lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <961aa3350907171829i52c095aam610ae2dc3d931080@mail.gmail.com>
Date:	Sat, 18 Jul 2009 10:29:44 +0900
From:	Akinobu Mita <akinobu.mita@...il.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	linux-kernel@...r.kernel.org, linux-mm@...ck.org
Subject: Re: [PATCH] mm: add gfp mask checking for __get_free_pages()

2009/7/18 Andrew Morton <akpm@...ux-foundation.org>:
> On Sat, 4 Jul 2009 11:09:50 +0900
> Akinobu Mita <akinobu.mita@...il.com> wrote:
>
>> __get_free_pages() with __GFP_HIGHMEM is not safe because the return
>> address cannot represent a highmem page. get_zeroed_page() already has
>> such a debug checking.
>>
>> Signed-off-by: Akinobu Mita <akinobu.mita@...il.com>
>> ---
>>  mm/page_alloc.c |   24 +++++++++---------------
>>  1 files changed, 9 insertions(+), 15 deletions(-)
>>
>> diff --git a/mm/page_alloc.c b/mm/page_alloc.c
>> index e0f2cdf..4a1a374 100644
>> --- a/mm/page_alloc.c
>> +++ b/mm/page_alloc.c
>> @@ -1903,31 +1903,25 @@ EXPORT_SYMBOL(__alloc_pages_nodemask);
>>   */
>>  unsigned long __get_free_pages(gfp_t gfp_mask, unsigned int order)
>>  {
>> -     struct page * page;
>> +     struct page *page;
>> +
>> +     /*
>> +      * __get_free_pages() returns a 32-bit address, which cannot represent
>> +      * a highmem page
>> +      */
>> +     VM_BUG_ON((gfp_mask & __GFP_HIGHMEM) != 0);
>> +
>>       page = alloc_pages(gfp_mask, order);
>>       if (!page)
>>               return 0;
>>       return (unsigned long) page_address(page);
>>  }
>> -
>>  EXPORT_SYMBOL(__get_free_pages);
>>
>>  unsigned long get_zeroed_page(gfp_t gfp_mask)
>>  {
>> -     struct page * page;
>> -
>> -     /*
>> -      * get_zeroed_page() returns a 32-bit address, which cannot represent
>> -      * a highmem page
>> -      */
>> -     VM_BUG_ON((gfp_mask & __GFP_HIGHMEM) != 0);
>> -
>> -     page = alloc_pages(gfp_mask | __GFP_ZERO, 0);
>> -     if (page)
>> -             return (unsigned long) page_address(page);
>> -     return 0;
>> +     return __get_free_pages(gfp_mask | __GFP_ZERO, 0);
>>  }
>> -
>>  EXPORT_SYMBOL(get_zeroed_page);
>>
>>  void __pagevec_free(struct pagevec *pvec)
>
> Fair enough.
>
> I suspect we could just delete that VM_BUG_ON() - we can't go and do
> runtime checking for every darn programmer error, and this would be a
> pretty dumb one.

Maybe. But we had such a bug in c51b1a160b63304720d49479986915e4c475a2cf
(xip: fix get_zeroed_page with __GFP_HIGHME). Even the VM code
had it and did not fixed for a long time.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ