From: Luis Chamberlain <mcgrof@kernel.org>
To: Suren Baghdasaryan <surenb@google.com>
Cc: akpm@linux-foundation.org, kent.overstreet@linux.dev,
mhocko@suse.com, vbabka@suse.cz, hannes@cmpxchg.org,
roman.gushchin@linux.dev, mgorman@suse.de, dave@stgolabs.net,
willy@infradead.org, liam.howlett@oracle.com,
penguin-kernel@i-love.sakura.ne.jp, corbet@lwn.net,
void@manifault.com, peterz@infradead.org, juri.lelli@redhat.com,
catalin.marinas@arm.com, will@kernel.org, arnd@arndb.de,
tglx@linutronix.de, mingo@redhat.com,
dave.hansen@linux.intel.com, x86@kernel.org, peterx@redhat.com,
david@redhat.com, axboe@kernel.dk, masahiroy@kernel.org,
nathan@kernel.org, dennis@kernel.org, jhubbard@nvidia.com,
tj@kernel.org, muchun.song@linux.dev, rppt@kernel.org,
paulmck@kernel.org, pasha.tatashin@soleen.com,
yosryahmed@google.com, yuzhao@google.com, dhowells@redhat.com,
hughd@google.com, andreyknvl@gmail.com, keescook@chromium.org,
ndesaulniers@google.com, vvvvvv@google.com,
gregkh@linuxfoundation.org, ebiggers@google.com,
ytcoode@gmail.com, vincent.guittot@linaro.org,
dietmar.eggemann@arm.com, rostedt@goodmis.org,
bsegall@google.com, bristot@redhat.com, vschneid@redhat.com,
cl@linux.com, penberg@kernel.org, iamjoonsoo.kim@lge.com,
42.hyeyoo@gmail.com, glider@google.com, elver@google.com,
dvyukov@google.com, shakeelb@google.com,
songmuchun@bytedance.com, jbaron@akamai.com,
aliceryhl@google.com, rientjes@google.com, minchan@google.com,
kaleshsingh@google.com, kernel-team@android.com,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
iommu@lists.linux.dev, linux-arch@vger.kernel.org,
linux-fsdevel@vger.kernel.org, linux-mm@kvack.org,
linux-modules@vger.kernel.org, kasan-dev@googlegroups.com,
cgroups@vger.kernel.org
Subject: Re: [PATCH v5 12/37] lib: prevent module unloading if memory is not freed
Date: Tue, 12 Mar 2024 11:22:12 -0700 [thread overview]
Message-ID: <ZfCdVI464EqeI9YP@bombadil.infradead.org> (raw)
In-Reply-To: <20240306182440.2003814-13-surenb@google.com>
On Wed, Mar 06, 2024 at 10:24:10AM -0800, Suren Baghdasaryan wrote:
> Skip freeing module's data section if there are non-zero allocation tags
> because otherwise, once these allocations are freed, the access to their
> code tag would cause UAF.
So you just let them linger?
> Signed-off-by: Suren Baghdasaryan <surenb@google.com>
> /* Free a module, remove from lists, etc. */
> static void free_module(struct module *mod)
> {
> + bool unload_codetags;
> +
> trace_module_free(mod);
>
> - codetag_unload_module(mod);
> + unload_codetags = codetag_unload_module(mod);
> + if (!unload_codetags)
> + pr_warn("%s: memory allocation(s) from the module still alive, cannot unload cleanly\n",
> + mod->name);
> +
Because this is not unwinding anything. Should'd we check if we can
free all tags first, if we can't then we can't free the module. If we
can then ensure we don't enter a state where we can't later?
Luis
next prev parent reply other threads:[~2024-03-12 18:22 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-06 18:23 [PATCH v5 00/37] Memory allocation profiling Suren Baghdasaryan
2024-03-06 18:23 ` [PATCH v5 01/37] fix missing vmalloc.h includes Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 02/37] asm-generic/io.h: Kill vmalloc.h dependency Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 03/37] mm/slub: Mark slab_free_freelist_hook() __always_inline Suren Baghdasaryan
2024-03-13 13:53 ` Vlastimil Babka
2024-03-06 18:24 ` [PATCH v5 04/37] scripts/kallysms: Always include __start and __stop symbols Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 05/37] fs: Convert alloc_inode_sb() to a macro Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 06/37] mm: introduce slabobj_ext to support slab object extensions Suren Baghdasaryan
2024-03-13 13:59 ` Vlastimil Babka
2024-03-06 18:24 ` [PATCH v5 07/37] mm: introduce __GFP_NO_OBJ_EXT flag to selectively prevent slabobj_ext creation Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 08/37] mm/slab: introduce SLAB_NO_OBJ_EXT to avoid obj_ext creation Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 09/37] slab: objext: introduce objext_flags as extension to page_memcg_data_flags Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 10/37] lib: code tagging framework Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 11/37] lib: code tagging module support Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 12/37] lib: prevent module unloading if memory is not freed Suren Baghdasaryan
2024-03-12 18:22 ` Luis Chamberlain [this message]
2024-03-12 18:41 ` Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 13/37] lib: add allocation tagging support for memory allocation profiling Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 14/37] lib: introduce support for page allocation tagging Suren Baghdasaryan
2024-03-15 14:24 ` Matthew Wilcox
2024-03-15 15:47 ` Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 15/37] lib: introduce early boot parameter to avoid page_ext memory overhead Suren Baghdasaryan
2024-03-13 14:35 ` Vlastimil Babka
2024-03-06 18:24 ` [PATCH v5 16/37] mm: percpu: increase PERCPU_MODULE_RESERVE to accommodate allocation tags Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 17/37] change alloc_pages name in dma_map_ops to avoid name conflicts Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 18/37] mm: enable page allocation tagging Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 19/37] mm: create new codetag references during page splitting Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 20/37] mm: fix non-compound multi-order memory accounting in __free_pages Suren Baghdasaryan
2024-03-13 14:44 ` Vlastimil Babka
2024-03-13 15:04 ` Matthew Wilcox
2024-03-13 15:31 ` Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 21/37] mm/page_ext: enable early_page_ext when CONFIG_MEM_ALLOC_PROFILING_DEBUG=y Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 22/37] lib: add codetag reference into slabobj_ext Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 23/37] mm/slab: add allocation accounting into slab allocation and free paths Suren Baghdasaryan
2024-03-15 10:58 ` Vlastimil Babka
2024-03-15 15:43 ` Suren Baghdasaryan
2024-03-15 16:52 ` Vlastimil Babka
2024-03-15 17:06 ` Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 24/37] rust: Add a rust helper for krealloc() Suren Baghdasaryan
2024-03-08 15:23 ` Miguel Ojeda
2024-03-06 18:24 ` [PATCH v5 25/37] mm/slab: enable slab allocation tagging for kmalloc and friends Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 26/37] mempool: Hook up to memory allocation profiling Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 27/37] mm: percpu: Introduce pcpuobj_ext Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 28/37] mm: percpu: Add codetag reference into pcpuobj_ext Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 29/37] mm: percpu: enable per-cpu allocation tagging Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 30/37] mm: vmalloc: Enable memory allocation profiling Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 31/37] rhashtable: Plumb through alloc tag Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 32/37] lib: add memory allocations report in show_mem() Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 33/37] codetag: debug: skip objext checking when it's for objext itself Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 34/37] codetag: debug: mark codetags for reserved pages as empty Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 35/37] codetag: debug: introduce OBJEXTS_ALLOC_FAIL to mark failed slab_ext allocations Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 36/37] MAINTAINERS: Add entries for code tagging and memory allocation profiling Suren Baghdasaryan
2024-03-06 18:24 ` [PATCH v5 37/37] memprofiling: Documentation Suren Baghdasaryan
2024-03-07 3:18 ` Randy Dunlap
2024-03-07 16:51 ` Suren Baghdasaryan
2024-03-07 19:58 ` Randy Dunlap
2024-03-07 18:17 ` Kent Overstreet
2024-03-07 20:03 ` Randy Dunlap
2024-03-07 20:15 ` John Hubbard
2024-03-07 20:53 ` Randy Dunlap
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZfCdVI464EqeI9YP@bombadil.infradead.org \
--to=mcgrof@kernel.org \
--cc=42.hyeyoo@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=aliceryhl@google.com \
--cc=andreyknvl@gmail.com \
--cc=arnd@arndb.de \
--cc=axboe@kernel.dk \
--cc=bristot@redhat.com \
--cc=bsegall@google.com \
--cc=catalin.marinas@arm.com \
--cc=cgroups@vger.kernel.org \
--cc=cl@linux.com \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=dave@stgolabs.net \
--cc=david@redhat.com \
--cc=dennis@kernel.org \
--cc=dhowells@redhat.com \
--cc=dietmar.eggemann@arm.com \
--cc=dvyukov@google.com \
--cc=ebiggers@google.com \
--cc=elver@google.com \
--cc=glider@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=hannes@cmpxchg.org \
--cc=hughd@google.com \
--cc=iamjoonsoo.kim@lge.com \
--cc=iommu@lists.linux.dev \
--cc=jbaron@akamai.com \
--cc=jhubbard@nvidia.com \
--cc=juri.lelli@redhat.com \
--cc=kaleshsingh@google.com \
--cc=kasan-dev@googlegroups.com \
--cc=keescook@chromium.org \
--cc=kent.overstreet@linux.dev \
--cc=kernel-team@android.com \
--cc=liam.howlett@oracle.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-modules@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=mgorman@suse.de \
--cc=mhocko@suse.com \
--cc=minchan@google.com \
--cc=mingo@redhat.com \
--cc=muchun.song@linux.dev \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=pasha.tatashin@soleen.com \
--cc=paulmck@kernel.org \
--cc=penberg@kernel.org \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=peterx@redhat.com \
--cc=peterz@infradead.org \
--cc=rientjes@google.com \
--cc=roman.gushchin@linux.dev \
--cc=rostedt@goodmis.org \
--cc=rppt@kernel.org \
--cc=shakeelb@google.com \
--cc=songmuchun@bytedance.com \
--cc=surenb@google.com \
--cc=tglx@linutronix.de \
--cc=tj@kernel.org \
--cc=vbabka@suse.cz \
--cc=vincent.guittot@linaro.org \
--cc=void@manifault.com \
--cc=vschneid@redhat.com \
--cc=vvvvvv@google.com \
--cc=will@kernel.org \
--cc=willy@infradead.org \
--cc=x86@kernel.org \
--cc=yosryahmed@google.com \
--cc=ytcoode@gmail.com \
--cc=yuzhao@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).