From patchwork Tue Jan 18 22:52:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Collingbourne X-Patchwork-Id: 12716971 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D2A15C433F5 for ; Tue, 18 Jan 2022 22:52:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 464CC6B0072; Tue, 18 Jan 2022 17:52:34 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 412EF6B0073; Tue, 18 Jan 2022 17:52:34 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2DC386B0074; Tue, 18 Jan 2022 17:52:34 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0230.hostedemail.com [216.40.44.230]) by kanga.kvack.org (Postfix) with ESMTP id 1BD236B0072 for ; Tue, 18 Jan 2022 17:52:34 -0500 (EST) Received: from smtpin23.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id C6D4895AE5 for ; Tue, 18 Jan 2022 22:52:33 +0000 (UTC) X-FDA: 79044908586.23.D3EEF78 Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) by imf24.hostedemail.com (Postfix) with ESMTP id 01D03180003 for ; Tue, 18 Jan 2022 22:52:32 +0000 (UTC) Received: by mail-yb1-f201.google.com with SMTP id b61-20020a25a243000000b006126ea65191so1001929ybi.19 for ; Tue, 18 Jan 2022 14:52:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:message-id:mime-version:subject:from:to:cc; bh=+mzcJD1f4b16ra0GiHtWZ6d+B5dxCbu0iOYX1yklcN0=; b=V2k6FqTnHCv81lfCofpGjlfsSFnf4w2i3VXnqucVxtJYzgsFuqDUPXRM/A3pAYQIf2 21zjW+AWg8beUxVB1OUmwjcX2XG4GpgtKnO3zixtmTM0yjFqdFqmGmIfsfeZ+wFbu4OY b7lwPifB2TCUghDUNrWRJsjLc/qv6XfgHiQ50q9JLg9BigKpFIQfwRuUWB88TEqfeoxc TpDGQjbdSDeCDQM1RZfFXoU4AqU44ElwX277YmqXJ2MWER2xZce2xzdCiWIua13C7Lhx bTxckfTF4VcWFPURq6g303V3YGBw81TQz+3TAyp0fNlesoY9BTq+RBvy12L5Ps7evyH9 gHDw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=+mzcJD1f4b16ra0GiHtWZ6d+B5dxCbu0iOYX1yklcN0=; b=2dmudxMWhVrsxgjUdGEYwV2Q96Ie5XogLETBP+B3Z9wPcpyqt7eYgJ+5Z2RuoQbB5+ HCMlR4/USMXjoJ922Woryo5CUwxH05d6yIYQLBF4CiLminbvLhItv49V7iJ9Xniajt8A dATpK0SrL+u1xvlQwJ01onuYzMA2I95RDndBk1uOlPBRQPmVTcFfgFTIOsEe9fr6a53G NdNywVO8iU12SJhhPE5lp5xlDVJtK0XTwW5FsUuUco9knJUnfZsHanSClImTfbxfhD8h BASgKqhxnFgX7rXEYmtL3a9Cq33v0IcLM2CRT96m9I3CZZICyGIuE7pctrQ99oUuTDjA fDXw== X-Gm-Message-State: AOAM5300BlibalZ2eHIXPcDfHih8tTq6pLp63qSFs678+z7prkJWa5JX 1nOdNcaEMMwanKwtKemn3QGkN5E= X-Google-Smtp-Source: ABdhPJzN+1lslSfZER8W3Mqe56Ilvc9Szjyr00149NsPQLB1VCQs9NPmdqhrpfxWCJH0Cf26KGI27lw= X-Received: from pcc-desktop.svl.corp.google.com ([2620:15c:2ce:200:1443:965d:6393:cd60]) (user=pcc job=sendgmr) by 2002:a25:b683:: with SMTP id s3mr34831611ybj.293.1642546352072; Tue, 18 Jan 2022 14:52:32 -0800 (PST) Date: Tue, 18 Jan 2022 14:52:15 -0800 Message-Id: <20220118225215.318101-1-pcc@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.34.1.703.g22d0c6ccf7-goog Subject: [PATCH v2] mm: use compare-exchange operation to set KASAN page tag From: Peter Collingbourne To: Andrey Konovalov , Andrew Morton Cc: Peter Collingbourne , linux-mm@kvack.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org X-Rspamd-Queue-Id: 01D03180003 X-Stat-Signature: zddjogocbx98b97jugecom9hpo67sshk Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=V2k6FqTn; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf24.hostedemail.com: domain of 3sETnYQMKCOscPPTbbTYR.PbZYVahk-ZZXiNPX.beT@flex--pcc.bounces.google.com designates 209.85.219.201 as permitted sender) smtp.mailfrom=3sETnYQMKCOscPPTbbTYR.PbZYVahk-ZZXiNPX.beT@flex--pcc.bounces.google.com X-Rspamd-Server: rspam06 X-HE-Tag: 1642546352-95261 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: It has been reported that the tag setting operation on newly-allocated pages can cause the page flags to be corrupted when performed concurrently with other flag updates as a result of the use of non-atomic operations. Fix the problem by using a compare-exchange loop to update the tag. Signed-off-by: Peter Collingbourne Link: https://linux-review.googlesource.com/id/I456b24a2b9067d93968d43b4bb3351c0cec63101 Fixes: 2813b9c02962 ("kasan, mm, arm64: tag non slab memory allocated via pagealloc") Cc: stable@vger.kernel.org --- v2: - use READ_ONCE() include/linux/mm.h | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/include/linux/mm.h b/include/linux/mm.h index c768a7c81b0b..37d1aa65f28c 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -1531,11 +1531,17 @@ static inline u8 page_kasan_tag(const struct page *page) static inline void page_kasan_tag_set(struct page *page, u8 tag) { - if (kasan_enabled()) { - tag ^= 0xff; - page->flags &= ~(KASAN_TAG_MASK << KASAN_TAG_PGSHIFT); - page->flags |= (tag & KASAN_TAG_MASK) << KASAN_TAG_PGSHIFT; - } + unsigned long old_flags, flags; + + if (!kasan_enabled()) + return; + + tag ^= 0xff; + do { + old_flags = flags = READ_ONCE(page->flags); + flags &= ~(KASAN_TAG_MASK << KASAN_TAG_PGSHIFT); + flags |= (tag & KASAN_TAG_MASK) << KASAN_TAG_PGSHIFT; + } while (unlikely(cmpxchg(&page->flags, old_flags, flags) != old_flags)); } static inline void page_kasan_tag_reset(struct page *page)