Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp4936687rwb;
        Mon, 21 Nov 2022 14:08:18 -0800 (PST)
X-Google-Smtp-Source: AA0mqf5XJclOn7lgElscB8Xs/hk61PerXEGdwwUFERK8W+b7pWZL5Yg8zZagsTW/tohHBaDNCBiF
X-Received: by 2002:a05:6402:1f0a:b0:459:b29:d896 with SMTP id b10-20020a0564021f0a00b004590b29d896mr17935441edb.9.1669068498436;
        Mon, 21 Nov 2022 14:08:18 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1669068498; cv=none;
        d=google.com; s=arc-20160816;
        b=cq6cwtpM31KtTyig8xUlNtC3B36Q+H/q1mY5Xgijle2QHmmpu5xnXvtHY42zioIbV8
         1zZSTjATlQzkL9OaUW5f28aoMTenySfAIDf6C4C6wnrTOKRxWLrJUi5sn9Lh9St6XxPr
         Pd7R53NkOgxRpDHDw5LM+Dgk3+tlzHXgTcmv6ROVxkCNngWVmSzdT8a/tMhr4ViXf7sC
         K+m56p4upggpPMLOHwswI7lVHmyLaG6W3qzz7Fdqf+hqIzpylYAm/9ySd3O062QTg3Hx
         jv4V9xU2BWtQBmgZ0YTao1iMdtMPKkIAAM9R7Lip1MzEDDwqakJLlme2Wwpms8bHsQJk
         sIEw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :message-id:references:in-reply-to:user-agent:subject:cc:to:from
         :date:dkim-signature;
        bh=BCh3SblZJegFw1Q6nM7ONkeIQrQ7qXoov5X4CDhg5eQ=;
        b=YQMEluWV1lANC76glGwhIfx1x2YddqEou9LWo2Rmy0QsgJMNEIi+y4/GVTBdS10o6k
         cmofoGXYWR7cT+jSj+JoJUA22cIo+L/1c6upxnStbEov/YNmW8RxYIT07jIeiFDeq4OU
         Oz5APoL2F/Mi0Totx+CMGLa002SVw14ttiWX6ukPndBNk7ZpQbGWeGbyWPynN8XwXLSA
         BCx27CAXWacsuLt3nliVFWr70wFDy2bEnb5Qo4oOCw6djLDs2LZMrJ7biLzMKyvasha4
         uM1S78684RWrgua3+3Q9glOgDNPuy4qCXbbrPzW7gDZyM8B1mrKiVQx1ItyA2GDhYfQM
         6UqA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=qoxS8FrV;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id dc20-20020a170906c7d400b00741a0c28f07si9121170ejb.943.2022.11.21.14.07.54;
        Mon, 21 Nov 2022 14:08:18 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=qoxS8FrV;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231771AbiKUVgC (ORCPT <rfc822;41i3n8@gmail.com> + 92 others);
        Mon, 21 Nov 2022 16:36:02 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56332 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231654AbiKUVfs (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 21 Nov 2022 16:35:48 -0500
Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0A341C8464
        for <linux-kernel@vger.kernel.org>; Mon, 21 Nov 2022 13:35:39 -0800 (PST)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ams.source.kernel.org (Postfix) with ESMTPS id A863AB81668
        for <linux-kernel@vger.kernel.org>; Mon, 21 Nov 2022 21:35:38 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3FB4DC433D6;
        Mon, 21 Nov 2022 21:35:37 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1669066537;
        bh=ME3JoFynEewzrOSy9c/B1ctbwfUDRGobuFBsXDrfdw8=;
        h=Date:From:To:CC:Subject:In-Reply-To:References:From;
        b=qoxS8FrV44z8YCfl3O/WSwGWeEfMrhZaleDfeKlLyy/FburDP3i2I/LH7Wf7Gzyv5
         f94asK7C6zzNQVssQefVHv274RkO1LR0qMFPlxvep6gbuBy5YUlQLOdHWermXvcmsa
         oLRDGu7JRKVZ3rglw6KkylEpLbjHNCuLEn1Jnvju95PohaVMggaw/qTcfH3RDk83aF
         oZppzQSx8/NUdzmWh/2CyQLePYR8D2eM6IeUrTlwaknOgX+n6v229zr8X+6K42MDjV
         JCVPOpIKDtS42aqMl+9o0ncZ3tV9zE++7CJEyYgB2zGvmYJn0pdeJcPWnvEgpYVlPw
         gborMbJ9tZYnw==
Date:   Mon, 21 Nov 2022 13:35:30 -0800
From:   Kees Cook <kees@kernel.org>
To:     Vlastimil Babka <vbabka@suse.cz>, Christoph Lameter <cl@linux.com>,
        David Rientjes <rientjes@google.com>,
        Joonsoo Kim <iamjoonsoo.kim@lge.com>,
        Pekka Enberg <penberg@kernel.org>
CC:     Hyeonggon Yoo <42.hyeyoo@gmail.com>,
        Roman Gushchin <roman.gushchin@linux.dev>,
        Andrew Morton <akpm@linux-foundation.org>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Matthew Wilcox <willy@infradead.org>, patches@lists.linux.dev,
        linux-mm@kvack.org, linux-kernel@vger.kernel.org,
        Kees Cook <keescook@chromium.org>
Subject: =?US-ASCII?Q?Re=3A_=5BPATCH_01/12=5D_mm=2C_slab=3A_ignore_har?= =?US-ASCII?Q?dened_usercopy_parameters_when_disabled?=
User-Agent: K-9 Mail for Android
In-Reply-To: <20221121171202.22080-2-vbabka@suse.cz>
References: <20221121171202.22080-1-vbabka@suse.cz> <20221121171202.22080-2-vbabka@suse.cz>
Message-ID: <206E0154-63A6-45CF-8E19-BD01B35AEF0B@kernel.org>
MIME-Version: 1.0
Content-Type: text/plain;
 charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On November 21, 2022 9:11:51 AM PST, Vlastimil Babka <vbabka@suse=2Ecz> wro=
te:
>With CONFIG_HARDENED_USERCOPY not enabled, there are no
>__check_heap_object() checks happening that would use the kmem_cache
>useroffset and usersize fields=2E Yet the fields are still initialized,
>preventing merging of otherwise compatible caches=2E Thus ignore the
>values passed to cache creation and leave them zero when
>CONFIG_HARDENED_USERCOPY is disabled=2E
>
>In a quick virtme boot test, this has reduced the number of caches in
>/proc/slabinfo from 131 to 111=2E
>
>Cc: Kees Cook <keescook@chromium=2Eorg>
>Signed-off-by: Vlastimil Babka <vbabka@suse=2Ecz>
>---
> mm/slab_common=2Ec | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
>diff --git a/mm/slab_common=2Ec b/mm/slab_common=2Ec
>index 0042fb2730d1=2E=2Ea8cb5de255fc 100644
>--- a/mm/slab_common=2Ec
>+++ b/mm/slab_common=2Ec
>@@ -317,7 +317,8 @@ kmem_cache_create_usercopy(const char *name,
> 	flags &=3D CACHE_CREATE_MASK;
>=20
> 	/* Fail closed on bad usersize of useroffset values=2E */
>-	if (WARN_ON(!usersize && useroffset) ||
>+	if (!IS_ENABLED(CONFIG_HARDENED_USERCOPY) ||
>+	    WARN_ON(!usersize && useroffset) ||
> 	    WARN_ON(size < usersize || size - usersize < useroffset))
> 		usersize =3D useroffset =3D 0;
>=20
>@@ -640,6 +641,9 @@ void __init create_boot_cache(struct kmem_cache *s, c=
onst char *name,
> 		align =3D max(align, size);
> 	s->align =3D calculate_alignment(flags, align, size);
>=20
>+	if (!IS_ENABLED(CONFIG_HARDENED_USERCOPY))
>+		useroffset =3D usersize =3D 0;
>+
> 	s->useroffset =3D useroffset;
> 	s->usersize =3D usersize;
>=20

"Always non-mergeable" is intentional here, but I do see the argument for =
not doing it under hardened-usercopy=2E

That said, if you keep this part, maybe go the full step and ifdef away us=
eroffset/usersize's struct member definition and other logic, especially fo=
r SLUB_TINY benefits, so 2 ulongs are dropped from the cache struct?

-Kees


--=20
Kees Cook