From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <sergio.gonzalez.monroy@intel.com>
Received: from mga01.intel.com (mga01.intel.com [192.55.52.88])
 by dpdk.org (Postfix) with ESMTP id 18F241396
 for <dev@dpdk.org>; Mon,  3 Oct 2016 15:04:13 +0200 (CEST)
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
 by fmsmga101.fm.intel.com with ESMTP; 03 Oct 2016 06:04:13 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.31,289,1473145200"; d="scan'208";a="15641844"
Received: from smonroyx-mobl.ger.corp.intel.com (HELO [10.237.220.60])
 ([10.237.220.60])
 by fmsmga006.fm.intel.com with ESMTP; 03 Oct 2016 06:04:12 -0700
To: maciej.czekaj@caviumnetworks.com, david.marchand@6wind.com
References: <1475059977-27370-1-git-send-email-maciej.czekaj@caviumnetworks.com>
Cc: dev@dpdk.org
From: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
Message-ID: <6c2618d5-3f54-7c84-aa92-498461842f6a@intel.com>
Date: Mon, 3 Oct 2016 14:04:11 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101
 Thunderbird/45.1.1
MIME-Version: 1.0
In-Reply-To: <1475059977-27370-1-git-send-email-maciej.czekaj@caviumnetworks.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [dpdk-dev] [PATCH] eal: fix crash on mmap error in
 rte_eal_hugepage_attach()
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Oct 2016 13:04:14 -0000

On 28/09/2016 11:52, maciej.czekaj@caviumnetworks.com wrote:
> From: Maciej Czekaj <maciej.czekaj@caviumnetworks.com>
>
> In ASLR-enabled system, it is possible that selected
> virtual space is occupied by program segments. Therefore,
> error path should not blindly unmap all memmory segments
> but only those already mapped.
>
> Steps that lead to crash:
> 1. memeseg 0 in secondary process overlaps
>     with libc.so
> 2. mmap of /dev/zero fails for virtual space of memseg 0
> 3. munmap of memseg 0 leads to unmapping libc.so itself
> 4. app gets SIGSEGV after returning from syscall to libc
>
> Fixes: ea329d7f8e34 ("mem: fix leak after mapping failure")
>
> Signed-off-by: Maciej Czekaj <maciej.czekaj@caviumnetworks.com>
> ---
>   lib/librte_eal/linuxapp/eal/eal_memory.c | 11 ++++++-----
>   1 file changed, 6 insertions(+), 5 deletions(-)

Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>