Commit f289041e authored by Vlastimil Babka's avatar Vlastimil Babka Committed by Linus Torvalds
Browse files

mm, page_poison: remove CONFIG_PAGE_POISONING_ZERO 

CONFIG_PAGE_POISONING_ZERO uses the zero pattern instead of 0xAA.  It was
introduced by commit 1414c7f4 ("mm/page_poisoning.c: allow for zero
poisoning"), noting that using zeroes retains the benefit of sanitizing
content of freed pages, with the benefit of not having to zero them again
on alloc, and the downside of making some forms of corruption (stray
writes of NULLs) harder to detect than with the 0xAA pattern.  Together
with CONFIG_PAGE_POISONING_NO_SANITY it made possible to sanitize the
contents on free without checking it back on alloc.

These days we have the init_on_free() option to achieve sanitization with
zeroes and to save clearing on alloc (and without checking on alloc).
Arguably if someone does choose to check the poison for corruption on
alloc, the savings of not clearing the page are secondary, and it makes
sense to always use the 0xAA poison pattern.  Thus, remove the
CONFIG_PAGE_POISONING_ZERO option for being redundant.

Link: https://lkml.kernel.org/r/20201113104033.22907-6-vbabka@suse.cz


Signed-off-by: default avatarVlastimil Babka <vbabka@suse.cz>
Acked-by: default avatarDavid Hildenbrand <david@redhat.com>
Cc: Mike Rapoport <rppt@linux.ibm.com>
Cc: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Cc: Alexander Potapenko <glider@google.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Laura Abbott <labbott@kernel.org>
Cc: Mateusz Nosek <mateusznosek0@gmail.com>
Cc: Michal Hocko <mhocko@kernel.org>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 8f424750

include/linux/poison.h

+0 −4
Original line number Diff line number Diff line
@@ -27,11 +27,7 @@ 
#define TIMER_ENTRY_STATIC	((void *) 0x300 + POISON_POINTER_DELTA)



/********** mm/page_poison.c **********/

#ifdef CONFIG_PAGE_POISONING_ZERO

#define PAGE_POISON 0x00

#else

#define PAGE_POISON 0xaa

#endif



/********** mm/page_alloc.c ************/

mm/Kconfig.debug

+0 −12
Original line number Diff line number Diff line
@@ -80,18 +80,6 @@ config PAGE_POISONING 


	  If unsure, say N



config PAGE_POISONING_ZERO

	bool "Use zero for poisoning instead of debugging value"

	depends on PAGE_POISONING

	help

	   Instead of using the existing poison value, fill the pages with

	   zeros. This makes it harder to detect when errors are occurring

	   due to sanitization but the zeroing at free means that it is

	   no longer necessary to write zeros when GFP_ZERO is used on

	   allocation.



	   If unsure, say N



config DEBUG_PAGE_REF

	bool "Enable tracepoint to track down page reference manipulation"

	depends on DEBUG_KERNEL

mm/page_alloc.c

+1 −7
Original line number Diff line number Diff line
@@ -2228,12 +2228,6 @@ static inline int check_new_page(struct page *page) 
	return 1;

}



static inline bool free_pages_prezeroed(void)

{

	return (IS_ENABLED(CONFIG_PAGE_POISONING_ZERO) &&

		page_poisoning_enabled_static()) || want_init_on_free();

}



#ifdef CONFIG_DEBUG_VM

/*

 * With DEBUG_VM enabled, order-0 pages are checked for expected state when
@@ -2296,7 +2290,7 @@ inline void post_alloc_hook(struct page *page, unsigned int order, 
	kernel_unpoison_pages(page, 1 << order);

	set_page_owner(page, order, gfp_flags);



	if (!free_pages_prezeroed() && want_init_on_alloc(gfp_flags))

	if (!want_init_on_free() && want_init_on_alloc(gfp_flags))

		kernel_init_free_pages(page, 1 << order);

}

tools/include/linux/poison.h

+1 −5
Original line number Diff line number Diff line
@@ -35,12 +35,8 @@ 
 */

#define TIMER_ENTRY_STATIC	((void *) 0x300 + POISON_POINTER_DELTA)



/********** mm/debug-pagealloc.c **********/

#ifdef CONFIG_PAGE_POISONING_ZERO

#define PAGE_POISON 0x00

#else

/********** mm/page_poison.c **********/

#define PAGE_POISON 0xaa

#endif



/********** mm/page_alloc.c ************/

CRA Git | Maintained and supported by SUSTech CRA and CCSE