| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Dec 2018 16:39:55 +0100
From: Nicholas Mc Guire <der.herr@...r.at>
To: Joe Lawrence <joe.lawrence@...hat.com>
Cc: Nicholas Mc Guire <hofrat@...dl.org>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Jessica Yu <jeyu@...nel.org>, Jiri Kosina <jikos@...nel.org>,
Miroslav Benes <mbenes@...e.cz>,
Petr Mladek <pmladek@...e.com>, live-patching@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2 V2] livepatch: handle kzalloc failure properly
On Thu, Dec 13, 2018 at 09:14:18AM -0500, Joe Lawrence wrote:
> On 12/13/2018 09:05 AM, Nicholas Mc Guire wrote:
> > kzalloc() return should be checked. On dummy_alloc() failing
> > in kzalloc() NULL should be returned.
> >
> > Signed-off-by: Nicholas Mc Guire <hofrat@...dl.org>
> > ---
> >
> > Problem was located with an experimental coccinelle script
> >
> > V2: returning NULL is ok but not without cleanup - thanks to
> > Petr Mladek <pmladek@...e.com> for catching this.
> >
> > Patch was compile tested with: x86_64_defconfig + FTRACE=y
> > FUNCTION_TRACER=y, EXPERT=y, LATENCYTOP=y, SAMPLES=y, SAMPLE_LIVEPATCH=y
> > (with a number of unrelated sparse warnings on symbols not being static)
> >
> > Patch is against 4.20-rc6 (localversion-next is next-20181213)
> >
> > samples/livepatch/livepatch-shadow-mod.c | 4 ++++
> > 1 file changed, 4 insertions(+)
> >
> > diff --git a/samples/livepatch/livepatch-shadow-mod.c b/samples/livepatch/livepatch-shadow-mod.c
> > index 4c54b25..4aa8a88 100644
> > --- a/samples/livepatch/livepatch-shadow-mod.c
> > +++ b/samples/livepatch/livepatch-shadow-mod.c
> > @@ -118,6 +118,10 @@ noinline struct dummy *dummy_alloc(void)
> >
> > /* Oops, forgot to save leak! */
> > leak = kzalloc(sizeof(int), GFP_KERNEL);
> > + if (!leak) {
> > + kfree(d);
> > + return NULL;
> > + }
> >
> > pr_info("%s: dummy @ %p, expires @ %lx\n",
> > __func__, d, d->jiffies_expire);
> >
>
> Hi Nicholas,
>
> Thanks for finding and fixing these up... can we either squash these two
> patches into a single commit or give them unique subject lines? Code
> looks good (including Petr's suggested fix) otherwise.
>
yup - makes sense to pop it into a single patch - I assumed that this
would not be acceptable - so I actually split it up :)
I´ll send a V3 then.
BTW: wanted to fix up the sparse warnings but I think thats not going
to be that simple as the functions/structs sparse complains about
are actually being shared:
CHECK samples/livepatch/livepatch-shadow-fix1.c
samples/livepatch/livepatch-shadow-fix1.c:74:14: warning: symbol 'livepatch_fix1_dummy
alloc' was not declared. Should it be static?
samples/livepatch/livepatch-shadow-fix1.c:116:6: warning: symbol 'livepatch_fix1_dummy
free' was not declared. Should it be static?
CHECK samples/livepatch/livepatch-shadow-mod.c
samples/livepatch/livepatch-shadow-mod.c:99:1: warning: symbol 'dummy_list' was not declared. Should it be static?
samples/livepatch/livepatch-shadow-mod.c:100:1: warning: symbol 'dummy_list_mutex' was not declared. Should it be static?
samples/livepatch/livepatch-shadow-mod.c:107:23: warning: symbol 'dummy_alloc' was not declared. Should it be static?
samples/livepatch/livepatch-shadow-mod.c:132:15: warning: symbol 'dummy_free' was not declared. Should it be static?
samples/livepatch/livepatch-shadow-mod.c:140:15: warning: symbol 'dummy_check' was not declared. Should it be static?
so to clean that appropriate declarations should probably
go into a .h file. Technically its maybe not important as this
is not production code - it would though be nice if sample
code is sparse/smatch/cocci clean.
would it be acceptable to clean this up with an additional
livepatch-shadow-mod.h ?
thx!
hofrat
Powered by blists - more mailing lists