| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 2 Nov 2017 14:54:23 +0100
From: Michal Hocko <mhocko@...nel.org>
To: Pavel Tatashin <pasha.tatashin@...cle.com>
Cc: steven.sistare@...cle.com, daniel.m.jordan@...cle.com,
akpm@...ux-foundation.org, mgorman@...hsingularity.net,
linux-mm@...ck.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 1/1] mm: buddy page accessed before initialized
On Thu 02-11-17 09:39:58, Pavel Tatashin wrote:
[...]
> Hi Michal,
>
> Previously as before my project? That is because memory for all struct pages
> was always zeroed in memblock, and in __free_one_page() page_is_buddy() was
> always returning false, thus we never tried to incorrectly remove it from
> the list:
>
> 837 list_del(&buddy->lru);
>
> Now, that memory is not zeroed, page_is_buddy() can return true after kexec
> when memory is dirty (unfortunately memset(1) with CONFIG_VM_DEBUG does not
> catch this case). And proceed further to incorrectly remove buddy from the
> list.
OK, I thought this was a regression from one of the recent patches. So
the problem is not new. Why don't we see the same problem during the
standard boot?
> This is why we must initialize the computed buddy page beforehand.
Ble, this is really ugly. I will think about it more.
--
Michal Hocko
SUSE Labs
Powered by blists - more mailing lists