Skip to content

Commit 4314ae6

Browse files
Waiman-LongWaiman-Long
committed
locking/lockdep: Add kasan_check_byte() check in lock_acquire()
JIRA: https://issues.redhat.com/browse/RHEL-81997 Upstream Status: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git commit de4b59d Author: Waiman Long <longman@redhat.com> Date: Fri, 7 Mar 2025 15:26:56 -0800 locking/lockdep: Add kasan_check_byte() check in lock_acquire() KASAN instrumentation of lockdep has been disabled, as we don't need KASAN to check the validity of lockdep internal data structures and incur unnecessary performance overhead. However, the lockdep_map pointer passed in externally may not be valid (e.g. use-after-free) and we run the risk of using garbage data resulting in false lockdep reports. Add kasan_check_byte() call in lock_acquire() for non kernel core data object to catch invalid lockdep_map and print out a KASAN report before any lockdep splat, if any. Suggested-by: Marco Elver <elver@google.com> Signed-off-by: Waiman Long <longman@redhat.com> Signed-off-by: Boqun Feng <boqun.feng@gmail.com> Signed-off-by: Ingo Molnar <mingo@kernel.org> Reviewed-by: Marco Elver <elver@google.com> Reviewed-by: Andrey Konovalov <andreyknvl@gmail.com> Link: https://lore.kernel.org/r/20250214195242.2480920-1-longman@redhat.com Link: https://lore.kernel.org/r/20250307232717.1759087-7-boqun.feng@gmail.com Signed-off-by: Waiman Long <longman@redhat.com>
1 parent f9b115b commit 4314ae6

File tree

1 file changed

+9
-0
lines changed

1 file changed

+9
-0
lines changed

kernel/locking/lockdep.c

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,7 @@
5757
#include <linux/lockdep.h>
5858
#include <linux/context_tracking.h>
5959
#include <linux/console.h>
60+
#include <linux/kasan.h>
6061

6162
#include <asm/sections.h>
6263

@@ -5738,6 +5739,14 @@ void lock_acquire(struct lockdep_map *lock, unsigned int subclass,
57385739
if (!debug_locks)
57395740
return;
57405741

5742+
/*
5743+
* As KASAN instrumentation is disabled and lock_acquire() is usually
5744+
* the first lockdep call when a task tries to acquire a lock, add
5745+
* kasan_check_byte() here to check for use-after-free and other
5746+
* memory errors.
5747+
*/
5748+
kasan_check_byte(lock);
5749+
57415750
if (unlikely(!lockdep_enabled())) {
57425751
/* XXX allow trylock from NMI ?!? */
57435752
if (lockdep_nmi() && !trylock) {

0 commit comments

Comments
 (0)