Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp585446rwd; Sun, 14 May 2023 02:45:57 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ70p1DdNsnnLYt106ltLULp9A9Q4vg9iB/z+m5vhIpcehDtLekXuSngInVDYBzRJe9/lJvL X-Received: by 2002:a17:90a:94cc:b0:246:82ac:b6cf with SMTP id j12-20020a17090a94cc00b0024682acb6cfmr29793241pjw.11.1684057557632; Sun, 14 May 2023 02:45:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1684057557; cv=none; d=google.com; s=arc-20160816; b=zY7scBnh885YcYNEy5w65lzwwNex40H47k+AIp5mJrJ85T2lFE69QL1fRt5FQZHOId 5tR4aIUjNhzMtUJZ0ua74w47zvEgWLgK+PbPdmoXZ1tUVv8lHbAGVCEzBDkhzNi/cQTd EB27V1X5wJwQ0OzgfYVhx3E+JL8Gb/9GWmCiqx098rvetSpm4iPOLshE8Rp0O8F0d0iA PgZmxxLk2U6xz4j4Mvh1WAgA1/0EQiz0Q2YjLvm9F80nTtyyb5/WZ4CfPj19jrXwNLEu g2UCFlIecRoE5bwBUgB0YjRPNX8QylvRRzf5RS0JdtOaMpdKmoqjmGBOA1yLtIlsBtLs 5g3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature:dkim-signature; bh=dHSZYYmiO6JSUTlgPd0JkN7TgOMKpr6vyTG9Hwy+Zzo=; b=Vr/B+x288ySoLitco/1Anye7ibsPAjrJWuAs1xbpm15mTRD2QuUGj4rr3K6inz+MY1 CcpFWYDPhoxbYGXQVTGz1a9vsEKayW+7zXIgCJQeznQrlFLlffDMzU3anj2bFV2y6i+I 854zSVOZCphhkgFJMkE8X3FvU48pxuOhU4EQ4K2NkF1/W5IkNuLaIx2Q408DP3r4G8V8 QMl3Ys4KovMiD8yobTNbKL3w22kZ5NFHSk3UsnutP18tbTIZdK7xbO65uIQR5qRjJxcX m20o3UGyRNb8V2m6V6vzdrWSXxkVxRMMjGxTepXdX593yb88/Qr8z+t6WyA9qYAafX5T sCsw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=CTpsMPkb; dkim=neutral (no key) header.i=@suse.cz header.b=SJgsbtU9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k2-20020a17090a590200b002528f40700dsi7768169pji.153.2023.05.14.02.45.42; Sun, 14 May 2023 02:45:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=CTpsMPkb; dkim=neutral (no key) header.i=@suse.cz header.b=SJgsbtU9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230062AbjENJaT (ORCPT + 99 others); Sun, 14 May 2023 05:30:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47606 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229611AbjENJaR (ORCPT ); Sun, 14 May 2023 05:30:17 -0400 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A09011FFE; Sun, 14 May 2023 02:30:15 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 1CCB521FB9; Sun, 14 May 2023 09:30:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1684056613; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=dHSZYYmiO6JSUTlgPd0JkN7TgOMKpr6vyTG9Hwy+Zzo=; b=CTpsMPkbu+KTLlj7qn/aXMfbpi54eshjeH8xcgf1+nadUSMxP28eg4Nfz4wVFba5igv1iR WaRTj7xQSoUUFuLYm/3TWx23mqTbPoO0DetltCTar+yIibuMaNXD6HFJtpvr0Y9dm9mcuF TEXeOdPmW5AU0h3wj/rR0g3ZBwwENzk= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1684056613; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=dHSZYYmiO6JSUTlgPd0JkN7TgOMKpr6vyTG9Hwy+Zzo=; b=SJgsbtU9ve0LLJmy6hXTCPVFmUdu6F9PBYYtaUsOr8qn9AI5+hn5kKcc367zVHMvWUno1I gaQf9G4nN6C2OCBQ== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id B35D8138F5; Sun, 14 May 2023 09:30:12 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id dzHeKiSqYGRbUwAAMHmgww (envelope-from ); Sun, 14 May 2023 09:30:12 +0000 Message-ID: Date: Sun, 14 May 2023 11:30:30 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1 Subject: Re: [PATCH RFC v2] Randomized slab caches for kmalloc() Content-Language: en-US To: Gong Ruiqi , Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, Alexander Lobakin , kasan-dev@googlegroups.com, Wang Weiyang , Xiu Jianfeng , Christoph Lameter , David Rientjes , Roman Gushchin , Joonsoo Kim , Andrew Morton , Pekka Enberg , Kees Cook , Paul Moore , James Morris , "Serge E. Hallyn" , "Gustavo A. R. Silva" References: <20230508075507.1720950-1-gongruiqi1@huawei.com> <5f5a858a-7017-5424-0fa0-db3b79e5d95e@huawei.com> From: Vlastimil Babka In-Reply-To: <5f5a858a-7017-5424-0fa0-db3b79e5d95e@huawei.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-5.3 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 5/12/23 12:11, Gong Ruiqi wrote: > > > On 2023/05/11 2:43, Hyeonggon Yoo wrote: >> On Mon, May 8, 2023 at 12:53 AM GONG, Ruiqi wrote: >>> > > [...] > >>> >>> The overhead of performance has been tested on a 40-core x86 server by >>> comparing the results of `perf bench all` between the kernels with and >>> without this patch based on the latest linux-next kernel, which shows >>> minor difference. A subset of benchmarks are listed below: >>> >> >> Please Cc maintainers/reviewers of corresponding subsystem in MAINTAINERS file. > > Okay, I've appended maintainers/reviewers of linux-hardening and > security subsystem to the Cc list. I think they were CC'd on v1 but didn't respond yet. I thought maybe if I run into Kees at OSS, I will ask him about it, but didn't happen. As a slab maintainer I don't mind adding such things if they don't complicate the code excessively, and have no overhead when configured out. This one would seem to be acceptable at first glance, although maybe the CONFIG space is too wide, and the amount of #defines in slab_common.c is also large (maybe there's a way to make it more concise, maybe not). But I don't have enough insight into hardening to decide if it's a useful mitigation that people would enable, so I'd hope for hardening folks to advise on that. Similar situation with freelist hardening in the past, which was even actively pushed by Kees, IIRC.