lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 9 Oct 2023 17:07:10 -0700
From:   Andrew Morton <akpm@...ux-foundation.org>
To:     Mike Kravetz <mike.kravetz@...cle.com>
Cc:     Konrad Dybcio <konrad.dybcio@...aro.org>,
        Anshuman Khandual <anshuman.khandual@....com>,
        Xiongchun Duan <duanxiongchun@...edance.com>,
        Barry Song <21cnbao@...il.com>,
        David Rientjes <rientjes@...gle.com>,
        Miaohe Lin <linmiaohe@...wei.com>,
        Matthew Wilcox <willy@...radead.org>, linux-mm@...ck.org,
        Naoya Horiguchi <naoya.horiguchi@...ux.dev>,
        Joao Martins <joao.m.martins@...cle.com>,
        David Hildenbrand <david@...hat.com>,
        Michal Hocko <mhocko@...e.com>,
        Oscar Salvador <osalvador@...e.de>,
        linux-kernel@...r.kernel.org, Usama Arif <usama.arif@...edance.com>
Subject: Re: [PATCH v6 2/8] hugetlb: restructure pool allocations

On Mon, 9 Oct 2023 08:15:13 -0700 Mike Kravetz <mike.kravetz@...cle.com> wrote:

> > This should also be empty and a noop.
> > 
> > Is it possible that the misaligned kernel image could make these lists
> > appear as non-empty?
> 
> Actually, just saw this:
> 
> https://lore.kernel.org/linux-mm/20231009145605.2150897-1-usama.arif@bytedance.com/
> 
> Will take a look, although as mentioned above prep_and_add_bootmem_folios on
> an empty list should be a noop.

Konrad, are you able to test Usama's patch?  Thanks.

From: Usama Arif <usama.arif@...edance.com>
Subject: mm: hugetlb: only prep and add allocated folios for non-gigantic pages
Date: Mon, 9 Oct 2023 15:56:05 +0100

Calling prep_and_add_allocated_folios when allocating gigantic pages at
boot time causes the kernel to crash as folio_list is empty and iterating
it causes a NULL pointer dereference.  Call this only for non-gigantic
pages when folio_list has entries.

Link: https://lkml.kernel.org/r/20231009145605.2150897-1-usama.arif@bytedance.com
Fixes: bfb41d6b2fe148 ("hugetlb: restructure pool allocations")
Signed-off-by: Usama Arif <usama.arif@...edance.com>
Cc: Fam Zheng <fam.zheng@...edance.com>
Cc: Mike Kravetz <mike.kravetz@...cle.com>
Cc: Muchun Song <songmuchun@...edance.com>
Cc: Punit Agrawal <punit.agrawal@...edance.com>
Cc: Anshuman Khandual <anshuman.khandual@....com>
Cc: Barry Song <21cnbao@...il.com>
Cc: David Hildenbrand <david@...hat.com>
Cc: David Rientjes <rientjes@...gle.com>
Cc: James Houghton <jthoughton@...gle.com>
Cc: Joao Martins <joao.m.martins@...cle.com>
Cc: Konrad Dybcio <konradybcio@...nel.org>
Cc: Matthew Wilcox (Oracle) <willy@...radead.org>
Cc: Miaohe Lin <linmiaohe@...wei.com>
Cc: Michal Hocko <mhocko@...e.com>
Cc: Naoya Horiguchi <naoya.horiguchi@...ux.dev>
Cc: Oscar Salvador <osalvador@...e.de>
Cc: Xiongchun Duan <duanxiongchun@...edance.com>
Signed-off-by: Andrew Morton <akpm@...ux-foundation.org>
---

 mm/hugetlb.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

--- a/mm/hugetlb.c~hugetlb-restructure-pool-allocations-fix
+++ a/mm/hugetlb.c
@@ -3307,7 +3307,8 @@ static void __init hugetlb_hstate_alloc_
 	}
 
 	/* list will be empty if hstate_is_gigantic */
-	prep_and_add_allocated_folios(h, &folio_list);
+	if (!hstate_is_gigantic(h))
+		prep_and_add_allocated_folios(h, &folio_list);
 
 	if (i < h->max_huge_pages) {
 		char buf[32];
_

Powered by blists - more mailing lists