lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1555386991-8855-1-git-send-email-hofrat@osadl.org>
Date:   Tue, 16 Apr 2019 05:56:31 +0200
From:   Nicholas Mc Guire <hofrat@...dl.org>
To:     Jason Cooper <jason@...edaemon.net>
Cc:     Andrew Lunn <andrew@...n.ch>,
        Gregory Clement <gregory.clement@...tlin.com>,
        Sebastian Hesselbarth <sebastian.hesselbarth@...il.com>,
        Russell King <linux@...linux.org.uk>,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
        Nicholas Mc Guire <hofrat@...dl.org>
Subject: [PATCH V2] ARM: mvebu: at least report the kzalloc failure

Although it is very unlikely that the allocation during init would
fail any such failure should point to the original cause to allow
easier understanding of the ensuing null-pointer dereference splat.

Signed-off-by: Nicholas Mc Guire <hofrat@...dl.org>
---

Problem located with experimental coccinelle script

V2: Russell King <linux@...linux.org.uk> pointed out that the use of
    WARN_ON() would result in a stack trace followed by the oops due
    to dereferencing of the NULL pointer and so make it even less
    likely that users would uncover the actual cause - so drop the
    WARN_ON() and use a short pr_err() message that points to the
    oops cause directly.

Note that this will trigger a checkpatch WARNING
"WARNING: Possible unnecessary 'out of memory' message"
but comparing the oops with an without the one-line pr_err I would
argue that it makes sense to include it:
<snip>
[ 8061.514840] shared page allocation failure in hello_init()
[ 8113.563239] BUG: unable to handle kernel NULL pointer dereference at 0000000000000000
[ 8113.563250] #PF error: [WRITE]
[ 8113.563255] PGD 8000000129993067 P4D 8000000129993067 PUD 129992067 PMD 0
[ 8113.563267] Oops: 0002 [#1] SMP PTI
[ 8113.563276] CPU: 2 PID: 2656 Comm: bash Tainted: G        W  O      5.0.0-rc3livepatchtest-next-20190123+ #4
[ 8113.563280] Hardware name: Quanta TWH/TWH, BIOS QU221 10/14/2011
[ 8113.563292] RIP: 0010:foo_store+0x3a/0x90 [hello_chardev]
...
<snip>

Patch was compile-tested: mvebu_v7_defconfig (implies MACH_MVEBU_ANY=y)
(with some unrelated sparse warnings about missing syscalls)

Patch is against 5.1-rc4 (localversion-next is 20190415)

 arch/arm/mach-mvebu/board-v7.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/arm/mach-mvebu/board-v7.c b/arch/arm/mach-mvebu/board-v7.c
index 0b10acd..df84cb6 100644
--- a/arch/arm/mach-mvebu/board-v7.c
+++ b/arch/arm/mach-mvebu/board-v7.c
@@ -128,6 +128,9 @@ static void __init i2c_quirk(void)
 		struct property *new_compat;
 
 		new_compat = kzalloc(sizeof(*new_compat), GFP_KERNEL);
+		if (!new_compat)
+			pr_err("new_compat allocation failure in %s()\n",
+				__func__);
 
 		new_compat->name = kstrdup("compatible", GFP_KERNEL);
 		new_compat->length = sizeof("marvell,mv78230-a0-i2c");
-- 
2.1.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ