BACKPORT: FROMGIT: kasan: disable freed user page poisoning with HW tags
Poisoning freed pages protects against kernel use-after-free. The likelihood of such a bug involving kernel pages is significantly higher than that for user pages. At the same time, poisoning freed pages can impose a significant performance cost, which cannot always be justified for user pages given the lower probability of finding a bug. Therefore, disable freed user page poisoning when using HW tags. We identify "user" pages via the flag set GFP_HIGHUSER_MOVABLE, which indicates a strong likelihood of not being directly accessible to the kernel. Signed-off-by:Peter Collingbourne <pcc@google.com> Reviewed-by:
Andrey Konovalov <andreyknvl@gmail.com> Link: https://linux-review.googlesource.com/id/I716846e2de8ef179f44e835770df7e6307be96c9 Link: https://lore.kernel.org/r/20210602235230.3928842-5-pcc@google.com Signed-off-by:
Will Deacon <will@kernel.org> (cherry picked from commit c275c5c6 https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-next/mte) [pcc: adjust definition of new GFP flag for compatibility with GFP_CMA] Change-Id: I716846e2de8ef179f44e835770df7e6307be96c9 Bug: 186816853
Loading
Please sign in to comment