From patchwork Sun Feb 12 13:05:53 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hoeun Ryu X-Patchwork-Id: 9568367 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 11C6D60442 for ; Sun, 12 Feb 2017 13:06:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 00FB428338 for ; Sun, 12 Feb 2017 13:06:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E97A6283F4; Sun, 12 Feb 2017 13:06:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_MED, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 2F30428338 for ; Sun, 12 Feb 2017 13:06:46 +0000 (UTC) Received: (qmail 22438 invoked by uid 550); 12 Feb 2017 13:06:45 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 22420 invoked from network); 12 Feb 2017 13:06:44 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=LzuwE0Kz/wFFKoXV0UQa5SVQYRFOQpg02hIszrN+n5U=; b=CR2wKINEJ4cG/dvVyyw5YSly9HuCdFgjfeT7F5UIc3BtC0BZ/xFFB1+rBnod0Bh7Ax 8E1ICGeGEuaJaJ2ql4zNSpPdk2oCUwEj3tDdaWeAXi7bIaPM1BMDRQhtQne4vMxpdMp5 Es808T+No7Bovqds/XFpTxqmUOI6zwBjK3GTOewb+6lWn11Bibta/p5pBXB74ZbDsQSm ajY7UsvpOiJbvfizFDWU0q5n3NRYKpcIUN0oo3rm2HCnnbXD2HNZ0OattG9vmUqhZdJ7 mbxqSEdlgnfOAYAFrhog+sJgL3lDQtiCAmueQUUKIKBOdN47WIb4JjX97g4D5Yl6Bw5z UPrQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=LzuwE0Kz/wFFKoXV0UQa5SVQYRFOQpg02hIszrN+n5U=; b=N7U/ZOzzPCUrUmtdrtcXXu3Gi4xiS6CZxoif+HOSVy47FhM6QRl5bv0JAOXV9+FP/l 8MDjuObn8TBUP97eZiR5X0SYozIRL6nBxf0R8gPkeqSqAIpVZMnm76voXOqeZhoWlJOa sdbnjwLc2VUYbjtWkI7UJANfdshGJ9vvn6DscKAyRkYKK/fqrxvDgKWFlAzy2EByW8Wk h0JY0izLxX1vZFuZ5TsngFwGRf521b+o4TkrKB9NLkKvU2Nbulm2GVVOfHt0t6CoviBw QnRrXtm82ETnBhNhm7eN1yFTzvkJX8IKaeAd64XhOFcldJd0pG4AXUrzyW3Wq4lZck/S Kxow== X-Gm-Message-State: AMke39lE7Zospx/MALCfWZB+3r5pF1Nk+nN3zGMEOgbpz1OgkVSRLRb7n7tp+vsiOmpe7g== X-Received: by 10.99.37.199 with SMTP id l190mr20882547pgl.86.1486904792905; Sun, 12 Feb 2017 05:06:32 -0800 (PST) From: Hoeun Ryu To: Thomas Gleixner , Andrew Morton , Michal Hocko , Ingo Molnar , Andy Lutomirski , Kees Cook , "Eric W. Biederman" , Oleg Nesterov , Mateusz Guzik Cc: linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, Hoeun Ryu Date: Sun, 12 Feb 2017 22:05:53 +0900 Message-Id: <1486904770-30653-1-git-send-email-hoeun.ryu@gmail.com> X-Mailer: git-send-email 2.7.4 Subject: [kernel-hardening] [PATCH v6] fork: free vmapped stacks in cache when cpus are offline X-Virus-Scanned: ClamAV using ClamSMTP Using virtually mapped stack, kernel stacks are allocated via vmalloc. In the current implementation, two stacks per cpu can be cached when tasks are freed and the cached stacks are used again in task duplications. but the cached stacks may remain unfreed even when cpu are offline. By adding a cpu hotplug callback to free the cached stacks when a cpu goes offline, the pages of the cached stacks are not wasted. Signed-off-by: Hoeun Ryu Acked-by: Michal Hocko Reviewed-by: Thomas Gleixner --- v6: - rollback to v4, completely identical. v5: - wrap cpuhp_setup_state() in a new function, vm_stack_cache_init() which actually do nothing when !CONFIG_VMAP_STACK - add __may_unused to free_vm_stack_cache() v4: - use CPUHP_BP_PREPARE_DYN state for cpuhp setup - fix minor coding style v3: - fix misuse of per-cpu api - fix location of function definition within CONFIG_VMAP_STACK v2: - remove cpuhp callback for `startup`, only `teardown` callback is installed. kernel/fork.c | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/kernel/fork.c b/kernel/fork.c index 937ba59..3ad0274 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -168,6 +168,24 @@ void __weak arch_release_thread_stack(unsigned long *stack) */ #define NR_CACHED_STACKS 2 static DEFINE_PER_CPU(struct vm_struct *, cached_stacks[NR_CACHED_STACKS]); + +static int free_vm_stack_cache(unsigned int cpu) +{ + struct vm_struct **cached_vm_stacks = per_cpu_ptr(cached_stacks, cpu); + int i; + + for (i = 0; i < NR_CACHED_STACKS; i++) { + struct vm_struct *vm_stack = cached_vm_stacks[i]; + + if (!vm_stack) + continue; + + vfree(vm_stack->addr); + cached_vm_stacks[i] = NULL; + } + + return 0; +} #endif static unsigned long *alloc_thread_stack_node(struct task_struct *tsk, int node) @@ -456,6 +474,11 @@ void __init fork_init(void) for (i = 0; i < UCOUNT_COUNTS; i++) { init_user_ns.ucount_max[i] = max_threads/2; } + +#ifdef CONFIG_VMAP_STACK + cpuhp_setup_state(CPUHP_BP_PREPARE_DYN, "fork:vm_stack_cache", + NULL, free_vm_stack_cache); +#endif } int __weak arch_dup_task_struct(struct task_struct *dst,