diff options
| author | Andrey Konovalov <andreyknvl@google.com> | 2023-12-19 22:19:51 +0100 |
|---|---|---|
| committer | Andrew Morton <akpm@linux-foundation.org> | 2023-12-29 11:58:41 -0800 |
| commit | a414d4286f3400aa05631c4931eb3feba83e29e8 (patch) | |
| tree | 44095dcb97d398bb82d6de0ad8a9f8f823599495 /.cocciconfig | |
| parent | a914d8d6cf204287aa2dfb9235d29d7944ad72a1 (diff) | |
kasan: handle concurrent kasan_record_aux_stack calls
kasan_record_aux_stack can be called concurrently on the same object.
This might lead to a race condition when rotating the saved aux stack
trace handles, which in turns leads to incorrect accounting of stack depot
handles and refcount underflows in the stack depot code.
Fix by introducing a raw spinlock to protect the aux stack trace handles
in kasan_record_aux_stack.
Link: https://lkml.kernel.org/r/1606b960e2f746862d1f459515972f9695bf448a.1703020707.git.andreyknvl@google.com
Fixes: 773688a6cb24 ("kasan: use stack_depot_put for Generic mode")
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Reported-by: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Reported-by: syzbot+186b55175d8360728234@syzkaller.appspotmail.com
Closes: https://lore.kernel.org/all/000000000000784b1c060b0074a2@google.com/
Reviewed-by: Marco Elver <elver@google.com>
Cc: Alexander Potapenko <glider@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Evgenii Stepanov <eugenis@google.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Diffstat (limited to '.cocciconfig')
0 files changed, 0 insertions, 0 deletions