On 12/5/19 5:04 PM, Daniel Axtens wrote:
> syzkaller and the fault injector showed that I was wrong to assume
> that we could ignore percpu shadow allocation failures.
>
> Handle failures properly. Merge all the allocated areas back into the free
> list and release the shadow, then clean up and return NULL. The shadow
> is released unconditionally, which relies upon the fact that the release
> function is able to tolerate pages not being present.
>
> Also clean up shadows in the recovery path - currently they are not
> released, which leaks a bit of memory.
>
> Fixes: 3c5c3cfb9ef4 ("kasan: support backing vmalloc space with real shadow memory")
> Reported-by: syzbot+82e323920b78d54aaed5@xxxxxxxxxxxxxxxxxxxxxxxxx
> Reported-by: syzbot+59b7daa4315e07a994f1@xxxxxxxxxxxxxxxxxxxxxxxxx
> Cc: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
> Cc: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>
> Signed-off-by: Daniel Axtens <dja@xxxxxxxxxx>
> ---
Reviewed-by: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>
