218316 – KASAN (generic): quarantine page_alloc and large kmalloc allocations

Bug 218316 - KASAN (generic): quarantine page_alloc and large kmalloc allocations

Summary: KASAN (generic): quarantine page_alloc and large kmalloc allocations

Status:	NEW

Alias:	None

Product:	Memory Management
Classification:	Unclassified
Component:	Sanitizers (show other bugs)
Hardware:	All Linux

Importance:	P3 normal
Assignee:	MM/Sanitizers virtual assignee

URL:
Keywords:

Depends on:
Blocks:

Reported:	2023-12-25 17:53 UTC by Andrey Konovalov
Modified:	2023-12-25 17:53 UTC (History)
CC List:	1 user (show)

See Also:
Kernel Version:
Subsystem:
Regression:	No
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Andrey Konovalov 2023-12-25 17:53:29 UTC

Currently, KASAN uses quarantine only for slab and normal kmalloc allocations.

We can also quarantine page_alloc and large kmalloc allocations (the ones that fall back onto page_alloc) to increase the chance of detecting use-after-free bugs in them.

Adding quarantine for mempool allocations is questionable: most of the time, mempool allocations are taken directly from slab/page_alloc.

Adding quarantine for vmalloc/vmap allocations is questionable as well: they are unmapped when freed, but the same memory can still be remapped for another allocation.

Also see this somewhat related issue: https://bugzilla.kernel.org/show_bug.cgi?id=212167 (KASAN: don't proceed with invalid page_alloc and large kmalloc frees).

Note You need to log in before you can comment on or make changes to this bug.