The commit is pushed to "branch-rh7-3.10.0-229.7.2-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git after rh7-3.10.0-229.7.2.vz7.6.6 ------> commit 6b444b2466dfe34ee64bf03a05c9e8a85c581f0a Author: Andrey Ryabinin <aryabi...@odin.com> Date: Thu Sep 3 19:27:40 2015 +0400
ms/fs: dcache: manually unpoison dname after allocation to shut up kasan's reports https://jira.sw.ru/browse/PSBM-26429 From: Andrey Ryabinin <a.ryabi...@samsung.com> commit df4c0e36f1b1782b0611a77c52cc240e5c4752dd upstream. We need to manually unpoison rounded up allocation size for dname to avoid kasan's reports in dentry_string_cmp(). When CONFIG_DCACHE_WORD_ACCESS=y dentry_string_cmp may access few bytes beyound requested in kmalloc() size. dentry_string_cmp() relates on that fact that dentry allocated using kmalloc and kmalloc internally round up allocation size. So this is not a bug, but this makes kasan to complain about such accesses. To avoid such reports we mark rounded up allocation size in shadow as accessible. Signed-off-by: Andrey Ryabinin <a.ryabi...@samsung.com> Reported-by: Dmitry Vyukov <dvyu...@google.com> Cc: Konstantin Serebryany <k...@google.com> Cc: Dmitry Chernenkov <dmit...@google.com> Signed-off-by: Andrey Konovalov <adech...@gmail.com> Cc: Yuri Gribov <tetra2...@gmail.com> Cc: Konstantin Khlebnikov <koc...@gmail.com> Cc: Sasha Levin <sasha.le...@oracle.com> Cc: Christoph Lameter <c...@linux.com> Cc: Joonsoo Kim <iamjoonsoo....@lge.com> Cc: Dave Hansen <dave.han...@intel.com> Cc: Andi Kleen <a...@firstfloor.org> Cc: Ingo Molnar <mi...@elte.hu> Cc: Thomas Gleixner <t...@linutronix.de> Cc: "H. Peter Anvin" <h...@zytor.com> Cc: Christoph Lameter <c...@linux.com> Cc: Pekka Enberg <penb...@kernel.org> Cc: David Rientjes <rient...@google.com> Signed-off-by: Andrew Morton <a...@linux-foundation.org> Signed-off-by: Linus Torvalds <torva...@linux-foundation.org> Signed-off-by: Andrey Ryabinin <aryabi...@odin.com> Signed-off-by: Andrey Ryabinin <aryabi...@odin.com> --- fs/dcache.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/fs/dcache.c b/fs/dcache.c index a341efe..a4f60d1 100644 --- a/fs/dcache.c +++ b/fs/dcache.c @@ -35,6 +35,7 @@ #include <linux/hardirq.h> #include <linux/bit_spinlock.h> #include <linux/rculist_bl.h> +#include <linux/kasan.h> #include <linux/prefetch.h> #include <linux/ratelimit.h> #include <linux/list_lru.h> @@ -43,6 +44,7 @@ #include "internal.h" #include "mount.h" + /* * Usage: * dcache->d_inode->i_lock protects: @@ -1550,6 +1552,11 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) kmem_cache_free(dentry_cache, dentry); return NULL; } + if (IS_ENABLED(CONFIG_DCACHE_WORD_ACCESS)) + kasan_unpoison_shadow(dname, + round_up(name->len + 1, + sizeof(unsigned long))); + } else { dname = dentry->d_iname; } _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel