Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753805AbcLHVKz (ORCPT <rfc822;w@1wt.eu>);
        Thu, 8 Dec 2016 16:10:55 -0500
Received: from mail.kernel.org ([198.145.29.136]:54390 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1753706AbcLHVKx (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 8 Dec 2016 16:10:53 -0500
MIME-Version: 1.0
In-Reply-To: <CAGXu5jLVV6nvTkTkU7oEwSNgOd8Gep1XaF1pTDBY=SRn8ErKeg@mail.gmail.com>
References: <20161208184801.1689-1-mcgrof@kernel.org> <20161208194802.2438-1-mcgrof@kernel.org>
 <CAGXu5jLVV6nvTkTkU7oEwSNgOd8Gep1XaF1pTDBY=SRn8ErKeg@mail.gmail.com>
From: "Luis R. Rodriguez" <mcgrof@kernel.org>
Date: Thu, 8 Dec 2016 15:10:26 -0600
X-Gmail-Original-Message-ID: <CAB=NE6VTTWQpFFWYRbtkodR-iQE3Z8b42h4xR5xHOUueomXAUQ@mail.gmail.com>
Message-ID: <CAB=NE6VTTWQpFFWYRbtkodR-iQE3Z8b42h4xR5xHOUueomXAUQ@mail.gmail.com>
Subject: Re: [RFC 02/10] module: fix memory leak on early load_module() failures
To: Kees Cook <keescook@chromium.org>
Cc: shuah@kernel.org, Jessica Yu <jeyu@redhat.com>,
        Rusty Russell <rusty@rustcorp.com.au>,
        "Eric W. Biederman" <ebiederm@xmission.com>,
        Dmitry Torokhov <dmitry.torokhov@gmail.com>,
        Arnaldo Carvalho de Melo <acme@redhat.com>,
        Jonathan Corbet <corbet@lwn.net>, martin.wilck@suse.com,
        Michal Marek <mmarek@suse.com>, Petr Mladek <pmladek@suse.com>,
        hare <hare@suse.com>, rwright@hpe.com, Jeff Mahoney <jeffm@suse.com>,
        DSterba@suse.com, Filipe Manana <fdmanana@suse.com>,
        NeilBrown <neilb@suse.com>, Guenter Roeck <linux@roeck-us.net>,
        rgoldwyn@suse.com, subashab@codeaurora.org,
        Heinrich Schuchardt <xypron.glpk@gmx.de>,
        Aaron Tomlin <atomlin@redhat.com>, Miroslav Benes <mbenes@suse.cz>,
        "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
        Dan Williams <dan.j.williams@intel.com>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        "David S. Miller" <davem@davemloft.net>,
        Ingo Molnar <mingo@redhat.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        linux-kselftest@vger.kernel.org,
        "linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
        LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1994
Lines: 47

On Thu, Dec 8, 2016 at 2:30 PM, Kees Cook <keescook@chromium.org> wrote:
> On Thu, Dec 8, 2016 at 11:48 AM, Luis R. Rodriguez <mcgrof@kernel.org> wrote:
>> While looking for early possible module loading failures I was
>> able to reproduce a memory leak possible with kmemleak. There
>> are a few rare ways to trigger a failure:
>>
>>   o we've run into a failure while processing kernel parameters
>>     (parse_args() returns an error)
>>   o mod_sysfs_setup() fails
>>   o we're a live patch module and copy_module_elf() fails
>>
>> Chances of running into this issue is really low.
>>
>> kmemleak splat:
>>
>> unreferenced object 0xffff9f2c4ada1b00 (size 32):
>>   comm "kworker/u16:4", pid 82, jiffies 4294897636 (age 681.816s)
>>   hex dump (first 32 bytes):
>>     6d 65 6d 73 74 69 63 6b 30 00 00 00 00 00 00 00  memstick0.......
>>     00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
>>   backtrace:
>>     [<ffffffff8c6cfeba>] kmemleak_alloc+0x4a/0xa0
>>     [<ffffffff8c200046>] __kmalloc_track_caller+0x126/0x230
>>     [<ffffffff8c1bc581>] kstrdup+0x31/0x60
>>     [<ffffffff8c1bc5d4>] kstrdup_const+0x24/0x30
>>     [<ffffffff8c3c23aa>] kvasprintf_const+0x7a/0x90
>>     [<ffffffff8c3b5481>] kobject_set_name_vargs+0x21/0x90
>>     [<ffffffff8c4fbdd7>] dev_set_name+0x47/0x50
>>     [<ffffffffc07819e5>] memstick_check+0x95/0x33c [memstick]
>>     [<ffffffff8c09c893>] process_one_work+0x1f3/0x4b0
>>     [<ffffffff8c09cb98>] worker_thread+0x48/0x4e0
>>     [<ffffffff8c0a2b79>] kthread+0xc9/0xe0
>>     [<ffffffff8c6dab5f>] ret_from_fork+0x1f/0x40
>>     [<ffffffffffffffff>] 0xffffffffffffffff
>>
>> Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org>
>
> Acked-by: Kees Cook <keescook@chromium.org>
>
> Is this worth sending through -stable too?

Yes, for some reason git-send e-mail complained to me about
stable@kernel.org not being a valid local address, so I had to remove
it, but indeed. I'll try to fix this e-mail issue later and add your
tag.

 Luis