From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 52502C54E5D for ; Tue, 12 Mar 2024 18:41:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C3B928E000B; Tue, 12 Mar 2024 14:41:46 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id BC47B8E0007; Tue, 12 Mar 2024 14:41:46 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A16D08E000B; Tue, 12 Mar 2024 14:41:46 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 8DADF8E0007 for ; Tue, 12 Mar 2024 14:41:46 -0400 (EDT) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 8A50140A42 for ; Tue, 12 Mar 2024 18:41:45 +0000 (UTC) X-FDA: 81889255770.11.76A486B Received: from mail-yw1-f170.google.com (mail-yw1-f170.google.com [209.85.128.170]) by imf19.hostedemail.com (Postfix) with ESMTP id DD6A01A000B for ; Tue, 12 Mar 2024 18:41:43 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=MgY5uCJS; spf=pass (imf19.hostedemail.com: domain of surenb@google.com designates 209.85.128.170 as permitted sender) smtp.mailfrom=surenb@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1710268903; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=k2MYgtHOHaU2CXGG9+oDczn4RM3zU0YZuyP5JPwAa+g=; b=n3fq8Kq0vQhDKPh4XruDICJsVsspre2CzchTfOCaZcCYK6vuruWNopU91m8HgtUHelB3aX K0AgpYCmx/y7FWyhiI3IkXSxwJ7xWAv+EhCxCsSjgTISyLqKM3/abGfHglYB0S3SJZyEX4 kgJeFaRSMilRSqdc6gowfJh2rCcvakg= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1710268903; a=rsa-sha256; cv=none; b=VQkTBDXpkc1Pmkh4/30LGIfoOnrkC7xTGoKUiS1Rd/d8m/YPVtT3WniorL68wpR+bLU516 XAVijkcoafrv39o5ZmkLQaXIh+TwE/C5v98m4JX+1Xpqknz8fq7YnUcR7y8SDnG3BwxMWc T7Ht2G6D8iLVfuRX3Rs7uiBG+2OLwpA= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=MgY5uCJS; spf=pass (imf19.hostedemail.com: domain of surenb@google.com designates 209.85.128.170 as permitted sender) smtp.mailfrom=surenb@google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-yw1-f170.google.com with SMTP id 00721157ae682-60a0a54869bso1393947b3.1 for ; Tue, 12 Mar 2024 11:41:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1710268903; x=1710873703; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=k2MYgtHOHaU2CXGG9+oDczn4RM3zU0YZuyP5JPwAa+g=; b=MgY5uCJSxYiQ4Pzxvd6aK74NRGY2kBKgZRYgnDYOJksgaDC0mnV00h20AIhstxvkrf ZrAUJGWm/CXwBQuBa2S/NKmw7vs1OUMxY75DPR7QTieW7+wa6A+roMlzliSsbedqVnpu bGIxlp2pjTG6cZeuskVtqVVySjN/z913FgrTd5gRXSkpIHzn1kiALoqKVtHURrWrKhQ5 OZ9bMjjaIhVUCnxN/AIAw8KTLh8o3+3x5N2xayev6GbFnczbaP85Yo7dNDt1jx3Z7cqk jPltk+6RK9uO6WLuzkUbCQk2sD5sDuLz9wY4wL7sPjBXEvBtgQQCGnrmWMMLg+4XSKjR tUhw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710268903; x=1710873703; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=k2MYgtHOHaU2CXGG9+oDczn4RM3zU0YZuyP5JPwAa+g=; b=X5Bmp97t53a92oFc1Imy9b42j4gAghTINMfCgWL+nlqCA10b3g9Eq5+ZEEd8OklA45 Zpn/hJbeh76TpkLfRBRaAWA0NQoZ7x8eA5RqPFcOBSgU48QaU+f4NOxHifZtUwK3imqf T+bjqwNq20FSL+0Oe0obSPd3lu8CcgcYWxrroTqPHNrIEhhZG6vcn0eyAJjEzand2Udo +/D8U1E6pwDpms4qpdORS5ZTwsqaLu2V0TqIJFBRhqyfwwaSiVjcAgkpm8CLnWp+Xxh0 +YLvCvqXjULD79HmX4AKepHRh7fk4kgtJxFTdNFNrwBJrbHH0qAeqkTWwd+sHe18lPmP UEvg== X-Forwarded-Encrypted: i=1; AJvYcCUc63tvZ/EaWkiVMdl1Hug/5+1KaY75VUUBnx5d4qgHgdy35KaVxrs2whzg4CjUrtQBA5Qi8oGHIjfGGhKnjjzUm9E= X-Gm-Message-State: AOJu0YzxKta6PyN2iSWm1CXG3wQE23VrppwEBlcmMRIokbVUva4uG7Vr qPaYPEB9FjoSN1coBUJa7CspsxFDylYO0CWHZVYQXDi0K9Zyl1pbY9TyWA+Z9cMTy/CAWKnG/HG DPLYlaxfBdeQanbBTyxjZbu6gjCfRIyzWhjS/ X-Google-Smtp-Source: AGHT+IFJU+9YjFiJTRhIakZAUDsKxb4Ab6oaUlbKzNsmoW2Guyxj/oh9l2zNaCTqGzmRWVRumjgqHOm+DPQj+f7k6/8= X-Received: by 2002:a81:e546:0:b0:609:c64a:f34b with SMTP id c6-20020a81e546000000b00609c64af34bmr292571ywm.22.1710268902597; Tue, 12 Mar 2024 11:41:42 -0700 (PDT) MIME-Version: 1.0 References: <20240306182440.2003814-1-surenb@google.com> <20240306182440.2003814-13-surenb@google.com> In-Reply-To: From: Suren Baghdasaryan Date: Tue, 12 Mar 2024 11:41:28 -0700 Message-ID: Subject: Re: [PATCH v5 12/37] lib: prevent module unloading if memory is not freed To: Luis Chamberlain Cc: akpm@linux-foundation.org, kent.overstreet@linux.dev, mhocko@suse.com, vbabka@suse.cz, hannes@cmpxchg.org, roman.gushchin@linux.dev, mgorman@suse.de, dave@stgolabs.net, willy@infradead.org, liam.howlett@oracle.com, penguin-kernel@i-love.sakura.ne.jp, corbet@lwn.net, void@manifault.com, peterz@infradead.org, juri.lelli@redhat.com, catalin.marinas@arm.com, will@kernel.org, arnd@arndb.de, tglx@linutronix.de, mingo@redhat.com, dave.hansen@linux.intel.com, x86@kernel.org, peterx@redhat.com, david@redhat.com, axboe@kernel.dk, masahiroy@kernel.org, nathan@kernel.org, dennis@kernel.org, jhubbard@nvidia.com, tj@kernel.org, muchun.song@linux.dev, rppt@kernel.org, paulmck@kernel.org, pasha.tatashin@soleen.com, yosryahmed@google.com, yuzhao@google.com, dhowells@redhat.com, hughd@google.com, andreyknvl@gmail.com, keescook@chromium.org, ndesaulniers@google.com, vvvvvv@google.com, gregkh@linuxfoundation.org, ebiggers@google.com, ytcoode@gmail.com, vincent.guittot@linaro.org, dietmar.eggemann@arm.com, rostedt@goodmis.org, bsegall@google.com, bristot@redhat.com, vschneid@redhat.com, cl@linux.com, penberg@kernel.org, iamjoonsoo.kim@lge.com, 42.hyeyoo@gmail.com, glider@google.com, elver@google.com, dvyukov@google.com, shakeelb@google.com, songmuchun@bytedance.com, jbaron@akamai.com, aliceryhl@google.com, rientjes@google.com, minchan@google.com, kaleshsingh@google.com, kernel-team@android.com, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, iommu@lists.linux.dev, linux-arch@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-modules@vger.kernel.org, kasan-dev@googlegroups.com, cgroups@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: DD6A01A000B X-Rspam-User: X-Stat-Signature: 4mc1py3qm7bweja9xyitzzji4e67sb5m X-Rspamd-Server: rspam03 X-HE-Tag: 1710268903-954856 X-HE-Meta: U2FsdGVkX1+cMOK5b3wQVUTDXURWV0YUxqiglW+UYgmOy6tIvtBjjhGfwsn1ehXCv3Z1iB+HfJnOPgvNqqTWDVL4F9FDljMmLfeJbMuMIWJxGewEsxxyfTgBuwX71eziZQD/yKIzKF9WanujvfBaXnSLEXs2ogbm2Gfl0F0SFHRQetFlGNFhim9xYWtYOHbVOqNGFIIpyphLkexryUAA5XZ+K7/nXN+qHj94YzARDDGUFBYlBpAMwomQY2wiKqNLPkiUwrHTc+LF5tsPFoYzQxjl1pdFeIIsbosB42AqAt2aVjoDt34L0qn9svb9V0KlVydvTTRBMj4tU9WtZY+ecOL69/Pb42V0a+8A8Ad84U7gVawnvoiyBLuhmBDIEiQq6pGB5Of44D/vcgmdeP6JFq/srthpImaJAwai0vkIre4QR3hYWAehkgmoYveoJKSvlE/19lqlpZIDQj89gnDHKc+EPHmnixSfwm0mLBaRweL2HWP2YnMOcsLEpAtokYvTRMlLf6vCBkd3AV7Uu3hbOq3V+Uc3M3cEb0dLfN91eZkoYbbEazcneHW67aAFg67U536yymbN6zp9el1FvifsT6roSU0Icx6GCtKUoDJLNQsh+31aqem97rOvE5SwB0J7bhhikjB6xYI7u2TOxJudFfShVOb8pgNGQfRxYUir7p0kKh+xbR+T7AiN+WB3pznP32hsFmUTnteowHJ0dw/mYcgxOmG9k9LcWqQQ4E7+waBG92SBWJBooDt5jJlyx5HXjb/CFeGhv/oqqKXSZ9YYMi60xqJy1vPa76m6IiuUEE0BD0XqicI9KipU7ImbkFY3NofKCgDBoX/8RTOb+okxUXo98FkMrLgtvQ1bjEMkpaZ6sVyEd+LVurI+Dn7norbZ9/BJs0aKY1MxosIVjtXfNqUs4jNjbNxj6tnSGsa4/ryYZ8SosBo0ost8HEGxq/UoniUhEB9NRWue8keeQsW 0xfkHm8H B+sBjXEGmlV1PnAL2J0I4V4NTJbpqKFe5qJjSX6d6Asg7cDVDviP4hMACV5WUV1JtKSTt X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Mar 12, 2024 at 11:22=E2=80=AFAM Luis Chamberlain wrote: > > On Wed, Mar 06, 2024 at 10:24:10AM -0800, Suren Baghdasaryan wrote: > > Skip freeing module's data section if there are non-zero allocation tag= s > > because otherwise, once these allocations are freed, the access to thei= r > > code tag would cause UAF. > > So you just let them linger? Well, I think this is not a normal situation when a module allocated some memory and then is being unloaded without freeing that memory, no? > > > Signed-off-by: Suren Baghdasaryan > > > > /* Free a module, remove from lists, etc. */ > > static void free_module(struct module *mod) > > { > > + bool unload_codetags; > > + > > trace_module_free(mod); > > > > - codetag_unload_module(mod); > > + unload_codetags =3D codetag_unload_module(mod); > > + if (!unload_codetags) > > + pr_warn("%s: memory allocation(s) from the module still a= live, cannot unload cleanly\n", > > + mod->name); > > + > > Because this is not unwinding anything. Should'd we check if we can > free all tags first, if we can't then we can't free the module. If we > can then ensure we don't enter a state where we can't later? unload_codetags already indicates that someone has a live reference to one or more tags of that module, so we can't free them. Maybe I misunderstood your suggestion? > > Luis