Commit 628d06a4 authored by Sami Tolvanen's avatar Sami Tolvanen Committed by Will Deacon

scs: Add page accounting for shadow call stack allocations

This change adds accounting for the memory allocated for shadow stacks.
Signed-off-by: default avatarSami Tolvanen <samitolvanen@google.com>
Reviewed-by: default avatarKees Cook <keescook@chromium.org>
Acked-by: default avatarWill Deacon <will@kernel.org>
Signed-off-by: default avatarWill Deacon <will@kernel.org>
parent d08b9f0c
...@@ -415,6 +415,9 @@ static ssize_t node_read_meminfo(struct device *dev, ...@@ -415,6 +415,9 @@ static ssize_t node_read_meminfo(struct device *dev,
"Node %d AnonPages: %8lu kB\n" "Node %d AnonPages: %8lu kB\n"
"Node %d Shmem: %8lu kB\n" "Node %d Shmem: %8lu kB\n"
"Node %d KernelStack: %8lu kB\n" "Node %d KernelStack: %8lu kB\n"
#ifdef CONFIG_SHADOW_CALL_STACK
"Node %d ShadowCallStack:%8lu kB\n"
#endif
"Node %d PageTables: %8lu kB\n" "Node %d PageTables: %8lu kB\n"
"Node %d NFS_Unstable: %8lu kB\n" "Node %d NFS_Unstable: %8lu kB\n"
"Node %d Bounce: %8lu kB\n" "Node %d Bounce: %8lu kB\n"
...@@ -438,6 +441,9 @@ static ssize_t node_read_meminfo(struct device *dev, ...@@ -438,6 +441,9 @@ static ssize_t node_read_meminfo(struct device *dev,
nid, K(node_page_state(pgdat, NR_ANON_MAPPED)), nid, K(node_page_state(pgdat, NR_ANON_MAPPED)),
nid, K(i.sharedram), nid, K(i.sharedram),
nid, sum_zone_node_page_state(nid, NR_KERNEL_STACK_KB), nid, sum_zone_node_page_state(nid, NR_KERNEL_STACK_KB),
#ifdef CONFIG_SHADOW_CALL_STACK
nid, sum_zone_node_page_state(nid, NR_KERNEL_SCS_KB),
#endif
nid, K(sum_zone_node_page_state(nid, NR_PAGETABLE)), nid, K(sum_zone_node_page_state(nid, NR_PAGETABLE)),
nid, K(node_page_state(pgdat, NR_UNSTABLE_NFS)), nid, K(node_page_state(pgdat, NR_UNSTABLE_NFS)),
nid, K(sum_zone_node_page_state(nid, NR_BOUNCE)), nid, K(sum_zone_node_page_state(nid, NR_BOUNCE)),
......
...@@ -103,6 +103,10 @@ static int meminfo_proc_show(struct seq_file *m, void *v) ...@@ -103,6 +103,10 @@ static int meminfo_proc_show(struct seq_file *m, void *v)
show_val_kb(m, "SUnreclaim: ", sunreclaim); show_val_kb(m, "SUnreclaim: ", sunreclaim);
seq_printf(m, "KernelStack: %8lu kB\n", seq_printf(m, "KernelStack: %8lu kB\n",
global_zone_page_state(NR_KERNEL_STACK_KB)); global_zone_page_state(NR_KERNEL_STACK_KB));
#ifdef CONFIG_SHADOW_CALL_STACK
seq_printf(m, "ShadowCallStack:%8lu kB\n",
global_zone_page_state(NR_KERNEL_SCS_KB));
#endif
show_val_kb(m, "PageTables: ", show_val_kb(m, "PageTables: ",
global_zone_page_state(NR_PAGETABLE)); global_zone_page_state(NR_PAGETABLE));
......
...@@ -156,6 +156,9 @@ enum zone_stat_item { ...@@ -156,6 +156,9 @@ enum zone_stat_item {
NR_MLOCK, /* mlock()ed pages found and moved off LRU */ NR_MLOCK, /* mlock()ed pages found and moved off LRU */
NR_PAGETABLE, /* used for pagetables */ NR_PAGETABLE, /* used for pagetables */
NR_KERNEL_STACK_KB, /* measured in KiB */ NR_KERNEL_STACK_KB, /* measured in KiB */
#if IS_ENABLED(CONFIG_SHADOW_CALL_STACK)
NR_KERNEL_SCS_KB, /* measured in KiB */
#endif
/* Second 128 byte cacheline */ /* Second 128 byte cacheline */
NR_BOUNCE, NR_BOUNCE,
#if IS_ENABLED(CONFIG_ZSMALLOC) #if IS_ENABLED(CONFIG_ZSMALLOC)
......
...@@ -6,8 +6,10 @@ ...@@ -6,8 +6,10 @@
*/ */
#include <linux/kasan.h> #include <linux/kasan.h>
#include <linux/mm.h>
#include <linux/scs.h> #include <linux/scs.h>
#include <linux/slab.h> #include <linux/slab.h>
#include <linux/vmstat.h>
#include <asm/scs.h> #include <asm/scs.h>
static struct kmem_cache *scs_cache; static struct kmem_cache *scs_cache;
...@@ -40,6 +42,17 @@ void __init scs_init(void) ...@@ -40,6 +42,17 @@ void __init scs_init(void)
scs_cache = kmem_cache_create("scs_cache", SCS_SIZE, 0, 0, NULL); scs_cache = kmem_cache_create("scs_cache", SCS_SIZE, 0, 0, NULL);
} }
static struct page *__scs_page(struct task_struct *tsk)
{
return virt_to_page(task_scs(tsk));
}
static void scs_account(struct task_struct *tsk, int account)
{
mod_zone_page_state(page_zone(__scs_page(tsk)), NR_KERNEL_SCS_KB,
account * (SCS_SIZE / 1024));
}
int scs_prepare(struct task_struct *tsk, int node) int scs_prepare(struct task_struct *tsk, int node)
{ {
void *s = scs_alloc(node); void *s = scs_alloc(node);
...@@ -49,6 +62,7 @@ int scs_prepare(struct task_struct *tsk, int node) ...@@ -49,6 +62,7 @@ int scs_prepare(struct task_struct *tsk, int node)
task_scs(tsk) = s; task_scs(tsk) = s;
task_scs_offset(tsk) = 0; task_scs_offset(tsk) = 0;
scs_account(tsk, 1);
return 0; return 0;
} }
...@@ -61,5 +75,6 @@ void scs_release(struct task_struct *tsk) ...@@ -61,5 +75,6 @@ void scs_release(struct task_struct *tsk)
return; return;
WARN(scs_corrupted(tsk), "corrupted shadow stack detected when freeing task\n"); WARN(scs_corrupted(tsk), "corrupted shadow stack detected when freeing task\n");
scs_account(tsk, -1);
scs_free(s); scs_free(s);
} }
...@@ -5411,6 +5411,9 @@ void show_free_areas(unsigned int filter, nodemask_t *nodemask) ...@@ -5411,6 +5411,9 @@ void show_free_areas(unsigned int filter, nodemask_t *nodemask)
" managed:%lukB" " managed:%lukB"
" mlocked:%lukB" " mlocked:%lukB"
" kernel_stack:%lukB" " kernel_stack:%lukB"
#ifdef CONFIG_SHADOW_CALL_STACK
" shadow_call_stack:%lukB"
#endif
" pagetables:%lukB" " pagetables:%lukB"
" bounce:%lukB" " bounce:%lukB"
" free_pcp:%lukB" " free_pcp:%lukB"
...@@ -5433,6 +5436,9 @@ void show_free_areas(unsigned int filter, nodemask_t *nodemask) ...@@ -5433,6 +5436,9 @@ void show_free_areas(unsigned int filter, nodemask_t *nodemask)
K(zone_managed_pages(zone)), K(zone_managed_pages(zone)),
K(zone_page_state(zone, NR_MLOCK)), K(zone_page_state(zone, NR_MLOCK)),
zone_page_state(zone, NR_KERNEL_STACK_KB), zone_page_state(zone, NR_KERNEL_STACK_KB),
#ifdef CONFIG_SHADOW_CALL_STACK
zone_page_state(zone, NR_KERNEL_SCS_KB),
#endif
K(zone_page_state(zone, NR_PAGETABLE)), K(zone_page_state(zone, NR_PAGETABLE)),
K(zone_page_state(zone, NR_BOUNCE)), K(zone_page_state(zone, NR_BOUNCE)),
K(free_pcp), K(free_pcp),
......
...@@ -1119,6 +1119,9 @@ const char * const vmstat_text[] = { ...@@ -1119,6 +1119,9 @@ const char * const vmstat_text[] = {
"nr_mlock", "nr_mlock",
"nr_page_table_pages", "nr_page_table_pages",
"nr_kernel_stack", "nr_kernel_stack",
#if IS_ENABLED(CONFIG_SHADOW_CALL_STACK)
"nr_shadow_call_stack",
#endif
"nr_bounce", "nr_bounce",
#if IS_ENABLED(CONFIG_ZSMALLOC) #if IS_ENABLED(CONFIG_ZSMALLOC)
"nr_zspages", "nr_zspages",
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment