Re: [patch 012/200] mm: slab: clarify krealloc()'s behavior with __GFP_ZERO

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Dec 16, 2020 at 08:47:25AM +0100, Christian König wrote:
> Am 15.12.20 um 20:08 schrieb Andy Shevchenko:
> > On Tue, Dec 15, 2020 at 03:30:44PM +0100, Christian König wrote:
> > > Am 15.12.20 um 04:03 schrieb Andrew Morton:
> > ...
> > 
> > > Question: Can the fact that __GFP_ZERO is effectively ignored cause an
> > > information leak if new size is larger than old size and the array is
> > > somehow copied to user space?
> > > 
> > > I think the answer is no, but just wanted to double check. Maybe we should
> > > note that here.
> > kmalloc()/kmalloc_array()/etc has the same. Should it be mentioned there as well?
> 
> No, they don't. If kmalloc()/kmalloc_array() would ignore __GFP_ZERO we
> would have quite a problem.
> 
> It is only krealloc()/krealloc_array() which ignore __GFP_ZERO when they
> don't reallocate memory because newsize is smaller than oldsize. In other
> words the freed up space is not cleared in any way.

Yes, true. So, you meant that comment now a bit misleading. I agree.

-- 
With Best Regards,
Andy Shevchenko







[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux