This is an automated email from the ASF dual-hosted git repository.
ligd pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/nuttx.git
The following commit(s) were added to refs/heads/master by this push:
new c158ed2c32 mm/heap: memory alignment before executing kasan_register
c158ed2c32 is described below
commit c158ed2c325a57a5952a5c307a3ac74f80ca2019
Author: yinshengkai <[email protected]>
AuthorDate: Fri Jun 28 13:34:21 2024 +0800
mm/heap: memory alignment before executing kasan_register
The unaligned address is used in kasan_register, but the aligned address is
used in kasan_unregister.
The mismatch between the addr value and mm_heapstart will result in a crash
due to the inability to unregister correctly.
Signed-off-by: yinshengkai <[email protected]>
---
mm/mm_heap/mm_initialize.c | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/mm/mm_heap/mm_initialize.c b/mm/mm_heap/mm_initialize.c
index 6dd2f3dbf5..767cf38b49 100644
--- a/mm/mm_heap/mm_initialize.c
+++ b/mm/mm_heap/mm_initialize.c
@@ -141,10 +141,6 @@ void mm_addregion(FAR struct mm_heap_s *heap, FAR void
*heapstart,
memset(heapstart, MM_INIT_MAGIC, heapsize);
#endif
- /* Register to KASan for access check */
-
- kasan_register(heapstart, &heapsize);
-
/* Adjust the provided heap start and size.
*
* Note: (uintptr_t)node + MM_SIZEOF_ALLOCNODE is what's actually
@@ -154,7 +150,15 @@ void mm_addregion(FAR struct mm_heap_s *heap, FAR void
*heapstart,
heapbase = MM_ALIGN_UP((uintptr_t)heapstart + 2 * MM_SIZEOF_ALLOCNODE) -
2 * MM_SIZEOF_ALLOCNODE;
- heapend = MM_ALIGN_DOWN((uintptr_t)heapstart + (uintptr_t)heapsize);
+ heapsize = heapsize - (heapbase - (uintptr_t)heapstart);
+
+ /* Register KASan for access rights check. We need to register after
+ * address alignment.
+ */
+
+ kasan_register((void *)heapbase, &heapsize);
+
+ heapend = MM_ALIGN_DOWN((uintptr_t)heapbase + (uintptr_t)heapsize);
heapsize = heapend - heapbase;
#if defined(CONFIG_FS_PROCFS) && \
