lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20140519135000.GA20010@redhat.com>
Date:	Mon, 19 May 2014 15:50:00 +0200
From:	Oleg Nesterov <oleg@...hat.com>
To:	Michal Hocko <mhocko@...e.cz>
Cc:	Ingo Molnar <mingo@...e.hu>,
	Srikar Dronamraju <srikar@...ux.vnet.ibm.com>,
	Ananth N Mavinakayanahalli <ananth@...ibm.com>,
	David Long <dave.long@...aro.org>,
	Hugh Dickins <hughd@...gle.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] uprobes: Add mem_cgroup_charge_anon() into
	uprobe_write_opcode()

On 05/19, Michal Hocko wrote:
>
> On Mon 05-05-14 17:13:20, Oleg Nesterov wrote:
>
> Ups, this really slipped through...
> Sorry about that.
>
> > Hugh says:
> >
> >     The one I noticed was that it forgets all about memcg (because
> >     it was copied from KSM, and there the replacement page has already
> >     been charged to a memcg). See how mm/memory.c do_anonymous_page()
> >     does a mem_cgroup_charge_anon().
> >
> > Hopefully not a big problem, uprobes is a system-wide thing and only
> > root can insert the probes. But I agree, should be fixed anyway.
>
> I am not familiar with uprobes but AFAIU this can be a non-trivial of
> (now) uncharged memory. The fact that only root is allowed to install
> probes doesn't change the fact that this is still unaccounted memory and
> so setups which are tuned to not trigger OOM killer would be broken.

Sorry for confusion. I only tried to say that a user can't exploit this
problem. And "system-wide" means that installing a uprobe has other
negative impacts on the whole system. IOW, I do not think that, say, this
fix is -stable material.

> > Add mem_cgroup_{un,}charge_anon() into uprobe_write_opcode(). To simplify
> > the error handling (and avoid the new "uncharge" label) the patch also
> > moves anon_vma_prepare() up before we alloc/charge the new page.
> >
> > While at it fix the comment about ->mmap_sem, it is held for write.
>
> > Suggested-by: Hugh Dickins <hughd@...gle.com>
> > Signed-off-by: Oleg Nesterov <oleg@...hat.com>
>
> Acked-by: Michal Hocko <mhocko@...e.cz>

Thanks!

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ