Bug 218321

Summary: KASAN (tags): skip poisoning new slabs
Product: Memory Management Reporter: Andrey Konovalov (andreyknvl)
Component: SanitizersAssignee: MM/Sanitizers virtual assignee (mm_sanitizers)
Status: NEW ---    
Severity: normal CC: kasan-dev
Priority: P3    
Hardware: All   
OS: Linux   
Kernel Version: Subsystem:
Regression: No Bisected commit-id:

Description Andrey Konovalov 2023-12-25 23:51:01 UTC 
Currently, all KASAN modes poison newly allocated slabs via kasan_poison_slab. While doing this makes sense for the Generic mode to poison the redzones within the slab, the tag-based modes have no redzones.

We should skip poisoning of new slabs for the tag-based modes. The objects get unpoisoned/poisoned on alloc/free anyway.

For this, we need to:

1. Stop poisoning slab memory via kasan_poison in kasan_poison_slab;

2. Skip unpoisoning of the page allocation for the slab via the __GFP_SKIP_KASAN flag. The flag is only functional for the Hardware Tag-Based mode right now, but we can extend it to the Software one too.

Once both are implemented, we can drop page_kasan_tag_reset from kasan_poison_slab, and we can thus make kasan_poison_slab no-op for the tag-based modes.