Commit d45aabad authored by Matthew Dawson's avatar Matthew Dawson Committed by Greg Kroah-Hartman

mm/mempool: avoid KASAN marking mempool poison checks as use-after-free

commit 76401310 upstream.

When removing an element from the mempool, mark it as unpoisoned in KASAN
before verifying its contents for SLUB/SLAB debugging.  Otherwise KASAN
will flag the reads checking the element use-after-free writes as
use-after-free reads.
Signed-off-by: default avatarMatthew Dawson <matthew@mjdsystems.ca>
Acked-by: default avatarAndrey Ryabinin <aryabinin@virtuozzo.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
Cc: Andrii Bordunov <aborduno@cisco.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 7e86f2d5
...@@ -135,8 +135,8 @@ static void *remove_element(mempool_t *pool) ...@@ -135,8 +135,8 @@ static void *remove_element(mempool_t *pool)
void *element = pool->elements[--pool->curr_nr]; void *element = pool->elements[--pool->curr_nr];
BUG_ON(pool->curr_nr < 0); BUG_ON(pool->curr_nr < 0);
check_element(pool, element);
kasan_unpoison_element(pool, element); kasan_unpoison_element(pool, element);
check_element(pool, element);
return element; return element;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment