On Thu, Apr 10, 2025 at 12:46:25PM +0200, Ahmad Fatoum wrote: > tlsf: fix KASAN poisoning of TLSF pool > > By poisoning all of the heap after the first malloc, new_pool_entry > becomes a pointer to poisoned memory, which causes a KASAN error right > away at startup. > > Move the kasan_poison_shadow call directly after tlsf_add_pool to > fix this. > > Cc: David Dgien <dgienda...@gmail.com> > Signed-off-by: Ahmad Fatoum <a.fat...@pengutronix.de> > --- > common/tlsf_malloc.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-)
Applied, thanks Sascha > > diff --git a/common/tlsf_malloc.c b/common/tlsf_malloc.c > index 4acf1c1c5071..6e9d48af26bb 100644 > --- a/common/tlsf_malloc.c > +++ b/common/tlsf_malloc.c > @@ -115,12 +115,12 @@ void *malloc_add_pool(void *mem, size_t bytes) > if (!new_pool) > return NULL; > > + kasan_poison_shadow(mem, bytes, KASAN_TAG_INVALID); > + > new_pool_entry = malloc(sizeof(*new_pool_entry)); > if (!new_pool_entry) > return NULL; > > - kasan_poison_shadow(mem, bytes, KASAN_TAG_INVALID); > - > new_pool_entry->pool = new_pool; > list_add(&new_pool_entry->list, &mem_pool_list); > > -- > 2.39.5 > > > -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
