218321 – KASAN (tags): skip poisoning new slabs

Bug 218321 - KASAN (tags): skip poisoning new slabs

Summary: KASAN (tags): skip poisoning new slabs

Status:	NEW

Alias:	None

Product:	Memory Management
Classification:	Unclassified
Component:	Sanitizers (show other bugs)
Hardware:	All Linux

Importance:	P3 normal
Assignee:	MM/Sanitizers virtual assignee

URL:
Keywords:

Depends on:
Blocks:

Reported:	2023-12-25 23:51 UTC by Andrey Konovalov
Modified:	2023-12-25 23:51 UTC (History)
CC List:	1 user (show)

See Also:
Kernel Version:
Subsystem:
Regression:	No
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Andrey Konovalov 2023-12-25 23:51:01 UTC

Currently, all KASAN modes poison newly allocated slabs via kasan_poison_slab. While doing this makes sense for the Generic mode to poison the redzones within the slab, the tag-based modes have no redzones.

We should skip poisoning of new slabs for the tag-based modes. The objects get unpoisoned/poisoned on alloc/free anyway.

For this, we need to:

1. Stop poisoning slab memory via kasan_poison in kasan_poison_slab;

2. Skip unpoisoning of the page allocation for the slab via the __GFP_SKIP_KASAN flag. The flag is only functional for the Hardware Tag-Based mode right now, but we can extend it to the Software one too.

Once both are implemented, we can drop page_kasan_tag_reset from kasan_poison_slab, and we can thus make kasan_poison_slab no-op for the tag-based modes.

Note You need to log in before you can comment on or make changes to this bug.