lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.64N.0609221117210.5858@attu2.cs.washington.edu>
Date:	Fri, 22 Sep 2006 11:20:22 -0700 (PDT)
From:	David Rientjes <rientjes@...washington.edu>
To:	Andrew Morton <akpm@...l.org>
cc:	KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>,
	kmannth@...ibm.com, linux-kernel@...r.kernel.org,
	clameter@...r.sgi.com
Subject: [PATCH] do not free non slab allocated per_cpu_pageset

On Thu, 21 Sep 2006, David Rientjes wrote:

> The _only_ time zone_pcp is slab allocated is through process_zones().  So 
> if we have an error on kmalloc_node for that zone_pcp, all previous 
> allocations are freed and process_zones() fails for that cpu.
> 
> We are guaranteed that the process_zones() for cpu 0 succeeds, otherwise 
> the pageset notifier isn't registered.  On CPU_UP_PREPARE for cpu 4 in 
> this case, process_zones() fails because we couldn't kmalloc the 
> per_cpu_pageset and we return NOTIFY_BAD.  This prints the failed message 
> in the report and then CPU_UP_CANCELED is sent back to the notifier which 
> attempts to kfree the zone that was never kmalloc'd.
> 
> The fix will work except for the case that zone_pcp is never set to NULL 
> as it should be.
> 

As reported by Keith, the following 2.6.18 patch stops the panic 
associated with attempting to free a non slab-allocated per_cpu_pageset.

Signed-off-by: David Rientjes <rientjes@...washington.edu>
---
 mm/page_alloc.c |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/mm/page_alloc.c b/mm/page_alloc.c
index 54a4f53..e16173f 100644
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c
@@ -1845,8 +1845,10 @@ static inline void free_zone_pagesets(in
 	for_each_zone(zone) {
 		struct per_cpu_pageset *pset = zone_pcp(zone, cpu);
 
+		/* Free per_cpu_pageset if it is slab allocated */
+		if (pset != &boot_pageset[cpu])
+			kfree(pset);
 		zone_pcp(zone, cpu) = NULL;
-		kfree(pset);
 	}
 }
 
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ