iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
36b98806d243f3d38b51fb429d2303c5b67ffc2b
linux/kernel
History
Peter Zijlstra 6ddaca6b20 lockdep: Fix block chain corruption 
[ Upstream commit bca4104b00 ]

Kent reported an occasional KASAN splat in lockdep. Mark then noted:

> I suspect the dodgy access is to chain_block_buckets[-1], which hits the last 4
> bytes of the redzone and gets (incorrectly/misleadingly) attributed to
> nr_large_chain_blocks.

That would mean @size == 0, at which point size_to_bucket() returns -1
and the above happens.

alloc_chain_hlocks() has 'size - req', for the first with the
precondition 'size >= rq', which allows the 0.

This code is trying to split a block, del_chain_block() takes what we
need, and add_chain_block() puts back the remainder, except in the
above case the remainder is 0 sized and things go sideways.

Fixes: 810507fe6f ("locking/lockdep: Reuse freed chain_hlocks entries")
Reported-by: Kent Overstreet <kent.overstreet@linux.dev>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Tested-by: Kent Overstreet <kent.overstreet@linux.dev>
Link: https://lkml.kernel.org/r/20231121114126.GH8262@noisy.programming.kicks-ass.net
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-12-03 07:31:23 +01:00
..
bpf
bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END
2023-11-28 16:56:27 +00:00
cgroup
cgroup: Remove duplicates in cgroup v1 tasks file
2023-10-19 23:05:37 +02:00
configs
drivers/char: remove /dev/kmem for good
2021-05-07 00:26:34 -07:00
debug
kgdb: Flush console before entering kgdb on panic
2023-11-28 16:56:20 +00:00
dma
dma-debug: don't call __dma_entry_alloc_check_leak() under free_entries_lock
2023-10-06 13:18:14 +02:00
entry
entry/rcu: Check TIF_RESCHED _after_ delayed RCU wake-up
2023-03-30 12:47:51 +02:00
events
tracing/perf: Add interrupt_context_level() helper
2023-11-28 16:56:21 +00:00
futex
futex: Don't include process MM in futex key on no-MMU
2023-11-20 11:08:13 +01:00
gcov
gcov: add support for checksum field
2022-12-31 13:14:47 +01:00
irq
genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware
2023-11-28 16:56:30 +00:00
kcsan
kcsan: Don't expect 64 bits atomic builtins from 32 bits architectures
2023-07-23 13:47:12 +02:00
livepatch
livepatch: Fix missing newline character in klp_resolve_symbols()
2023-11-20 11:08:25 +01:00
locking
lockdep: Fix block chain corruption
2023-12-03 07:31:23 +01:00
power
PM: hibernate: Clean up sync_read handling in snapshot_write_next()
2023-11-28 16:56:29 +00:00
printk
printk: Consolidate console deferred printing
2023-09-23 11:09:59 +02:00
rcu
rcu: kmemleak: Ignore kmemleak false positives when RCU-freeing objects
2023-11-28 16:56:29 +00:00
sched
sched: Fix stop_one_cpu_nowait() vs hotplug
2023-11-20 11:08:13 +01:00
time
timers/nohz: Last resort update jiffies on nohz_full IRQ entry
2023-08-16 18:22:04 +02:00
trace
tracing: Have trace_event_file have ref counters
2023-11-28 16:56:36 +00:00
.gitignore
.gitignore: prefix local generated files with a slash
2021-05-02 00:43:35 +09:00
acct.c
acct: fix potential integer overflow in encode_comp_t()
2022-12-31 13:14:40 +01:00
async.c
Revert "module, async: async_synchronize_full() on module init iff async is used"
2022-02-23 12:03:07 +01:00
audit_fsnotify.c
audit: fix potential double free on error path from fsnotify_add_inode_mark
2022-08-31 17:16:33 +02:00
audit_tree.c
audit: move put_tree() to avoid trim_trees refcount underflow and UAF
2021-08-24 18:52:36 -04:00
audit_watch.c
audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare()
2023-11-28 16:56:27 +00:00
audit.c
audit: improve audit queue handling when "audit=1" on cmdline
2022-02-08 18:34:03 +01:00
audit.h
audit: log AUDIT_TIME_* records only from rules
2022-04-08 14:23:06 +02:00
auditfilter.c
auditsc.c
audit: fix possible soft lockup in __audit_inode_child()
2023-09-19 12:22:39 +02:00
backtracetest.c
bounds.c
capability.c
cfi.c
cfi: Fix __cfi_slowpath_diag RCU usage with cpuidle
2022-06-22 14:22:04 +02:00
compat.c
sched_getaffinity: don't assume 'cpumask_size()' is fully initialized
2023-04-05 11:24:53 +02:00
configs.c
context_tracking.c
cpu_pm.c
PM: cpu: Make notifier chain use a raw_spinlock_t
2021-08-16 18:55:32 +02:00
cpu.c
cpu/hotplug: Do not bail-out in DYING/STARTING sections
2022-12-31 13:14:04 +01:00
crash_core.c
kernel/crash_core: suppress unknown crashkernel parameter warning
2021-12-29 12:28:49 +01:00
crash_dump.c
cred.c
ucounts: Base set_cred_ucounts changes on the real user
2022-02-23 12:03:20 +01:00
delayacct.c
delayacct: Add sysctl to enable at runtime
2021-05-12 11:43:25 +02:00
dma.c
exec_domain.c
exit.c
exit: Use READ_ONCE() for all oops/warn limit reads
2023-02-01 08:27:22 +01:00
extable.c
fail_function.c
kernel/fail_function: fix memory leak with using debugfs_lookup()
2023-03-11 13:57:38 +01:00
fork.c
kernel/fork: beware of __put_task_struct() calling context
2023-09-23 11:09:55 +02:00
freezer.c
sched: Add get_current_state()
2021-06-18 11:43:08 +02:00
gen_kheaders.sh
kbuild: clean up ${quiet} checks in shell scripts
2021-05-27 04:01:50 +09:00
groups.c
hung_task.c
Merge branch 'akpm' (patches from Andrew)
2021-07-02 12:08:10 -07:00
iomem.c
irq_work.c
irq_work: Make irq_work_queue() NMI-safe again
2021-06-10 10:00:08 +02:00
jump_label.c
jump_label: Fix jump_label_text_reserved() vs __init
2021-07-05 10:46:20 +02:00
kallsyms.c
module: add printk formats to add module build ID to stacktraces
2021-07-08 11:48:22 -07:00
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.locks
locking/rwlock: Provide RT variant
2021-08-17 17:50:51 +02:00
Kconfig.preempt
sched/core: Disable CONFIG_SCHED_CORE by default
2021-06-28 22:43:05 +02:00
kcov.c
kexec_core.c
kexec: fix a memory leak in crash_shrink_memory()
2023-07-23 13:46:52 +02:00
kexec_elf.c
kexec_file.c
kexec: support purgatories with .text.hot sections
2023-06-21 15:59:14 +02:00
kexec_internal.h
panic, kexec: make __crash_kexec() NMI safe
2023-04-20 12:13:57 +02:00
kexec.c
kernel: kexec: copy user-array safely
2023-11-28 16:56:16 +00:00
kheaders.c
kheaders: Use array declaration instead of char
2023-05-11 23:00:17 +09:00
kmod.c
modules: add CONFIG_MODPROBE_PATH
2021-05-07 00:26:33 -07:00
kprobes.c
kprobes: Prohibit probing on CFI preamble symbol
2023-09-19 12:22:28 +02:00
ksysfs.c
kexec: turn all kexec_mutex acquisitions into trylocks
2023-04-20 12:13:57 +02:00
kthread.c
kthread: add the helper function kthread_run_on_cpu()
2023-03-30 12:47:42 +02:00
latencytop.c
Makefile
futex: Move to kernel/futex/
2022-12-31 13:14:04 +01:00
module_signature.c
module_signing.c
module-internal.h
module.c
modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules
2023-09-06 21:28:38 +01:00
notifier.c
notifier: Remove atomic_notifier_call_chain_robust()
2021-08-16 18:55:32 +02:00
nsproxy.c
memcg: enable accounting for new namesapces and struct nsproxy
2021-09-03 09:58:12 -07:00
padata.c
crypto: pcrypt - Fix hungtask for PADATA_RESET
2023-11-28 16:56:18 +00:00
panic.c
exit: Use READ_ONCE() for all oops/warn limit reads
2023-02-01 08:27:22 +01:00
params.c
params: lift param_set_uint_minmax to common code
2021-08-16 14:42:22 +02:00
pid_namespace.c
rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes()
2023-03-10 09:39:09 +01:00
pid.c
kernel/pid.c: implement additional checks upon pidfd_create() parameters
2021-08-10 12:53:07 +02:00
profile.c
profiling: fix shift too large makes kernel panic
2022-08-17 14:24:04 +02:00
ptrace.c
ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
2022-06-09 10:22:29 +02:00
range.c
reboot.c
kernel/reboot: emergency_restart: Set correct system_state
2023-11-28 16:56:31 +00:00
regset.c
relay.c
relayfs: fix out-of-bounds access in relay_file_read
2023-05-11 23:00:18 +09:00
resource_kunit.c
resource.c
dax/kmem: Fix leak of memory-hotplug resources
2023-03-10 09:40:08 +01:00
rseq.c
rseq: Remove broken uapi field layout on 32-bit little endian
2022-04-08 14:23:10 +02:00
scftorture.c
scftorture: Forgive memory-allocation failure if KASAN
2023-09-23 11:09:55 +02:00
scs.c
scs: Release kasan vmalloc poison in scs_free process
2021-11-18 19:16:29 +01:00
seccomp.c
seccomp: Invalidate seccomp mode to catch death failures
2022-02-16 12:56:38 +01:00
signal.c
signal handling: don't use BUG_ON() for debugging
2022-07-21 21:24:42 +02:00
smp.c
locking/csd_lock: Change csdlock_debug from early_param to __setup
2022-08-17 14:24:24 +02:00
smpboot.c
smpboot: Replace deprecated CPU-hotplug functions.
2021-08-10 14:57:42 +02:00
smpboot.h
softirq.c
timers/nohz: Last resort update jiffies on nohz_full IRQ entry
2023-08-16 18:22:04 +02:00
stackleak.c
gcc-plugins/stackleak: Use noinstr in favor of notrace
2022-02-23 12:03:07 +01:00
stacktrace.c
stacktrace: move filter_irq_stacks() to kernel/stacktrace.c
2022-04-13 20:59:28 +02:00
static_call_inline.c
static_call: Don't make __static_call_return0 static
2022-04-13 20:59:28 +02:00
static_call.c
static_call: Don't make __static_call_return0 static
2022-04-13 20:59:28 +02:00
stop_machine.c
sys_ni.c
kernel/sys_ni: add compat entry for fadvise64_64
2022-08-31 17:16:33 +02:00
sys.c
kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()
2023-04-26 13:51:52 +02:00
sysctl-test.c
kernel/sysctl-test: Remove some casts which are no-longer required
2021-06-23 16:41:24 -06:00
sysctl.c
kernel/panic: move panic sysctls to its own file
2023-02-01 08:27:20 +01:00
task_work.c
kasan: record task_work_add() call stack
2021-04-30 11:20:42 -07:00
taskstats.c
test_kprobes.c
torture.c
torture: Fix hang during kthread shutdown phase
2023-08-30 16:18:19 +02:00
tracepoint.c
tracepoint: Fix kerneldoc comments
2021-08-16 11:39:51 -04:00
tsacct.c
taskstats: Cleanup the use of task->exit_code
2022-01-27 11:05:35 +01:00
ucount.c
ucounts: Handle wrapping in is_ucounts_overlimit
2022-02-23 12:03:20 +01:00
uid16.c
uid16.h
umh.c
kernel/umh.c: fix some spelling mistakes
2021-05-07 00:26:34 -07:00
up.c
Merge tag 'locking-urgent-2021-05-09' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2021-05-09 13:07:03 -07:00
user_namespace.c
ucounts: Fix systemd LimitNPROC with private users regression
2022-03-08 19:12:42 +01:00
user-return-notifier.c
user.c
fs/epoll: use a per-cpu counter for user's watches count
2021-09-08 11:50:27 -07:00
usermode_driver.c
Merge branch 'work.namei' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2021-07-03 11:41:14 -07:00
utsname_sysctl.c
utsname.c
watch_queue.c
kernel: watch_queue: copy user-array safely
2023-11-28 16:56:16 +00:00
watchdog_hld.c
watchdog/perf: more properly prevent false positives with turbo modes
2023-07-23 13:46:52 +02:00
watchdog.c
watchdog: move softlockup_panic back to early_param
2023-11-28 16:56:28 +00:00
workqueue_internal.h
workqueue: Assign a color to barrier work items
2021-08-17 07:49:10 -10:00
workqueue.c
workqueue: Provide one lock class key per work_on_cpu() callsite
2023-11-28 16:56:15 +00:00