lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAE9FiQUn0cO6XfZpb+QCG3L7fW7Z3eO0w2x9kJH9N05sUM=-vQ@mail.gmail.com>
Date:	Fri, 15 Jun 2012 20:06:31 -0700
From:	Yinghai Lu <yinghai@...nel.org>
To:	Greg Pearson <greg.pearson@...com>,
	Benjamin Herrenschmidt <benh@...nel.crashing.org>
Cc:	tj@...nel.org, hpa@...ux.intel.com, akpm@...ux-foundation.org,
	shangw@...ux.vnet.ibm.com, mingo@...e.hu, linux-mm@...ck.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] mm/memblock: fix overlapping allocation when doubling
 reserved array

On Fri, Jun 15, 2012 at 5:28 PM, Greg Pearson <greg.pearson@...com> wrote:
> The __alloc_memory_core_early() routine will ask memblock for a range
> of memory then try to reserve it. If the reserved region array lacks
> space for the new range, memblock_double_array() is called to allocate
> more space for the array. If memblock is used to allocate memory for
> the new array it can end up using a range that overlaps with the range
> originally allocated in __alloc_memory_core_early(), leading to possible
> data corruption.
>
> With this patch memblock_double_array() now calls memblock_find_in_range()
> with a narrowed candidate range so any memory allocated will not overlap
> with the original range that was being reserved. The range is narrowed by
> passing in both the starting and ending address of the previously allocated
> range. Then the range above the ending address is searched and if a candidate
> is not found, the range below the starting address is searched.
>
> Changes from v1: (based on comments from Yinghai Lu)
> - use obase instead of base in memblock_add_region() for exclude start address
> - pass in both the starting and ending address of the exclude range to
>  memblock_double_array()
> - have memblock_double_array() search above the exclude ending address
>  and below the exclude starting address for a free range
>
> Signed-off-by: Greg Pearson <greg.pearson@...com>

found more problem, please check -v3

also add cc to Ben.

Thanks

Yinghai

Download attachment "memblock_double_array_fix.patch" of type "application/octet-stream" (3788 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ