| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 Aug 2018 20:28:17 -0400
From: zhouxianrong <zhouxianrong@....com>
To: linux-mm@...ck.org
Cc: linux-kernel@...r.kernel.org, minchan@...nel.org,
ngupta@...are.org, sergey.senozhatsky.work@...il.com,
zhouxianrong@....com, zhouxianrong <zhouxianrong@...wei.com>
Subject: [PATCH] zsmalloc: fix linking bug in init_zspage
From: zhouxianrong <zhouxianrong@...wei.com>
The last partial object in last subpage of zspage should not be linked
in allocation list. Otherwise it could trigger BUG_ON explicitly at
function zs_map_object. But it happened rarely.
Signed-off-by: zhouxianrong <zhouxianrong@...wei.com>
---
mm/zsmalloc.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/mm/zsmalloc.c b/mm/zsmalloc.c
index 8d87e973a4f5..24dd8da0aa59 100644
--- a/mm/zsmalloc.c
+++ b/mm/zsmalloc.c
@@ -1040,6 +1040,8 @@ static void init_zspage(struct size_class *class, struct zspage *zspage)
* Reset OBJ_TAG_BITS bit to last link to tell
* whether it's allocated object or not.
*/
+ if (off > PAGE_SIZE)
+ link -= class->size / sizeof(*link);
link->next = -1UL << OBJ_TAG_BITS;
}
kunmap_atomic(vaddr);
--
2.13.6
Powered by blists - more mailing lists