git.baikalelectronics.ru Git - kernel.git/commit

author	Walter Wu <walter-zh.wu@mediatek.com>
	Mon, 23 Sep 2019 22:34:13 +0000 (15:34 -0700)
committer	Linus Torvalds <torvalds@linux-foundation.org>
	Tue, 24 Sep 2019 22:54:07 +0000 (15:54 -0700)
commit	9b92329f68cb792fc10afb1617d0233b57b203c4
tree	2963246f28ec918cfa7b5d75742eda07cf8deb62	tree \| snapshot
parent	7be3ca6b8b501b4f80b4a6433d93e4e7af89c500	commit \| diff

kasan: add memory corruption identification for software tag-based mode

Add memory corruption identification at bug report for software tag-based
mode. The report shows whether it is "use-after-free" or "out-of-bound"
error instead of "invalid-access" error. This will make it easier for
programmers to see the memory corruption problem.

We extend the slab to store five old free pointer tag and free backtrace,
we can check if the tagged address is in the slab record and make a good
guess if the object is more like "use-after-free" or "out-of-bound".
therefore every slab memory corruption can be identified whether it's
"use-after-free" or "out-of-bound".

[aryabinin@virtuozzo.com: simplify & clenup code]
Link: https://lkml.kernel.org/r/3318f9d7-a760-3cc8-b700-f06108ae745f@virtuozzo.com]
Link: http://lkml.kernel.org/r/20190821180332.11450-1-aryabinin@virtuozzo.com
Signed-off-by: Walter Wu <walter-zh.wu@mediatek.com>
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Acked-by: Andrey Konovalov <andreyknvl@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Alexander Potapenko <glider@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

lib/Kconfig.kasan		diff \| blob \| history
mm/kasan/common.c		diff \| blob \| history
mm/kasan/kasan.h		diff \| blob \| history
mm/kasan/report.c		diff \| blob \| history
mm/kasan/tags_report.c		diff \| blob \| history