| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250527132351.2050820-3-pulehui@huaweicloud.com>
Date: Tue, 27 May 2025 13:23:51 +0000
From: Pu Lehui <pulehui@...weicloud.com>
To: mhiramat@...nel.org,
oleg@...hat.com,
peterz@...radead.org,
akpm@...ux-foundation.org,
Liam.Howlett@...cle.com,
lorenzo.stoakes@...cle.com,
vbabka@...e.cz,
jannh@...gle.com,
pfalcato@...e.de
Cc: linux-mm@...ck.org,
linux-kernel@...r.kernel.org,
pulehui@...wei.com
Subject: [RFC PATCH v2 2/2] mm/mremap: Expose abnormal new_pte during move_ptes
From: Pu Lehui <pulehui@...wei.com>
When executing move_ptes, the new_pte must be NULL, otherwise it will be
overwritten by the old_pte, and cause the abnormal new_pte to be leaked.
In order to make this problem to be more explicit, let's add
WARN_ON_ONCE when new_pte is not NULL.
Suggested-by: Oleg Nesterov <oleg@...hat.com>
Signed-off-by: Pu Lehui <pulehui@...wei.com>
---
mm/mremap.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/mm/mremap.c b/mm/mremap.c
index 83e359754961..adb3a111b5c1 100644
--- a/mm/mremap.c
+++ b/mm/mremap.c
@@ -237,6 +237,8 @@ static int move_ptes(struct pagetable_move_control *pmc,
for (; old_addr < old_end; old_pte++, old_addr += PAGE_SIZE,
new_pte++, new_addr += PAGE_SIZE) {
+ WARN_ON_ONCE(!pte_none(*new_pte))
+
if (pte_none(ptep_get(old_pte)))
continue;
--
2.34.1
Powered by blists - more mailing lists