| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <54FBA9A3.9070606@fb.com> Date: Sat, 7 Mar 2015 18:45:07 -0700 From: Jens Axboe <axboe@...com> To: David Rientjes <rientjes@...gle.com> CC: Lars Ellenberg <drbd-dev@...ts.linbit.com>, <linux-kernel@...r.kernel.org>, <drbd-user@...ts.linbit.com> Subject: Re: [patch 1/2] block, drbd: fix drbd_req_new() initialization On 03/07/2015 06:27 PM, David Rientjes wrote: > On Sat, 7 Mar 2015, Jens Axboe wrote: > >>>>> mempool_alloc() does not support __GFP_ZERO since elements may come from >>>>> memory that has already been released by mempool_free(). >>>>> >>>>> Remove __GFP_ZERO from mempool_alloc() in drbd_req_new() and properly >>>>> initialize it to 0. >>>> >>>> You should add it to mempool instead, avoid having this issue show up for >>>> other folks as well. It'd be trivial to do. Normal ->alloc() should honor >>>> __GFP_ZERO, just do the same manually for removing an item from the internal >>>> pool. >>>> >>> >>> Umm, it's not trivial to do and wouldn't make sense to do it. Mempools >> >> Uhm, it would make sense, though. >> > > Disagree, I don't think we should extend mempool to know the element size, > modify every user of mempool to pass it in, and keep it consistent with > mempool_alloc_t for the benefit of __GFP_ZERO for this one buggy caller. > Most users don't need __GFP_ZERO and just overwrite the entire element > after mempool_alloc() and it would be an unnecessary overhead to even > check for the bit set. So it wouldn't make sense in terms of performance > or maintainability. My point is that conceptually, of course it makes sense to do and it _should_ do it. We don't have the size, too bad, I don't disagree that adding it just for this is necessarily the best idea. >>> don't know the element size, in other words it wouldn't know the length to >>> memset() to 0 for mempool_alloc(). It shouldn't be modified to know the >>> element size since elements are allocated by the implementation of >>> mempool_alloc_t and they could easily become inconsistent. This patch is >>> what you want to merge, really. >>> >> >> I forgot we don't have the size in there. Then I would suggest adding a >> WARN_ON() for __GFP_ZERO being set in mempool_alloc(), at the very least. >> > > There is, it's a VM_WARN_ON_ONCE() that will show up if you configure > CONFIG_DEBUG_VM. OK, that's good enough then. -- Jens Axboe -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists