From owner-svn-src-all@freebsd.org Tue Dec 3 20:59:32 2019 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A2AC31BD533; Tue, 3 Dec 2019 20:59:32 +0000 (UTC) (envelope-from rlibby@gmail.com) Received: from mail-qk1-f178.google.com (mail-qk1-f178.google.com [209.85.222.178]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 47SDr43s2xz3wxf; Tue, 3 Dec 2019 20:59:32 +0000 (UTC) (envelope-from rlibby@gmail.com) Received: by mail-qk1-f178.google.com with SMTP id a137so4932633qkc.7; Tue, 03 Dec 2019 12:59:32 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=HmHl32LjxnIt+q+UMBbE8v6NFKyjQ9Fg57csHXTHXko=; b=ZGnMEE9Sb+K2S8FW2Q5yFyr7VABZ/Y418B+XHCYJ2G7ys/rMzJpM2owfKjObPbnCNN qAjiLvARaMWqOGRyPwsOOsNnJBlSreH7EC6S9Ob86aip8UEWVaQ9Tf5xAsoJlj7icw7i JlNkFrjt4Zen0TwotWehRFjuz9ip7m5G005pXxrSdnFU7lUM02CMVvG0vfJytcTD4sD8 r3Ovtw1F8bEWjhqbMBgaz3IQjX5iKEiBwZ5BXPqgM4p9gJyzSsCmluvkaB0VRZXEHjsB Zw79HummsDBlz4Uj67q2KAbIInV9b7IeVtiSwd2si6EOGJwtsnFDV2RhnZyWXF+AA+88 cGtg== X-Gm-Message-State: APjAAAX0xybsqQ0C8QWo7DSpe3NP4OlD9D8eSptyuBNhKnkueXSh6/n9 nteVHVjRgPUSI3uH1nX3eQKGxkimIDQ= X-Google-Smtp-Source: APXvYqwx61+C+7Eukn07MpTzIAU/IAY25c23Tk6wVy6rNJLVpcKyrb/bBJ+9wFm4uF1YV5bLQ/B+5Q== X-Received: by 2002:a37:4288:: with SMTP id p130mr7194191qka.116.1575406770298; Tue, 03 Dec 2019 12:59:30 -0800 (PST) Received: from mail-qv1-f54.google.com (mail-qv1-f54.google.com. [209.85.219.54]) by smtp.gmail.com with ESMTPSA id i41sm2559627qti.42.2019.12.03.12.59.29 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 03 Dec 2019 12:59:30 -0800 (PST) Received: by mail-qv1-f54.google.com with SMTP id n8so2146704qvg.11; Tue, 03 Dec 2019 12:59:29 -0800 (PST) X-Received: by 2002:a05:6214:3f3:: with SMTP id cf19mr7302450qvb.241.1575406769669; Tue, 03 Dec 2019 12:59:29 -0800 (PST) MIME-Version: 1.0 References: <201911271949.xARJnuFl084178@repo.freebsd.org> <20191203204313.GB2706@FreeBSD.org> In-Reply-To: <20191203204313.GB2706@FreeBSD.org> From: Ryan Libby Date: Tue, 3 Dec 2019 12:59:18 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: svn commit: r355137 - head/sys/vm To: Gleb Smirnoff Cc: src-committers , svn-src-all@freebsd.org, svn-src-head@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 47SDr43s2xz3wxf X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-5.99 / 15.00]; NEURAL_HAM_MEDIUM(-0.99)[-0.995,0]; NEURAL_HAM_LONG(-1.00)[-0.998,0]; REPLY(-4.00)[] X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Dec 2019 20:59:32 -0000 On Tue, Dec 3, 2019 at 12:43 PM Gleb Smirnoff wrote: > > Ryan, > > On Wed, Nov 27, 2019 at 07:49:56PM +0000, Ryan Libby wrote: > R> Author: rlibby > R> Date: Wed Nov 27 19:49:55 2019 > R> New Revision: 355137 > R> URL: https://svnweb.freebsd.org/changeset/base/355137 > R> > R> Log: > R> uma: trash memory when ctor/dtor supplied too > R> > R> On INVARIANTS kernels, UMA has a use-after-free detection mechanism. > R> This mechanism previously required that all of the ctor/dtor/uminit/fini > R> arguments to uma_zcreate() be NULL in order to function. Now, it only > R> requires that uminit and fini be NULL; now, the trash ctor and dtor will > R> be called in addition to any supplied ctor or dtor. > R> > R> Also do a little refactoring for readability of the resulting logic. > R> > R> This enables use-after-free detection for more zones, and will allow for > R> simplification of some callers that worked around the previous > R> restriction (see kern_mbuf.c). > R> > R> Reviewed by: jeff, markj > R> Sponsored by: Dell EMC Isilon > R> Differential Revision: https://reviews.freebsd.org/D20722 > > If I understand the change correct, now items from UMA_ZONE_NOFREE zones > will be trashed, too. That would undermine purpose of UMA_ZONE_NOFREE. > Of course the flag is a hack, but some systems rely on it working. > > -- > Gleb Smirnoff The intent is not to change anything for NOFREE zones (i.e. still don't trash them). I didn't put all the detail in the commit log, but I did reword the block comment in uma_zcreate: > @@ -2302,14 +2307,17 @@ uma_zcreate(const char *name, size_t size, uma_ctor ct > args.fini = fini; > #ifdef INVARIANTS > /* > - * If a zone is being created with an empty constructor and > - * destructor, pass UMA constructor/destructor which checks for > - * memory use after free. > + * Inject procedures which check for memory use after free if we are > + * allowed to scramble the memory while it is not allocated. This > + * requires that: UMA is actually able to access the memory, no init > + * or fini procedures, no dependency on the initial value of the > + * memory, and no (legitimate) use of the memory after free. Note, > + * the ctor and dtor do not need to be empty. > + * > + * XXX UMA_ZONE_OFFPAGE. > */ > if ((!(flags & (UMA_ZONE_ZINIT | UMA_ZONE_NOFREE))) && > - ctor == NULL && dtor == NULL && uminit == NULL && fini == NULL) { > - args.ctor = trash_ctor; > - args.dtor = trash_dtor; > + uminit == NULL && fini == NULL) { > args.uminit = trash_init; > args.fini = trash_fini; > } Ryan