lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.DEB.2.10.1504021215310.2513@hadrien>
Date:	Thu, 2 Apr 2015 12:18:03 +0200 (CEST)
From:	Julia Lawall <julia.lawall@...6.fr>
To:	"Drokin, Oleg" <oleg.drokin@...el.com>
cc:	Julia Lawall <julia.lawall@...6.fr>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	"Dhere, Chaitanya (C.)" <cvijaydh@...teon.com>,
	"Dilger, Andreas" <andreas.dilger@...el.com>,
	Al Viro <viro@...iv.linux.org.uk>,
	"Xiong, Jinshan" <jinshan.xiong@...el.com>,
	"aybuke.147@...il.com" <aybuke.147@...il.com>,
	"Hammond, John" <john.hammond@...el.com>,
	"HPDD-discuss@...ts.01.org" <HPDD-discuss@...1.01.org>,
	"<devel@...verdev.osuosl.org>" <devel@...verdev.osuosl.org>,
	"<linux-kernel@...r.kernel.org> Mailing List" 
	<linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] staging: lustre: replace kzalloc with copy_from_user
 with memdup_user



On Tue, 31 Mar 2015, Drokin, Oleg wrote:

>
> On Mar 31, 2015, at 11:57 AM, gregkh@...uxfoundation.org wrote:
>
> > On Tue, Mar 31, 2015 at 05:15:23PM +0200, Julia Lawall wrote:
> >> On Tue, 31 Mar 2015, Dhere, Chaitanya (C.) wrote:
> >>
> >>> This patch replaces kzalloc and copy_from_user with memdup_user call
> >>> This change was detected with coccinelle tool
> >>>
> >>> Signed-off-by: Chaitanya Dhere <cvijaydh@...teon.com>
> >>> ---
> >>> drivers/staging/lustre/lustre/llite/file.c |   11 +++--------
> >>> 1 file changed, 3 insertions(+), 8 deletions(-)
> >>>
> >>> diff --git a/drivers/staging/lustre/lustre/llite/file.c b/drivers/staging/lustre/lustre/llite/file.c
> >>> index 85e74d1..85b5567 100644
> >>> --- a/drivers/staging/lustre/lustre/llite/file.c
> >>> +++ b/drivers/staging/lustre/lustre/llite/file.c
> >>> @@ -2368,14 +2368,9 @@ ll_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
> >>> 		struct hsm_state_set	*hss;
> >>> 		int			 rc;
> >>>
> >>> -		hss = kzalloc(sizeof(*hss), GFP_NOFS);
> >>> -		if (!hss)
> >>> -			return -ENOMEM;
> >>> -
> >>> -		if (copy_from_user(hss, (char *)arg, sizeof(*hss))) {
> >>> -			OBD_FREE_PTR(hss);
> >>> -			return -EFAULT;
> >>> -		}
> >>> +		hss = memdup_user((char *)arg, sizeof(*hss));
> >>
> >> memdup_user will use the flag GFP_KERNEL, ie (__GFP_WAIT | __GFP_IO |
> >> __GFP_FS), rather than the flag GFP_NOFS, ie (__GFP_WAIT | __GFP_IO), that
> >> is specified.  I don't know if this is a problem here.
> >
> > Yes, this is a filesystem, so this can't be changed, as we can't have
> > the allocation go out and ask for more filesystem accesses in the middle
> > of trying to do a filesystem access :)
>
> Technically in this place we are not really holding any locks or anything else of value to cause a deadlock,
> so we might be fine here.
> More importantly, I totally missed this OBD_ALLOC replacement with kzalloc when it happened.
> In theory all OBD_ALLOC() calls add up all allocated memory in a counter and then OBD_FREE() calls
> subtract freed memory (for a poor man's memory leak detection and tracing).
> Now since it's out of match, there should have been tons of very loud warnings about it, but I don't see
> any in my logs and I wonder why.
>
> Julia, I wonder if you happen to have a bunch of other patches to get rid of the rest of OBD_ALLOC and OBD_FREE stuff by any chance?

I can generate them again, but I wasn't clear on what was wanted.  I would
really prefer something where it is explicit at the call site that an
assignment is taking place.  If we can have x = obd_alloc(...) and
obd_free(x,...) (I don't have time to look up the exact arguments at the
moment), then I can take care of that).  I still think it is too bad that
this code won't benefit from rules written for more generic memory
allocation functions, but if the extra debugging facility provided by
these functions is useful, then I guess it is reasonable to keep it.

julia
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ