1. Patchew
  2. linux
  3. [PATCH 0/3] KASAN: HW_TAGS: Disable tagging for stack and page-tables
  4. View patch

[PATCH 1/3] vmalloc: add __GFP_SKIP_KASAN support

Muhammad Usama Anjum posted 3 patches 2 weeks, 3 days ago
There is a newer version of this series
[PATCH 1/3] vmalloc: add __GFP_SKIP_KASAN support
Posted by Muhammad Usama Anjum 2 weeks, 3 days ago 
For allocations that will be accessed only with match-all pointers
(e.g., kernel stacks), setting tags is wasted work. If the caller
already set __GFP_SKIP_KASAN, don’t skip zeroing the pages and
don’t set KASAN_VMALLOC_PROT_NORMAL so kasan_unpoison_vmalloc()
returns early without tagging.

Before this patch, __GFP_SKIP_KASAN wasn't being used with vmalloc
APIs. So it wasn't being checked. Now its being checked and acted
upon. Other KASAN modes are unchanged because __GFP_SKIP_KASAN isn't
defined there.

This is a preparatory patch for optimizing kernel stack allocations.

Signed-off-by: Muhammad Usama Anjum <usama.anjum@arm.com>
---
 mm/vmalloc.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/mm/vmalloc.c b/mm/vmalloc.c
index c607307c657a6..1baa602a0b9bb 100644
--- a/mm/vmalloc.c
+++ b/mm/vmalloc.c
@@ -4041,7 +4041,10 @@ void *__vmalloc_node_range_noprof(unsigned long size, unsigned long align,
 	 * kasan_unpoison_vmalloc().
 	 */
 	if (pgprot_val(prot) == pgprot_val(PAGE_KERNEL)) {
-		if (kasan_hw_tags_enabled()) {
+		bool skip_kasan = kasan_hw_tags_enabled() &&
+				  (gfp_mask & __GFP_SKIP_KASAN);
+
+		if (kasan_hw_tags_enabled() && !skip_kasan) {
 			/*
 			 * Modify protection bits to allow tagging.
 			 * This must be done before mapping.
@@ -4057,7 +4060,8 @@ void *__vmalloc_node_range_noprof(unsigned long size, unsigned long align,
 		}
 
 		/* Take note that the mapping is PAGE_KERNEL. */
-		kasan_flags |= KASAN_VMALLOC_PROT_NORMAL;
+		if (!skip_kasan)
+			kasan_flags |= KASAN_VMALLOC_PROT_NORMAL;
 	}
 
 	/* Allocate physical pages and map them into vmalloc space. */
-- 
2.47.3
Re: [PATCH 1/3] vmalloc: add __GFP_SKIP_KASAN support
Posted by Ryan Roberts 2 weeks, 3 days ago 
On 19/03/2026 11:49, Muhammad Usama Anjum wrote:
> For allocations that will be accessed only with match-all pointers
> (e.g., kernel stacks), setting tags is wasted work. If the caller
> already set __GFP_SKIP_KASAN, don’t skip zeroing the pages and
> don’t set KASAN_VMALLOC_PROT_NORMAL so kasan_unpoison_vmalloc()
> returns early without tagging.
> 
> Before this patch, __GFP_SKIP_KASAN wasn't being used with vmalloc
> APIs. So it wasn't being checked. Now its being checked and acted
> upon. Other KASAN modes are unchanged because __GFP_SKIP_KASAN isn't
> defined there.
> 
> This is a preparatory patch for optimizing kernel stack allocations.
> 
> Signed-off-by: Muhammad Usama Anjum <usama.anjum@arm.com>
> ---
>  mm/vmalloc.c | 8 ++++++--
>  1 file changed, 6 insertions(+), 2 deletions(-)
> 
> diff --git a/mm/vmalloc.c b/mm/vmalloc.c
> index c607307c657a6..1baa602a0b9bb 100644
> --- a/mm/vmalloc.c
> +++ b/mm/vmalloc.c
> @@ -4041,7 +4041,10 @@ void *__vmalloc_node_range_noprof(unsigned long size, unsigned long align,
>  	 * kasan_unpoison_vmalloc().
>  	 */
>  	if (pgprot_val(prot) == pgprot_val(PAGE_KERNEL)) {
> -		if (kasan_hw_tags_enabled()) {
> +		bool skip_kasan = kasan_hw_tags_enabled() &&
> +				  (gfp_mask & __GFP_SKIP_KASAN);
> +
> +		if (kasan_hw_tags_enabled() && !skip_kasan) {

It's unfortunate that kasan_hw_tags_enabled() is involved twice in this expression.

>  			/*
>  			 * Modify protection bits to allow tagging.
>  			 * This must be done before mapping.
> @@ -4057,7 +4060,8 @@ void *__vmalloc_node_range_noprof(unsigned long size, unsigned long align,
>  		}
>  
>  		/* Take note that the mapping is PAGE_KERNEL. */
> -		kasan_flags |= KASAN_VMALLOC_PROT_NORMAL;
> +		if (!skip_kasan)
> +			kasan_flags |= KASAN_VMALLOC_PROT_NORMAL;

I wonder if it would be clearer to just not call kasan_unpoison_vmalloc() below
if the user passed in __GFP_SKIP_KASAN? It's really just an implementation
detail that kasan_unpoison_vmalloc() skips unpoisoning if
KASAN_VMALLOC_PROT_NORMAL is not provided.

Thanks,
Ryan


>  	}
>  
>  	/* Allocate physical pages and map them into vmalloc space. */
Re: [PATCH 1/3] vmalloc: add __GFP_SKIP_KASAN support
Posted by Muhammad Usama Anjum 2 weeks, 3 days ago 
On 19/03/2026 12:22 pm, Ryan Roberts wrote:
> On 19/03/2026 11:49, Muhammad Usama Anjum wrote:
>> For allocations that will be accessed only with match-all pointers
>> (e.g., kernel stacks), setting tags is wasted work. If the caller
>> already set __GFP_SKIP_KASAN, don’t skip zeroing the pages and
>> don’t set KASAN_VMALLOC_PROT_NORMAL so kasan_unpoison_vmalloc()
>> returns early without tagging.
>>
>> Before this patch, __GFP_SKIP_KASAN wasn't being used with vmalloc
>> APIs. So it wasn't being checked. Now its being checked and acted
>> upon. Other KASAN modes are unchanged because __GFP_SKIP_KASAN isn't
>> defined there.
>>
>> This is a preparatory patch for optimizing kernel stack allocations.
>>
>> Signed-off-by: Muhammad Usama Anjum <usama.anjum@arm.com>
>> ---
>>  mm/vmalloc.c | 8 ++++++--
>>  1 file changed, 6 insertions(+), 2 deletions(-)
>>
>> diff --git a/mm/vmalloc.c b/mm/vmalloc.c
>> index c607307c657a6..1baa602a0b9bb 100644
>> --- a/mm/vmalloc.c
>> +++ b/mm/vmalloc.c
>> @@ -4041,7 +4041,10 @@ void *__vmalloc_node_range_noprof(unsigned long size, unsigned long align,
>>  	 * kasan_unpoison_vmalloc().
>>  	 */
>>  	if (pgprot_val(prot) == pgprot_val(PAGE_KERNEL)) {
>> -		if (kasan_hw_tags_enabled()) {
>> +		bool skip_kasan = kasan_hw_tags_enabled() &&
>> +				  (gfp_mask & __GFP_SKIP_KASAN);
>> +
>> +		if (kasan_hw_tags_enabled() && !skip_kasan) {
> 
> It's unfortunate that kasan_hw_tags_enabled() is involved twice in this expression.
I've looked at this again and simplified based on the fact tha
__GFP_SKIP_KASAN is zero in other than hw-tag modes.

> 
>>  			/*
>>  			 * Modify protection bits to allow tagging.
>>  			 * This must be done before mapping.
>> @@ -4057,7 +4060,8 @@ void *__vmalloc_node_range_noprof(unsigned long size, unsigned long align,
>>  		}
>>  
>>  		/* Take note that the mapping is PAGE_KERNEL. */
>> -		kasan_flags |= KASAN_VMALLOC_PROT_NORMAL;
>> +		if (!skip_kasan)
>> +			kasan_flags |= KASAN_VMALLOC_PROT_NORMAL;
> 
> I wonder if it would be clearer to just not call kasan_unpoison_vmalloc() below
> if the user passed in __GFP_SKIP_KASAN? It's really just an implementation
> detail that kasan_unpoison_vmalloc() skips unpoisoning if
> KASAN_VMALLOC_PROT_NORMAL is not provided.
Then it would be confusing to set kasan_flags to KASAN_VMALLOC_PROT_NORMAL and
not use it later. I've found a good of doing it this way.

Thanks,
Usama

> 
> Thanks,
> Ryan
> 
> 
>>  	}
>>  
>>  	/* Allocate physical pages and map them into vmalloc space. */
>

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.