lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Tue, 29 Apr 2014 18:39:28 +0530
From:	"Srivatsa S. Bhat" <srivatsa.bhat@...ux.vnet.ibm.com>
To:	Oleg Nesterov <oleg@...hat.com>
CC:	Davidlohr Bueso <davidlohr@...com>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Linux MM <linux-mm@...ck.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Rik van Riel <riel@...hat.com>,
	Michel Lespinasse <walken@...gle.com>,
	Hugh Dickins <hughd@...gle.com>
Subject: Re: [PATCH] vmacache: change vmacache_find() to always check ->vm_mm

On 04/29/2014 06:22 PM, Oleg Nesterov wrote:
> On 04/29, Srivatsa S. Bhat wrote:
>>
>> I guess I'll hold off on testing this fix until I get to reproduce
>> the bug more reliably..
> 
> perhaps the patch below can help a bit?
> 
> -------------------------------------------------------------------------------
> Subject: [PATCH] vmacache: change vmacache_find() to always check ->vm_mm
> 
> If ->vmacache was corrupted it would be better to detect and report
> the problem asap, check vma->vm_mm before vm_start/vm_end.
> 
> Signed-off-by: Oleg Nesterov <oleg@...hat.com>
> ---
>  mm/vmacache.c |    5 +++--
>  1 files changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/mm/vmacache.c b/mm/vmacache.c
> index d4224b3..952a324 100644
> --- a/mm/vmacache.c
> +++ b/mm/vmacache.c
> @@ -81,9 +81,10 @@ struct vm_area_struct *vmacache_find(struct mm_struct *mm, unsigned long addr)
>  	for (i = 0; i < VMACACHE_SIZE; i++) {
>  		struct vm_area_struct *vma = current->vmacache[i];
> 
> -		if (vma && vma->vm_start <= addr && vma->vm_end > addr) {
> +		if (vma) {
>  			BUG_ON(vma->vm_mm != mm);
> -			return vma;
> +			if (vma->vm_start <= addr && vma->vm_end > addr)
> +				return vma;
>  		}
>  	}
> 

IIUC, this is similar to commit 50f5aa8a9b2 (mm: don't pointlessly use
BUG_ON() for sanity check). But even with that commit included I was
not able to reproduce the bug again, as reported here:

https://lkml.org/lkml/2014/4/29/187

Regards,
Srivatsa S. Bhat

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists