On Thu, Oct 29, 2020 at 03:11:03PM +, Colin King wrote:
> From: Colin Ian King
>
> Reading /proc/sys/kernel/sched_domain/cpu*/domain0/flags mutliple times
> with small reads causes oopses with slub corruption issues because the kfree
> is
> free'ing an offset from a previous allocation. Fix
On 29/10/20 15:29, Valentin Schneider wrote:
>> @@ -269,17 +269,17 @@ static int sd_ctl_doflags(struct ctl_table *table, int
>> write,
>> return 0;
>> }
>>
>> -tmp = kcalloc(data_size + 1, sizeof(*tmp), GFP_KERNEL);
> [...]
>> -tmp += *ppos;
> [...]
>> -kfree(tmp)
On 29/10/20 15:11, Colin King wrote:
> Detected by running 'stress-ng --procfs 0' on 5.10-rc1; example splat:
>
That's definitely what I'll need to run next time I lay my dirty hands on
procfs.
> Link: https://bugzilla.kernel.org/show_bug.cgi?id=209919
> Reported-by: Jeff Bastian
> Fixes: 5b9f
From: Colin Ian King
Reading /proc/sys/kernel/sched_domain/cpu*/domain0/flags mutliple times
with small reads causes oopses with slub corruption issues because the kfree is
free'ing an offset from a previous allocation. Fix this by adding in a new
pointer 'buf' for the allocation and kfree and us
4 matches
Mail list logo