lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20090728170632.2d136ce6.akpm@linux-foundation.org>
Date:	Tue, 28 Jul 2009 17:06:32 -0700
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	Benjamin Herrenschmidt <benh@...nel.crashing.org>
Cc:	torvalds@...ux-foundation.org, linux-kernel@...r.kernel.org,
	linux-mm@...ck.org, Pekka Enberg <penberg@...helsinki.fi>
Subject: Re: [PATCH] mm: Make it easier to catch NULL cache names

On Tue, 28 Jul 2009 14:11:29 +1000
Benjamin Herrenschmidt <benh@...nel.crashing.org> wrote:

> Right now, if you inadvertently pass NULL to kmem_cache_create() at boot
> time, it crashes much later after boot somewhere deep inside sysfs which
> makes it very non obvious to figure out what's going on.

That must have been a pretty dumb piece of kernel code.  It's a bit
questionable (IMO) whether we need to cater for really exceptional
bugs.  But whatever.

slab used to have a check (__get_user) to see whether the ->name field
was still readable.  This was to detect the case where the slab cache
was created from a kernel module and the module forgot to remove the
cache at rmmod-time.  Subsequent reads of /proc/slabinfo would
confusingly go splat.  The check seems to have been removed (from
slab.c, at least).  If it is still there then it should be applied
consistently and across all slab versions.  In which case that check
would make your patch arguably-unneeded.  But it seems to have got
itself zapped.

> Signed-off-by: Benjamin Herrenschmidt <benh@...nel.crashing.org>
> ---
> 
> Yes, I did hit that :-) Something in ppc land using an array of caches
> and got the names array out of sync with changes to the list of indices.
> 
>  mm/slub.c |    3 +++
>  1 files changed, 3 insertions(+), 0 deletions(-)
> 
> diff --git a/mm/slub.c b/mm/slub.c
> index b9f1491..e31fbe6 100644
> --- a/mm/slub.c
> +++ b/mm/slub.c
> @@ -3292,6 +3292,9 @@ struct kmem_cache *kmem_cache_create(const char *name, size_t size,
>  {
>  	struct kmem_cache *s;
>  
> +	if (WARN_ON(!name))
> +		return NULL;
> +
>  	down_write(&slub_lock);
>  	s = find_mergeable(size, align, flags, name, ctor);
>  	if (s) {

Let's see:

slab.c: goes BUG
slob.c: will apparently go oops at some later time
slqb.c: does dump_stack(), returns NULL from kmem_cache_create()
slub.c: does WARN(), returns NULL from kmem_cache_create()


I think I'll apply the patch, cc Pekka then run away.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ