From 0d251a2655fb26b1b813047a5226a7a9c5902e93 Mon Sep 17 00:00:00 2001 From: Wang Han <416810799@qq.com> Date: Sun, 16 Nov 2025 15:17:55 +0800 Subject: [PATCH] kernel: Replace kmalloc() usages with kzalloc() (#2939) This ensures we won't use uninitialized pointers for task work. --- kernel/allowlist.c | 4 ++-- kernel/apk_sign.c | 2 +- kernel/kernel_umount.c | 2 +- kernel/manual_su.c | 4 ++-- kernel/selinux/sepolicy.c | 4 ++-- kernel/sulog.c | 2 +- kernel/throne_tracker.c | 7 ++++--- 7 files changed, 13 insertions(+), 12 deletions(-) diff --git a/kernel/allowlist.c b/kernel/allowlist.c index 446e143b..4c2e7e24 100644 --- a/kernel/allowlist.c +++ b/kernel/allowlist.c @@ -52,7 +52,7 @@ static void remove_uid_from_arr(uid_t uid) if (allow_list_pointer == 0) return; - temp_arr = kmalloc(sizeof(allow_list_arr), GFP_KERNEL); + temp_arr = kzalloc(sizeof(allow_list_arr), GFP_KERNEL); if (temp_arr == NULL) { pr_err("%s: unable to allocate memory\n", __func__); return; @@ -205,7 +205,7 @@ bool ksu_set_app_profile(struct app_profile *profile, bool persist) } // not found, alloc a new node! - p = (struct perm_data *)kmalloc(sizeof(struct perm_data), GFP_KERNEL); + p = (struct perm_data *)kzalloc(sizeof(struct perm_data), GFP_KERNEL); if (!p) { pr_err("ksu_set_app_profile alloc failed\n"); return false; diff --git a/kernel/apk_sign.c b/kernel/apk_sign.c index 5e4f4212..bc371263 100644 --- a/kernel/apk_sign.c +++ b/kernel/apk_sign.c @@ -43,7 +43,7 @@ static struct sdesc *init_sdesc(struct crypto_shash *alg) int size; size = sizeof(struct shash_desc) + crypto_shash_descsize(alg); - sdesc = kmalloc(size, GFP_KERNEL); + sdesc = kzalloc(size, GFP_KERNEL); if (!sdesc) return ERR_PTR(-ENOMEM); sdesc->shash.tfm = alg; diff --git a/kernel/kernel_umount.c b/kernel/kernel_umount.c index 547e900e..7bcac827 100644 --- a/kernel/kernel_umount.c +++ b/kernel/kernel_umount.c @@ -238,7 +238,7 @@ int ksu_handle_umount(uid_t old_uid, uid_t new_uid) // umount the target mnt pr_info("handle umount for uid: %d, pid: %d\n", new_uid, current->pid); - tw = kmalloc(sizeof(*tw), GFP_ATOMIC); + tw = kzalloc(sizeof(*tw), GFP_ATOMIC); if (!tw) return 0; diff --git a/kernel/manual_su.c b/kernel/manual_su.c index f3c327ba..f1cbee6f 100644 --- a/kernel/manual_su.c +++ b/kernel/manual_su.c @@ -50,7 +50,7 @@ static char* get_token_from_envp(void) return NULL; } - env_copy = kmalloc(env_len + 1, GFP_KERNEL); + env_copy = kzalloc(env_len + 1, GFP_KERNEL); if (!env_copy) { up_read(&mm->mmap_lock); return NULL; @@ -73,7 +73,7 @@ static char* get_token_from_envp(void) char *token_end = strchr(token_start, '\0'); if (token_end && (token_end - token_start) == KSU_TOKEN_LENGTH) { - token = kmalloc(KSU_TOKEN_LENGTH + 1, GFP_KERNEL); + token = kzalloc(KSU_TOKEN_LENGTH + 1, GFP_KERNEL); if (token) { memcpy(token, token_start, KSU_TOKEN_LENGTH); token[KSU_TOKEN_LENGTH] = '\0'; diff --git a/kernel/selinux/sepolicy.c b/kernel/selinux/sepolicy.c index 587413a1..2dd0d321 100644 --- a/kernel/selinux/sepolicy.c +++ b/kernel/selinux/sepolicy.c @@ -354,7 +354,7 @@ static void add_xperm_rule_raw(struct policydb *db, struct type_datum *src, if (datum->u.xperms == NULL) { datum->u.xperms = - (struct avtab_extended_perms *)(kmalloc( + (struct avtab_extended_perms *)(kzalloc( sizeof(xperms), GFP_KERNEL)); if (!datum->u.xperms) { pr_err("alloc xperms failed\n"); @@ -554,7 +554,7 @@ static bool add_filename_trans(struct policydb *db, const char *s, trans = (struct filename_trans_datum *)kcalloc(1 ,sizeof(*trans), GFP_ATOMIC); struct filename_trans_key *new_key = - (struct filename_trans_key *)kmalloc(sizeof(*new_key), + (struct filename_trans_key *)kzalloc(sizeof(*new_key), GFP_ATOMIC); *new_key = key; new_key->name = kstrdup(key.name, GFP_ATOMIC); diff --git a/kernel/sulog.c b/kernel/sulog.c index ef2263fc..24bf8acb 100644 --- a/kernel/sulog.c +++ b/kernel/sulog.c @@ -180,7 +180,7 @@ static void sulog_add_entry(char *log_buf, size_t len, uid_t uid, u8 dedup_type) if (!dedup_should_print(uid, dedup_type, log_buf, len)) return; - entry = kmalloc(sizeof(*entry), GFP_ATOMIC); + entry = kzalloc(sizeof(*entry), GFP_ATOMIC); if (!entry) return; diff --git a/kernel/throne_tracker.c b/kernel/throne_tracker.c index 1d4244b4..27bd67e0 100644 --- a/kernel/throne_tracker.c +++ b/kernel/throne_tracker.c @@ -269,7 +269,7 @@ FILLDIR_RETURN_TYPE my_actor(struct dir_context *ctx, const char *name, if (d_type == DT_DIR && my_ctx->depth > 0 && (my_ctx->stop && !*my_ctx->stop)) { - struct data_path *data = kmalloc(sizeof(struct data_path), GFP_ATOMIC); + struct data_path *data = kzalloc(sizeof(struct data_path), GFP_ATOMIC); if (!data) { pr_err("Failed to allocate memory for %s\n", dirpath); @@ -305,7 +305,7 @@ FILLDIR_RETURN_TYPE my_actor(struct dir_context *ctx, const char *name, if (is_multi_manager && (signature_index == DYNAMIC_SIGN_INDEX || signature_index >= 2)) { crown_manager(dirpath, my_ctx->private_data, signature_index); - struct apk_path_hash *apk_data = kmalloc(sizeof(struct apk_path_hash), GFP_ATOMIC); + struct apk_path_hash *apk_data = kzalloc(sizeof(struct apk_path_hash), GFP_ATOMIC); if (apk_data) { apk_data->hash = hash; apk_data->exists = true; @@ -321,7 +321,8 @@ FILLDIR_RETURN_TYPE my_actor(struct dir_context *ctx, const char *name, kfree(pos); } } else { - struct apk_path_hash *apk_data = kmalloc(sizeof(struct apk_path_hash), GFP_ATOMIC); + struct apk_path_hash *apk_data = + kzalloc(sizeof(struct apk_path_hash), GFP_ATOMIC); if (apk_data) { apk_data->hash = hash; apk_data->exists = true;