Re: [PATCH v3] zram: don't free statically defined names

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Le 24/09/2024 à 00:41, Andrey Skvortsov a écrit :
On 24-09-23 19:40, Christophe JAILLET wrote:
Le 23/09/2024 à 18:48, Andrey Skvortsov a écrit :
When CONFIG_ZRAM_MULTI_COMP isn't set ZRAM_SECONDARY_COMP can hold
default_compressor, because it's the same offset as ZRAM_PRIMARY_COMP,
so we need to make sure that we don't attempt to kfree() the
statically defined compressor name.

This is detected by KASAN.

==================================================================
    Call trace:
     kfree+0x60/0x3a0
     zram_destroy_comps+0x98/0x198 [zram]
     zram_reset_device+0x22c/0x4a8 [zram]
     reset_store+0x1bc/0x2d8 [zram]
     dev_attr_store+0x44/0x80
     sysfs_kf_write+0xfc/0x188
     kernfs_fop_write_iter+0x28c/0x428
     vfs_write+0x4dc/0x9b8
     ksys_write+0x100/0x1f8
     __arm64_sys_write+0x74/0xb8
     invoke_syscall+0xd8/0x260
     el0_svc_common.constprop.0+0xb4/0x240
     do_el0_svc+0x48/0x68
     el0_svc+0x40/0xc8
     el0t_64_sync_handler+0x120/0x130
     el0t_64_sync+0x190/0x198
==================================================================

Signed-off-by: Andrey Skvortsov <andrej.skvortzov@xxxxxxxxx>
Fixes: 684826f8271a ("zram: free secondary algorithms names")
Cc: <stable@xxxxxxxxxxxxxxx>
---

Changes in v2:
   - removed comment from source code about freeing statically defined compression
   - removed part of KASAN report from commit description
   - added information about CONFIG_ZRAM_MULTI_COMP into commit description

Changes in v3:
   - modified commit description based on Sergey's comment
   - changed start for-loop to ZRAM_PRIMARY_COMP


   drivers/block/zram/zram_drv.c | 6 ++++--
   1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c
index c3d245617083d..ad9c9bc3ccfc5 100644
--- a/drivers/block/zram/zram_drv.c
+++ b/drivers/block/zram/zram_drv.c
@@ -2115,8 +2115,10 @@ static void zram_destroy_comps(struct zram *zram)
   		zram->num_active_comps--;
   	}
-	for (prio = ZRAM_SECONDARY_COMP; prio < ZRAM_MAX_COMPS; prio++) {
-		kfree(zram->comp_algs[prio]);
+	for (prio = ZRAM_PRIMARY_COMP; prio < ZRAM_MAX_COMPS; prio++) {
+		/* Do not free statically defined compression algorithms */
+		if (zram->comp_algs[prio] != default_compressor)
+			kfree(zram->comp_algs[prio]);

Hi,

maybe kfree_const() to be more future proof and less verbose?

kfree_const() will not work if zram is built as a module. It works
only for .rodata for kernel image. [1]

1. https://elixir.bootlin.com/linux/v6.11/source/include/asm-generic/sections.h#L177


If so, then it is likely that it is not correctly used elsewhere.

https://elixir.bootlin.com/linux/v6.11/source/drivers/dax/kmem.c#L289
https://elixir.bootlin.com/linux/v6.11/source/drivers/firmware/arm_scmi/bus.c#L341
https://elixir.bootlin.com/linux/v6.11/source/drivers/input/touchscreen/chipone_icn8505.c#L379
https://elixir.bootlin.com/linux/v6.11/source/drivers/remoteproc/qcom_common.c#L262
...

all seem to be build-able as modules.

I'll try to give it a look in the coming days.

CJ




[Index of Archives]     [Linux RAID]     [Linux SCSI]     [Linux ATA RAID]     [IDE]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Device Mapper]

  Powered by Linux