summaryrefslogtreecommitdiffstats
path: root/mm/z3fold.c
diff options
context:
space:
mode:
authorMiaohe Lin <linmiaohe@huawei.com>2021-07-01 03:50:27 +0200
committerLinus Torvalds <torvalds@linux-foundation.org>2021-07-01 05:47:28 +0200
commit014284a0815f6b9a6e10c8d575d37a5357ce033d (patch)
tree7c6bcfdf892c9c32c5db5f19f141e6d87d305804 /mm/z3fold.c
parentmm/z3fold: define macro NCHUNKS as TOTAL_CHUNKS - ZHDR_CHUNKS (diff)
downloadlinux-014284a0815f6b9a6e10c8d575d37a5357ce033d.tar.xz
linux-014284a0815f6b9a6e10c8d575d37a5357ce033d.zip
mm/z3fold: avoid possible underflow in z3fold_alloc()
It is not enough to just make sure the z3fold header is not larger than the page size. When z3fold header is equal to PAGE_SIZE, we would underflow when check alloc size against PAGE_SIZE - ZHDR_SIZE_ALIGNED - CHUNK_SIZE in z3fold_alloc(). Make sure there has remaining spaces for its buddy to fix this theoretical issue. Link: https://lkml.kernel.org/r/20210619093151.1492174-3-linmiaohe@huawei.com Signed-off-by: Miaohe Lin <linmiaohe@huawei.com> Reviewed-by: Vitaly Wool <vitaly.wool@konsulko.com> Cc: Hillf Danton <hdanton@sina.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'mm/z3fold.c')
-rw-r--r--mm/z3fold.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/mm/z3fold.c b/mm/z3fold.c
index 0d0b81637f84..64ddf864d5ee 100644
--- a/mm/z3fold.c
+++ b/mm/z3fold.c
@@ -1803,8 +1803,11 @@ static int __init init_z3fold(void)
{
int ret;
- /* Make sure the z3fold header is not larger than the page size */
- BUILD_BUG_ON(ZHDR_SIZE_ALIGNED > PAGE_SIZE);
+ /*
+ * Make sure the z3fold header is not larger than the page size and
+ * there has remaining spaces for its buddy.
+ */
+ BUILD_BUG_ON(ZHDR_SIZE_ALIGNED > PAGE_SIZE - CHUNK_SIZE);
ret = z3fold_mount();
if (ret)
return ret;