Re: [patch 012/200] mm: slab: clarify krealloc()'s behavior with __GFP_ZERO

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am 15.12.20 um 20:08 schrieb Andy Shevchenko:
On Tue, Dec 15, 2020 at 03:30:44PM +0100, Christian König wrote:
Am 15.12.20 um 04:03 schrieb Andrew Morton:
...

Question: Can the fact that __GFP_ZERO is effectively ignored cause an
information leak if new size is larger than old size and the array is
somehow copied to user space?

I think the answer is no, but just wanted to double check. Maybe we should
note that here.
kmalloc()/kmalloc_array()/etc has the same. Should it be mentioned there as well?

No, they don't. If kmalloc()/kmalloc_array() would ignore __GFP_ZERO we would have quite a problem.

It is only krealloc()/krealloc_array() which ignore __GFP_ZERO when they don't reallocate memory because newsize is smaller than oldsize. In other words the freed up space is not cleared in any way.

Christian.



[Index of Archives]     [Kernel Archive]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]

  Powered by Linux