| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 17 Dec 2010 11:35:16 +0100
From: Eric Dumazet <eric.dumazet@...il.com>
To: Lothar Waßmann <LW@...O-electronics.de>
Cc: netdev@...r.kernel.org
Subject: Re: [BUG] 2.6.37-rc5 Memory leak in net/ipv4/udp.c
Le vendredi 17 décembre 2010 à 11:18 +0100, Lothar Waßmann a écrit :
> Hi,
>
> the kernel memory leak detector spews the message:
> |kmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
> cat /sys/kernel/debug/kmemleak
> |unreferenced object 0xc7a1c000 (size 5120):
> | comm "swapper", pid 1, jiffies 4294937513 (age 2320.120s)
> | hex dump (first 32 bytes):
> | aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa ................
> | aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa ................
> | backtrace:
> | [<c00112b8>] alloc_large_system_hash+0x188/0x224
> | [<c001be14>] udp_table_init+0x44/0x180
> | [<c001bf64>] udp_init+0x14/0x78
> | [<c001c620>] inet_init+0x138/0x240
> | [<c0030368>] do_one_initcall+0x58/0x1a8
> | [<c00083c8>] kernel_init+0x98/0x14c
> | [<c0037714>] kernel_thread_exit+0x0/0x8
> | [<ffffffff>] 0xffffffff
> |unreferenced object 0xc7a26000 (size 5120):
> | comm "swapper", pid 1, jiffies 4294937513 (age 2320.130s)
> | hex dump (first 32 bytes):
> | aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa ................
> | aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa ................
> | backtrace:
> | [<c00112b8>] alloc_large_system_hash+0x188/0x224
> | [<c001be14>] udp_table_init+0x44/0x180
> | [<c001bff0>] udplite4_register+0x10/0x94
> | [<c001c624>] inet_init+0x13c/0x240
> | [<c0030368>] do_one_initcall+0x58/0x1a8
> | [<c00083c8>] kernel_init+0x98/0x14c
> | [<c0037714>] kernel_thread_exit+0x0/0x8
> | [<ffffffff>] 0xffffffff
>
> The offending code in net/ipv4/udp.c is:
> |void __init udp_table_init(struct udp_table *table, const char *name)
> |{
> | unsigned int i;
> |
> | if (!CONFIG_BASE_SMALL)
> | table->hash = alloc_large_system_hash(name,
> | 2 * sizeof(struct udp_hslot),
> | uhash_entries,
> | 21, /* one slot per 2 MB */
> | 0,
> | &table->log,
> | &table->mask,
> | 64 * 1024);
> | /*
> | * Make sure hash table has the minimum size
> | */
> | if (CONFIG_BASE_SMALL || table->mask < UDP_HTABLE_SIZE_MIN - 1) {
> | table->hash = kmalloc(UDP_HTABLE_SIZE_MIN *
> | 2 * sizeof(struct udp_hslot), GFP_KERNEL);
> In case of !CONFIG_BASE_SMALL and 'table->mask < UDP_HTABLE_SIZE_MIN - 1)'
> the memory allocated in the previous if clause becomes inacessible!
>
> Shouldn't this be:
> | if (!CONFIG_BASE_SMALL && table->mask >= UDP_HTABLE_SIZE_MIN - 1) {
> | table->hash = alloc_large_system_hash(name,
> | 2 * sizeof(struct udp_hslot),
> | uhash_entries,
> | 21, /* one slot per 2 MB */
> | 0,
> | &table->log,
> | &table->mask,
> | 64 * 1024);
> | } else {
> | table->hash = kmalloc(UDP_HTABLE_SIZE_MIN *
> | 2 * sizeof(struct udp_hslot), GFP_KERNEL);
> [...]
>
>
>
> Lothar Waßmann
Nothing we can do about it, there is no API to reverse the
alloc_large_system_hash() effect. We could call kmemleak api to at least
avoid this false alarm.
We really want a minimum size for the UDP hash table, because our algos
depend on this.
Why on your config alloc_large_system_hash() is allocating 5120 bytes, I
dont know :(
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists