lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 31 Aug 2016 14:06:14 -0700 (PDT)
From:   David Rientjes <rientjes@...gle.com>
To:     Andrew Morton <akpm@...ux-foundation.org>
cc:     Reza Arbab <arbab@...ux.vnet.ibm.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Vlastimil Babka <vbabka@...e.cz>,
        Vitaly Kuznetsov <vkuznets@...hat.com>,
        Yaowei Bai <baiyaowei@...s.chinamobile.com>,
        Joonsoo Kim <iamjoonsoo.kim@....com>,
        Dan Williams <dan.j.williams@...el.com>,
        Xishi Qiu <qiuxishi@...wei.com>,
        David Vrabel <david.vrabel@...rix.com>,
        Chen Yucong <slaoub@...il.com>,
        Andrew Banman <abanman@....com>, linux-mm@...ck.org,
        linux-kernel@...r.kernel.org
Subject: Re: [RESEND PATCH v2] memory-hotplug: fix store_mem_state() return
 value

On Wed, 31 Aug 2016, Andrew Morton wrote:

> > Attempting to online memory which is already online will cause this:
> > 
> > 1. store_mem_state() called with buf="online"
> > 2. device_online() returns 1 because device is already online
> > 3. store_mem_state() returns 1
> > 4. calling code interprets this as 1-byte buffer read
> > 5. store_mem_state() called again with buf="nline"
> > 6. store_mem_state() returns -EINVAL
> > 
> > Example:
> > 
> > $ cat /sys/devices/system/memory/memory0/state
> > online
> > $ echo online > /sys/devices/system/memory/memory0/state
> > -bash: echo: write error: Invalid argument
> > 
> > Fix the return value of store_mem_state() so this doesn't happen.
> 
> So..  what *does* happen after the patch?  Is some sort of failure still
> reported?  Or am I correct in believing that the operation will appear
> to have succeeded?  If so, is that desirable?
> 

It's not desirable, before commit 4f3549d72 this would have returned 
EINVAL since __memory_block_change_state() does not see the state as 
MEM_OFFLINE when the write is done.  The correct fix is for 
store_mem_state() to return -EINVAL when device_online() returns non-zero.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ