lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Fri, 6 Mar 2009 07:54:58 -0600
From:	"Serge E. Hallyn" <serue@...ibm.com>
To:	Dhaval Giani <dhaval@...ux.vnet.ibm.com>
Cc:	lkml <linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...e.hu>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Balbir Singh <balbir@...ibm.com>,
	Bharata B Rao <bharata@...ux.vnet.ibm.com>,
	dhowells@...hat.com
Subject: Re: [PATCH] Fix a memory leak when freeing up non init
	usernamespaces users

Quoting Dhaval Giani (dhaval@...ux.vnet.ibm.com):
> 
> Fix a memory leak when freeing up non init usernamespaces users
> 
> We were returning early in the sysfs directory cleanup function
> if the user belonged to a non init usernamespace. Due to this a lot
> of the cleanup was not done and we were left with a leak. Fix the leak.
> 
> Reported-by: Serge Hallyn <serue@...ux.vnet.ibm.com>
> Signed-off-by: Dhaval Giani <dhaval@...ux.vnet.ibm.com>
> Acked-by: Serge Hallyn <serue@...ibm.com>
> Tested-by: Serge Hallyn <serue@...ibm.com>

Thanks, Dhaval.

-serge

> ---
>  kernel/user.c |   14 +++++++-------
>  1 file changed, 7 insertions(+), 7 deletions(-)
> 
> Index: linux-2.6/kernel/user.c
> ===================================================================
> --- linux-2.6.orig/kernel/user.c
> +++ linux-2.6/kernel/user.c
> @@ -286,14 +286,12 @@ int __init uids_sysfs_init(void)
>  /* work function to remove sysfs directory for a user and free up
>   * corresponding structures.
>   */
> -static void remove_user_sysfs_dir(struct work_struct *w)
> +static void cleanup_user_struct(struct work_struct *w)
>  {
>  	struct user_struct *up = container_of(w, struct user_struct, work);
>  	unsigned long flags;
>  	int remove_user = 0;
> 
> -	if (up->user_ns != &init_user_ns)
> -		return;
>  	/* Make uid_hash_remove() + sysfs_remove_file() + kobject_del()
>  	 * atomic.
>  	 */
> @@ -312,9 +310,11 @@ static void remove_user_sysfs_dir(struct
>  	if (!remove_user)
>  		goto done;
> 
> -	kobject_uevent(&up->kobj, KOBJ_REMOVE);
> -	kobject_del(&up->kobj);
> -	kobject_put(&up->kobj);
> +	if (up->user_ns == &init_user_ns) {
> +		kobject_uevent(&up->kobj, KOBJ_REMOVE);
> +		kobject_del(&up->kobj);
> +		kobject_put(&up->kobj);
> +	}
> 
>  	sched_destroy_user(up);
>  	key_put(up->uid_keyring);
> @@ -335,7 +335,7 @@ static void free_user(struct user_struct
>  	atomic_inc(&up->__count);
>  	spin_unlock_irqrestore(&uidhash_lock, flags);
> 
> -	INIT_WORK(&up->work, remove_user_sysfs_dir);
> +	INIT_WORK(&up->work, cleanup_user_struct);
>  	schedule_work(&up->work);
>  }
> 
> -- 
> regards,
> Dhaval
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ