On Mon, 28.01.13 19:56, PaX Team ([email protected]) wrote: > > On 28 Jan 2013 at 19:21, Michael Tremer wrote: > > > Right when the system boots up, the PaX-enabled kernel panics because it > > apparently has found a memory leak in systemd. You can see the message > > that the kernel dumps in the attached screenshot and Stefan also got me > > an strace dump. In order to make that dump, he had to manually start > > systemd on the console. > > it's a false positive from USERCOPY when fs/fhandle.c:do_sys_name_to_handle > (in 3.7.x) does this: > > copy_to_user(mnt_id, &real_mount(path->mnt)->mnt_id, sizeof(*mnt_id)) > > here ->mnt_id is a struct mount instance which is allocated from a special > slab and is not marked for USERCOPY access, hence the runtime report. this > looks like a harmless infoleak so no further action is needed beyond the > obvious and simple fix: the ->mnt_id field has to be copied to a temporary > variable which can then be safely copied to userland, i'll do that in the > next patch.
I have now banned the [email protected] address from systemd-devel, until they fix their mail loop. Lennart -- Lennart Poettering - Red Hat, Inc. _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
