lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 Feb 2013 13:01:56 -0700 From: Tim Gardner <tim.gardner@...onical.com> To: linux-kernel@...r.kernel.org Cc: Tim Gardner <tim.gardner@...onical.com>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, Paul Mackerras <paulus@...ba.org>, Ingo Molnar <mingo@...hat.com>, Arnaldo Carvalho de Melo <acme@...stprotocols.net>, Thomas Gleixner <tglx@...utronix.de>, "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org Subject: [PATCH linux-next] perf/x86: x86_schedule_events(): avoid 512 byte stack variable x86_schedule_events() creates a 512 byte automatic variable when compiled for 64 bit. Dynamically allocate this array to avoid possible stack corruption. Smatch analysis: arch/x86/kernel/cpu/perf_event.c:727 x86_schedule_events() warn: 'constraints' puts 512 bytes on stack Cc: Peter Zijlstra <a.p.zijlstra@...llo.nl> Cc: Paul Mackerras <paulus@...ba.org> Cc: Ingo Molnar <mingo@...hat.com> Cc: Arnaldo Carvalho de Melo <acme@...stprotocols.net> Cc: Thomas Gleixner <tglx@...utronix.de> Cc: "H. Peter Anvin" <hpa@...or.com> Cc: x86@...nel.org Cc: <stable@...r.kernel.org> # 2.6.34.y and higher Signed-off-by: Tim Gardner <tim.gardner@...onical.com> --- This large stack variable was introduced with 63b146490befc027a7e0923e333269e68b20d380 in 2.6.34. Since it has been around for awhile I don't know if its really a problem on this code path, but it does consume a good size chunk of the kernel stack. Applies cleanly to 3.3.y and higher. Needs backport for older kernels. arch/x86/kernel/cpu/perf_event.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/perf_event.c b/arch/x86/kernel/cpu/perf_event.c index bf0f01a..1f2005e 100644 --- a/arch/x86/kernel/cpu/perf_event.c +++ b/arch/x86/kernel/cpu/perf_event.c @@ -718,11 +718,15 @@ int perf_assign_events(struct event_constraint **constraints, int n, int x86_schedule_events(struct cpu_hw_events *cpuc, int n, int *assign) { - struct event_constraint *c, *constraints[X86_PMC_IDX_MAX]; + struct event_constraint *c, **constraints; unsigned long used_mask[BITS_TO_LONGS(X86_PMC_IDX_MAX)]; int i, wmin, wmax, num = 0; struct hw_perf_event *hwc; + constraints = kmalloc(X86_PMC_IDX_MAX*sizeof(*constraints), GFP_ATOMIC); + if (!constraints) + return -ENOMEM; + bitmap_zero(used_mask, X86_PMC_IDX_MAX); for (i = 0, wmin = X86_PMC_IDX_MAX, wmax = 0; i < n; i++) { @@ -770,6 +774,9 @@ int x86_schedule_events(struct cpu_hw_events *cpuc, int n, int *assign) x86_pmu.put_event_constraints(cpuc, cpuc->event_list[i]); } } + + kfree(constraints); + return num ? -EINVAL : 0; } -- 1.7.9.5 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists