[PATCH v3 3/3] KEYS: Use kvmalloc() to better handle large buffer allocation

From: Waiman Long
Date: Fri Mar 13 2020 - 11:21:41 EST

Next message: Randy Dunlap: "Re: linux-next: Tree for Mar 13 (sound/soc/codecs/rt5682.o)"
Previous message: Waiman Long: "[PATCH v3 2/3] KEYS: Avoid false positive ENOMEM error on key read"
In reply to: Jarkko Sakkinen: "Re: [PATCH v3 2/3] KEYS: Avoid false positive ENOMEM error on key read"
Next in thread: Eric Biggers: "Re: [PATCH v3 3/3] KEYS: Use kvmalloc() to better handle large buffer allocation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

For large multi-page temporary buffer allocation, the security/keys
subsystem don't need contiguous physical pages. It will work perfectly
fine with virtually mapped pages.

Replace the kmalloc() call by kvmalloc() and provide a __kvzfree()
helper function to clear and free the kvmalloc'ed buffer. This will
reduce the chance of memory allocation failure just because of highly
fragmented pages.

Suggested-by: David Howells <dhowells@xxxxxxxxxx>
Signed-off-by: Waiman Long <longman@xxxxxxxxxx>
---
security/keys/internal.h | 14 ++++++++++++++
security/keys/keyctl.c | 10 +++++-----
2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/security/keys/internal.h b/security/keys/internal.h
index ba3e2da14cef..855b11eb73ee 100644
--- a/security/keys/internal.h
+++ b/security/keys/internal.h
@@ -16,6 +16,8 @@
#include <linux/keyctl.h>
#include <linux/refcount.h>
#include <linux/compat.h>
+#include <linux/mm.h>
+#include <linux/vmalloc.h>

struct iovec;

@@ -349,4 +351,16 @@ static inline void key_check(const struct key *key)

#endif

+/*
+ * Helper function to clear and free a kvmalloc'ed memory object.
+ */
+static inline void __kvzfree(const void *addr, size_t len)
+{
+ if (is_vmalloc_addr(addr)) {
+ memset((void *)addr, 0, len);
+ vfree(addr);
+ } else {
+ kzfree(addr);
+ }
+}
#endif /* _INTERNAL_H */
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index a05a4dd2f9ce..878259cf35d5 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -339,7 +339,7 @@ long keyctl_update_key(key_serial_t id,
payload = NULL;
if (plen) {
ret = -ENOMEM;
- payload = kmalloc(plen, GFP_KERNEL);
+ payload = kvmalloc(plen, GFP_KERNEL);
if (!payload)
goto error;

@@ -360,7 +360,7 @@ long keyctl_update_key(key_serial_t id,

key_ref_put(key_ref);
error2:
- kzfree(payload);
+ __kvzfree(payload, plen);
error:
return ret;
}
@@ -893,7 +893,7 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen)
*/
if (buflen <= 0x400) {
allocbuf:
- tmpbuf = kmalloc(tmpbuflen, GFP_KERNEL);
+ tmpbuf = kvmalloc(tmpbuflen, GFP_KERNEL);
if (!tmpbuf) {
ret = -ENOMEM;
goto error2;
@@ -911,7 +911,7 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen)
*/
if (!tmpbuf || unlikely(ret > tmpbuflen)) {
if (unlikely(tmpbuf))
- kzfree(tmpbuf);
+ __kvzfree(tmpbuf, tmpbuflen);
tmpbuflen = ret;
goto allocbuf;
}
@@ -920,7 +920,7 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen)
ret = -EFAULT;
}
if (tmpbuf)
- kzfree(tmpbuf);
+ __kvzfree(tmpbuf, tmpbuflen);
}

error2:
--
2.18.1

Next message: Randy Dunlap: "Re: linux-next: Tree for Mar 13 (sound/soc/codecs/rt5682.o)"
Previous message: Waiman Long: "[PATCH v3 2/3] KEYS: Avoid false positive ENOMEM error on key read"
In reply to: Jarkko Sakkinen: "Re: [PATCH v3 2/3] KEYS: Avoid false positive ENOMEM error on key read"
Next in thread: Eric Biggers: "Re: [PATCH v3 3/3] KEYS: Use kvmalloc() to better handle large buffer allocation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]