| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20120328181023.274401d1.akpm@linux-foundation.org>
Date: Wed, 28 Mar 2012 18:10:23 -0700
From: Andrew Morton <akpm@...ux-foundation.org>
To: Dave Jones <davej@...hat.com>
Cc: Dave Chinner <david@...morbit.com>, viro@...iv.linux.org.uk,
Linux Kernel <linux-kernel@...r.kernel.org>,
David Rientjes <rientjes@...gle.com>
Subject: Re: suppress page allocation failure warnings from sys_listxattr
On Wed, 28 Mar 2012 20:54:42 -0400 Dave Jones <davej@...hat.com> wrote:
> On Wed, Mar 28, 2012 at 04:47:20PM -0700, Andrew Morton wrote:
> > On Wed, 28 Mar 2012 15:39:51 +1100
> > Dave Chinner <david@...morbit.com> wrote:
> >
> > > > Well, the unusual thing was that I was fuzzing system calls for a few hours.
> > > >
> > > > My fuzzing tool was able to trigger these very easily after an hour or two
> > > > of uptime and memory had fragmented a little, so yeah, quite trivial.
> > >
> > > We've recently been seeing reports of xfsdump trigging a similar
> > > allocation failures in the XFS attr code when we are doing hundreds
> > > of thousands of attribute lookups to back them up.
> > >
> > > ad650f5 xfs: fallback to vmalloc for large buffers in xfs_attrmulti_attr_get
> > >
> > > I think that falling back to vmalloc here is much better solution
> > > than failing to retreive the attribute - it will work no matter how
> > > fragmented memory gets. That means we don't get incomplete
> > > backups occurring after days or months of uptime and successful
> > > backups...
> >
> > Yup. How does the below look?
>
> Don't see anything immediately wrong with it.
> Any thoughts on what to do about the similar problem in setxattr ? (memdup_user)
>
I can't think of anything clever.
The dumb approach:
From: Andrew Morton <akpm@...ux-foundation.org>
Subject: fs/xattr.c:setxattr(): improve handling of allocation failures
This allocation can be as large as 64k.
- Add __GFP_NOWARN so that a falied kmalloc() is silent
- Fall back to vmalloc() if the kmalloc() failed
Cc: Dave Chinner <david@...morbit.com>
Cc: Dave Jones <davej@...emonkey.org.uk>
Cc: David Rientjes <rientjes@...gle.com>
Cc: Al Viro <viro@...iv.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@...ux-foundation.org>
---
fs/xattr.c | 21 +++++++++++++++++----
1 file changed, 17 insertions(+), 4 deletions(-)
diff -puN fs/xattr.c~fs-xattrc-setxattr-improve-handling-of-allocation-failures fs/xattr.c
--- a/fs/xattr.c~fs-xattrc-setxattr-improve-handling-of-allocation-failures
+++ a/fs/xattr.c
@@ -320,6 +320,7 @@ setxattr(struct dentry *d, const char __
{
int error;
void *kvalue = NULL;
+ void *vvalue = NULL; /* If non-NULL, we used vmalloc() */
char kname[XATTR_NAME_MAX + 1];
if (flags & ~(XATTR_CREATE|XATTR_REPLACE))
@@ -334,13 +335,25 @@ setxattr(struct dentry *d, const char __
if (size) {
if (size > XATTR_SIZE_MAX)
return -E2BIG;
- kvalue = memdup_user(value, size);
- if (IS_ERR(kvalue))
- return PTR_ERR(kvalue);
+ kvalue = kmalloc(size, GFP_KERNEL | __GFP_NOWARN);
+ if (!kvalue) {
+ vvalue = vmalloc(size);
+ if (!vvalue)
+ return -ENOMEM;
+ kvalue = vvalue;
+ }
+ if (copy_from_user(kvalue, value, size)) {
+ error = -EFAULT;
+ goto out;
+ }
}
error = vfs_setxattr(d, kname, kvalue, size, flags);
- kfree(kvalue);
+out:
+ if (vvalue)
+ vfree(vvalue);
+ else
+ kfree(kvalue);
return error;
}
_
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists