lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 09 Feb 2009 12:18:18 +0000
From:	Catalin Marinas <catalin.marinas@....com>
To:	linux-kernel <linux-kernel@...r.kernel.org>
Cc:	Andrew Morton <akpm@...ux-foundation.org>
Subject: mm_alloc()'ed structure leak

Hi,

I've noticed on recent kernels (currently 2.6.29-rc3) a memory leak
reported by kmemleak for an mm_struct allocated in mm_alloc(). If that's
a valid leak, it is a pretty serious one.

Basically bash forks and executes a command like "host kernel.org" which
finishes normally but the corresponding mm_struct isn't freed (I get
this consistently every time I run the above command):

unreferenced object 0xcfed4070 (size 368):
  comm "bash", pid 1674, jiffies 421592
  backtrace:
    [<c0082bd4>] kmemleak_alloc+0x140/0x2b0
    [<c007ff2c>] kmem_cache_alloc+0xd0/0x100
    [<c0036980>] mm_alloc+0x14/0x44
    [<c008a99c>] bprm_mm_init+0xc/0x13c
    [<c008ab70>] do_execve+0xa4/0x218
    [<c002718c>] sys_execve+0x34/0x54
    [<c0023e80>] ret_fast_syscall+0x0/0x28

I can't figure out why this structure isn't freed, so any help is
welcomed before I start bisecting. The platform is an ARM one but the
code in question is probably generic.

Thanks.

-- 
Catalin

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ