On Tue, Aug 18, 2020 at 8:52 AM Stephen Smalley
<stephen.smalley.work@xxxxxxxxx> wrote:
>
> On Tue, Aug 18, 2020 at 8:28 AM Stephen Smalley
> <stephen.smalley.work@xxxxxxxxx> wrote:
> >
> > On Mon, Aug 17, 2020 at 10:25 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote:
> > >
> > > On Thu, Aug 13, 2020 at 12:32 PM Stephen Smalley
> > > <stephen.smalley.work@xxxxxxxxx> wrote:
> > > >
> > > > I noticed this in /sys/kernel/debug/kmemleak while testing other
> > > > patches. This is on 5.8.0-rc1 but may be older.
> > > >
> > > > unreferenced object 0xffff888158b40380 (size 32):
> > > > comm "netlabelctl", pid 2982, jiffies 4295212079 (age 3234.561s)
> > > > hex dump (first 32 bytes):
> > > > 80 03 b4 58 81 88 ff ff 80 03 b4 58 81 88 ff ff ...X.......X....
> > > > 90 03 b4 58 81 88 ff ff 90 03 b4 58 81 88 ff ff ...X.......X....
> > > > backtrace:
> > > > [<000000009fe161a4>] netlbl_mgmt_add_common+0x2df/0x9b0
> > > > [<00000000816cc1d9>] netlbl_mgmt_adddef+0x133/0x190
> > > > [<00000000f060e456>] genl_rcv_msg+0x2dd/0x490
> > > > [<000000001c733400>] netlink_rcv_skb+0xd0/0x200
> > > > [<00000000c42f6f58>] genl_rcv+0x24/0x40
> > > > [<000000005421c040>] netlink_unicast+0x2b4/0x3e0
> > > > [<00000000ab107bba>] netlink_sendmsg+0x3a6/0x660
> > > > [<00000000643024bd>] sock_sendmsg+0x96/0xa0
> > > > [<00000000ba78e5a6>] ____sys_sendmsg+0x404/0x440
> > > > [<000000006f3de0f5>] ___sys_sendmsg+0xd8/0x140
> > > > [<000000009b8c70ea>] __sys_sendmsg+0xa3/0x110
> > > > [<00000000e65194c3>] do_syscall_64+0x52/0xb0
> > > > [<00000000367aebc6>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
> > >
> > > Hmmm, that's interesting, a quick look at the code doesn't reveal
> > > anything obvious and it looks like I don't currently have kmemleak
> > > enabled in my kernel so I'll need to rebuild ... you wouldn't happen
> > > to have line numbers for the backtrace above would you? Anything
> > > special you did to reproduce this?
> >
> > I don't still have that kernel so I'll need to reproduce it again. It
> > was reproducible however just by running the selinux-testsuite and
> > then echo scan > /sys/kernel/debug/kmemleak and then cat
> > /sys/kernel/debug/kmemleak. kmemleak-related config was:
> > CONFIG_HAVE_DEBUG_KMEMLEAK=y
> > CONFIG_DEBUG_KMEMLEAK=y
> > CONFIG_DEBUG_KMEMLEAK_MEM_POOL_SIZE=4096
> > # CONFIG_DEBUG_KMEMLEAK_TEST is not set
> > # CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF is not set
> > CONFIG_DEBUG_KMEMLEAK_AUTO_SCAN=y
>
> If I am decoding this correctly, it looks like the leaking allocation
> is at net/netlabel/netlabel_mgmt.c:152:
> 147 if (info->attrs[NLBL_MGMT_A_IPV4ADDR]) {
> 148 struct in_addr *addr;
> 149 struct in_addr *mask;
> 150 struct netlbl_domaddr4_map *map;
> 151
> 152 addrmap = kzalloc(sizeof(*addrmap), GFP_KERNEL);
> 153 if (addrmap == NULL) {
> 154 ret_val = -ENOMEM;
> 155 goto add_doi_put_def;
> 156 }
And the full stacktrace fed through decode_stacktrace.sh (which I
didn't realize existed until just now, was doing it by hand) is:
netlbl_mgmt_add_common (net/netlabel/netlabel_mgmt.c:153)
netlbl_mgmt_adddef (net/netlabel/netlabel_mgmt.c:546)
genl_rcv_msg (net/netlink/genetlink.c:693 net/netlink/genetlink.c:736
net/netlink/genetlink.c:753)
netlink_rcv_skb (net/netlink/af_netlink.c:2470)
genl_rcv (net/netlink/genetlink.c:765)
netlink_unicast (net/netlink/af_netlink.c:1304 net/netlink/af_netlink.c:1329)
netlink_sendmsg (net/netlink/af_netlink.c:1918)
sock_sendmsg (net/socket.c:652 net/socket.c:672)
____sys_sendmsg (net/socket.c:2352)
___sys_sendmsg (net/socket.c:2408)
__sys_sendmsg (./include/linux/file.h:31 net/socket.c:2441)
do_syscall_64 (arch/x86/entry/common.c:359)
entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:124)
