On Wed, Jul 23, 2014 at 1:33 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote: >> >>>> + htab->slab_name = kasprintf(GFP_USER, "bpf_htab_%p", htab); >>> >>> This leaks a kernel heap memory pointer to userspace. If a unique name >>> needed, I think map_id should be used instead. >> >> it leaks, how? slabinfo is only available to root. >> The same code exists in conntrack: >> net/netfilter/nf_conntrack_core.c:1767 > > Right, in extreme cases, there are system configurations where leaking > addresses even to root can be considered a bug. There are a lot of > these situations in the kernel still, that's true. However, if we can > at all avoid it, I'd really like to avoid adding new ones. Nearly all > the cases of using a memory pointer is for uniqueness concerns, but I > think can already get that from the map_id. ok. fair enough. I think slab name doesn't have to be unique anymore. It's used to be a requirement in older kernels. If it is ok to reuse now, I'll just use the same for all hash-type maps. Advice from slab expert would be great... -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
