| Message ID | 20230224061550.177541-1-pcc@google.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | Revert "kasan: drop skip_kasan_poison variable in free_pages_prepare" | expand |
On Fri, Feb 24, 2023 at 7:16 AM Peter Collingbourne <pcc@google.com> wrote: > > This reverts commit 487a32ec24be819e747af8c2ab0d5c515508086a. > > The should_skip_kasan_poison() function reads the PG_skip_kasan_poison > flag from page->flags. However, this line of code in free_pages_prepare(): > > page->flags &= ~PAGE_FLAGS_CHECK_AT_PREP; > > clears most of page->flags, including PG_skip_kasan_poison, before calling > should_skip_kasan_poison(), which meant that it would never return true > as a result of the page flag being set. Therefore, fix the code to call > should_skip_kasan_poison() before clearing the flags, as we were doing > before the reverted patch. > > Signed-off-by: Peter Collingbourne <pcc@google.com> > Fixes: 487a32ec24be ("kasan: drop skip_kasan_poison variable in free_pages_prepare") > Cc: <stable@vger.kernel.org> # 6.1 > Link: https://linux-review.googlesource.com/id/Ic4f13affeebd20548758438bb9ed9ca40e312b79 > --- > mm/page_alloc.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/mm/page_alloc.c b/mm/page_alloc.c > index ac1fc986af44..7136c36c5d01 100644 > --- a/mm/page_alloc.c > +++ b/mm/page_alloc.c > @@ -1398,6 +1398,7 @@ static __always_inline bool free_pages_prepare(struct page *page, > unsigned int order, bool check_free, fpi_t fpi_flags) > { > int bad = 0; > + bool skip_kasan_poison = should_skip_kasan_poison(page, fpi_flags); > bool init = want_init_on_free(); > > VM_BUG_ON_PAGE(PageTail(page), page); > @@ -1470,7 +1471,7 @@ static __always_inline bool free_pages_prepare(struct page *page, > * With hardware tag-based KASAN, memory tags must be set before the > * page becomes unavailable via debug_pagealloc or arch_free_page. > */ > - if (!should_skip_kasan_poison(page, fpi_flags)) { > + if (!skip_kasan_poison) { > kasan_poison_pages(page, order, init); > > /* Memory is already initialized if KASAN did it internally. */ > -- > 2.39.2.637.g21b0678d19-goog > Reviewed-by: Andrey Konovalov <andreyknvl@gmail.com> Thank you for fixing this, Peter!
diff --git a/mm/page_alloc.c b/mm/page_alloc.c index ac1fc986af44..7136c36c5d01 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -1398,6 +1398,7 @@ static __always_inline bool free_pages_prepare(struct page *page, unsigned int order, bool check_free, fpi_t fpi_flags) { int bad = 0; + bool skip_kasan_poison = should_skip_kasan_poison(page, fpi_flags); bool init = want_init_on_free(); VM_BUG_ON_PAGE(PageTail(page), page); @@ -1470,7 +1471,7 @@ static __always_inline bool free_pages_prepare(struct page *page, * With hardware tag-based KASAN, memory tags must be set before the * page becomes unavailable via debug_pagealloc or arch_free_page. */ - if (!should_skip_kasan_poison(page, fpi_flags)) { + if (!skip_kasan_poison) { kasan_poison_pages(page, order, init); /* Memory is already initialized if KASAN did it internally. */
This reverts commit 487a32ec24be819e747af8c2ab0d5c515508086a. The should_skip_kasan_poison() function reads the PG_skip_kasan_poison flag from page->flags. However, this line of code in free_pages_prepare(): page->flags &= ~PAGE_FLAGS_CHECK_AT_PREP; clears most of page->flags, including PG_skip_kasan_poison, before calling should_skip_kasan_poison(), which meant that it would never return true as a result of the page flag being set. Therefore, fix the code to call should_skip_kasan_poison() before clearing the flags, as we were doing before the reverted patch. Signed-off-by: Peter Collingbourne <pcc@google.com> Fixes: 487a32ec24be ("kasan: drop skip_kasan_poison variable in free_pages_prepare") Cc: <stable@vger.kernel.org> # 6.1 Link: https://linux-review.googlesource.com/id/Ic4f13affeebd20548758438bb9ed9ca40e312b79 --- mm/page_alloc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)