From: Tao Zeng <tao.zeng@amlogic.com>
Date: Wed, 28 Aug 2019 07:25:40 +0000 (+0800)
Subject: mm: fix wrong kasan report [1/1]
X-Git-Tag: accepted/tizen/unified/20210204.134610~27
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=6d76f09e685b1f6e29f668ea1a64d1f441cba4d2;p=platform%2Fkernel%2Flinux-amlogic.git

mm: fix wrong kasan report [1/1]

PD#SWPL-13281

Problem:
There are 2 types of wrong kasan report after merge change of
save wasted slab.
1, slab-out-of-bounds, which is caused by krealloc set shadow
   memory out-of-range, since tail of page was freed.
2, use-after-free, which is caused by kasan_free_pages called
   after a page freed. Because this function already called in
   free_page, so it marked shadow memory twice.

Solution:
1, make shadow do not out of range if a tail page was freed and
   been realloc again.
2, remove call of kasan_free_pages.

Verify:
X301

Signed-off-by: Tao Zeng <tao.zeng@amlogic.com>

[sw0312.kim: fully apply amlogic vendor commit becb83999e19 missed from merge]
Ref: https://github.com/hardkernel/linux/commit/becb83999e19d2055458f08a2b7a44bd1170853e
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>

Change-Id: I71daa41038e156a9bacf26e27fc51792d558f819
---

diff --git a/mm/slub.c b/mm/slub.c
index d1f5fd0..80f291c 100644
--- a/mm/slub.c
+++ b/mm/slub.c
@@ -3808,7 +3808,6 @@ static void aml_slub_free_large(struct page *page, const void *obj)
 			__func__, page_address(page), nr_pages, obj);
 		for (i = 0; i < nr_pages; i++)  {
 			__free_pages(page, 0);
-			kasan_free_pages(page, 0);
 			page++;
 		}
 	}