diff options
| author | Pekka Enberg <penberg@cs.helsinki.fi> | 2010-04-07 12:23:40 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2010-04-09 13:09:50 -0400 |
| commit | fc1c183353a113c71675fecd0485e5aa0fe68d72 (patch) | |
| tree | 25fc50112c80402ab43bd86a3d6b6a99a0c3c128 /mm | |
| parent | 4dc86ae1f925b2121d4e75058675895f83e54c71 (diff) | |
slab: Generify kernel pointer validation
As suggested by Linus, introduce a kern_ptr_validate() helper that does some
sanity checks to make sure a pointer is a valid kernel pointer. This is a
preparational step for fixing SLUB kmem_ptr_validate().
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Christoph Lameter <cl@linux-foundation.org>
Cc: David Rientjes <rientjes@google.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Matt Mackall <mpm@selenic.com>
Cc: Nick Piggin <npiggin@suse.de>
Signed-off-by: Pekka Enberg <penberg@cs.helsinki.fi>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'mm')
| -rw-r--r-- | mm/slab.c | 13 | ||||
| -rw-r--r-- | mm/util.c | 21 |
2 files changed, 22 insertions, 12 deletions
| @@ -3602,21 +3602,10 @@ EXPORT_SYMBOL(kmem_cache_alloc_notrace); | |||
| 3602 | */ | 3602 | */ |
| 3603 | int kmem_ptr_validate(struct kmem_cache *cachep, const void *ptr) | 3603 | int kmem_ptr_validate(struct kmem_cache *cachep, const void *ptr) |
| 3604 | { | 3604 | { |
| 3605 | unsigned long addr = (unsigned long)ptr; | ||
| 3606 | unsigned long min_addr = PAGE_OFFSET; | ||
| 3607 | unsigned long align_mask = BYTES_PER_WORD - 1; | ||
| 3608 | unsigned long size = cachep->buffer_size; | 3605 | unsigned long size = cachep->buffer_size; |
| 3609 | struct page *page; | 3606 | struct page *page; |
| 3610 | 3607 | ||
| 3611 | if (unlikely(addr < min_addr)) | 3608 | if (unlikely(!kern_ptr_validate(ptr, size))) |
| 3612 | goto out; | ||
| 3613 | if (unlikely(addr > (unsigned long)high_memory - size)) | ||
| 3614 | goto out; | ||
| 3615 | if (unlikely(addr & align_mask)) | ||
| 3616 | goto out; | ||
| 3617 | if (unlikely(!kern_addr_valid(addr))) | ||
| 3618 | goto out; | ||
| 3619 | if (unlikely(!kern_addr_valid(addr + size - 1))) | ||
| 3620 | goto out; | 3609 | goto out; |
| 3621 | page = virt_to_page(ptr); | 3610 | page = virt_to_page(ptr); |
| 3622 | if (unlikely(!PageSlab(page))) | 3611 | if (unlikely(!PageSlab(page))) |
| @@ -186,6 +186,27 @@ void kzfree(const void *p) | |||
| 186 | } | 186 | } |
| 187 | EXPORT_SYMBOL(kzfree); | 187 | EXPORT_SYMBOL(kzfree); |
| 188 | 188 | ||
| 189 | int kern_ptr_validate(const void *ptr, unsigned long size) | ||
| 190 | { | ||
| 191 | unsigned long addr = (unsigned long)ptr; | ||
| 192 | unsigned long min_addr = PAGE_OFFSET; | ||
| 193 | unsigned long align_mask = sizeof(void *) - 1; | ||
| 194 | |||
| 195 | if (unlikely(addr < min_addr)) | ||
| 196 | goto out; | ||
| 197 | if (unlikely(addr > (unsigned long)high_memory - size)) | ||
| 198 | goto out; | ||
| 199 | if (unlikely(addr & align_mask)) | ||
| 200 | goto out; | ||
| 201 | if (unlikely(!kern_addr_valid(addr))) | ||
| 202 | goto out; | ||
| 203 | if (unlikely(!kern_addr_valid(addr + size - 1))) | ||
| 204 | goto out; | ||
| 205 | return 1; | ||
| 206 | out: | ||
| 207 | return 0; | ||
| 208 | } | ||
| 209 | |||
| 189 | /* | 210 | /* |
| 190 | * strndup_user - duplicate an existing string from user space | 211 | * strndup_user - duplicate an existing string from user space |
| 191 | * @s: The string to duplicate | 212 | * @s: The string to duplicate |