Re: [PATCH -next] hugetlb_cgroup: fix illegal access to memory

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, Mar 13, 2020 at 03:39:20PM -0700, Mina Almasry wrote:
> This appears to be a mistake in commit faced7e0806cf ("mm: hugetlb
> controller for cgroups v2"). Essentially that commit does
> a hugetlb_cgroup_from_counter assuming that page_counter_try_charge has
> initialized counter, but if page_counter_try_charge has failed then it
> seems it does not initialize counter, so
> hugetlb_cgroup_from_counter(counter) ends up pointing to random memory,
> causing kasan to complain.
> 
> Solution, simply use h_cg, instead of
> hugetlb_cgroup_from_counter(counter), since that is a reference to the
> hugetlb_cgroup anyway. After this change kasan ceases to complain.
> 
> Signed-off-by: Mina Almasry <almasrymina@xxxxxxxxxx>
> Reported-by: syzbot+cac0c4e204952cf449b1@xxxxxxxxxxxxxxxxxxxxxxxxx
> Fixes: commit faced7e0806cf ("mm: hugetlb controller for cgroups v2")
> Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> Cc: linux-mm@xxxxxxxxx
> Cc: linux-kernel@xxxxxxxxxxxxxxx
> Cc: Giuseppe Scrivano <gscrivan@xxxxxxxxxx>
> Cc: Tejun Heo <tj@xxxxxxxxxx>
> Cc: mike.kravetz@xxxxxxxxxx
> Cc: rientjes@xxxxxxxxxx

Acked-by: Tejun Heo <tj@xxxxxxxxxx>

Thanks.

-- 
tejun
[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux