From 0e59ec369e96bb30cfc23a8ee936ffccd8976287 Mon Sep 17 00:00:00 2001 From: Vijayanand Jitta Date: Fri, 4 Mar 2022 19:49:08 +0530 Subject: [PATCH] ANDROID: mm/slub: Fix Kasan issue with get_each_kmemcache_object In get_each_kmemcache_object we go through meta data of the slab object in function(fn), and as a result false postive out-of-bound access is reported by kasan. Fix this by wrapping that function call with metadata_access_enable/disable. Bug: 222651868 Fixes: I8b920f6bd770 ("ANDROID: mm: Add helper function to iterate over slab objects") Change-Id: Ifb4241a9c3e397a52759d467aa267d1297e297dd Signed-off-by: Vijayanand Jitta Signed-off-by: Oreoluwa Babatunde --- mm/slub.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/mm/slub.c b/mm/slub.c index 2deae75891a2..e92597691449 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -940,7 +940,9 @@ unsigned long get_each_kmemcache_object(struct kmem_cache *s, spin_lock_irqsave(&n->list_lock, flags); list_for_each_entry(slab, &n->partial, slab_list) { for_each_object(p, s, slab_address(slab), slab->objects) { + metadata_access_enable(); ret = fn(s, p, private); + metadata_access_disable(); if (ret) { spin_unlock_irqrestore(&n->list_lock, flags); return ret; @@ -950,7 +952,9 @@ unsigned long get_each_kmemcache_object(struct kmem_cache *s, #ifdef CONFIG_SLUB_DEBUG list_for_each_entry(slab, &n->full, slab_list) { for_each_object(p, s, slab_address(slab), slab->objects) { + metadata_access_enable(); ret = fn(s, p, private); + metadata_access_disable(); if (ret) { spin_unlock_irqrestore(&n->list_lock, flags); return ret;