| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <571d4a4a-0674-4c84-b714-8e7582699e30@lucifer.local>
Date: Tue, 5 Sep 2023 08:09:16 +0100
From: Lorenzo Stoakes <lstoakes@...il.com>
To: "Joel Fernandes (Google)" <joel@...lfernandes.org>
Cc: linux-kernel@...r.kernel.org,
Andrew Morton <akpm@...ux-foundation.org>,
Uladzislau Rezki <urezki@...il.com>,
Christoph Hellwig <hch@...radead.org>,
"Paul E. McKenney" <paulmck@...nel.org>,
Vlastimil Babka <vbabka@...e.cz>,
Zhen Lei <thunder.leizhen@...weicloud.com>,
rcu@...r.kernel.org, Zqiang <qiang.zhang1211@...il.com>,
stable@...r.kernel.org, linux-mm@...ck.org
Subject: Re: [PATCH v3 1/2] mm/vmalloc: Add a safer version of find_vm_area()
for debug
On Mon, Sep 04, 2023 at 06:08:04PM +0000, Joel Fernandes (Google) wrote:
> It is unsafe to dump vmalloc area information when trying to do so from
> some contexts. Add a safer trylock version of the same function to do a
> best-effort VMA finding and use it from vmalloc_dump_obj().
It'd be nice to have more details as to precisely which contexts and what this
resolves.
>
> [applied test robot feedback on unused function fix.]
> [applied Uladzislau feedback on locking.]
>
> Reported-by: Zhen Lei <thunder.leizhen@...weicloud.com>
> Cc: Paul E. McKenney <paulmck@...nel.org>
> Cc: rcu@...r.kernel.org
> Cc: Zqiang <qiang.zhang1211@...il.com>
> Reviewed-by: Uladzislau Rezki (Sony) <urezki@...il.com>
> Fixes: 98f180837a89 ("mm: Make mem_dump_obj() handle vmalloc() memory")
> Cc: stable@...r.kernel.org
> Signed-off-by: Joel Fernandes (Google) <joel@...lfernandes.org>
> ---
> mm/vmalloc.c | 26 ++++++++++++++++++++++----
> 1 file changed, 22 insertions(+), 4 deletions(-)
>
> diff --git a/mm/vmalloc.c b/mm/vmalloc.c
> index 93cf99aba335..2c6a0e2ff404 100644
> --- a/mm/vmalloc.c
> +++ b/mm/vmalloc.c
> @@ -4274,14 +4274,32 @@ void pcpu_free_vm_areas(struct vm_struct **vms, int nr_vms)
> #ifdef CONFIG_PRINTK
> bool vmalloc_dump_obj(void *object)
> {
> - struct vm_struct *vm;
> void *objp = (void *)PAGE_ALIGN((unsigned long)object);
> + const void *caller;
> + struct vm_struct *vm;
> + struct vmap_area *va;
> + unsigned long addr;
> + unsigned int nr_pages;
>
> - vm = find_vm_area(objp);
> - if (!vm)
> + if (!spin_trylock(&vmap_area_lock))
> + return false;
It'd be good to have a comment here explaining why we must trylock here. I am
also concerned that in the past this function would return false only if the
address was not a vmalloc one, but now it might just return false due to lock
contention and the user has no idea which it is?
I'd want to at least output "vmalloc region cannot lookup lock contention"
vs. the below cannot find case.
Under heavy lock contention aren't you potentially breaking the ability to
introspect vmalloc addresses? Wouldn't it be better to explicitly detect the
contexts under which acquiring this spinlock is not appropriate?
> + va = __find_vmap_area((unsigned long)objp, &vmap_area_root);
> + if (!va) {
> + spin_unlock(&vmap_area_lock);
> return false;
> + }
> +
> + vm = va->vm;
> + if (!vm) {
> + spin_unlock(&vmap_area_lock);
> + return false;
> + }
> + addr = (unsigned long)vm->addr;
> + caller = vm->caller;
> + nr_pages = vm->nr_pages;
> + spin_unlock(&vmap_area_lock);
> pr_cont(" %u-page vmalloc region starting at %#lx allocated at %pS\n",
> - vm->nr_pages, (unsigned long)vm->addr, vm->caller);
> + nr_pages, addr, caller);
> return true;
> }
> #endif
> --
> 2.42.0.283.g2d96d420d3-goog
>
Powered by blists - more mailing lists