• Nick Piggin's avatar
    SLQB: fix allocation size checking · fd8e43fd
    Nick Piggin authored
    SLQB would return ZERO_SIZE_PTR rather than NULL if the requested size is too
    large. Debugged by Heiko Carstens. Fix this by checking size edge cases up
    front rather than in the slab index calculation.
    
    Additionally, if the size parameter was non-constant and too large, then
    the checks may not have been performed at all which could cause corruption.
    
    Next, ARCH_KMALLOC_MINALIGN may not be obeyed if size is non-constant. So
    test for KMALLOC_MIN_SIZE in that case.
    
    Finally, if KMALLOC_SHIFT_SLQB_HIGH is larger than 2MB, then kmalloc_index
    could silently run off the end of its precomputed table and return a -1
    index into the kmalloc slab array, which could result in corruption. Extend
    this to allow up to 32MB (to match SLAB), and add a compile-time error in
    the case that the table is exceeded (also like SLAB).
    Tested-by: default avatarHeiko Carstens <heiko.carstens@de.ibm.com>
    Signed-off-by: default avatarNick Piggin <npiggin@suse.de>
    Signed-off-by: default avatarPekka Enberg <penberg@cs.helsinki.fi>
    fd8e43fd
slqb.c 83.6 KB