* [PATCH] userns: suppress kmemleak message
@ 2016-11-03 5:39 Dmitry Torokhov
2016-11-03 14:04 ` Jakub Kicinski
2016-11-03 14:54 ` Eric W. Biederman
0 siblings, 2 replies; 7+ messages in thread
From: Dmitry Torokhov @ 2016-11-03 5:39 UTC (permalink / raw)
To: Jakub Kicinski, Eric W. Biederman
Cc: linux-kernel, Kees Cook, Johannes Berg, Maciej Żenczykowski
We do not ever intend to unregister "user" sysctl table, unfortunately
it leads kmemleak to believe that we are leaking memory:
unreferenced object 0xffff8807383bfd48 (size 96):
comm "swapper/0", pid 1, jiffies 4294894636 (age 278.320s)
hex dump (first 32 bytes):
a0 b4 b0 ba ff ff ff ff 00 00 00 00 01 00 00 00 ................
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffffb7de59e8>] kmemleak_alloc+0x28/0x50
[<ffffffffb676e2f6>] __kmalloc+0x206/0x5a0
[<ffffffffb69be2d3>] __register_sysctl_table+0xb3/0x1130
[<ffffffffb69bf36b>] register_sysctl+0x1b/0x20
[<ffffffffba840de1>] user_namespace_sysctl_init+0x17/0x4c
[<ffffffffb60022b7>] do_one_initcall+0xb7/0x2a0
[<ffffffffba7eb102>] kernel_init_freeable+0x597/0x636
[<ffffffffb7de0433>] kernel_init+0x13/0x140
[<ffffffffb7dfb36a>] ret_from_fork+0x2a/0x40t show
[<ffffffffffffffff>] 0xffffffffffffffff
Let's annotate the pointer as kmemleak_not_leak() to suppress the
kmemleak false positive.
Reported-by: Jakub Kicinski <kubakici@wp.pl>
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
---
This was only compiled; Jakub, could you give it a spin?
kernel/ucount.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/kernel/ucount.c b/kernel/ucount.c
index 9d20d5d..07d69b2 100644
--- a/kernel/ucount.c
+++ b/kernel/ucount.c
@@ -5,6 +5,7 @@
* License.
*/
+#include <linux/kmemleak.h>
#include <linux/stat.h>
#include <linux/sysctl.h>
#include <linux/slab.h>
@@ -226,6 +227,7 @@ static __init int user_namespace_sysctl_init(void)
*/
user_header = register_sysctl("user", empty);
BUG_ON(!user_header);
+ kmemleak_not_leak(user_header);
BUG_ON(!setup_userns_sysctls(&init_user_ns));
#endif
return 0;
--
2.8.0.rc3.226.g39d4020
--
Dmitry
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH] userns: suppress kmemleak message
2016-11-03 5:39 [PATCH] userns: suppress kmemleak message Dmitry Torokhov
@ 2016-11-03 14:04 ` Jakub Kicinski
2016-11-03 14:54 ` Eric W. Biederman
1 sibling, 0 replies; 7+ messages in thread
From: Jakub Kicinski @ 2016-11-03 14:04 UTC (permalink / raw)
To: Dmitry Torokhov
Cc: Eric W. Biederman, linux-kernel, Kees Cook, Johannes Berg,
Maciej Żenczykowski
On Wed, 2 Nov 2016 22:39:48 -0700, Dmitry Torokhov wrote:
> We do not ever intend to unregister "user" sysctl table, unfortunately
> it leads kmemleak to believe that we are leaking memory:
>
> unreferenced object 0xffff8807383bfd48 (size 96):
> comm "swapper/0", pid 1, jiffies 4294894636 (age 278.320s)
> hex dump (first 32 bytes):
> a0 b4 b0 ba ff ff ff ff 00 00 00 00 01 00 00 00 ................
> 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> backtrace:
> [<ffffffffb7de59e8>] kmemleak_alloc+0x28/0x50
> [<ffffffffb676e2f6>] __kmalloc+0x206/0x5a0
> [<ffffffffb69be2d3>] __register_sysctl_table+0xb3/0x1130
> [<ffffffffb69bf36b>] register_sysctl+0x1b/0x20
> [<ffffffffba840de1>] user_namespace_sysctl_init+0x17/0x4c
> [<ffffffffb60022b7>] do_one_initcall+0xb7/0x2a0
> [<ffffffffba7eb102>] kernel_init_freeable+0x597/0x636
> [<ffffffffb7de0433>] kernel_init+0x13/0x140
> [<ffffffffb7dfb36a>] ret_from_fork+0x2a/0x40t show
> [<ffffffffffffffff>] 0xffffffffffffffff
>
> Let's annotate the pointer as kmemleak_not_leak() to suppress the
> kmemleak false positive.
>
> Reported-by: Jakub Kicinski <kubakici@wp.pl>
> Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
> ---
>
> This was only compiled; Jakub, could you give it a spin?
Tested-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Thanks!
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] userns: suppress kmemleak message
2016-11-03 5:39 [PATCH] userns: suppress kmemleak message Dmitry Torokhov
2016-11-03 14:04 ` Jakub Kicinski
@ 2016-11-03 14:54 ` Eric W. Biederman
2016-11-03 15:06 ` Jakub Kicinski
2016-12-15 12:16 ` Fubo Chen
1 sibling, 2 replies; 7+ messages in thread
From: Eric W. Biederman @ 2016-11-03 14:54 UTC (permalink / raw)
To: Dmitry Torokhov
Cc: Jakub Kicinski, linux-kernel, Kees Cook, Johannes Berg,
Maciej Żenczykowski
Dmitry Torokhov <dmitry.torokhov@gmail.com> writes:
> We do not ever intend to unregister "user" sysctl table, unfortunately
> it leads kmemleak to believe that we are leaking memory:
Sounds like an issue with kmemleak because we do retain references.
So no we don't intend to unregister the table.
As for the patch.
Nacked-by: "Eric W. Biederman" <ebiederm@xmission.com>
I can't see the using kmemleak_not_leak is possibly good form. I
would much rather have suggestions about constructs that won't confuse
kmemleak and won't need ugly annotations that serve no purpose but to
appease a tool. Perhaps the user_header variable needs to be moved out
of user_namespace_sysctl_init.
Eric
> unreferenced object 0xffff8807383bfd48 (size 96):
> comm "swapper/0", pid 1, jiffies 4294894636 (age 278.320s)
> hex dump (first 32 bytes):
> a0 b4 b0 ba ff ff ff ff 00 00 00 00 01 00 00 00 ................
> 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> backtrace:
> [<ffffffffb7de59e8>] kmemleak_alloc+0x28/0x50
> [<ffffffffb676e2f6>] __kmalloc+0x206/0x5a0
> [<ffffffffb69be2d3>] __register_sysctl_table+0xb3/0x1130
> [<ffffffffb69bf36b>] register_sysctl+0x1b/0x20
> [<ffffffffba840de1>] user_namespace_sysctl_init+0x17/0x4c
> [<ffffffffb60022b7>] do_one_initcall+0xb7/0x2a0
> [<ffffffffba7eb102>] kernel_init_freeable+0x597/0x636
> [<ffffffffb7de0433>] kernel_init+0x13/0x140
> [<ffffffffb7dfb36a>] ret_from_fork+0x2a/0x40t show
> [<ffffffffffffffff>] 0xffffffffffffffff
>
> Let's annotate the pointer as kmemleak_not_leak() to suppress the
> kmemleak false positive.
>
> Reported-by: Jakub Kicinski <kubakici@wp.pl>
> Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
> ---
>
> This was only compiled; Jakub, could you give it a spin?
>
> kernel/ucount.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/kernel/ucount.c b/kernel/ucount.c
> index 9d20d5d..07d69b2 100644
> --- a/kernel/ucount.c
> +++ b/kernel/ucount.c
> @@ -5,6 +5,7 @@
> * License.
> */
>
> +#include <linux/kmemleak.h>
> #include <linux/stat.h>
> #include <linux/sysctl.h>
> #include <linux/slab.h>
> @@ -226,6 +227,7 @@ static __init int user_namespace_sysctl_init(void)
> */
> user_header = register_sysctl("user", empty);
> BUG_ON(!user_header);
> + kmemleak_not_leak(user_header);
> BUG_ON(!setup_userns_sysctls(&init_user_ns));
> #endif
> return 0;
> --
> 2.8.0.rc3.226.g39d4020
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] userns: suppress kmemleak message
2016-11-03 14:54 ` Eric W. Biederman
@ 2016-11-03 15:06 ` Jakub Kicinski
2016-12-15 12:16 ` Fubo Chen
1 sibling, 0 replies; 7+ messages in thread
From: Jakub Kicinski @ 2016-11-03 15:06 UTC (permalink / raw)
To: Eric W. Biederman
Cc: Dmitry Torokhov, linux-kernel, Kees Cook, Johannes Berg,
Maciej Żenczykowski
On Thu, 03 Nov 2016 09:54:25 -0500, Eric W. Biederman wrote:
> Dmitry Torokhov <dmitry.torokhov@gmail.com> writes:
>
> > We do not ever intend to unregister "user" sysctl table, unfortunately
> > it leads kmemleak to believe that we are leaking memory:
>
> Sounds like an issue with kmemleak because we do retain references.
>
> So no we don't intend to unregister the table.
>
> As for the patch.
>
> Nacked-by: "Eric W. Biederman" <ebiederm@xmission.com>
>
> I can't see the using kmemleak_not_leak is possibly good form. I
> would much rather have suggestions about constructs that won't confuse
> kmemleak and won't need ugly annotations that serve no purpose but to
> appease a tool. Perhaps the user_header variable needs to be moved out
> of user_namespace_sysctl_init.
FWIW the problem now is that the compiler is clever enough to never
write the pointer to memory so kmemleak can't find it. user_header is
just held in a register for as long as it's needed even though the
variable is static.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] userns: suppress kmemleak message
2016-11-03 14:54 ` Eric W. Biederman
2016-11-03 15:06 ` Jakub Kicinski
@ 2016-12-15 12:16 ` Fubo Chen
2016-12-16 9:39 ` Johannes Berg
1 sibling, 1 reply; 7+ messages in thread
From: Fubo Chen @ 2016-12-15 12:16 UTC (permalink / raw)
To: Eric W. Biederman
Cc: Dmitry Torokhov, Jakub Kicinski, Linux Kernel, Kees Cook,
Johannes Berg, Maciej Żenczykowski
On Thu, Nov 3, 2016 at 3:54 PM, Eric W. Biederman <ebiederm@xmission.com> wrote:
> Dmitry Torokhov <dmitry.torokhov@gmail.com> writes:
>
>> We do not ever intend to unregister "user" sysctl table, unfortunately
>> it leads kmemleak to believe that we are leaking memory:
>
> Sounds like an issue with kmemleak because we do retain references.
>
> So no we don't intend to unregister the table.
>
> As for the patch.
>
> Nacked-by: "Eric W. Biederman" <ebiederm@xmission.com>
>
> I can't see the using kmemleak_not_leak is possibly good form. I
> would much rather have suggestions about constructs that won't confuse
> kmemleak and won't need ugly annotations that serve no purpose but to
> appease a tool. Perhaps the user_header variable needs to be moved out
> of user_namespace_sysctl_init.
The only alternative I see is to use WRITE_ONCE() instead of "=" to
set "user_header" such that the compiler cannot optimize that variable
away. Which of these two approaches do you prefer?
Fubo.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] userns: suppress kmemleak message
2016-12-15 12:16 ` Fubo Chen
@ 2016-12-16 9:39 ` Johannes Berg
2016-12-16 13:52 ` Fubo Chen
0 siblings, 1 reply; 7+ messages in thread
From: Johannes Berg @ 2016-12-16 9:39 UTC (permalink / raw)
To: Fubo Chen, Eric W. Biederman
Cc: Dmitry Torokhov, Jakub Kicinski, Linux Kernel, Kees Cook,
Maciej Żenczykowski
> > I can't see the using kmemleak_not_leak is possibly good form. I
> > would much rather have suggestions about constructs that won't
> > confuse kmemleak and won't need ugly annotations that serve no
> > purpose but to appease a tool. Perhaps the user_header variable
> > needs to be moved out of user_namespace_sysctl_init.
The user_header variable is probably (rightfully so) optimised away by
the compiler since it can't ever be read. Therefore, it simply doesn't
exist in the resulting binary (and it really shouldn't either) and the
kmemleak_not_leak() really is the only way to resolve that, I'd say.
> The only alternative I see is to use WRITE_ONCE() instead of "=" to
> set "user_header" such that the compiler cannot optimize that
> variable away. Which of these two approaches do you prefer?
That seems really wrong - forcing the linker/compiler to retain a
variable in the image that can never possibly be read (by anything
other than kmemleak) is just a complete waste of space.
johannes
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] userns: suppress kmemleak message
2016-12-16 9:39 ` Johannes Berg
@ 2016-12-16 13:52 ` Fubo Chen
0 siblings, 0 replies; 7+ messages in thread
From: Fubo Chen @ 2016-12-16 13:52 UTC (permalink / raw)
To: Johannes Berg
Cc: Eric W. Biederman, Dmitry Torokhov, Jakub Kicinski, Linux Kernel,
Kees Cook, Maciej Żenczykowski
On Fri, Dec 16, 2016 at 10:39 AM, Johannes Berg
<johannes@sipsolutions.net> wrote:
>
>> > I can't see the using kmemleak_not_leak is possibly good form. I
>> > would much rather have suggestions about constructs that won't
>> > confuse kmemleak and won't need ugly annotations that serve no
>> > purpose but to appease a tool. Perhaps the user_header variable
>> > needs to be moved out of user_namespace_sysctl_init.
>
> The user_header variable is probably (rightfully so) optimised away by
> the compiler since it can't ever be read. Therefore, it simply doesn't
> exist in the resulting binary (and it really shouldn't either) and the
> kmemleak_not_leak() really is the only way to resolve that, I'd say.
>
>> The only alternative I see is to use WRITE_ONCE() instead of "=" to
>> set "user_header" such that the compiler cannot optimize that
>> variable away. Which of these two approaches do you prefer?
>
> That seems really wrong - forcing the linker/compiler to retain a
> variable in the image that can never possibly be read (by anything
> other than kmemleak) is just a complete waste of space.
Does this reply count as a Reviewed-by for the original patch?
Fubo.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2016-12-16 13:53 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-11-03 5:39 [PATCH] userns: suppress kmemleak message Dmitry Torokhov
2016-11-03 14:04 ` Jakub Kicinski
2016-11-03 14:54 ` Eric W. Biederman
2016-11-03 15:06 ` Jakub Kicinski
2016-12-15 12:16 ` Fubo Chen
2016-12-16 9:39 ` Johannes Berg
2016-12-16 13:52 ` Fubo Chen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.