| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHk-=wi=3y4XW1RA15crZpbDy8Z0pgQL7nHeTn69MX1xm3J4yw@mail.gmail.com>
Date: Fri, 9 Aug 2019 13:09:58 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: "Schmid, Carsten" <Carsten_Schmid@...tor.com>
Cc: "bp@...e.de" <bp@...e.de>,
"dan.j.williams@...el.com" <dan.j.williams@...el.com>,
"mingo@...nel.org" <mingo@...nel.org>,
"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"bhelgaas@...gle.com" <bhelgaas@...gle.com>,
"osalvador@...e.de" <osalvador@...e.de>,
"rdunlap@...radead.org" <rdunlap@...radead.org>,
"richardw.yang@...ux.intel.com" <richardw.yang@...ux.intel.com>,
"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>
Subject: Re: Resend [PATCH] kernel/resource.c: invalidate parent when freed
resource has childs
On Fri, Aug 9, 2019 at 6:50 AM Schmid, Carsten
<Carsten_Schmid@...tor.com> wrote:
>
> @@ -1200,6 +1200,15 @@ void __release_region(struct resource *parent, resource_size_t start,
> write_unlock(&resource_lock);
> if (res->flags & IORESOURCE_MUXED)
> wake_up(&muxed_resource_wait);
> +
> + write_lock(&resource_lock);
> + if (res->child) {
> + printk(KERN_WARNING "__release_region: %s has child %s,"
> + "invalidating childs parent\n",
> + res->name, res->child->name);
> + res->child->parent = NULL;
> + }
> + write_unlock(&resource_lock);
> free_resource(res);
So I think that this should be inside the previous resource_lock, and
before the whole "wake up muxed resource".
Also, a few other issues:
- what about other freeing cases? I'm looking at
release_mem_region_adjustable()
which has the same pattern where a resource may be freed.
- what about multiple children? Your patch sets res->child->parent to
NULL, but what about possible other children (iow, the
res->child->sibling list)
- releasing a resource without having released its children is a
nasty bug, but the bug is now here in release_region, it is in the
*caller*. The printk() (or pr_warn()) doesn't really help find that.
So my gut feel is that this patch is a symptom of a real bug, and a
warning is worthwhile to fix that bug, but more thought is needed.
Maybe something more along the line of
diff --git a/kernel/resource.c b/kernel/resource.c
index 7ea4306503c5..ebe06d77b06a 100644
--- a/kernel/resource.c
+++ b/kernel/resource.c
@@ -1211,6 +1211,8 @@ void __release_region(struct resource
*parent, resource_size_t start,
}
if (res->start != start || res->end != end)
break;
+ if (WARN_ON_ONCE(res->child))
+ break;
*p = res->sibling;
write_unlock(&resource_lock);
if (res->flags & IORESOURCE_MUXED)
would be more appropriate? It simply refuses to free a resource that
has children, and gives a warning (with a backtrace) for the situation
(since clearly we now end up with a resource leak).
Linus
Powered by blists - more mailing lists