From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 67140C54E5D for ; Tue, 12 Mar 2024 18:22:51 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DB0C78E0008; Tue, 12 Mar 2024 14:22:50 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D60EA8E0007; Tue, 12 Mar 2024 14:22:50 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C28A48E0008; Tue, 12 Mar 2024 14:22:50 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id B17BC8E0007 for ; Tue, 12 Mar 2024 14:22:50 -0400 (EDT) Received: from smtpin25.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 6D7821403D4 for ; Tue, 12 Mar 2024 18:22:50 +0000 (UTC) X-FDA: 81889208100.25.425DC57 Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) by imf03.hostedemail.com (Postfix) with ESMTP id 78BCC20004 for ; Tue, 12 Mar 2024 18:22:47 +0000 (UTC) Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=infradead.org header.s=bombadil.20210309 header.b=QqGwtO3T; dmarc=fail reason="No valid SPF, DKIM not aligned (relaxed)" header.from=kernel.org (policy=none); spf=none (imf03.hostedemail.com: domain of mcgrof@infradead.org has no SPF policy when checking 198.137.202.133) smtp.mailfrom=mcgrof@infradead.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1710267767; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=dyIsdsMhrpRwB/lg1STothrgvq3zjNGfcwfAiy3Vmak=; b=tkJ3tU4tJahD6yv+6PypKDtsxNRFI1FscqPeT02E7Eun63YtKjbC3/C8xLRSJg/XXqK1Jd n+Pg6M5ZbLegXY/ULID3lgmO7McJIUS5LQ0vJlCkJ7QRskWwcq1YHovtHTaVgGjNZquA8W jjYefp2XLe1XENZkHOFiamty/asMJfE= ARC-Authentication-Results: i=1; imf03.hostedemail.com; dkim=pass header.d=infradead.org header.s=bombadil.20210309 header.b=QqGwtO3T; dmarc=fail reason="No valid SPF, DKIM not aligned (relaxed)" header.from=kernel.org (policy=none); spf=none (imf03.hostedemail.com: domain of mcgrof@infradead.org has no SPF policy when checking 198.137.202.133) smtp.mailfrom=mcgrof@infradead.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1710267767; a=rsa-sha256; cv=none; b=4ux3L5ji/5pzqTIxRrX0ioP/CfBCWJvFxpmxgzdad/aFV0DPSbSUV0Zz/tndL3qurikLos IrN58RT75/PwpUp90Ibvgt63W6lC5J3HA5TmjpGu9rtlj7JdyAb7NnRWtqp7oFXJvflXLd fw0IaOgPKX9RwVGyXuWH7LjWkMPV9n4= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20210309; h=Sender:In-Reply-To:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=dyIsdsMhrpRwB/lg1STothrgvq3zjNGfcwfAiy3Vmak=; b=QqGwtO3T5/xX63J1bb+PRK1e2Y HCNI2/xOcbWZFosust02xhjQt3eLEU3w032AbMAKk5Q6Us/M2J5LhESewS88IykqWhlkGyIUup8qQ eWnZym/zxsAPg6hPjXEpsxikgIGY6wWieBYp3/aMPXWS42WpM9BMOZODHKJR4rMZAbAc23ibPSQ2N tsSpuc9c6pdvZ/fsZU2Zm+UXsZ15mWdicSuBqEX/ez9fyZ3EDtB8jGH03SSyDIrop2OtOfb2aEcT5 lAah57O7yF5dxZ/wVu6s+1BqyiE1TTE8BHL1uBVXRDvk+3wwqGHvEgsWdN+zXpv7A9F9QNQRmBwbu 3okmEohw==; Received: from mcgrof by bombadil.infradead.org with local (Exim 4.97.1 #2 (Red Hat Linux)) id 1rk6lQ-00000007648-3mVp; Tue, 12 Mar 2024 18:22:12 +0000 Date: Tue, 12 Mar 2024 11:22:12 -0700 From: Luis Chamberlain To: Suren Baghdasaryan Cc: akpm@linux-foundation.org, kent.overstreet@linux.dev, mhocko@suse.com, vbabka@suse.cz, hannes@cmpxchg.org, roman.gushchin@linux.dev, mgorman@suse.de, dave@stgolabs.net, willy@infradead.org, liam.howlett@oracle.com, penguin-kernel@i-love.sakura.ne.jp, corbet@lwn.net, void@manifault.com, peterz@infradead.org, juri.lelli@redhat.com, catalin.marinas@arm.com, will@kernel.org, arnd@arndb.de, tglx@linutronix.de, mingo@redhat.com, dave.hansen@linux.intel.com, x86@kernel.org, peterx@redhat.com, david@redhat.com, axboe@kernel.dk, masahiroy@kernel.org, nathan@kernel.org, dennis@kernel.org, jhubbard@nvidia.com, tj@kernel.org, muchun.song@linux.dev, rppt@kernel.org, paulmck@kernel.org, pasha.tatashin@soleen.com, yosryahmed@google.com, yuzhao@google.com, dhowells@redhat.com, hughd@google.com, andreyknvl@gmail.com, keescook@chromium.org, ndesaulniers@google.com, vvvvvv@google.com, gregkh@linuxfoundation.org, ebiggers@google.com, ytcoode@gmail.com, vincent.guittot@linaro.org, dietmar.eggemann@arm.com, rostedt@goodmis.org, bsegall@google.com, bristot@redhat.com, vschneid@redhat.com, cl@linux.com, penberg@kernel.org, iamjoonsoo.kim@lge.com, 42.hyeyoo@gmail.com, glider@google.com, elver@google.com, dvyukov@google.com, shakeelb@google.com, songmuchun@bytedance.com, jbaron@akamai.com, aliceryhl@google.com, rientjes@google.com, minchan@google.com, kaleshsingh@google.com, kernel-team@android.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, iommu@lists.linux.dev, linux-arch@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-modules@vger.kernel.org, kasan-dev@googlegroups.com, cgroups@vger.kernel.org Subject: Re: [PATCH v5 12/37] lib: prevent module unloading if memory is not freed Message-ID: References: <20240306182440.2003814-1-surenb@google.com> <20240306182440.2003814-13-surenb@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240306182440.2003814-13-surenb@google.com> X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 78BCC20004 X-Stat-Signature: huq3m8mbjx5y8dmy7yj8cn8kzt3ojkwy X-Rspam-User: X-HE-Tag: 1710267767-451261 X-HE-Meta: U2FsdGVkX19/NfaIIhYO0qzqPKgvfc2J1Q9JKvnwFloKP/CrDLFVFKGcxTcmko2q+g1WOxrzmI3MYR7VHvB4CXcoAAG1BSXgYGYpaDISKw+xbp6oSf+dIPwP5+K6czCZv2UJKoNWf/6zyAkDa2veJz5j6RDRyAYrGCWkz1CxkyFXPcSlwp7WaI6TmFSqypAgg7vQ/yIuSiY8i5T/iR1yx6bDymkPmR71/xJZ/OjRHtKTNqFkEVjXF2V+BHsWaQsugZCwEcdX0cJm2N+jY9Z6ciuZ0wzWj4WDp4UflrK0a9aqmpjH7MamCre7YvDGEOU+kZQcO2bj9rRTGQ0F3BJDWg9ekm//PVX8uWM6fxgYSNK/asHwwmt99x3Q1yqH/ixkxn1ybjrtRcdlLrtppy5trI8sJpSxwrXgOjkJglIdBUgGY/S6Wf8GQlneNCrq3G6Pbyya3oJ1cr2zFTeICAqQiYtWggHLJc18MlGirXmkO/0sZltK+5h7gbtG46XRjBCPdQ2h8A9ZQeVVS5pE1uQmLSwYdW4ATNAYDxmKL3HZgcIEjr0dWmoW5Y6fRfkJWiyF9YSOz1TL/riZBfLWGbZlrV6CwAmJLZejX8YC/8t1lO5CMjnI2GQag7DkbrZI8b3+M1vOceqo2OY1/adUvp2fjrOYzDUQo2Y1Zzz6V+eXNSthwvfdqwrBFpLAyKDnN3aB0UY1V8y3cohpfTcAbk5/koMEfrL8CT32tWb4G/VwF1qnyjXHZp9EoQR02flnteZzWHarhWyxXkA9KSYfjAhdx3wg/7BsJh+fNm5ZQkTnBK1k3f74wlPcLTV9Q3VK935X76CqLSr/PSXZF9YzCnyyHUaV0vz3RZQGyUmoBXuN3no6463Tidgm9ZzPWYIsJ7zydC5GIOZcnuc5UvVoLJEF9UUDNZMH+iBoSP8aqDWCDqdd3GmxU7lgTUX48eceAzi6YnW3zrI99puIBEJuYhE KefvcBpK F8pSB4SCyKbENLQYN5Sk8UmvlJn+T/+gHsB8Usz3TVuiowccRDtlrNcqoaENDO6Btg54sEEZnrbBBtj7+5H1cuUYpj8Avh9+l8/3MCqSkJZe2flE= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Wed, Mar 06, 2024 at 10:24:10AM -0800, Suren Baghdasaryan wrote: > Skip freeing module's data section if there are non-zero allocation tags > because otherwise, once these allocations are freed, the access to their > code tag would cause UAF. So you just let them linger? > Signed-off-by: Suren Baghdasaryan > /* Free a module, remove from lists, etc. */ > static void free_module(struct module *mod) > { > + bool unload_codetags; > + > trace_module_free(mod); > > - codetag_unload_module(mod); > + unload_codetags = codetag_unload_module(mod); > + if (!unload_codetags) > + pr_warn("%s: memory allocation(s) from the module still alive, cannot unload cleanly\n", > + mod->name); > + Because this is not unwinding anything. Should'd we check if we can free all tags first, if we can't then we can't free the module. If we can then ensure we don't enter a state where we can't later? Luis