lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ZvHurCYlCoi1ZTCX@skv.local>
Date: Tue, 24 Sep 2024 01:41:48 +0300
From: Andrey Skvortsov <andrej.skvortzov@...il.com>
To: Christophe JAILLET <christophe.jaillet@...adoo.fr>
Cc: Venkat Rao Bagalkote <venkat88@...ux.vnet.ibm.com>,
	Minchan Kim <minchan@...nel.org>,
	Sergey Senozhatsky <senozhatsky@...omium.org>,
	Jens Axboe <axboe@...nel.dk>,
	Andrew Morton <akpm@...ux-foundation.org>,
	linux-kernel@...r.kernel.org, linux-block@...r.kernel.org,
	stable@...r.kernel.org
Subject: Re: [PATCH v3] zram: don't free statically defined names

On 24-09-23 19:40, Christophe JAILLET wrote:
> Le 23/09/2024 à 18:48, Andrey Skvortsov a écrit :
> > When CONFIG_ZRAM_MULTI_COMP isn't set ZRAM_SECONDARY_COMP can hold
> > default_compressor, because it's the same offset as ZRAM_PRIMARY_COMP,
> > so we need to make sure that we don't attempt to kfree() the
> > statically defined compressor name.
> > 
> > This is detected by KASAN.
> > 
> > ==================================================================
> >    Call trace:
> >     kfree+0x60/0x3a0
> >     zram_destroy_comps+0x98/0x198 [zram]
> >     zram_reset_device+0x22c/0x4a8 [zram]
> >     reset_store+0x1bc/0x2d8 [zram]
> >     dev_attr_store+0x44/0x80
> >     sysfs_kf_write+0xfc/0x188
> >     kernfs_fop_write_iter+0x28c/0x428
> >     vfs_write+0x4dc/0x9b8
> >     ksys_write+0x100/0x1f8
> >     __arm64_sys_write+0x74/0xb8
> >     invoke_syscall+0xd8/0x260
> >     el0_svc_common.constprop.0+0xb4/0x240
> >     do_el0_svc+0x48/0x68
> >     el0_svc+0x40/0xc8
> >     el0t_64_sync_handler+0x120/0x130
> >     el0t_64_sync+0x190/0x198
> > ==================================================================
> > 
> > Signed-off-by: Andrey Skvortsov <andrej.skvortzov@...il.com>
> > Fixes: 684826f8271a ("zram: free secondary algorithms names")
> > Cc: <stable@...r.kernel.org>
> > ---
> > 
> > Changes in v2:
> >   - removed comment from source code about freeing statically defined compression
> >   - removed part of KASAN report from commit description
> >   - added information about CONFIG_ZRAM_MULTI_COMP into commit description
> > 
> > Changes in v3:
> >   - modified commit description based on Sergey's comment
> >   - changed start for-loop to ZRAM_PRIMARY_COMP
> > 
> > 
> >   drivers/block/zram/zram_drv.c | 6 ++++--
> >   1 file changed, 4 insertions(+), 2 deletions(-)
> > 
> > diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c
> > index c3d245617083d..ad9c9bc3ccfc5 100644
> > --- a/drivers/block/zram/zram_drv.c
> > +++ b/drivers/block/zram/zram_drv.c
> > @@ -2115,8 +2115,10 @@ static void zram_destroy_comps(struct zram *zram)
> >   		zram->num_active_comps--;
> >   	}
> > -	for (prio = ZRAM_SECONDARY_COMP; prio < ZRAM_MAX_COMPS; prio++) {
> > -		kfree(zram->comp_algs[prio]);
> > +	for (prio = ZRAM_PRIMARY_COMP; prio < ZRAM_MAX_COMPS; prio++) {
> > +		/* Do not free statically defined compression algorithms */
> > +		if (zram->comp_algs[prio] != default_compressor)
> > +			kfree(zram->comp_algs[prio]);
> 
> Hi,
> 
> maybe kfree_const() to be more future proof and less verbose?

kfree_const() will not work if zram is built as a module. It works
only for .rodata for kernel image. [1]

1. https://elixir.bootlin.com/linux/v6.11/source/include/asm-generic/sections.h#L177

-- 
Best regards,
Andrey Skvortsov

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ