From patchwork Tue Jul 12 13:39:46 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hyeonggon Yoo <42.hyeyoo@gmail.com>
X-Patchwork-Id: 12915015
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 97E37CCA47F
	for <linux-mm@archiver.kernel.org>; Tue, 12 Jul 2022 13:40:49 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 307E3940085; Tue, 12 Jul 2022 09:40:49 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 2B735940063; Tue, 12 Jul 2022 09:40:49 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 17F27940085; Tue, 12 Jul 2022 09:40:49 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com
 [216.40.44.17])
	by kanga.kvack.org (Postfix) with ESMTP id 05DBC940063
	for <linux-mm@kvack.org>; Tue, 12 Jul 2022 09:40:49 -0400 (EDT)
Received: from smtpin25.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay09.hostedemail.com (Postfix) with ESMTP id D650933FB7
	for <linux-mm@kvack.org>; Tue, 12 Jul 2022 13:40:48 +0000 (UTC)
X-FDA: 79678558176.25.359632D
Received: from mail-pj1-f50.google.com (mail-pj1-f50.google.com
 [209.85.216.50])
	by imf30.hostedemail.com (Postfix) with ESMTP id 81BFD80073
	for <linux-mm@kvack.org>; Tue, 12 Jul 2022 13:40:48 +0000 (UTC)
Received: by mail-pj1-f50.google.com with SMTP id
 89-20020a17090a09e200b001ef7638e536so11429959pjo.3
        for <linux-mm@kvack.org>; Tue, 12 Jul 2022 06:40:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=hHX6u+uuT0Qv/UMIRhleUO+BgcB2HGRMakbokCWE8Fs=;
        b=Ihzm2rddLGzNKF4YXXSxlXjbHdCTscB0yqKGkiatFFI5tMV1MKKybwz46/gefAVWW/
         uHag3srSoMJMC8+UcknJNrRV8FPVQfTKKnQ3pNaw44uEtgQUv7d/H/huqn8/BmtP3RK7
         P0wt/gNUbftGkpGgJcCsY5IyXb5HuQKPSJS9+FSw/w86QbzAsw98x2+oC2UBgYgEgxqZ
         cNXkhaobZ9JF9wYFAs8caGM4lZXYluwZpyF/f6Re6xczg3RD3pmVkFVYiKgLFMpCUqNH
         DYPRdqfDhrsYLX2mUHikivQ6A0p02w+HPIBG02A8nDqyMUV9x/dhfmXIBhlSNTdTuKaJ
         JJqg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=hHX6u+uuT0Qv/UMIRhleUO+BgcB2HGRMakbokCWE8Fs=;
        b=QviNbq0e2ocfp5/SGaE9nGL9BCEK2uUJB8ZWQgwCMqPQA3ssSWEusFJxsTh+GOrwfu
         Ma+LZZYHc9tI6tHtx5DXSND8GU1rKkLEQiby1SroEKJSFbNTVfMxl2tt6urenxdKvmwC
         w3oWV40N+NEh5wJxtr2ff4o1wiaD3+KPadzAzeXUQIcYNxKguO9og9dc98CnpMuOyZ4f
         +9i1AT2JiUo9X1Gg/z16W0LMHLPYvEyLsV/rCAHEnPbldtTZsmJSWT7NtmBFBgY9Clmn
         qsg0xPKEiqpeQbnKWDBx+o+k5W9Q1uqe1r8ziOzxJRLpW4H1MeTWbFsobN3xttOUoNgv
         lNkg==
X-Gm-Message-State: AJIora8rObJjOnDzdGSuPIA5ElSyl+lefO28IPRHIVwQSXzgwzFS4zr4
	swq0iKxMUk7Mv89c2pvLVIA=
X-Google-Smtp-Source: 
 AGRyM1tLVKYRqR/7FAuECqcy2MJ1lHFZ77GM2G7vH4DXeoiG1wAQZNcrfpbj6S8pBzGrN9YwT5/13g==
X-Received: by 2002:a17:90b:17d1:b0:1f0:6f1:90d1 with SMTP id
 me17-20020a17090b17d100b001f006f190d1mr4367814pjb.221.1657633247691;
        Tue, 12 Jul 2022 06:40:47 -0700 (PDT)
Received: from ip-172-31-24-42.ap-northeast-1.compute.internal
 (ec2-35-75-15-180.ap-northeast-1.compute.amazonaws.com. [35.75.15.180])
        by smtp.gmail.com with ESMTPSA id
 r6-20020aa79886000000b0052ae3bcb807sm1947178pfl.188.2022.07.12.06.40.44
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 12 Jul 2022 06:40:47 -0700 (PDT)
From: Hyeonggon Yoo <42.hyeyoo@gmail.com>
To: Christoph Lameter <cl@linux.com>,
	Pekka Enberg <penberg@kernel.org>,
	David Rientjes <rientjes@google.com>,
	Joonsoo Kim <iamjoonsoo.kim@lge.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Vlastimil Babka <vbabka@suse.cz>,
	Roman Gushchin <roman.gushchin@linux.dev>,
	Hyeonggon Yoo <42.hyeyoo@gmail.com>,
	Joe Perches <joe@perches.com>,
	Vasily Averin <vasily.averin@linux.dev>,
	Matthew WilCox <willy@infradead.org>
Cc: linux-kernel@vger.kernel.org,
	linux-mm@kvack.org
Subject: [PATCH 16/16] mm/sl[au]b: check if large object is valid in __ksize()
Date: Tue, 12 Jul 2022 13:39:46 +0000
Message-Id: <20220712133946.307181-17-42.hyeyoo@gmail.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20220712133946.307181-1-42.hyeyoo@gmail.com>
References: <20220712133946.307181-1-42.hyeyoo@gmail.com>
MIME-Version: 1.0
ARC-Authentication-Results: i=1;
	imf30.hostedemail.com;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=Ihzm2rdd;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (imf30.hostedemail.com: domain of 42.hyeyoo@gmail.com designates
 209.85.216.50 as permitted sender) smtp.mailfrom=42.hyeyoo@gmail.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1657633248;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=hHX6u+uuT0Qv/UMIRhleUO+BgcB2HGRMakbokCWE8Fs=;
	b=wTJxqoBRpQHeZpAFtFf+WvClxK1nFpfcTmXdtQL6eFyS7yC6DTvjyOqkBVHCwljkKVebr0
	ZknvtDLjucmJI1wfoAPkm/91kzaaOXgCKDehZfHWJ0oqvW0wK7R17qYx8H+5Nbwk0tUebB
	e2bbCdLMYBk7C5RkIDzzkhWhLDRHhJ0=
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1657633248; a=rsa-sha256;
	cv=none;
	b=XS1WCfFQQB4QQvY1mD62WOPpkG7NrxcNp9uIuzp9OqkWMc44pcx09UOxZ6s678DlISbIXu
	UoQywP919cO3+zWqV2tqUgXcUMNU2bEdEMlAmwZWcbsUMhQrgaAKzFNo0B3shPtT6WvlMc
	Dq0dDCaWOzf4El8yW4hyvWRSBbUqENw=
X-Rspamd-Server: rspam04
X-Rspamd-Queue-Id: 81BFD80073
X-Stat-Signature: hd5g4cq8hjp3etcorq568qfyued7878j
Authentication-Results: imf30.hostedemail.com;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=Ihzm2rdd;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (imf30.hostedemail.com: domain of 42.hyeyoo@gmail.com designates
 209.85.216.50 as permitted sender) smtp.mailfrom=42.hyeyoo@gmail.com
X-Rspam-User: 
X-HE-Tag: 1657633248-951556
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

__ksize() returns size of objects allocated from slab allocator.
When invalid object is passed to __ksize(), returning zero
prevents further memory corruption and makes caller be able to
check if there is an error.

If address of large object is not beginning of folio or size of
the folio is too small, it must be invalid. Return zero in such cases.

Suggested-by: Vlastimil Babka <vbabka@suse.cz>
Signed-off-by: Hyeonggon Yoo <42.hyeyoo@gmail.com>
Reviewed-by: Vlastimil Babka <vbabka@suse.cz>
---
 mm/slab_common.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/mm/slab_common.c b/mm/slab_common.c
index 1f8db7959366..0d6cbe9d7ad0 100644
--- a/mm/slab_common.c
+++ b/mm/slab_common.c
@@ -1013,8 +1013,12 @@ size_t __ksize(const void *object)
 
 	folio = virt_to_folio(object);
 
-	if (unlikely(!folio_test_slab(folio)))
+	if (unlikely(!folio_test_slab(folio))) {
+		if (WARN_ON(object != folio_address(folio) ||
+				folio_size(folio) <= KMALLOC_MAX_CACHE_SIZE))
+			return 0;
 		return folio_size(folio);
+	}
 
 	return slab_ksize(folio_slab(folio)->slab_cache);
 }