1. 09 Jan, 2018 2 commits
    • Laura Abbott's avatar
      staging: android: ion: Switch from WARN to pr_warn · e4e179a8
      Laura Abbott authored
      Syzbot reported a warning with Ion:
      
      WARNING: CPU: 0 PID: 3502 at drivers/staging/android/ion/ion-ioctl.c:73 ion_ioctl+0x2db/0x380 drivers/staging/android/ion/ion-ioctl.c:73
      Kernel panic - not syncing: panic_on_warn set ...
      
      This is a warning that validation of the ioctl fields failed. This was
      deliberately added as a warning to make it very obvious to developers that
      something needed to be fixed. In reality, this is overkill and disturbs
      fuzzing. Switch to pr_warn for a message instead.
      
      Reported-by: syzbot+fa2d5f63ee5904a0115a@syzkaller.appspotmail.com
      Reported-by: default avatarsyzbot <syzkaller@googlegroups.com>
      Signed-off-by: default avatarLaura Abbott <labbott@redhat.com>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      e4e179a8
    • Laura Abbott's avatar
      staging: android: ion: Add __GFP_NOWARN for system contig heap · 0c75f103
      Laura Abbott authored
      syzbot reported a warning from Ion:
      
        WARNING: CPU: 1 PID: 3485 at mm/page_alloc.c:3926
      
        ...
         __alloc_pages_nodemask+0x9fb/0xd80 mm/page_alloc.c:4252
        alloc_pages_current+0xb6/0x1e0 mm/mempolicy.c:2036
        alloc_pages include/linux/gfp.h:492 [inline]
        ion_system_contig_heap_allocate+0x40/0x2c0
        drivers/staging/android/ion/ion_system_heap.c:374
        ion_buffer_create drivers/staging/android/ion/ion.c:93 [inline]
        ion_alloc+0x2c1/0x9e0 drivers/staging/android/ion/ion.c:420
        ion_ioctl+0x26d/0x380 drivers/staging/android/ion/ion-ioctl.c:84
        vfs_ioctl fs/ioctl.c:46 [inline]
        do_vfs_ioctl+0x1b1/0x1520 fs/ioctl.c:686
        SYSC_ioctl fs/ioctl.c:701 [inline]
        SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692
      
      This is a warning about attempting to allocate order > MAX_ORDER. This
      is coming from a userspace Ion allocation request. Since userspace is
      free to request however much memory it wants (and the kernel is free to
      deny its allocation), silence the allocation attempt with __GFP_NOWARN
      in case it fails.
      
      Reported-by: syzbot+76e7efc4748495855a4d@syzkaller.appspotmail.com
      Reported-by: default avatarsyzbot <syzkaller@googlegroups.com>
      Signed-off-by: default avatarLaura Abbott <labbott@redhat.com>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      0c75f103
  2. 08 Jan, 2018 38 commits