lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CACT4Y+ad6ZY=1=kM0FGZD8LtOaupV4c0AW0mXjMoxMNRsH2omA@mail.gmail.com>
Date:	Tue, 2 Aug 2016 12:05:10 +0200
From:	Dmitry Vyukov <dvyukov@...gle.com>
To:	Andrey Ryabinin <aryabinin@...tuozzo.com>
Cc:	Alexander Potapenko <glider@...gle.com>,
	Kostya Serebryany <kcc@...gle.com>,
	Andrey Konovalov <adech.fo@...il.com>,
	Christoph Lameter <cl@...ux.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Steven Rostedt <rostedt@...dmis.org>,
	Joonsoo Kim <js1304@...il.com>,
	Joonsoo Kim <iamjoonsoo.kim@....com>,
	Kuthonuzo Luruo <kuthonuzo.luruo@....com>,
	kasan-dev <kasan-dev@...glegroups.com>,
	LKML <linux-kernel@...r.kernel.org>,
	"linux-mm@...ck.org" <linux-mm@...ck.org>
Subject: Re: [PATCH] kasan: avoid overflowing quarantine size on low memory systems

On Tue, Aug 2, 2016 at 12:00 PM, Andrey Ryabinin
<aryabinin@...tuozzo.com> wrote:
>
>
> On 08/01/2016 05:59 PM, Alexander Potapenko wrote:
>> If the total amount of memory assigned to quarantine is less than the
>> amount of memory assigned to per-cpu quarantines, |new_quarantine_size|
>> may overflow. Instead, set it to zero.
>>
>
> Just curious, how did find this?
> Overflow is possible if system has more than 32 cpus per GB of memory. AFIAK this quite unusual.

I was reading code for unrelated reason.

>> Reported-by: Dmitry Vyukov <dvyukov@...gle.com>
>> Fixes: 55834c59098d ("mm: kasan: initial memory quarantine
>> implementation")
>> Signed-off-by: Alexander Potapenko <glider@...gle.com>
>> ---
>>  mm/kasan/quarantine.c | 12 ++++++++++--
>>  1 file changed, 10 insertions(+), 2 deletions(-)
>>
>> diff --git a/mm/kasan/quarantine.c b/mm/kasan/quarantine.c
>> index 65793f1..416d3b0 100644
>> --- a/mm/kasan/quarantine.c
>> +++ b/mm/kasan/quarantine.c
>> @@ -196,7 +196,7 @@ void quarantine_put(struct kasan_free_meta *info, struct kmem_cache *cache)
>>
>>  void quarantine_reduce(void)
>>  {
>> -     size_t new_quarantine_size;
>> +     size_t new_quarantine_size, percpu_quarantines;
>>       unsigned long flags;
>>       struct qlist_head to_free = QLIST_INIT;
>>       size_t size_to_free = 0;
>> @@ -214,7 +214,15 @@ void quarantine_reduce(void)
>>        */
>>       new_quarantine_size = (READ_ONCE(totalram_pages) << PAGE_SHIFT) /
>>               QUARANTINE_FRACTION;
>> -     new_quarantine_size -= QUARANTINE_PERCPU_SIZE * num_online_cpus();
>> +     percpu_quarantines = QUARANTINE_PERCPU_SIZE * num_online_cpus();
>> +     if (new_quarantine_size < percpu_quarantines) {
>> +             WARN_ONCE(1,
>> +                     "Too little memory, disabling global KASAN quarantine.\n",
>> +             );
>
> Why WARN? I'd suggest pr_warn_once();


I would suggest to just do something useful. Setting quarantine
new_quarantine_size to 0 looks fine.
What would user do with this warning? Number of CPUs and amount of
memory are generally fixed. Why is it an issue for end user at all? We
still have some quarantine per-cpu. A WARNING means a [non-critical]
kernel bug. E.g. syzkaller will catch each and every boot of such
system as a bug.


>> +             new_quarantine_size = 0;
>> +     } else {
>> +             new_quarantine_size -= percpu_quarantines;
>> +     }
>>       WRITE_ONCE(quarantine_size, new_quarantine_size);
>>
>>       last = global_quarantine.head;
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ