tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

mm/kfence: fix KASAN hardware tag faults during late enablement

When KASAN hardware tags are enabled, re-enabling KFENCE late (via
/sys/module/kfence/parameters/sample_interval) causes KASAN faults.

This happens because the KFENCE pool and metadata are allocated via the
page allocator, which tags the memory, while KFENCE continues to access it
using untagged pointers during initialization.

Use __GFP_SKIP_KASAN for late KFENCE pool and metadata allocations to
ensure the memory remains untagged, consistent with early allocations from
memblock. To support this, add __GFP_SKIP_KASAN to the allowlist in
__alloc_contig_verify_gfp_mask().

Link: https://lkml.kernel.org/r/20260220144940.2779209-1-glider@google.com
Fixes: 0ce20dd84089 ("mm: add Kernel Electric-Fence infrastructure")
Signed-off-by: Alexander Potapenko <glider@google.com>
Suggested-by: Ernesto Martinez Garcia <ernesto.martinezgarcia@tugraz.at>
Cc: Andrey Konovalov <andreyknvl@gmail.com>
Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Greg KH <gregkh@linuxfoundation.org>
Cc: Kees Cook <kees@kernel.org>
Cc: Marco Elver <elver@google.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

authored by

Alexander Potapenko and committed by
Andrew Morton d155aab9 c80f46ac

+10 -7
+8 -6
mm/kfence/core.c
··· 1004 1004 #ifdef CONFIG_CONTIG_ALLOC 1005 1005 struct page *pages; 1006 1006 1007 - pages = alloc_contig_pages(nr_pages_pool, GFP_KERNEL, first_online_node, 1008 - NULL); 1007 + pages = alloc_contig_pages(nr_pages_pool, GFP_KERNEL | __GFP_SKIP_KASAN, 1008 + first_online_node, NULL); 1009 1009 if (!pages) 1010 1010 return -ENOMEM; 1011 1011 1012 1012 __kfence_pool = page_to_virt(pages); 1013 - pages = alloc_contig_pages(nr_pages_meta, GFP_KERNEL, first_online_node, 1014 - NULL); 1013 + pages = alloc_contig_pages(nr_pages_meta, GFP_KERNEL | __GFP_SKIP_KASAN, 1014 + first_online_node, NULL); 1015 1015 if (pages) 1016 1016 kfence_metadata_init = page_to_virt(pages); 1017 1017 #else ··· 1021 1021 return -EINVAL; 1022 1022 } 1023 1023 1024 - __kfence_pool = alloc_pages_exact(KFENCE_POOL_SIZE, GFP_KERNEL); 1024 + __kfence_pool = alloc_pages_exact(KFENCE_POOL_SIZE, 1025 + GFP_KERNEL | __GFP_SKIP_KASAN); 1025 1026 if (!__kfence_pool) 1026 1027 return -ENOMEM; 1027 1028 1028 - kfence_metadata_init = alloc_pages_exact(KFENCE_METADATA_SIZE, GFP_KERNEL); 1029 + kfence_metadata_init = alloc_pages_exact(KFENCE_METADATA_SIZE, 1030 + GFP_KERNEL | __GFP_SKIP_KASAN); 1029 1031 #endif 1030 1032 1031 1033 if (!kfence_metadata_init)
+2 -1
mm/page_alloc.c
··· 6928 6928 { 6929 6929 const gfp_t reclaim_mask = __GFP_IO | __GFP_FS | __GFP_RECLAIM; 6930 6930 const gfp_t action_mask = __GFP_COMP | __GFP_RETRY_MAYFAIL | __GFP_NOWARN | 6931 - __GFP_ZERO | __GFP_ZEROTAGS | __GFP_SKIP_ZERO; 6931 + __GFP_ZERO | __GFP_ZEROTAGS | __GFP_SKIP_ZERO | 6932 + __GFP_SKIP_KASAN; 6932 6933 const gfp_t cc_action_mask = __GFP_RETRY_MAYFAIL | __GFP_NOWARN; 6933 6934 6934 6935 /*