lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Sat, 23 May 2020 11:12:09 +0200
From:   Marco Elver <elver@...gle.com>
To:     Andrew Morton <akpm@...ux-foundation.org>
Cc:     Dmitry Vyukov <dvyukov@...gle.com>,
        Alexander Potapenko <glider@...gle.com>,
        Andrey Konovalov <andreyknvl@...gle.com>,
        LKML <linux-kernel@...r.kernel.org>,
        kasan-dev <kasan-dev@...glegroups.com>,
        Andrey Ryabinin <aryabinin@...tuozzo.com>,
        Linux Memory Management List <linux-mm@...ck.org>,
        Qian Cai <cai@....pw>,
        kernel test robot <rong.a.chen@...el.com>
Subject: Re: [PATCH v2] kasan: Disable branch tracing for core runtime

On Sat, 23 May 2020 at 01:42, Andrew Morton <akpm@...ux-foundation.org> wrote:
>
> On Fri, 22 May 2020 09:52:07 +0200 Marco Elver <elver@...gle.com> wrote:
>
> > During early boot, while KASAN is not yet initialized, it is possible to
> > enter reporting code-path and end up in kasan_report(). While
> > uninitialized, the branch there prevents generating any reports,
> > however, under certain circumstances when branches are being traced
> > (TRACE_BRANCH_PROFILING), we may recurse deep enough to cause kernel
> > reboots without warning.
> >
> > To prevent similar issues in future, we should disable branch tracing
> > for the core runtime.
> >
> > Link: https://lore.kernel.org/lkml/20200517011732.GE24705@shao2-debian/
> > Reported-by: kernel test robot <rong.a.chen@...el.com>
> > Signed-off-by: Marco Elver <elver@...gle.com>
>
> I assume this affects 5.6 and perhaps earlier kernels?
>
> I also assume that a cc:stable is appropriate for this fix?

Yes, it does. On the other hand, the workaround is simple enough
(disable any kind of branch profiling).

Note, the patch won't cleanly apply to 5.6 and early without this:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8a16c09edc58982d56c49ab577fdcdf830fbc3a5

Thanks,
-- Marco

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ