[PATCH 1/3] mm: security: introduce the init_allocations=1 boot option
Dave Hansen
dave.hansen at intel.com
Tue Apr 23 20:36:28 UTC 2019
On 4/18/19 8:42 AM, Alexander Potapenko wrote:
> +static void poison_dont(struct kmem_cache *c, void *object)
> +{
> + /* Do nothing. Use for caches with constructors. */
> +}
> +
> static struct kmem_cache *create_cache(const char *name,
> unsigned int object_size, unsigned int align,
> slab_flags_t flags, unsigned int useroffset,
> @@ -381,6 +391,10 @@ static struct kmem_cache *create_cache(const char *name,
> s->size = s->object_size = object_size;
> s->align = align;
> s->ctor = ctor;
> + if (ctor)
> + s->poison_fn = poison_dont;
> + else
> + s->poison_fn = poison_zero;
> s->useroffset = useroffset;
> s->usersize = usersize;
>
> @@ -974,6 +988,7 @@ void __init create_boot_cache(struct kmem_cache *s, const char *name,
> s->align = calculate_alignment(flags, ARCH_KMALLOC_MINALIGN, size);
> s->useroffset = useroffset;
> s->usersize = usersize;
> + s->poison_fn = poison_zero;
An empty indirect call is probably a pretty bad idea on systems with
retpoline. Isn't this just a bool anyway for either calling poison_dont
or poison_zero? Can it call anything else?
More information about the Linux-security-module-archive
mailing list