]> git.baikalelectronics.ru Git - kernel.git/commitdiff
mm: kfence: fix objcgs vector allocation
authorMuchun Song <songmuchun@bytedance.com>
Fri, 1 Apr 2022 18:28:36 +0000 (11:28 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Fri, 1 Apr 2022 18:46:09 +0000 (11:46 -0700)
If the kfence object is allocated to be used for objects vector, then
this slot of the pool eventually being occupied permanently since the
vector is never freed.  The solutions could be (1) freeing vector when
the kfence object is freed or (2) allocating all vectors statically.

Since the memory consumption of object vectors is low, it is better to
chose (2) to fix the issue and it is also can reduce overhead of vectors
allocating in the future.

Link: https://lkml.kernel.org/r/20220328132843.16624-1-songmuchun@bytedance.com
Fixes: 97b051559488 ("mm, kfence: insert KFENCE hooks for SLAB")
Signed-off-by: Muchun Song <songmuchun@bytedance.com>
Reviewed-by: Marco Elver <elver@google.com>
Reviewed-by: Roman Gushchin <roman.gushchin@linux.dev>
Cc: Alexander Potapenko <glider@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Xiongchun Duan <duanxiongchun@bytedance.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
mm/kfence/core.c
mm/kfence/kfence.h

index 2f9fdfde19416a1c271b3c45c7f1405807e84f77..a203747ad2c06e3de83e2b12f695cae7625d1724 100644 (file)
@@ -566,6 +566,8 @@ static unsigned long kfence_init_pool(void)
         * enters __slab_free() slow-path.
         */
        for (i = 0; i < KFENCE_POOL_SIZE / PAGE_SIZE; i++) {
+               struct slab *slab = page_slab(&pages[i]);
+
                if (!i || (i % 2))
                        continue;
 
@@ -573,7 +575,11 @@ static unsigned long kfence_init_pool(void)
                if (WARN_ON(compound_head(&pages[i]) != &pages[i]))
                        return addr;
 
-               __SetPageSlab(&pages[i]);
+               __folio_set_slab(slab_folio(slab));
+#ifdef CONFIG_MEMCG
+               slab->memcg_data = (unsigned long)&kfence_metadata[i / 2 - 1].objcg |
+                                  MEMCG_DATA_OBJCGS;
+#endif
        }
 
        /*
@@ -1033,6 +1039,9 @@ void __kfence_free(void *addr)
 {
        struct kfence_metadata *meta = addr_to_metadata((unsigned long)addr);
 
+#ifdef CONFIG_MEMCG
+       KFENCE_WARN_ON(meta->objcg);
+#endif
        /*
         * If the objects of the cache are SLAB_TYPESAFE_BY_RCU, defer freeing
         * the object, as the object page may be recycled for other-typed
index 2a2d5de9d3791624f780193074983e7edd6eb482..9a6c4b1b12a88dfe8362c4d3031997dc76e4aeff 100644 (file)
@@ -89,6 +89,9 @@ struct kfence_metadata {
        struct kfence_track free_track;
        /* For updating alloc_covered on frees. */
        u32 alloc_stack_hash;
+#ifdef CONFIG_MEMCG
+       struct obj_cgroup *objcg;
+#endif
 };
 
 extern struct kfence_metadata kfence_metadata[CONFIG_KFENCE_NUM_OBJECTS];