| Message ID | 20210421130105.1226686-82-gregkh@linuxfoundation.org |
|---|---|
| State | New |
| Headers | show |
| Series | None | expand |
On Wed, 21 Apr 2021 14:59:16 +0200 Greg Kroah-Hartman <gregkh@linuxfoundation.org> wrote: > This reverts commit 91862cc7867bba4ee5c8fcf0ca2f1d30427b6129. > > Commits from @umn.edu addresses have been found to be submitted in "bad > faith" to try to test the kernel community's ability to review "known > malicious" changes. The result of these submissions can be found in a > paper published at the 42nd IEEE Symposium on Security and Privacy > entitled, "Open Source Insecurity: Stealthily Introducing > Vulnerabilities via Hypocrite Commits" written by Qiushi Wu (University > of Minnesota) and Kangjie Lu (University of Minnesota). > > Because of this, all submissions from this group must be reverted from > the kernel tree and will need to be re-reviewed again to determine if > they actually are a valid fix. Until that work is complete, remove this > change to ensure that no problems are being introduced into the > codebase. > I have reviewed this change, and this is a valid fix and does not need to be reverted. The code before the change is: if (trace_parser_get_init(&parser, PID_BUF_SIZE + 1)) return -ENOMEM; Where that does: int trace_parser_get_init(struct trace_parser *parser, int size) { memset(parser, 0, sizeof(*parser)); parser->buffer = kmalloc(size, GFP_KERNEL); if (!parser->buffer) return 1; parser->size = size; return 0; } And the trace_parser_put() does: void trace_parser_put(struct trace_parser *parser) { kfree(parser->buffer); parser->buffer = NULL; } Hence, exiting the function without calling trace_parser_put() will indeed leak memory. Please do not revert this patch. Reviewed-by: Steven Rostedt (VMware) <rostedt@goodmis.org> -- Steve > Cc: http > Cc: stable@vger.kernel.org > Cc: Wenwen Wang <wang6495@umn.edu> > Cc: Steven Rostedt (VMware) <rostedt@goodmis.org> > Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> > --- > kernel/trace/trace.c | 5 +---- > 1 file changed, 1 insertion(+), 4 deletions(-) > > diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c > index 5c777627212f..faed4f44d224 100644 > --- a/kernel/trace/trace.c > +++ b/kernel/trace/trace.c > @@ -691,10 +691,8 @@ int trace_pid_write(struct trace_pid_list *filtered_pids, > * not modified. > */ > pid_list = kmalloc(sizeof(*pid_list), GFP_KERNEL); > - if (!pid_list) { > - trace_parser_put(&parser); > + if (!pid_list) > return -ENOMEM; > - } > > pid_list->pid_max = READ_ONCE(pid_max); > > @@ -704,7 +702,6 @@ int trace_pid_write(struct trace_pid_list *filtered_pids, > > pid_list->pids = vzalloc((pid_list->pid_max + 7) >> 3); > if (!pid_list->pids) { > - trace_parser_put(&parser); > kfree(pid_list); > return -ENOMEM; > }
On Wed, Apr 21, 2021 at 03:51:59PM +0200, Greg Kroah-Hartman wrote: > On Wed, Apr 21, 2021 at 09:33:43AM -0400, Steven Rostedt wrote: > > On Wed, 21 Apr 2021 09:29:19 -0400 > > Steven Rostedt <rostedt@goodmis.org> wrote: > > > > > Reviewed-by: Steven Rostedt (VMware) <rostedt@goodmis.org> > > > > Just to clear up any confusion about my tag above. It was a second review > > of the original patch, not for the revert. > > Fair enough, I'll handle it, thanks! Revert is now dropped from my tree, thanks for the review. greg k-h
diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 5c777627212f..faed4f44d224 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -691,10 +691,8 @@ int trace_pid_write(struct trace_pid_list *filtered_pids, * not modified. */ pid_list = kmalloc(sizeof(*pid_list), GFP_KERNEL); - if (!pid_list) { - trace_parser_put(&parser); + if (!pid_list) return -ENOMEM; - } pid_list->pid_max = READ_ONCE(pid_max); @@ -704,7 +702,6 @@ int trace_pid_write(struct trace_pid_list *filtered_pids, pid_list->pids = vzalloc((pid_list->pid_max + 7) >> 3); if (!pid_list->pids) { - trace_parser_put(&parser); kfree(pid_list); return -ENOMEM; }
This reverts commit 91862cc7867bba4ee5c8fcf0ca2f1d30427b6129. Commits from @umn.edu addresses have been found to be submitted in "bad faith" to try to test the kernel community's ability to review "known malicious" changes. The result of these submissions can be found in a paper published at the 42nd IEEE Symposium on Security and Privacy entitled, "Open Source Insecurity: Stealthily Introducing Vulnerabilities via Hypocrite Commits" written by Qiushi Wu (University of Minnesota) and Kangjie Lu (University of Minnesota). Because of this, all submissions from this group must be reverted from the kernel tree and will need to be re-reviewed again to determine if they actually are a valid fix. Until that work is complete, remove this change to ensure that no problems are being introduced into the codebase. Cc: http Cc: stable@vger.kernel.org Cc: Wenwen Wang <wang6495@umn.edu> Cc: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> --- kernel/trace/trace.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-)