The patch titled
Subject: mm/slab.c: fix SLAB freelist randomization duplicate entries
has been added to the -mm tree. Its filename is
fix-slab-freelist-randomization-duplicate-entries.patch
This patch should soon appear at
http://ozlabs.org/~akpm/mmots/broken-out/fix-slab-freelist-randomization-duplicate-entries.patch
and later at
http://ozlabs.org/~akpm/mmotm/broken-out/fix-slab-freelist-randomization-duplicate-entries.patch
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/SubmitChecklist when testing your code ***
The -mm tree is included into linux-next and is updated
there every 3-4 working days
------------------------------------------------------
From: John Sperbeck <jsperbeck@xxxxxxxxxx>
Subject: mm/slab.c: fix SLAB freelist randomization duplicate entries
This patch fixes a bug in the freelist randomization code. When a high
random number is used, the freelist will contain duplicate entries. It
will result in different allocations sharing the same chunk.
Fixes: c7ce4f60ac19 ("mm: SLAB freelist randomization")
Link: http://lkml.kernel.org/r/20170103181908.143178-1-thgarnie@xxxxxxxxxx
Signed-off-by: John Sperbeck <jsperbeck@xxxxxxxxxx>
Signed-off-by: Thomas Garnier <thgarnie@xxxxxxxxxx>
Cc: Christoph Lameter <cl@xxxxxxxxx>
Cc: Pekka Enberg <penberg@xxxxxxxxxx>
Cc: David Rientjes <rientjes@xxxxxxxxxx>
Cc: Joonsoo Kim <iamjoonsoo.kim@xxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
mm/slab.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff -puN mm/slab.c~fix-slab-freelist-randomization-duplicate-entries mm/slab.c
--- a/mm/slab.c~fix-slab-freelist-randomization-duplicate-entries
+++ a/mm/slab.c
@@ -2457,7 +2457,6 @@ union freelist_init_state {
unsigned int pos;
unsigned int *list;
unsigned int count;
- unsigned int rand;
};
struct rnd_state rnd_state;
};
@@ -2483,8 +2482,7 @@ static bool freelist_state_initialize(un
} else {
state->list = cachep->random_seq;
state->count = count;
- state->pos = 0;
- state->rand = rand;
+ state->pos = rand % count;
ret = true;
}
return ret;
@@ -2493,7 +2491,9 @@ static bool freelist_state_initialize(un
/* Get the next entry on the list and randomize it using a random shift */
static freelist_idx_t next_random_slot(union freelist_init_state *state)
{
- return (state->list[state->pos++] + state->rand) % state->count;
+ if (state->pos >= state->count)
+ state->pos = 0;
+ return state->list[state->pos++];
}
/* Swap two freelist entries */
_
Patches currently in -mm which might be from jsperbeck@xxxxxxxxxx are
fix-slab-freelist-randomization-duplicate-entries.patch
--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
