lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 08 Jun 2008 13:39:11 +0200
From:	Thorsten Knabe <linux@...rsten-knabe.de>
To:	Jeff Dike <jdike@...toit.com>
CC:	Chris Wright <chrisw@...s-sol.org>, linux-kernel@...r.kernel.org
Subject: Re: [BUG] Linux 2.6.25.4 task_struct leak

Jeff Dike wrote:
> I misunderstood - I thought you were seeing a task_struct leak within
> UML rather than a leak on the host elicited by UML.
> 
>> As far as I understand the UML code in the kernel, an UML kernel uses
>> some unusual clone() flags when creating new processes, which are seldom
>> used by other applications and could be related to the bug.
> 
> Yes, it does.  I don't see the flags causing a leak, though.  What
> might be more likely (although I really have no idea) is ptrace.
> Possibly a reference is held when it should have been dropped.  This
> might also show up with strace or gdb.

Hello Jeff.

Your assumption about ptrace causing the task_struct leak seems to be
right. I bisected the problem down to a few commits using the repository
at git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.git.

Commit b7b71725fb9584454bfe5f231223bd63421798fb is the last known commit
that does not leak task_structs, whereas commit
a97f52e67890fda6b373c1c1895ff1c1c69b36c8 is leaking task_structs.
Revisions in between do not even compile.
Also I had to apply the changes from commit
f9cb02b0be4de3c51edfdd701754e13d9a2d20d6 to most of the kernels I have
tested, otherwise the UML process would crash on startup.

HTH
Thorsten

-- 
___
 |        | /                 E-Mail: linux@...rsten-knabe.de
 |horsten |/\nabe                WWW: http://linux.thorsten-knabe.de
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ