[Devel] [PATCH 20/39] fs: dcache: manually unpoison dname after allocation to shut up kasan's reports

[Andrey Ryabinin]

From: Andrey Ryabinin <a.ryabi...@samsung.com>

commit df4c0e36f1b1782b0611a77c52cc240e5c4752dd upstream.

We need to manually unpoison rounded up allocation size for dname to avoid
kasan's reports in dentry_string_cmp().  When CONFIG_DCACHE_WORD_ACCESS=y
dentry_string_cmp may access few bytes beyound requested in kmalloc()
size.

dentry_string_cmp() relates on that fact that dentry allocated using
kmalloc and kmalloc internally round up allocation size.  So this is not a
bug, but this makes kasan to complain about such accesses.  To avoid such
reports we mark rounded up allocation size in shadow as accessible.

Signed-off-by: Andrey Ryabinin <a.ryabi...@samsung.com>
Reported-by: Dmitry Vyukov <dvyu...@google.com>
Cc: Konstantin Serebryany <k...@google.com>
Cc: Dmitry Chernenkov <dmit...@google.com>
Signed-off-by: Andrey Konovalov <adech...@gmail.com>
Cc: Yuri Gribov <tetra2...@gmail.com>
Cc: Konstantin Khlebnikov <koc...@gmail.com>
Cc: Sasha Levin <sasha.le...@oracle.com>
Cc: Christoph Lameter <c...@linux.com>
Cc: Joonsoo Kim <iamjoonsoo....@lge.com>
Cc: Dave Hansen <dave.han...@intel.com>
Cc: Andi Kleen <a...@firstfloor.org>
Cc: Ingo Molnar <mi...@elte.hu>
Cc: Thomas Gleixner <t...@linutronix.de>
Cc: "H. Peter Anvin" <h...@zytor.com>
Cc: Christoph Lameter <c...@linux.com>
Cc: Pekka Enberg <penb...@kernel.org>
Cc: David Rientjes <rient...@google.com>
Signed-off-by: Andrew Morton <a...@linux-foundation.org>
Signed-off-by: Linus Torvalds <torva...@linux-foundation.org>
Signed-off-by: Andrey Ryabinin <aryabi...@odin.com>
---
 fs/dcache.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/fs/dcache.c b/fs/dcache.c
index a341efe..a4f60d1 100644
--- a/fs/dcache.c
+++ b/fs/dcache.c
@@ -35,6 +35,7 @@
 #include <linux/hardirq.h>
 #include <linux/bit_spinlock.h>
 #include <linux/rculist_bl.h>
+#include <linux/kasan.h>
 #include <linux/prefetch.h>
 #include <linux/ratelimit.h>
 #include <linux/list_lru.h>
@@ -43,6 +44,7 @@
 #include "internal.h"
 #include "mount.h"
 
+
 /*
  * Usage:
  * dcache->d_inode->i_lock protects:
@@ -1550,6 +1552,11 @@ struct dentry *__d_alloc(struct super_block *sb, const 
struct qstr *name)
                        kmem_cache_free(dentry_cache, dentry); 
                        return NULL;
                }
+               if (IS_ENABLED(CONFIG_DCACHE_WORD_ACCESS))
+                       kasan_unpoison_shadow(dname,
+                                       round_up(name->len + 1,
+                                               sizeof(unsigned long)));
+
        } else  {
                dname = dentry->d_iname;
        }       
-- 
2.4.6

_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel