openkylin
/
platform_kernel-5.15
mirror of https://gitee.com/openkylin/platform_kernel-5.15.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity
platform_kernel-5.15/include
History
Andrey Ryabinin 9b75a867cc mm: mempool: kasan: don't poot mempool objects in quarantine 
Currently we may put reserved by mempool elements into quarantine via
kasan_kfree().  This is totally wrong since quarantine may really free
these objects.  So when mempool will try to use such element,
use-after-free will happen.  Or mempool may decide that it no longer
need that element and double-free it.

So don't put object into quarantine in kasan_kfree(), just poison it.
Rename kasan_kfree() to kasan_poison_kfree() to respect that.

Also, we shouldn't use kasan_slab_alloc()/kasan_krealloc() in
kasan_unpoison_element() because those functions may update allocation
stacktrace.  This would be wrong for the most of the remove_element call
sites.

(The only call site where we may want to update alloc stacktrace is
 in mempool_alloc(). Kmemleak solves this by calling
 kmemleak_update_trace(), so we could make something like that too.
 But this is out of scope of this patch).

Fixes: 55834c5909 ("mm: kasan: initial memory quarantine implementation")
Link: http://lkml.kernel.org/r/575977C3.1010905@virtuozzo.com
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Reported-by: Kuthonuzo Luruo <kuthonuzo.luruo@hpe.com>
Acked-by: Alexander Potapenko <glider@google.com>
Cc: Dmitriy Vyukov <dvyukov@google.com>
Cc: Kostya Serebryany <kcc@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
 		2016-06-24 17:23:52 -07:00
..
acpi Merge branches 'acpica-fixes', 'acpi-video' and 'acpi-processor' 2016-06-03 22:35:05 +02:00
asm-generic locking/qspinlock: Fix spin_unlock_wait() some more 2016-06-08 14:29:08 +02:00
clocksource clocksource: arm_arch_timer: Remove arch_timer_get_timecounter 2016-05-03 12:54:21 +02:00
crypto Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2016-05-19 09:21:36 -07:00
drm Merge tag 'drm-intel-next-fixes-2016-05-25' of git://anongit.freedesktop.org/drm-intel into drm-next 2016-05-27 16:08:38 +10:00
dt-bindings Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux 2016-05-26 09:23:43 -07:00
keys
kvm KVM: arm/arm64: vgic-new: implement mapped IRQ handling 2016-05-20 15:40:09 +02:00
linux mm: mempool: kasan: don't poot mempool objects in quarantine 2016-06-24 17:23:52 -07:00
math-emu
media Update my main e-mails at the Kernel tree 2016-06-15 15:35:37 -10:00
memory
misc cxl: Add kernel API to allow a context to operate with relocate disabled 2016-05-11 21:54:10 +10:00
net packet: compat support for sock_fprog 2016-06-09 23:41:03 -07:00
pcmcia
ras
rdma IB/core: Make all casts in ib_device_cap_flags enum consistent 2016-06-07 09:50:55 -04:00
rxrpc
scsi Merge branch '4.7/scsi-queue' of git://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi into for-4.7-zac 2016-05-09 12:34:39 -04:00
soc ARC updates for 4.7-rc1 2016-05-19 09:46:18 -07:00
sound ASoC: Updates for v4.7 2016-05-16 14:59:00 +02:00
target Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2016-05-28 12:04:17 -07:00
trace - move kvm_stat tool from QEMU repo into tools/kvm/kvm_stat 2016-05-27 13:41:54 -07:00
uapi Merge branch 'for-linus-4.7' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs 2016-06-10 14:13:27 -07:00
video imx-drm probing fix 2016-05-25 12:36:20 +10:00
xen
Kbuild