linux-sg2042

History

Kees Cook a64b53780e mm/slab: sanity-check page type when looking up cache This avoids any possible type confusion when looking up an object. For example, if a non-slab were to be passed to kfree(), the invalid slab_cache pointer (i.e. overlapped with some other value from the struct page union) would be used for subsequent slab manipulations that could lead to further memory corruption. Since the page is already in cache, adding the PageSlab() check will have nearly zero cost, so add a check and WARN() to virt_to_cache(). Additionally replaces an open-coded virt_to_cache(). To support the failure mode this also updates all callers of virt_to_cache() and cache_from_obj() to handle a NULL cache pointer return value (though note that several already handle this case gracefully). [dan.carpenter@oracle.com: restore IRQs in kfree()] Link: http://lkml.kernel.org/r/20190613065637.GE16334@mwanda Link: http://lkml.kernel.org/r/20190530045017.15252-3-keescook@chromium.org Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Cc: Alexander Popov <alex.popov@linux.com> Cc: Alexander Potapenko <glider@google.com> Cc: Christoph Lameter <cl@linux.com> Cc: David Rientjes <rientjes@google.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: Pekka Enberg <penberg@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>		2019-07-12 11:05:41 -07:00
..
kasan	kasan: initialize tag to 0xff in __kasan_kmalloc	2019-06-01 15:51:31 -07:00
Kconfig	Linux 5.2-rc4	2019-06-14 14:18:53 -06:00
Kconfig.debug	treewide: Add SPDX license identifier - Makefile/Kconfig	2019-05-21 10:50:46 +02:00
Makefile	mm: shuffle initial free memory to improve memory-side-cache utilization	2019-05-14 19:52:48 -07:00
backing-dev.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
balloon_compaction.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
cleancache.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 482	2019-06-19 17:09:52 +02:00
cma.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 98	2019-05-24 17:37:54 +02:00
cma.h	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
cma_debug.c	mm/cma_debug.c: fix the break condition in cma_maxchunk_get()	2019-05-14 09:47:45 -07:00
compaction.c	mm, compaction: make sure we isolate a valid PFN	2019-06-01 15:51:32 -07:00
debug.c	mm: update references to page _refcount	2019-05-14 19:52:47 -07:00
debug_page_ref.c	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
dmapool.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 403	2019-06-05 17:37:13 +02:00
early_ioremap.c	mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep	2017-12-11 14:54:44 +01:00
fadvise.c	vfs: implement readahead(2) using POSIX_FADV_WILLNEED	2018-08-30 20:01:32 +02:00
failslab.c	mm: no need to check return value of debugfs_create functions	2019-03-05 21:07:17 -08:00
filemap.c	Many bug fixes and cleanups, and an optimization for case-insensitive	2019-07-10 21:06:01 -07:00
frame_vector.c	mm/frame_vector.c: release a semaphore in 'get_vaddr_frames()'	2017-12-14 16:00:48 -08:00
frontswap.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 482	2019-06-19 17:09:52 +02:00
gup.c	mm/gup: continue VM_FAULT_RETRY processing even for pre-faults	2019-06-01 15:51:31 -07:00
gup_benchmark.c	mm/gup: replace get_user_pages_longterm() with FOLL_LONGTERM	2019-05-14 09:47:45 -07:00
highmem.c	mm: convert totalram_pages and totalhigh_pages variables to atomic	2018-12-28 12:11:47 -08:00
hmm.c	mm/devm_memremap_pages: fix final page put race	2019-06-13 17:34:56 -10:00
huge_memory.c	Revert "mm: page cache: store only head pages in i_pages"	2019-07-05 19:55:18 -07:00
hugetlb.c	mm: hugetlb: soft-offline: dissolve_free_huge_page() return zero on !PageHuge	2019-06-29 16:43:45 +08:00
hugetlb_cgroup.c	mm: rename page_counter's count/limit into usage/max	2018-06-07 17:34:35 -07:00
hwpoison-inject.c	treewide: Add SPDX license identifier for more missed files	2019-05-21 10:50:45 +02:00
init-mm.c	mm: Allocate the mm_cpumask (mm->cpu_bitmap[]) dynamically based on nr_cpu_ids	2018-07-17 09:35:30 +02:00
internal.h	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
interval_tree.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 248	2019-06-19 17:09:08 +02:00
khugepaged.c	Revert "mm: page cache: store only head pages in i_pages"	2019-07-05 19:55:18 -07:00
kmemleak-test.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 333	2019-06-05 17:37:06 +02:00
kmemleak.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 333	2019-06-05 17:37:06 +02:00
ksm.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 482	2019-06-19 17:09:52 +02:00
list_lru.c	mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node	2019-06-13 17:34:56 -10:00
maccess.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
madvise.c	mm/mmu_notifier: use correct mmu_notifier events for each invalidation	2019-05-14 09:47:49 -07:00
memblock.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
memcontrol.c	mm/memcontrol: fix wrong statistics in memory.stat	2019-07-12 11:05:40 -07:00
memfd.c	Revert "mm: page cache: store only head pages in i_pages"	2019-07-05 19:55:18 -07:00
memory-failure.c	Merge branch 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace	2019-07-08 21:48:15 -07:00
memory.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
memory_hotplug.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
mempolicy.c	mm/mempolicy.c: fix an incorrect rebind node in mpol_rebind_nodemask	2019-06-29 16:43:44 +08:00
mempool.c	docs/core-api/mm: fix return value descriptions in mm/	2019-03-05 21:07:20 -08:00
memtest.c	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
migrate.c	Revert "mm: page cache: store only head pages in i_pages"	2019-07-05 19:55:18 -07:00
mincore.c	mm/mincore.c: make mincore() more conservative	2019-05-14 19:52:48 -07:00
mlock.c	mm/mlock.c: change count_mm_mlocked_page_nr return type	2019-06-13 17:34:56 -10:00
mm_init.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
mmap.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
mmu_context.c	sched/headers: Prepare to move the task_lock()/unlock() APIs to <linux/sched/task.h>	2017-03-02 08:42:38 +01:00
mmu_gather.c	mm: mmu_gather: remove __tlb_reset_range() for force flush	2019-06-13 17:34:56 -10:00
mmu_notifier.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 499	2019-06-19 17:09:53 +02:00
mmzone.c	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
mprotect.c	mm/mprotect.c: fix compilation warning because of unused 'mm' variable	2019-05-14 09:47:51 -07:00
mremap.c	mm/mmu_notifier: contextual information for event triggering invalidation	2019-05-14 09:47:49 -07:00
msync.c	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
nommu.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
oom_kill.c	mm/oom_kill.c: fix uninitialized oc->constraint	2019-06-29 16:43:45 +08:00
page-writeback.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
page_alloc.c	mm/page_alloc.c: fix regression with deferred struct page init	2019-07-05 11:12:07 +09:00
page_counter.c	memcg: introduce memory.min	2018-06-07 17:34:36 -07:00
page_ext.c	memblock: drop memblock_alloc_*_nopanic() variants	2019-03-12 10:04:02 -07:00
page_idle.c	mm/page_idle.c: fix oops because end_pfn is larger than max_pfn	2019-06-29 16:43:45 +08:00
page_io.c	swap_readpage(): avoid blk_wake_io_task() if !synchronous	2019-07-05 11:12:07 +09:00
page_isolation.c	mm/page_isolation.c: remove redundant pfn_valid_within() in __first_valid_page()	2019-05-14 09:47:46 -07:00
page_owner.c	mm/page_owner: Simplify stack trace handling	2019-04-29 12:37:50 +02:00
page_poison.c	page_poison: play nicely with KASAN	2019-03-05 21:07:13 -08:00
page_vma_mapped.c	mm/rmap: map_pte() was not handling private ZONE_DEVICE page properly	2018-10-31 08:54:11 -07:00
pagewalk.c	mm: kernel-doc: add missing parameter descriptions	2018-04-05 21:36:27 -07:00
percpu-internal.h	percpu: convert chunk hints to be based on pcpu_block_md	2019-03-13 12:25:31 -07:00
percpu-km.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 428	2019-06-05 17:37:16 +02:00
percpu-stats.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 428	2019-06-05 17:37:16 +02:00
percpu-vm.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 428	2019-06-05 17:37:16 +02:00
percpu.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 428	2019-06-05 17:37:16 +02:00
pgtable-generic.c	x86/mm: Page size aware flush_tlb_mm_range()	2018-10-09 16:51:11 +02:00
process_vm_access.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
quicklist.c	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
readahead.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
rmap.c	mm/rmap.c: use the pra.mapcount to do the check	2019-05-14 09:47:49 -07:00
rodata_test.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441	2019-06-05 17:37:17 +02:00
shmem.c	Revert "mm: page cache: store only head pages in i_pages"	2019-07-05 19:55:18 -07:00
shuffle.c	mm: maintain randomization of page free lists	2019-05-14 19:52:48 -07:00
shuffle.h	mm: maintain randomization of page free lists	2019-05-14 19:52:48 -07:00
slab.c	mm/slab: sanity-check page type when looking up cache	2019-07-12 11:05:41 -07:00
slab.h	mm/slab: sanity-check page type when looking up cache	2019-07-12 11:05:41 -07:00
slab_common.c	mm: add support for kmem caches in DMA32 zone	2019-03-29 10:01:37 -07:00
slob.c	slob: use slab_list instead of lru	2019-05-14 09:47:44 -07:00
slub.c	mm/slub.c: update the comment about slab frozen	2019-05-14 09:47:45 -07:00
sparse-vmemmap.c	mm: remove include/linux/bootmem.h	2018-10-31 08:54:16 -07:00
sparse.c	mm/sparse.c: clean up obsolete code comment	2019-05-14 09:47:48 -07:00
swap.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
swap_cgroup.c	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
swap_slots.c	mm, swap, get_swap_pages: use entry_size instead of cluster in parameter	2018-08-22 10:52:44 -07:00
swap_state.c	Revert "mm: page cache: store only head pages in i_pages"	2019-07-05 19:55:18 -07:00
swapfile.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
truncate.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
usercopy.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
userfaultfd.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 499	2019-06-19 17:09:53 +02:00
util.c	prctl_set_mm: downgrade mmap_sem to read lock	2019-06-01 15:51:31 -07:00
vmacache.c	mm: get rid of vmacache_flush_all() entirely	2018-09-13 15:18:04 -10:00
vmalloc.c	arm64 updates for 5.3:	2019-07-08 09:54:55 -07:00
vmpressure.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
vmscan.c	mm: vmscan: scan anonymous pages on file refaults	2019-07-12 11:05:39 -07:00
vmstat.c	treewide: Add SPDX license identifier for missed files	2019-05-21 10:50:45 +02:00
workingset.c	mm: memcontrol: make cgroup stats and events query API explicitly local	2019-05-14 19:52:53 -07:00
z3fold.c	mm/z3fold.c: lock z3fold page before __SetPageMovable()	2019-07-12 11:05:40 -07:00
zbud.c	treewide: Add SPDX license identifier for more missed files	2019-05-21 10:50:45 +02:00
zpool.c	treewide: Add SPDX license identifier for more missed files	2019-05-21 10:50:45 +02:00
zsmalloc.c	mm/zsmalloc.c: fix fall-through annotation	2018-10-26 16:26:35 -07:00
zswap.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 157	2019-05-30 11:26:37 -07:00