* [merged mm-stable] skbuff-use-mempool-kasan-hooks.patch removed from -mm tree
@ 2023-12-29 20:00 Andrew Morton
0 siblings, 0 replies; only message in thread
From: Andrew Morton @ 2023-12-29 20:00 UTC (permalink / raw)
To: mm-commits, ryabinin.a.a, leitao, glider, eugenis, elver, dvyukov,
alobakin, andreyknvl, akpm
The quilt patch titled
Subject: skbuff: use mempool KASAN hooks
has been removed from the -mm tree. Its filename was
skbuff-use-mempool-kasan-hooks.patch
This patch was dropped because it was merged into the mm-stable branch
of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
------------------------------------------------------
From: Andrey Konovalov <andreyknvl@google.com>
Subject: skbuff: use mempool KASAN hooks
Date: Tue, 19 Dec 2023 23:29:04 +0100
Instead of using slab-internal KASAN hooks for poisoning and unpoisoning
cached objects, use the proper mempool KASAN hooks.
Also check the return value of kasan_mempool_poison_object to prevent
double-free and invali-free bugs.
Link: https://lkml.kernel.org/r/a3482c41395c69baa80eb59dbb06beef213d2a14.1703024586.git.andreyknvl@google.com
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Cc: Alexander Lobakin <alobakin@pm.me>
Cc: Alexander Potapenko <glider@google.com>
Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
Cc: Breno Leitao <leitao@debian.org>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Evgenii Stepanov <eugenis@google.com>
Cc: Marco Elver <elver@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---
net/core/skbuff.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
--- a/net/core/skbuff.c~skbuff-use-mempool-kasan-hooks
+++ a/net/core/skbuff.c
@@ -337,7 +337,7 @@ static struct sk_buff *napi_skb_cache_ge
}
skb = nc->skb_cache[--nc->skb_count];
- kasan_unpoison_new_object(skbuff_cache, skb);
+ kasan_mempool_unpoison_object(skb, kmem_cache_size(skbuff_cache));
return skb;
}
@@ -1309,13 +1309,15 @@ static void napi_skb_cache_put(struct sk
struct napi_alloc_cache *nc = this_cpu_ptr(&napi_alloc_cache);
u32 i;
- kasan_poison_new_object(skbuff_cache, skb);
+ if (!kasan_mempool_poison_object(skb))
+ return;
+
nc->skb_cache[nc->skb_count++] = skb;
if (unlikely(nc->skb_count == NAPI_SKB_CACHE_SIZE)) {
for (i = NAPI_SKB_CACHE_HALF; i < NAPI_SKB_CACHE_SIZE; i++)
- kasan_unpoison_new_object(skbuff_cache,
- nc->skb_cache[i]);
+ kasan_mempool_unpoison_object(nc->skb_cache[i],
+ kmem_cache_size(skbuff_cache));
kmem_cache_free_bulk(skbuff_cache, NAPI_SKB_CACHE_HALF,
nc->skb_cache + NAPI_SKB_CACHE_HALF);
_
Patches currently in -mm which might be from andreyknvl@google.com are
kasan-stop-leaking-stack-trace-handles.patch
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2023-12-29 20:00 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-12-29 20:00 [merged mm-stable] skbuff-use-mempool-kasan-hooks.patch removed from -mm tree Andrew Morton
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.