lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 22 Mar 2024 11:03:00 +0100
From: Ingo Molnar <mingo@...nel.org>
To: Anton Altaparmakov <anton@...era.com>
Cc: Dave Hansen <dave.hansen@...el.com>,
	"Rafael J . Wysocki" <rafael@...nel.org>,
	Pavel Machek <pavel@....cz>, Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
	Dave Hansen <dave.hansen@...ux.intel.com>,
	"x86@...nel.org" <x86@...nel.org>,
	"H . Peter Anvin" <hpa@...or.com>, Chen Yu <yu.c.chen@...el.com>,
	Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
	Catalin Marinas <catalin.marinas@....com>,
	Linux Memory Management <linux-mm@...ck.org>,
	"Rafael J . Wysocki" <rafael.j.wysocki@...el.com>,
	"linux-pm@...r.kernel.org" <linux-pm@...r.kernel.org>,
	Linux Kernel <linux-kernel@...r.kernel.org>,
	"stable@...r.kernel.org" <stable@...r.kernel.org>
Subject: Re: [PATCH] x86/pm: Fix false positive kmemleak report in
 msr_build_context().


* Anton Altaparmakov <anton@...era.com> wrote:

> Hi Dave,
> 
> > On 14 Mar 2024, at 15:05, Dave Hansen <dave.hansen@...el.com> wrote:
> > 
> > On 3/14/24 07:26, Anton Altaparmakov wrote:
> >> /* image of the saved processor state */
> >> struct saved_context {
> >> - /*
> >> - * On x86_32, all segment registers except gs are saved at kernel
> >> - * entry in pt_regs.
> >> - */
> >> - u16 gs;
> >> unsigned long cr0, cr2, cr3, cr4;
> >> u64 misc_enable;
> >> struct saved_msrs saved_msrs;
> >> @@ -27,6 +22,11 @@ struct saved_context {
> >> unsigned long tr;
> >> unsigned long safety;
> >> unsigned long return_address;
> >> + /*
> >> + * On x86_32, all segment registers except gs are saved at kernel
> >> + * entry in pt_regs.
> >> + */
> >> + u16 gs;
> >> bool misc_enable_saved;
> >> } __attribute__((packed));
> > 
> > Isn't this just kinda poking at the symptoms?  This seems to be
> > basically the exact same bug as b0b592cf08, just with a different source
> > of unaligned structure members.
> 
> Yes, that is exactly the same bug.  That's how we figured out the solution in fact - it is totally the same problem with another struct member...
> 
> > There's nothing to keep folks from reintroducing these kinds of issues
> > and evidently no way to detect when they happen without lengthy reproducers.
> 
> Correct.  But short of adding asserts / documentation that pointers must be aligned or kmemleak won't work or fixing kmemleak (which I expect is not tractical as it would become a lot slower if nothing else) not sure what else can be done.
> 
> Given I cannot see any alternative to fixing the kmemleak failures I think it is worth applying this fix.
> 
> Unless you have better ideas how to fix this issue?
> 
> What I can say is that we run a lot of tests with our CI and applying 
> this fix we do not see any kmemleak issues any more whilst without it we 
> see hundreds of the above - from a single, simple test run consisting of 
> 416 individual test cases on kernel 5.10 x86 with kmemleak enabled we got 
> 20 failures due to this which is quite a lot.  With this fix applied we 
> get zero kmemleak related failures.

I turned this tidbit into the following paragraph in the commit:

    Testing:
    
    We run a lot of tests with our CI, and after applying this fix we do not
    see any kmemleak issues any more whilst without it we see hundreds of
    the above report. From a single, simple test run consisting of 416 individual test
    cases on kernel 5.10 x86 with kmemleak enabled we got 20 failures due to this,
    which is quite a lot. With this fix applied we get zero kmemleak related failures.

Describing the impact of a fix in a changelog is always helpful.

Thanks,

	Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ