flex_array: poison free elements
Newly initialized flex_array's and/or flex_array_part's are now poisoned with a new poison value, FLEX_ARRAY_FREE. It's value is similar to POISON_FREE used in the various slab allocators, but is different to distinguish between flex array's poisoned kmem and slab allocator poisoned kmem. This will allow us to identify flex_array_part's that only contain free elements (and free them with an addition to the flex_array API). This could also be extended in the future to identify `get' uses on elements that have not been `put'. If __GFP_ZERO is passed for a part's gfp mask, the poisoning is avoided. These elements are considered to be in-use since they have been initialized. Signed-off-by: David Rientjes <rientjes@google.com> Cc: Dave Hansen <dave@linux.vnet.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
David Rientjes
committed by
Linus Torvalds
Linus Torvalds
parent
e6de3988aa
commit
19da3dd157
@@ -65,6 +65,9 @@
|
||||
#define MUTEX_DEBUG_INIT 0x11
|
||||
#define MUTEX_DEBUG_FREE 0x22
|
||||
|
||||
/********** lib/flex_array.c **********/
|
||||
#define FLEX_ARRAY_FREE 0x6c /* for use-after-free poisoning */
|
||||
|
||||
/********** security/ **********/
|
||||
#define KEY_DESTROY 0xbd
|
||||
|
||||
|
||||
Reference in New Issue
Block a user