From 4ab7ace465466d25c12cee9854e7140077e208cb Mon Sep 17 00:00:00 2001
From: Alexander Potapenko <glider@google.com>
Date: Tue, 16 Jul 2019 16:27:42 -0700
Subject: [PATCH] lib/test_meminit.c: minor test fixes
Fix the following issues in test_meminit.c:
- |size| in fill_with_garbage_skip() should be signed so that it
doesn't overflow if it's not aligned on sizeof(*p);
- fill_with_garbage_skip() should actually skip |skip| bytes;
- do_kmem_cache_size() should deallocate memory in the RCU case.
Link: http://lkml.kernel.org/r/20190626133135.217355-1-glider@google.com
Fixes: 7e659650cbda ("lib: introduce test_meminit module")
Fixes: 94e8988d91c7 ("lib/test_meminit.c: fix -Wmaybe-uninitialized false positive")
Signed-off-by: Alexander Potapenko <glider@google.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
---
lib/test_meminit.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/lib/test_meminit.c b/lib/test_meminit.c
index 7ae2183ff1f4b..62d19f270cad4 100644
--- a/lib/test_meminit.c
+++ b/lib/test_meminit.c
@@ -38,15 +38,14 @@ static int __init count_nonzero_bytes(void *ptr, size_t size)
}
/* Fill a buffer with garbage, skipping |skip| first bytes. */
-static void __init fill_with_garbage_skip(void *ptr, size_t size, size_t skip)
+static void __init fill_with_garbage_skip(void *ptr, int size, size_t skip)
{
- unsigned int *p = (unsigned int *)ptr;
+ unsigned int *p = (unsigned int *)((char *)ptr + skip);
int i = 0;
- if (skip) {
- WARN_ON(skip > size);
- p += skip;
- }
+ WARN_ON(skip > size);
+ size -= skip;
+
while (size >= sizeof(*p)) {
p[i] = GARBAGE_INT;
i++;
@@ -227,6 +226,7 @@ static int __init do_kmem_cache_size(size_t size, bool want_ctor,
if (buf_copy)
memcpy(buf_copy, buf, size);
+ kmem_cache_free(c, buf);
/*
* Check that |buf| is intact after kmem_cache_free().
* |want_zero| is false, because we wrote garbage to
--
GitLab