lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 16 Mar 2010 14:49:28 +0900 (JST)
From:	KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>
To:	LKML <linux-kernel@...r.kernel.org>
Cc:	kosaki.motohiro@...fujitsu.com, kiran@...lex86.org,
	cl@...ux-foundation.org, hugh.dickins@...cali.co.uk,
	lee.schermerhorn@...com, mel@....ul.ie, stable@...nel.org,
	linux-mm <linux-mm@...ck.org>, akpm@...ux-foundation.org
Subject: [PATCH 1/5] tmpfs: fix oops on mounts with mpol=default


ChangeLog from Ravikiran's original one
  - Fix the patch description. the problem is in mount, not only remount.
  - Skip mpol_new() simply, instead adding NULL check.


=========================
From: Ravikiran G Thirumalai <kiran@...lex86.org>

Fix an 'oops' when a tmpfs mount point is mounted with the mpol=default
mempolicy.

Upon remounting a tmpfs mount point with 'mpol=default' option, the
mount code crashed with a null pointer dereference.  The initial
problem report was on 2.6.27, but the problem exists in mainline
2.6.34-rc as well.  On examining the code, we see that mpol_new returns
NULL if default mempolicy was requested.  This 'NULL' mempolicy is
accessed to store the node mask resulting in oops.

The following patch fixes it.

Signed-off-by: Ravikiran Thirumalai <kiran@...lex86.org>
Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>
Cc: Christoph Lameter <cl@...ux-foundation.org>
Cc: Mel Gorman <mel@....ul.ie>
Cc: Lee Schermerhorn <lee.schermerhorn@...com>
Cc: Hugh Dickins <hugh.dickins@...cali.co.uk>
Cc: <stable@...nel.org>
---
 mm/mempolicy.c |    9 +++++++--
 1 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index bda230e..25a0c0f 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -2213,10 +2213,15 @@ int mpol_parse_str(char *str, struct mempolicy **mpol, int no_context)
 			goto out;
 		mode = MPOL_PREFERRED;
 		break;
-
+	case MPOL_DEFAULT:
+		/*
+		 * Insist on a empty nodelist
+		 */
+		if (!nodelist)
+			err = 0;
+		goto out;
 	/*
 	 * case MPOL_BIND:    mpol_new() enforces non-empty nodemask.
-	 * case MPOL_DEFAULT: mpol_new() enforces empty nodemask, ignores flags.
 	 */
 	}
 
-- 
1.6.5.2



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ