lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 16 May 2019 15:21:19 +0100
From:   Mark Rutland <mark.rutland@....com>
To:     Mike Rapoport <rppt@...ux.ibm.com>
Cc:     Christoph Hellwig <hch@....de>, linux-kernel@...r.kernel.org,
        Steven Price <steven.price@....com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Will Deacon <will.deacon@....com>,
        Catalin Marinas <catalin.marinas@....com>
Subject: Re: Bad virt_to_phys since commit 54c7a8916a887f35

On Thu, May 16, 2019 at 05:13:14PM +0300, Mike Rapoport wrote:
> On Thu, May 16, 2019 at 02:41:06PM +0100, Mark Rutland wrote:
> > On Thu, May 16, 2019 at 02:38:20PM +0100, Mark Rutland wrote:
> > > Hi,
> > > 
> > > Since commit:
> > > 
> > >   54c7a8916a887f35 ("initramfs: free initrd memory if opening /initrd.image fails")
> > 
> > Ugh, I dropped a paragarph here.
> > 
> > Since that commit, I'm seeing a boot-time splat on arm64 when using
> > CONFIG_DEBUG_VIRTUAL. I'm running an arm64 syzkaller instance, and this
> > kills the VM, preventing further testing, which is unfortunate.
> > 
> > Mark.
> > 
> > > IIUC prior to that commit, we'd only attempt to free an intird if we had
> > > one, whereas now we do so unconditionally. AFAICT, in this case
> > > initrd_start has not been initialized (I'm not using an initrd or
> > > initramfs on my system), so we end up trying virt_to_phys() on a bogus
> > > VA in free_initrd_mem().
> > > 
> > > Any ideas on the right way to fix this?
> 
> If I remember correctly, initrd_start would be 0 unless explicitly set by
> the arch setup code, so something like this could work:
> 
> diff --git a/init/initramfs.c b/init/initramfs.c
> index 435a428c2af1..05fe60437796 100644
> --- a/init/initramfs.c
> +++ b/init/initramfs.c
> @@ -529,6 +529,9 @@ extern unsigned long __initramfs_size;
>  
>  void __weak free_initrd_mem(unsigned long start, unsigned long end)
>  {
> +       if (!start)
> +               return;
> +
>         free_reserved_area((void *)start, (void *)end, POISON_FREE_INITMEM,
>                         "initrd");
>  }

I think this should work, given Steven's patch checks the same thing.

I don't have a preference as to which patch should be taken, so I'll
leave that to Christoph.

Thanks,
Mark.

Powered by blists - more mailing lists