Skip to content
Permalink
Browse files
mm: Check for SLAB_TYPESAFE_BY_RCU and __GFP_ZERO slab creation
Code using a SLAB_TYPESAFE_BY_RCU kmem_cache can have readers accessing
blocks of memory passed to kmem_cache_free(), and those readers might
still be accessing those blocks after kmem_cache_alloc() reallocates
those blocks.  These readers are not going to take kindly to that memory
being zeroed along the way.  Therefore, add a WARN_ON_ONCE() complaining
about both SLAB_TYPESAFE_BY_RCU and __GFP_ZERO being passed to the same
kmem_cache_create_usercopy() invocation.

Cc: Christoph Lameter <cl@linux.com>
Cc: Pekka Enberg <penberg@kernel.org>
Cc: David Rientjes <rientjes@google.com>
Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: <linux-mm@kvack.org>
Signed-off-by: Paul E. McKenney <paulmck@kernel.org>

Signed-off-by: Paul E. McKenney <paulmck@kernel.org>
  • Loading branch information
paulmckrcu committed Feb 6, 2022
1 parent b969d0f commit e6e0d15aa1c5117dda15eb266e8b862627af7608
Showing 1 changed file with 6 additions and 0 deletions.
@@ -332,6 +332,12 @@ kmem_cache_create_usercopy(const char *name,
goto out_unlock;
}

/* References to typesafe memory survives free/alloc. */
if ((flags & (SLAB_TYPESAFE_BY_RCU | __GFP_ZERO)) == (SLAB_TYPESAFE_BY_RCU | __GFP_ZERO)) {
err = -EINVAL;
goto out_unlock;
}

/*
* Some allocators will constraint the set of valid flags to a subset
* of all flags. We expect them to define CACHE_CREATE_MASK in this

0 comments on commit e6e0d15

Please sign in to comment.