Fri, 10 Feb 2017 23:44:05 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,
	DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_MED,
	T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id C2B45285D5
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Fri, 10 Feb 2017 23:44:04 +0000 (UTC)
Received: (qmail 14018 invoked by uid 550); 10 Feb 2017 23:44:02 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 13994 invoked from network); 10 Feb 2017 23:44:01 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id;
	bh=C5hJoLH2kU0QiAFAvTZSseuK7EjAfYX/8J09FfZ/UeA=;
	b=hEbWxPMT6GVKQ25eQlMayN3R7/V9Lc9Da32fAivyLggmV65jkr0kuGBlu+5K90hYHv
	kiCL63K1XSZIfq0Huont4Z3qm/Nno0Skup+7iceg94jBLR4PkKwDlXUDn4K1XzlJXxK5
	BtYqqdbLOwR/qEii/TG1VGFVuPYhp90hhNRdeT3C7PkMUEPsBUBeGmkPJtiyCEPROZXF
	LoSN5Dbq+4MvzRy2eO4krDvvgwl+ay4+gs7rtshsSsm3yG259GDlbf98gMsCaugs1CCG
	JxSSVbaWChqYWHadMo/VudCYzddKBzN0yZEWylYEvREtVOcEEbThvsW27QPBKIi5L/Zv
	t4FA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id;
	bh=C5hJoLH2kU0QiAFAvTZSseuK7EjAfYX/8J09FfZ/UeA=;
	b=ZPyxEZCqNNSI0WSbaa5UKXQwe8X7NhYagjlYrKk+C/YKN5+fcWeiSLs5AgJ+i9M/EM
	l4iIyJgCO469a+WN+hdA1sAutWw4xGbUJFSlb/786vdElQ4PGv3WBZjw3gaBxuFFJaQH
	Ia8VRWyZ+ClyV339mJZ9qcSyBJUaxwBM0U9IgOKU5SoQnSSLtA65lP0wlL0IJ8vEfEYS
	hgpOjUQxRLuUv0x3GmAx08S+ShfcuTYI3USQ6XH39BS5yUs5c7aWqS3jJv09RIqoDQil
	V4qK6i5fYkqA33bfAetx/4H4u7f+OLbsrzUNFutzPPTHxw9yZ7A6K6NLbzghEEVdDkZs
	MOWA==
X-Gm-Message-State: 
 AMke39msNaYQRcMHJ3R7Xy9RyEZDQL5tiNf8SGPSObjhMjNlVsB8j0lmx75P9bsaWK4jJg==
X-Received: by 10.98.204.83 with SMTP id a80mr13210844pfg.114.1486770229943;
	Fri, 10 Feb 2017 15:43:49 -0800 (PST)
From: Hoeun Ryu <hoeun.ryu@gmail.com>
To: Andrew Morton <akpm@linux-foundation.org>,
	Michal Hocko <mhocko@suse.com>, Ingo Molnar <mingo@kernel.org>,
	Andy Lutomirski <luto@kernel.org>,
	"Eric W. Biederman" <ebiederm@xmission.com>,
	Oleg Nesterov <oleg@redhat.com>, Mateusz Guzik <mguzik@redhat.com>
Cc: linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com,
	Thomas Gleixner <tglx@linutronix.de>, Hoeun Ryu <hoeun.ryu@gmail.com>
Date: Sat, 11 Feb 2017 08:40:38 +0900
Message-Id: <1486770080-25007-1-git-send-email-hoeun.ryu@gmail.com>
X-Mailer: git-send-email 2.7.4
Subject: [kernel-hardening] [PATCH v4] fork: free vmapped stacks in cache
	when cpus are offline
X-Virus-Scanned: ClamAV using ClamSMTP

Using virtually mapped stack, kernel stacks are allocated via vmalloc.
In the current implementation, two stacks per cpu can be cached when
tasks are freed and the cached stacks are used again in task duplications.
but the cached stacks may remain unfreed even when cpu are offline.
 By adding a cpu hotplug callback to free the cached stacks when a cpu
goes offline, the pages of the cached stacks are not wasted.

Signed-off-by: Hoeun Ryu <hoeun.ryu@gmail.com>
Acked-by: Michal Hocko <mhocko@suse.com>
---
v4:
 use CPUHP_BP_PREPARE_DYN state for cpuhp setup
 fix minor coding style
v3:
 fix misuse of per-cpu api
 fix location of function definition within CONFIG_VMAP_STACK
v2:
 remove cpuhp callback for `startup`, only `teardown` callback is installed.

 kernel/fork.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/kernel/fork.c b/kernel/fork.c
index 937ba59..61634d7 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -168,6 +168,24 @@ void __weak arch_release_thread_stack(unsigned long *stack)
  */
 #define NR_CACHED_STACKS 2
 static DEFINE_PER_CPU(struct vm_struct *, cached_stacks[NR_CACHED_STACKS]);
+
+static int free_vm_stack_cache(unsigned int cpu)
+{
+	struct vm_struct **cached_vm_stacks = per_cpu_ptr(cached_stacks, cpu);
+	int i;
+
+	for (i = 0; i < NR_CACHED_STACKS; i++) {
+		struct vm_struct *vm_stack = cached_vm_stacks[i];
+
+		if (!vm_stack)
+			continue;
+
+		vfree(vm_stack->addr);
+		cached_vm_stacks[i] = NULL;
+	}
+
+	return 0;
+}
 #endif
 
 static unsigned long *alloc_thread_stack_node(struct task_struct *tsk, int node)
@@ -456,6 +474,11 @@ void __init fork_init(void)
 	for (i = 0; i < UCOUNT_COUNTS; i++) {
 		init_user_ns.ucount_max[i] = max_threads/2;
 	}
+
+#ifdef CONFIG_VMAP_STACK
+	cpuhp_setup_state(CPUHP_BP_PREPARE_DYN, "fork:vmstack_cache",
+			  NULL, free_vm_stack_cache);
+#endif
 }
 
 int __weak arch_dup_task_struct(struct task_struct *dst,