From patchwork Fri Aug 9 07:33:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 13758472 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7EC5AC3DA4A for ; Fri, 9 Aug 2024 07:33:13 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 12FA26B009C; Fri, 9 Aug 2024 03:33:13 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 0C15F6B009F; Fri, 9 Aug 2024 03:33:12 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E21ED6B009E; Fri, 9 Aug 2024 03:33:12 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id C0C826B009A for ; Fri, 9 Aug 2024 03:33:12 -0400 (EDT) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 7B14BC0AC6 for ; Fri, 9 Aug 2024 07:33:12 +0000 (UTC) X-FDA: 82431891024.26.94DF67B Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf02.hostedemail.com (Postfix) with ESMTP id CA90680020 for ; Fri, 9 Aug 2024 07:33:10 +0000 (UTC) Authentication-Results: imf02.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=LRMilmi1; spf=pass (imf02.hostedemail.com: domain of kees@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1723188781; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=bOax+M+lsGauL9XMR72y+kGBaKbLbESm/3/s64ZGvKY=; b=J+9M9vZvajvPqONHA93G6IN6L+oFeOMsJvYKlDYUuJtdwcjyfmcCXRAEwvko2ytvJGlMZz egfA4ko2dcDmFOnQjI0ljQfuF4tCMHvW0zOInCr0Ii056VCsfrPf3iDTZUwo2LP1qoEKIQ Po0Z4SR+U/wZF2zJNF1N5RapgeLh8Ow= ARC-Authentication-Results: i=1; imf02.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=LRMilmi1; spf=pass (imf02.hostedemail.com: domain of kees@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=kees@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1723188781; a=rsa-sha256; cv=none; b=bPRWzmjy+FyU8haEsjJHq23MUZ9z9ER9v8faIqoqaERe1Tl/Ka3OZY1B9b4d3I6sycXJeZ 6xtls16ks85RjlhXROGhX4ty/jROhKvz39lRejMkvtD7cCUCfYCsujcvuuflvqYwv4Zs+v UZ8i1CJT4+whysmgRzMQWh1hwTubEgM= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id C8AFD61651; Fri, 9 Aug 2024 07:33:09 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 91CD6C4AF09; Fri, 9 Aug 2024 07:33:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1723188789; bh=IOKrBmQTG4OCsB4r8APic0P3ePvMpjBK8oET24uorNs=; h=From:To:Cc:Subject:Date:From; b=LRMilmi1+/MCcvYuOD94XlvNl3TjcXQ2ZxBr7PEiT3TsUQZZ0eVEqZdVDHHHMLmjY PlrPk82FZ0dePn/z+JiB9yxpUTleJPyX1E+6z+QDx5/iS5JG8vvB2IIBwzE49aXcTK ykRjKafgxqhtz7Nn4LaBwf8NKmt0eV/qImAjkWqspaeRheTopJi3Y5wZ/GcL5LrSn7 SzTiKwdHLRO1TQvoaFXaMuDS5tJY0qKE1aIsYGijbsvRiLwVgKC4JeYcTsDlDVYVbh SHSdyjHz+kHZuFaEcoPofdn37P3nWn2zkDIOxxZJJkdHmYXY9SwqLmatLqNINv3rrT nsg234Ad5lODQ== From: Kees Cook To: Vlastimil Babka Cc: Kees Cook , Suren Baghdasaryan , Kent Overstreet , "GONG, Ruiqi" , Jann Horn , Matteo Rizzo , jvoisin , Xiu Jianfeng , Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , Roman Gushchin , Hyeonggon Yoo <42.hyeyoo@gmail.com>, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-hardening@vger.kernel.org Subject: [RFC][PATCH 0/5] slab: Allocate and use per-call-site caches Date: Fri, 9 Aug 2024 00:33:01 -0700 Message-Id: <20240809072532.work.266-kees@kernel.org> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1173; i=kees@kernel.org; h=from:subject:message-id; bh=IOKrBmQTG4OCsB4r8APic0P3ePvMpjBK8oET24uorNs=; b=owGbwMvMwCVmps19z/KJym7G02pJDGlbjxnoT/vKcETnWu/mV1ZSx+sevP0o1/M5kovLOf7Fq 1kr/ips6ChlYRDjYpAVU2QJsnOPc/F42x7uPlcRZg4rE8gQBi5OAZjIvAKGP9xV3Azf/+uatwgG WB55bzDtcVSoa9W1JQ819Pfm1KaYLWb4H1txVonzcPDi2Oo/L+/mSvftMp1w0fVuG6OPmM8phY2 z2QE= X-Developer-Key: i=kees@kernel.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 X-Rspam-User: X-Stat-Signature: ghmjhgcg9yw76ekjrafss348crbp7kc9 X-Rspamd-Queue-Id: CA90680020 X-Rspamd-Server: rspam11 X-HE-Tag: 1723188790-782319 X-HE-Meta: U2FsdGVkX1810pngn1gC9Thi/cunyhudl+Bh5JXVEpAMoGFSDVcoVrtvDUPZvRRY7RyKF3gcXxunSFcbCw9SS/2q1MGe+lK6wwv1X3ldRbtoW9uk4AVeiSLepFZ/ecLeRSPCNXkhPgjnT8VBRZngAp3xOb27ZChMI8mjoHYYeazMoGqLDlD8Oud0YmC35WasfvdZygdeUIJ2ax7khLgLlDwX2PCha/3AcoqpaesuqQGs0SgrtvNJZWFhJR9FC5Yj2U9E1twdrUBLJ6eu5TrcreISEInb+HFdFY82JCyEVeWSa0NbNPeh+96sxpd3CltTEsRNyg67ACufNpY5SGa1gvbfeOi5FbKrEQ9kB0xPsvb5EJICQSpCriav84LQcvGSAVRLWV2rFjftc/bI54XGPBbWW8UixNUJFe7eDwXLxVv1RP5XidUXN+BPqm1vAq8flmQlh78FsqH2831+jnbcC0kfC3bvlr72Yq2K8CTprgKPJj8R0xdgYpRHtxrnwIAiu+nvbtAoX+midHZ04417kXedxbA1m7/sSCvEoNj/vFjOUHO5xuATjmk1ZOtCTH5bLMO1nGE4JKUBNsLWq9CBI6SbL30X1Huyu9iEOLVHYmPjT/yudhBle5dVbYVMqftJ/KFVrxzpqRgir8qHk/f3fK2MNsxB8YYwI8nD2Vo7tfj4dlVGqR4YvTIkqarn5td8anxiTn3IY2qmMQo9OS6bhgASPOSHEEsMsJ5qPrRpIrHwt+Cyfb0DXH/dfD1MjjQLKRh0ANudc15c+Te6UmcNEQEZKB27vXp+K6hDyjA/+U3MOJs1ttZRuGiTr79i9uVMdCuYzhNLKeTynT01ySZGuCbO9+PE0ZYp4ztkLURovWTmqOtz0XR/YBiehyTyws5twqXniTbwO2iF/LCrHLLLOc0TLclzIbXtEkTqqsH1I9TDfqadraaFm1Li5KNw63EhNqX2hBT4bVBV870Q66R ohJfwXgQ jjl9kIJeNesdB4ONKIJAAia0Ssebsj26yuoqSZphvfcJ9bkFuSNCKynqzytXBOOHM7sOwMHIrVV3UrWIW0UHcAz/rn9K/09j2iSaA4Apdt45LB0lmiFxPLQX+aDYSoV7L+F/jKhmlHz2UPvaPjQqHvlnBqS8HCdijQtjgmnx86jQCNjVvqLVIdfuOEZk5pfUFyq58NBK8alEKXAzZAE8+SCvPKbLX0dB4BzrKKclj6VfMMhYCxxWPl0d9Ig== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Hi, Here's my current progress on using per-call-site kmalloc caches (instead of KMALLOC_NORMAL), as a defense against the common heap-grooming attacks that construct malicious objects in the same cache as a target object. I'd like to get feedback on the general approach before I continue with it. I've noted in the later patches what additional improvements I'd like to make. The first 3 patches are relatively small infrastructure changes. Thanks! -Kees Kees Cook (5): slab: Introduce kmem_buckets_destroy() codetag: Run module_load hooks for builtin codetags codetag: Introduce codetag_early_walk() alloc_tag: Track fixed vs dynamic sized kmalloc calls slab: Allocate and use per-call-site caches include/linux/alloc_tag.h | 38 +++++++++-- include/linux/codetag.h | 2 + include/linux/slab.h | 17 ++--- lib/alloc_tag.c | 129 +++++++++++++++++++++++++++++++++++--- lib/codetag.c | 21 +++++-- mm/Kconfig | 25 ++++++++ mm/slab_common.c | 18 +++++- mm/slub.c | 31 ++++++++- 8 files changed, 253 insertions(+), 28 deletions(-)