| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20231014160104.19912de669475deec235702d@linux-foundation.org>
Date: Sat, 14 Oct 2023 16:01:04 -0700
From: Andrew Morton <akpm@...ux-foundation.org>
To: Huai-Yuan Liu <810974084@...com>
Cc: linux-mm@...ck.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] mm/page_alloc.c: function call alloc_percpu() unchecked
On Thu, 12 Oct 2023 01:25:35 -0700 Huai-Yuan Liu <810974084@...com> wrote:
> The function call alloc_percpu() returns a pointer to the memory address,
> but it hasn't been checked. Our static analysis tool indicates that null
> pointer dereference may exist in pointer zone->per_cpu_pageset. It is
> always safe to judge the null pointer before use.
>
> ...
>
> --- a/mm/page_alloc.c
> +++ b/mm/page_alloc.c
> @@ -5390,6 +5390,8 @@ void __meminit setup_zone_pageset(struct zone *zone)
> zone->per_cpu_zonestats = alloc_percpu(struct per_cpu_zonestat);
>
> zone->per_cpu_pageset = alloc_percpu(struct per_cpu_pages);
> + if (!zone->per_cpu_pageset)
> + return;
> for_each_possible_cpu(cpu) {
> struct per_cpu_pages *pcp;
> struct per_cpu_zonestat *pzstats;
I suppose as it's __meminit, yes, we should be checking here.
In which case we should also be checking the alloc_percpu() two lines
earlier and we should be freeing zone->per_cpu_zonestats if this second
alloc_percpu() fails. And we should be propagating the overall failure
back to higher layers whihc then handle it so the kernel won't immediately
crash anwyay.
Powered by blists - more mailing lists