From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id CCC84ECAAD3
	for <linux-mm@archiver.kernel.org>; Fri,  9 Sep 2022 16:47:55 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 1676C6B0071; Fri,  9 Sep 2022 12:47:55 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 116C66B0072; Fri,  9 Sep 2022 12:47:55 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id F217E8D0001; Fri,  9 Sep 2022 12:47:54 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12])
	by kanga.kvack.org (Postfix) with ESMTP id DFF516B0071
	for <linux-mm@kvack.org>; Fri,  9 Sep 2022 12:47:54 -0400 (EDT)
Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay06.hostedemail.com (Postfix) with ESMTP id 9D6A1AB6D6
	for <linux-mm@kvack.org>; Fri,  9 Sep 2022 16:47:54 +0000 (UTC)
X-FDA: 79893128868.28.5015646
Received: from smtp.smtpout.orange.fr (smtp03.smtpout.orange.fr [80.12.242.125])
	by imf04.hostedemail.com (Postfix) with ESMTP id F33D040081
	for <linux-mm@kvack.org>; Fri,  9 Sep 2022 16:47:52 +0000 (UTC)
Received: from [192.168.1.18] ([90.11.190.129])
	by smtp.orange.fr with ESMTPA
	id WhATopmnsPMmaWhAToUQN3; Fri, 09 Sep 2022 18:47:51 +0200
X-ME-Helo: [192.168.1.18]
X-ME-Auth: Y2hyaXN0b3BoZS5qYWlsbGV0QHdhbmFkb28uZnI=
X-ME-Date: Fri, 09 Sep 2022 18:47:51 +0200
X-ME-IP: 90.11.190.129
Message-ID: <2025305d-16db-abdf-6cd3-1fb93371c2b4@wanadoo.fr>
Date: Fri, 9 Sep 2022 18:47:49 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.11.0
Subject: Re: [PATCH] mm/slub: fix to return errno if kmalloc() fails
Content-Language: fr
To: Chao Yu <chao@kernel.org>, linux-mm@kvack.org
Cc: akpm@linux-foundation.org, linux-kernel@vger.kernel.org,
 jaegeuk@kernel.org, Chao Yu <chao.yu@oppo.com>, vbabka@kernel.org,
 muchun.song@linux.dev
References: <20220830141009.150075-1-chao@kernel.org>
From: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
In-Reply-To: <20220830141009.150075-1-chao@kernel.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1662742073; a=rsa-sha256;
	cv=none;
	b=1JeLg0YRnmF9F+tnTNyOQom7gRJTTVjlYjYT6EuZSB+UVlJrBHFDX8nFPJ2Mr3WmMAc3Md
	4fJfpZOnL8TU2FJMKkWkhBEJXM/xP/CuR6QJikogNWQ5Na+3pr0P6C3nwyxdXJM+0K5j88
	Xz+TpFOXTJnQHUlEa0m6ZdPOob2qje8=
ARC-Authentication-Results: i=1;
	imf04.hostedemail.com;
	dkim=none;
	dmarc=none;
	spf=pass (imf04.hostedemail.com: domain of christophe.jaillet@wanadoo.fr designates 80.12.242.125 as permitted sender) smtp.mailfrom=christophe.jaillet@wanadoo.fr
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1662742073;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=YeklOwzIjtLiwF9/UtmxiN6stBYPUGstsfhRz5EbvkE=;
	b=6DTDFh1lOVT4zm/0wkX8SRHUwR7iCOEkNwvYE4HfzClNbRM0uDCZ/7yR3iXaVf8Ve9dlx9
	dG/qSOxTORyF4cWTvjToB6bVY5UrN2yQh4Ih4ZYIsU926plP3CbWQwf09UJfNOlzW1tKFA
	9NodsXVl3P/sgibQSjYKWlesTEqGpxc=
X-Stat-Signature: up4srhqfwn8e3m3m44xxhmrpj68tgnc8
X-Rspamd-Queue-Id: F33D040081
X-Rspam-User: 
Authentication-Results: imf04.hostedemail.com;
	dkim=none;
	dmarc=none;
	spf=pass (imf04.hostedemail.com: domain of christophe.jaillet@wanadoo.fr designates 80.12.242.125 as permitted sender) smtp.mailfrom=christophe.jaillet@wanadoo.fr
X-Rspamd-Server: rspam02
X-HE-Tag: 1662742072-422516
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000126, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

Le 30/08/2022 à 16:10, Chao Yu a écrit :
> From: Chao Yu <chao.yu@oppo.com>
> 
> In create_unique_id(), kmalloc(, GFP_KERNEL) can fail due to
> out-of-memory, if it fails, return errno correctly rather than
> triggering panic via BUG_ON();
> 
> kernel BUG at mm/slub.c:5893!
> Internal error: Oops - BUG: 0 [#1] PREEMPT SMP
> 
> Call trace:
>   sysfs_slab_add+0x258/0x260 mm/slub.c:5973
>   __kmem_cache_create+0x60/0x118 mm/slub.c:4899
>   create_cache mm/slab_common.c:229 [inline]
>   kmem_cache_create_usercopy+0x19c/0x31c mm/slab_common.c:335
>   kmem_cache_create+0x1c/0x28 mm/slab_common.c:390
>   f2fs_kmem_cache_create fs/f2fs/f2fs.h:2766 [inline]
>   f2fs_init_xattr_caches+0x78/0xb4 fs/f2fs/xattr.c:808
>   f2fs_fill_super+0x1050/0x1e0c fs/f2fs/super.c:4149
>   mount_bdev+0x1b8/0x210 fs/super.c:1400
>   f2fs_mount+0x44/0x58 fs/f2fs/super.c:4512
>   legacy_get_tree+0x30/0x74 fs/fs_context.c:610
>   vfs_get_tree+0x40/0x140 fs/super.c:1530
>   do_new_mount+0x1dc/0x4e4 fs/namespace.c:3040
>   path_mount+0x358/0x914 fs/namespace.c:3370
>   do_mount fs/namespace.c:3383 [inline]
>   __do_sys_mount fs/namespace.c:3591 [inline]
>   __se_sys_mount fs/namespace.c:3568 [inline]
>   __arm64_sys_mount+0x2f8/0x408 fs/namespace.c:3568
> 
> Cc: <stable@kernel.org>
> Reported-by: syzbot+81684812ea68216e08c5@syzkaller.appspotmail.com
> Signed-off-by: Chao Yu <chao.yu@oppo.com>
> ---
>   mm/slub.c | 5 ++++-
>   1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/mm/slub.c b/mm/slub.c
> index 862dbd9af4f5..e6f3727b9ad2 100644
> --- a/mm/slub.c
> +++ b/mm/slub.c
> @@ -5890,7 +5890,8 @@ static char *create_unique_id(struct kmem_cache *s)
>   	char *name = kmalloc(ID_STR_LENGTH, GFP_KERNEL);

Hi,

looks that ID_STR_LENGTH could even be reduced to 32 or 16.

The 2nd BUG_ON at the end of the function could certainly be just 
removed as well or remplaced by a:
    	if (p > name + ID_STR_LENGTH - 1) {
		kfree(name);
		return -E<something>;
	}

Just my 2c,

CJ

>   	char *p = name;
>   
> -	BUG_ON(!name);
> +	if (!name)
> +		return ERR_PTR(-ENOMEM);
>   
>   	*p++ = ':';
>   	/*
> @@ -5948,6 +5949,8 @@ static int sysfs_slab_add(struct kmem_cache *s)
>   		 * for the symlinks.
>   		 */
>   		name = create_unique_id(s);
> +		if (IS_ERR(name))
> +			return PTR_ERR(name);
>   	}
>   
>   	s->kobj.kset = kset;