Skip to content
Commit 2abd839a authored by Catalin Marinas's avatar Catalin Marinas Committed by Linus Torvalds
Browse files

kmemleak: Do not corrupt the object_list during clean-up 

In case of an error (e.g. memory pool too small), kmemleak disables
itself and cleans up the already allocated metadata objects. However, if
this happens early before the RCU callback mechanism is available,
put_object() skips call_rcu() and frees the object directly. This is not
safe with the RCU list traversal in __kmemleak_do_cleanup().

Change the list traversal in __kmemleak_do_cleanup() to
list_for_each_entry_safe() and remove the rcu_read_{lock,unlock} since
the kmemleak is already disabled at this point. In addition, avoid an
unnecessary metadata object rb-tree look-up since it already has the
struct kmemleak_object pointer.

Fixes: c5665868

 ("mm: kmemleak: use the memory pool for early allocations")
Reported-by: default avatarAlexey Kardashevskiy <aik@ozlabs.ru>
Reported-by: default avatarMarc Dionne <marc.c.dionne@gmail.com>
Reported-by: default avatarTed Ts'o <tytso@mit.edu>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 4f5cafb5
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment