[dpdk-dev] [PATCH] eal: fix crash on mmap error in rte_eal_hugepage_attach()
2016-10-03 14:04, Sergio Gonzalez Monroy:
> On 28/09/2016 11:52, maciej.czekaj at caviumnetworks.com wrote:
> > From: Maciej Czekaj
> >
> > In ASLR-enabled system, it is possible that selected
> > virtual space is occupied by program segments. Therefore,
> > error path should not blindly unmap all memmory segments
> > but only those already mapped.
> >
> > Steps that lead to crash:
> > 1. memeseg 0 in secondary process overlaps
> > with libc.so
> > 2. mmap of /dev/zero fails for virtual space of memseg 0
> > 3. munmap of memseg 0 leads to unmapping libc.so itself
> > 4. app gets SIGSEGV after returning from syscall to libc
> >
> > Fixes: ea329d7f8e34 ("mem: fix leak after mapping failure")
> >
> > Signed-off-by: Maciej Czekaj
> > ---
> > lib/librte_eal/linuxapp/eal/eal_memory.c | 11 ++-
> > 1 file changed, 6 insertions(+), 5 deletions(-)
>
> Acked-by: Sergio Gonzalez Monroy
Applied, thanks
[dpdk-dev] [PATCH] eal: fix crash on mmap error in rte_eal_hugepage_attach()
On 28/09/2016 11:52, maciej.czekaj at caviumnetworks.com wrote:
> From: Maciej Czekaj
>
> In ASLR-enabled system, it is possible that selected
> virtual space is occupied by program segments. Therefore,
> error path should not blindly unmap all memmory segments
> but only those already mapped.
>
> Steps that lead to crash:
> 1. memeseg 0 in secondary process overlaps
> with libc.so
> 2. mmap of /dev/zero fails for virtual space of memseg 0
> 3. munmap of memseg 0 leads to unmapping libc.so itself
> 4. app gets SIGSEGV after returning from syscall to libc
>
> Fixes: ea329d7f8e34 ("mem: fix leak after mapping failure")
>
> Signed-off-by: Maciej Czekaj
> ---
> lib/librte_eal/linuxapp/eal/eal_memory.c | 11 ++-
> 1 file changed, 6 insertions(+), 5 deletions(-)
Acked-by: Sergio Gonzalez Monroy
