lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1341376578.4852.172.camel@deadeye.wl.decadent.org.uk>
Date:	Wed, 04 Jul 2012 05:36:18 +0100
From:	Ben Hutchings <ben@...adent.org.uk>
To:	Herton Ronaldo Krzesinski <herton.krzesinski@...onical.com>,
	Pravin Shelar <pshelar@...ira.com>
Cc:	linux-kernel@...r.kernel.org, stable@...r.kernel.org,
	torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
	alan@...rguk.ukuu.org.uk, Pravin B Shelar <pshelar@...ira.com>,
	Amey Bhide <abhide@...ira.com>,
	Christoph Lameter <cl@...ux.com>,
	Pekka Enberg <penberg@...helsinki.fi>,
	Andrea Arcangeli <aarcange@...hat.com>
Subject: Re: [ 07/48] mm: fix slab->page _count corruption when using slub

On Mon, 2012-07-02 at 20:46 -0300, Herton Ronaldo Krzesinski wrote:
> On Sun, Jul 01, 2012 at 06:20:13PM +0100, Ben Hutchings wrote:
> > 3.2-stable review patch.  If anyone has any objections, please let me know.
> > 
> > ------------------
> > 
> > From: Pravin B Shelar <pshelar@...ira.com>
> > 
> > commit abca7c4965845924f65d40e0aa1092bdd895e314 upstream.
> > 
> > On arches that do not support this_cpu_cmpxchg_double() slab_lock is used
> > to do atomic cmpxchg() on double word which contains page->_count.  The
> > page count can be changed from get_page() or put_page() without taking
> > slab_lock.  That corrupts page counter.
> > 
> > Fix it by moving page->_count out of cmpxchg_double data.  So that slub
> > does no change it while updating slub meta-data in struct page.
> 
> Hi,
> 
> I got a frozen machine on boot with 3.2.22 proposed patches, bisect
> pointed out to this commit (and reverting only this commit on top of
> 3.2.22 patches confirmed it). So far I was able to reproduce always.
[...]

Sorry, I should remember to test with SLUB whenever there's a patch that
touches it!  I'll drop this for now, given Pravin's feedback.

Please let me know when this is completely fixed in mainline and ready
to be cherry-picked/backported.

Ben.

-- 
Ben Hutchings
When in doubt, use brute force. - Ken Thompson

Download attachment "signature.asc" of type "application/pgp-signature" (829 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ