mm: Check for SLAB_TYPESAFE_BY_RCU and __GFP_ZERO slab creation

Code using a SLAB_TYPESAFE_BY_RCU kmem_cache can have readers accessing
blocks of memory passed to kmem_cache_free(), and those readers might
still be accessing those blocks after kmem_cache_alloc() reallocates
those blocks.  These readers are not going to take kindly to that memory
being zeroed along the way.  Therefore, add a WARN_ON_ONCE() complaining
about both SLAB_TYPESAFE_BY_RCU and __GFP_ZERO being passed to the same
kmem_cache_create_usercopy() invocation.

Cc: Christoph Lameter <cl@linux.com>
Cc: Pekka Enberg <penberg@kernel.org>
Cc: David Rientjes <rientjes@google.com>
Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: <linux-mm@kvack.org>
Signed-off-by: Paul E. McKenney <paulmck@kernel.org>

Signed-off-by: Paul E. McKenney <paulmck@kernel.org>

mm/slab_common.c

@@ -332,6 +332,12 @@ kmem_cache_create_usercopy(const char *name,
 		goto out_unlock;
 	}
 
+	/* References to typesafe memory survives free/alloc. */
+	if ((flags & (SLAB_TYPESAFE_BY_RCU | __GFP_ZERO)) == (SLAB_TYPESAFE_BY_RCU | __GFP_ZERO)) {
+		err = -EINVAL;
+		goto out_unlock;
+	}
+
 	/*
 	 * Some allocators will constraint the set of valid flags to a subset
 	 * of all flags. We expect them to define CACHE_CREATE_MASK in this