lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20190430151005.GA20916@kroah.com>
Date:   Tue, 30 Apr 2019 17:10:05 +0200
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Petr Mladek <pmladek@...e.com>
Cc:     "Tobin C. Harding" <tobin@...nel.org>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Jiri Kosina <jikos@...nel.org>,
        Miroslav Benes <mbenes@...e.cz>,
        Joe Lawrence <joe.lawrence@...hat.com>,
        live-patching@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] livepatch: Fix kobject memleak

On Tue, Apr 30, 2019 at 04:56:13PM +0200, Petr Mladek wrote:
> On Tue 2019-04-30 10:15:33, Tobin C. Harding wrote:
> > Currently error return from kobject_init_and_add() is not followed by a
> > call to kobject_put().  This means there is a memory leak.
> 
> I see, the ref count is always initialized to 1 via:
> 
>   + kobject_init_and_add()
>     + kobject_init()
>       + kobject_init_internal()
> 	+ kref_init()
> 
> 
> > Signed-off-by: Tobin C. Harding <tobin@...nel.org>
> > ---
> >  kernel/livepatch/core.c | 12 +++++++++---
> >  1 file changed, 9 insertions(+), 3 deletions(-)
> > 
> > diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c
> > index eb0ee10a1981..98a7bec41faa 100644
> > --- a/kernel/livepatch/core.c
> > +++ b/kernel/livepatch/core.c
> > @@ -727,7 +727,9 @@ static int klp_init_func(struct klp_object *obj, struct klp_func *func)
> >  	ret = kobject_init_and_add(&func->kobj, &klp_ktype_func,
> >  				   &obj->kobj, "%s,%lu", func->old_name,
> >  				   func->old_sympos ? func->old_sympos : 1);
> > -	if (!ret)
> > +	if (ret)
> > +		kobject_put(&func->kobj);
> > +	else
> >  		func->kobj_added = true;
> 
> We could actually get rid of the custom kobj_added. Intead, we could
> check for kobj->state_initialized in the various klp_free* functions.

Why do you need to care about this at all anyway?  The kobject can
handle it's own lifetime just fine (that's what it is there for), why do
you need to also track it?

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ