From: "Serge E. Hallyn" <serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
To: Nathan Lynch <ntl-e+AXbWqSrlAAvxtiuMwx3w@public.gmane.org>
Cc: Linux Containers <containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org>
Subject: Re: [PATCH ckpt-v15] allocate checkpoint headers with kzalloc
Date: Wed, 13 May 2009 12:02:57 -0500 [thread overview]
Message-ID: <20090513170257.GA18675@us.ibm.com> (raw)
In-Reply-To: <m3zldhxai8.fsf-e+AXbWqSrlAAvxtiuMwx3w@public.gmane.org>
Quoting Nathan Lynch (ntl-e+AXbWqSrlAAvxtiuMwx3w@public.gmane.org):
> In a checkpoint image I noticed a lot of 0x6b (POISON_FREE) bytes
> corresponding to checkpoint_restart_block -- this indicates that we
> would write uninitialized kernel memory to the image in cases where
> slab allocator debugging is not enabled[1].
>
> Use kzalloc in ckpt_hdr_get.
Yikes, yes, that's on par with a recent ecryptfs bug that did the
same thing.
Have you audited for other such potential privileged data leaks?
(besides "all sysvipc" which we know about :)
thanks,
-serge
> [1] slub's debug mode apparently initializes allocated buffers to
> POISON_FREE instead of POISON_INUSE, which confused me for a bit.
> Maybe I don't understand the intended meanings of the poison values.
>
> Signed-off-by: Nathan Lynch <ntl-e+AXbWqSrlAAvxtiuMwx3w@public.gmane.org>
> ---
> checkpoint/sys.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/checkpoint/sys.c b/checkpoint/sys.c
> index 255ebc1..34a226c 100644
> --- a/checkpoint/sys.c
> +++ b/checkpoint/sys.c
> @@ -117,7 +117,7 @@ int ckpt_kread(struct ckpt_ctx *ctx, void *addr, int count)
> */
> void *ckpt_hdr_get(struct ckpt_ctx *ctx, int len)
> {
> - return kmalloc(len, GFP_KERNEL);
> + return kzalloc(len, GFP_KERNEL);
> }
>
> /**
> --
> 1.6.0.6
>
> _______________________________________________
> Containers mailing list
> Containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
> https://lists.linux-foundation.org/mailman/listinfo/containers
next prev parent reply other threads:[~2009-05-13 17:02 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-13 15:55 [PATCH ckpt-v15] allocate checkpoint headers with kzalloc Nathan Lynch
[not found] ` <m3zldhxai8.fsf-e+AXbWqSrlAAvxtiuMwx3w@public.gmane.org>
2009-05-13 17:02 ` Serge E. Hallyn [this message]
[not found] ` <20090513170257.GA18675-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-05-13 17:25 ` Nathan Lynch
2009-05-14 16:32 ` Oren Laadan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090513170257.GA18675@us.ibm.com \
--to=serue-r/jw6+rmf7hqt0dzr+alfa@public.gmane.org \
--cc=containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=ntl-e+AXbWqSrlAAvxtiuMwx3w@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox