[PATCH 1/7 v2] tracefs: Revert ccbd54ff54e8 ("tracefs: Restrict tracefs when the kernel is locked down")
Steven Rostedt
rostedt at goodmis.org
Sun Oct 13 00:39:22 UTC 2019
On Sat, 12 Oct 2019 20:35:02 -0400
Steven Rostedt <rostedt at goodmis.org> wrote:
> On Sat, 12 Oct 2019 15:56:15 -0700
> Linus Torvalds <torvalds at linux-foundation.org> wrote:
>
> > On Fri, Oct 11, 2019 at 5:59 PM Steven Rostedt <rostedt at goodmis.org> wrote:
> > >
> > >
> > > I bisected this down to the addition of the proxy_ops into tracefs for
> > > lockdown. It appears that the allocation of the proxy_ops and then freeing
> > > it in the destroy_inode callback, is causing havoc with the memory system.
> > > Reading the documentation about destroy_inode and talking with Linus about
> > > this, this is buggy and wrong.
> >
> > Can you still add the explanation about the inode memory leak to this message?
> >
> > Right now it just says "it's buggy and wrong". True. But doesn't
> > explain _why_ it is buggy and wrong.
> >
>
> Sure. The patches just finished my testing (along with other fixes that
> I need to send you). I have to make a few other updates in the change
> log though, so I'll be rebasing them (but not touching the code), to
> clean up the change logs.
>
I updated this change log to state:
"I bisected this down to the addition of the proxy_ops into tracefs for
lockdown. It appears that the allocation of the proxy_ops and then freeing
it in the destroy_inode callback, is causing havoc with the memory system.
Reading the documentation about destroy_inode and talking with Linus about
this, this is buggy and wrong. When defining the destroy_inode() method, it
is expected that the destroy_inode() will also free the inode, and not just
the extra allocations done in the creation of the inode. The faulty commit
causes a memory leak of the inode data structure when they are deleted."
-- Steve
More information about the Linux-security-module-archive
mailing list