[PATCH 1/2] mm: cma: fix the name of CMA areas

From: Barry Song
Date: Wed Jun 03 2020 - 04:42:14 EST


if users give a name saved in stack, the current code will generate magic
pointer.
if users don't give a name(NULL), kasprintf() will always return NULL as
we are at the early stage. that means cma_init_reserved_mem() will return
-ENOMEM if users set name parameter as NULL.

Cc: Roman Gushchin <guro@xxxxxx>
Signed-off-by: Barry Song <song.bao.hua@xxxxxxxxxxxxx>
---
mm/cma.c | 13 ++++++-------
mm/cma.h | 4 +++-
2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/mm/cma.c b/mm/cma.c
index 0463ad2ce06b..b24151fa2101 100644
--- a/mm/cma.c
+++ b/mm/cma.c
@@ -202,13 +202,12 @@ int __init cma_init_reserved_mem(phys_addr_t base, phys_addr_t size,
* subsystems (like slab allocator) are available.
*/
cma = &cma_areas[cma_area_count];
- if (name) {
- cma->name = name;
- } else {
- cma->name = kasprintf(GFP_KERNEL, "cma%d\n", cma_area_count);
- if (!cma->name)
- return -ENOMEM;
- }
+
+ if (name)
+ snprintf(cma->name, CMA_MAX_NAME, name);
+ else
+ snprintf(cma->name, CMA_MAX_NAME, "cma%d\n", cma_area_count);
+
cma->base_pfn = PFN_DOWN(base);
cma->count = size >> PAGE_SHIFT;
cma->order_per_bit = order_per_bit;
diff --git a/mm/cma.h b/mm/cma.h
index 33c0b517733c..27d3f0e9f68f 100644
--- a/mm/cma.h
+++ b/mm/cma.h
@@ -2,6 +2,8 @@
#ifndef __MM_CMA_H__
#define __MM_CMA_H__

+#define CMA_MAX_NAME 64
+
struct cma {
unsigned long base_pfn;
unsigned long count;
@@ -12,7 +14,7 @@ struct cma {
struct hlist_head mem_head;
spinlock_t mem_head_lock;
#endif
- const char *name;
+ char name[CMA_MAX_NAME];
};

extern struct cma cma_areas[MAX_CMA_AREAS];
--
2.23.0