| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 31 Mar 2016 15:15:34 -0700 From: Andrew Morton <akpm@...ux-foundation.org> To: Jiri Slaby <jslaby@...e.cz> Cc: linux-kernel@...r.kernel.org Subject: Re: [PATCH v2 4/4] fork: free thread in copy_process on failure On Thu, 31 Mar 2016 09:55:55 +0200 Jiri Slaby <jslaby@...e.cz> wrote: > When using this program (as root): > > ... > > ret = ioperm(10, 20, 0); ah-hah. > if (ret < 0) > err(1, "ioperm"); > > for (a = 0; a < ITER; a++) > run_forkers(); > > return 0; > } > > kmemleak reports many occurences of this leak: > unreferenced object 0xffff8805917c8000 (size 8192): > comm "fork-leak", pid 2932, jiffies 4295354292 (age 1871.028s) > hex dump (first 32 bytes): > ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ > ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ > backtrace: > [<ffffffff814cfbf5>] kmemdup+0x25/0x50 > [<ffffffff8103ab43>] copy_thread_tls+0x6c3/0x9a0 > [<ffffffff81150174>] copy_process+0x1a84/0x5790 > [<ffffffff811dc375>] wake_up_new_task+0x2d5/0x6f0 > [<ffffffff8115411d>] _do_fork+0x12d/0x820 > ... The missing info here is "due to the leakage of the memory which should have been freed in arch/x86/kernel/process.c:exit_thread().
Powered by blists - more mailing lists