[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <35cebb4b-3a1d-fa47-4d49-1a516f36af4f@oracle.com>
Date: Fri, 7 Jan 2022 09:54:57 -0800
From: Shoaib Rao <rao.shoaib@...cle.com>
To: Lukas Bulwahn <lukas.bulwahn@...il.com>,
"David S. Miller" <davem@...emloft.net>
Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Netdev <netdev@...r.kernel.org>,
Sudip Mukherjee <sudip.mukherjee@...ethink.co.uk>
Subject: Re: Observation of a memory leak with commit 314001f0bf92 ("af_unix:
Add OOB support")
Hi Lukas,
I took a look at the patch and I fail to see how prepare_creds() could
be impacted by the patch. The only reference to a cred in the patch is
via maybe_add_creds().
prepare_creds() is called to make a copy of the current creds which will
be later modified. If there is any leak it would be in the caller not
releasing the memory. The patch does not do anything with creds.
If there is any more information that can help identify the issue, I
will be happy to look into it.
Note that a lot of bugs are timing related, so while it might seem that
a change is causing the problem, it may not be the cause, it may just be
changing the environment for the bug to show up.
Shoaib
On 1/6/22 22:48, Lukas Bulwahn wrote:
> Dear Rao and David,
>
>
> In our syzkaller instance running on linux-next,
> https://urldefense.com/v3/__https://elisa-builder-00.iol.unh.edu/syzkaller-next/__;!!ACWV5N9M2RV99hQ!YR_lD5j1kvA5QfrbPcM5nMVZZkWNcF-UEE4vKA20TPkslzzGDVPqpL-6heEhBZ_e$ , we have been
> observing a memory leak in prepare_creds,
> https://urldefense.com/v3/__https://elisa-builder-00.iol.unh.edu/syzkaller-next/report?id=1dcac8539d69ad9eb94ab2c8c0d99c11a0b516a3__;!!ACWV5N9M2RV99hQ!YR_lD5j1kvA5QfrbPcM5nMVZZkWNcF-UEE4vKA20TPkslzzGDVPqpL-6hS1luOMv$ ,
> for quite some time.
>
> It is reproducible on v5.15-rc1, v5.15, v5.16-rc8 and next-20220104.
> So, it is in mainline, was released and has not been fixed in
> linux-next yet.
>
> As syzkaller also provides a reproducer, we bisected this memory leak
> to be introduced with commit 314001f0bf92 ("af_unix: Add OOB
> support").
>
> We also tested that reverting this commit on torvalds' current tree
> made the memory leak with the reproducer go away.
>
> Could you please have a look how your commit introduces this memory
> leak? We will gladly support testing your fix in case help is needed.
>
>
> Best regards,
>
> Lukas
Powered by blists - more mailing lists