Re: [PATCH v3 3/6] mm: Add build time sanity check for struct page size
From: Kees Cook
Date: Sun Feb 17 2019 - 11:50:34 EST
On Sat, Feb 16, 2019 at 6:02 AM Baoquan He <bhe@xxxxxxxxxx> wrote:
>
> Size of struct page might be larger than 64 bytes if debug options
> enabled, or fields added for debugging intentionally. Yet an upper
> limit need be added at build time to trigger an alert in case the
> size is too big to boot up system, warning people to check if it's
> be done on purpose in advance.
>
> Here 1/4 of PAGE_SIZE is chosen since system must have been insane
> with this value. For those systems with PAGE_SIZE larger than 4KB,
> 1KB is simply taken.
>
> Signed-off-by: Baoquan He <bhe@xxxxxxxxxx>
> ---
> mm/page_alloc.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/mm/page_alloc.c b/mm/page_alloc.c
> index 35fdde041f5c..eb6c8e22333b 100644
> --- a/mm/page_alloc.c
> +++ b/mm/page_alloc.c
> @@ -67,6 +67,7 @@
> #include <linux/lockdep.h>
> #include <linux/nmi.h>
> #include <linux/psi.h>
> +#include <linux/sizes.h>
>
> #include <asm/sections.h>
> #include <asm/tlbflush.h>
> @@ -7084,6 +7085,7 @@ void __init free_area_init_nodes(unsigned long *max_zone_pfn)
> unsigned long start_pfn, end_pfn;
> int i, nid;
>
> + BUILD_BUG_ON(sizeof(struct page) > min_t(size_t, SZ_1K, PAGE_SIZE));
Are there systems with PAGE_SIZE < 1K? Maybe this should just be a
direct SZ_1K check?
(Also, perhaps this should use the new static_assert where struct page
is defined?)
-Kees
> /* Record where the zone boundaries are */
> memset(arch_zone_lowest_possible_pfn, 0,
> sizeof(arch_zone_lowest_possible_pfn));
> --
> 2.17.2
>
--
Kees Cook