lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 7 Mar 2018 17:06:55 +0000
From:   Tvrtko Ursulin <tursulin@...ulin.net>
To:     Bart Van Assche <Bart.VanAssche@....com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Cc:     "tvrtko.ursulin@...el.com" <tvrtko.ursulin@...el.com>,
        "hare@...e.com" <hare@...e.com>,
        "jthumshirn@...e.de" <jthumshirn@...e.de>,
        "axboe@...nel.dk" <axboe@...nel.dk>
Subject: Re: [PATCH 3/6] lib/scatterlist: Do not leak pages when high-order
 allocation fails


On 07/03/18 16:16, Bart Van Assche wrote:
> On Wed, 2018-03-07 at 12:47 +0000, Tvrtko Ursulin wrote:
>> diff --git a/lib/scatterlist.c b/lib/scatterlist.c
>> index 9884be50a2c0..e13a759c5c49 100644
>> --- a/lib/scatterlist.c
>> +++ b/lib/scatterlist.c
>> @@ -493,7 +493,7 @@ struct scatterlist *sgl_alloc_order(unsigned long length, unsigned int order,
>>   {
>>   	unsigned int chunk_len = PAGE_SIZE << order;
>>   	struct scatterlist *sgl, *sg;
>> -	unsigned int nent;
>> +	unsigned int nent, i;
>>   
>>   	nent = round_up(length, chunk_len) >> (PAGE_SHIFT + order);
>>   
>> @@ -517,11 +517,12 @@ struct scatterlist *sgl_alloc_order(unsigned long length, unsigned int order,
>>   
>>   	sg_init_table(sgl, nent);
>>   	sg = sgl;
>> +	i = 0;
>>   	while (length) {
>>   		struct page *page = alloc_pages(gfp, order);
>>   
>>   		if (!page) {
>> -			sgl_free(sgl);
>> +			sgl_free_n_order(sgl, i, order);
>>   			return NULL;
>>   		}
>>   
>> @@ -529,6 +530,7 @@ struct scatterlist *sgl_alloc_order(unsigned long length, unsigned int order,
>>   		sg_set_page(sg, page, chunk_len, 0);
>>   		length -= chunk_len;
>>   		sg = sg_next(sg);
>> +		i++;
>>   	}
> 
> Since the entire sg-list is zero-initialized before this loop starts, since
> the sg-list is not chained onto another sg-list before this function returns
> and since sgl_free_n_order() checks whether or not each page pointer is NULL
> before freeing it I think we don't need the new loop variable 'i' and that
> we can call sgl_free_order() instead of sgl_free_n_order().

Yes true, I've only realized that in a later patch. Can rebase to move 
that change earlier in.

Regards,

Tvrtko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ