| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200617125553.GO9499@dhcp22.suse.cz>
Date: Wed, 17 Jun 2020 14:55:53 +0200
From: Michal Hocko <mhocko@...nel.org>
To: Matthew Wilcox <willy@...radead.org>
Cc: dsterba@...e.cz, Joe Perches <joe@...ches.com>,
Waiman Long <longman@...hat.com>,
Andrew Morton <akpm@...ux-foundation.org>,
David Howells <dhowells@...hat.com>,
Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>,
James Morris <jmorris@...ei.org>,
"Serge E. Hallyn" <serge@...lyn.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
David Rientjes <rientjes@...gle.com>,
Johannes Weiner <hannes@...xchg.org>,
Dan Carpenter <dan.carpenter@...cle.com>,
"Jason A . Donenfeld" <Jason@...c4.com>, linux-mm@...ck.org,
keyrings@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-crypto@...r.kernel.org, linux-pm@...r.kernel.org,
linux-stm32@...md-mailman.stormreply.com,
linux-amlogic@...ts.infradead.org,
linux-mediatek@...ts.infradead.org, linuxppc-dev@...ts.ozlabs.org,
virtualization@...ts.linux-foundation.org, netdev@...r.kernel.org,
linux-ppp@...r.kernel.org, wireguard@...ts.zx2c4.com,
linux-wireless@...r.kernel.org, devel@...verdev.osuosl.org,
linux-scsi@...r.kernel.org, target-devel@...r.kernel.org,
linux-btrfs@...r.kernel.org, linux-cifs@...r.kernel.org,
linux-fscrypt@...r.kernel.org, ecryptfs@...r.kernel.org,
kasan-dev@...glegroups.com, linux-bluetooth@...r.kernel.org,
linux-wpan@...r.kernel.org, linux-sctp@...r.kernel.org,
linux-nfs@...r.kernel.org, tipc-discussion@...ts.sourceforge.net,
linux-security-module@...r.kernel.org,
linux-integrity@...r.kernel.org
Subject: Re: [PATCH v4 0/3] mm, treewide: Rename kzfree() to kfree_sensitive()
On Wed 17-06-20 05:23:21, Matthew Wilcox wrote:
> On Wed, Jun 17, 2020 at 01:31:57PM +0200, Michal Hocko wrote:
> > On Wed 17-06-20 04:08:20, Matthew Wilcox wrote:
> > > If you call vfree() under
> > > a spinlock, you're in trouble. in_atomic() only knows if we hold a
> > > spinlock for CONFIG_PREEMPT, so it's not safe to check for in_atomic()
> > > in __vfree(). So we need the warning in order that preempt people can
> > > tell those without that there is a bug here.
> >
> > ... Unless I am missing something in_interrupt depends on preempt_count() as
> > well so neither of the two is reliable without PREEMPT_COUNT configured.
>
> preempt_count() always tracks whether we're in interrupt context,
> regardless of CONFIG_PREEMPT. The difference is that CONFIG_PREEMPT
> will track spinlock acquisitions as well.
Right you are! Thanks for the clarification. I find the situation
around preempt_count quite confusing TBH. Looking at existing users
of in_atomic() (e.g. a random one zd_usb_iowrite16v_async which check
in_atomic and then does GFP_KERNEL allocation which would be obviously
broken on !PREEMPT if the function can be called from an atomic
context), I am wondering whether it would make sense to track atomic
context also for !PREEMPT. This check is just terribly error prone.
--
Michal Hocko
SUSE Labs
Powered by blists - more mailing lists