lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Jan 2021 20:33:57 +0100 From: Andrey Konovalov <andreyknvl@...gle.com> To: Andrew Morton <akpm@...ux-foundation.org>, Catalin Marinas <catalin.marinas@....com>, Vincenzo Frascino <vincenzo.frascino@....com>, Dmitry Vyukov <dvyukov@...gle.com>, Alexander Potapenko <glider@...gle.com>, Marco Elver <elver@...gle.com> Cc: Will Deacon <will.deacon@....com>, Andrey Ryabinin <aryabinin@...tuozzo.com>, Peter Collingbourne <pcc@...gle.com>, Evgenii Stepanov <eugenis@...gle.com>, Branislav Rankov <Branislav.Rankov@....com>, Kevin Brodsky <kevin.brodsky@....com>, kasan-dev@...glegroups.com, linux-arm-kernel@...ts.infradead.org, linux-mm@...ck.org, linux-kernel@...r.kernel.org, Andrey Konovalov <andreyknvl@...gle.com> Subject: [PATCH v2 2/2] kasan, arm64: fix pointer tags in KASAN reports As of the "arm64: expose FAR_EL1 tag bits in siginfo" patch, the address that is passed to report_tag_fault has pointer tags in the format of 0x0X, while KASAN uses 0xFX format (note the difference in the top 4 bits). Fix up the pointer tag before calling kasan_report. Link: https://linux-review.googlesource.com/id/I9ced973866036d8679e8f4ae325de547eb969649 Fixes: dceec3ff7807 ("arm64: expose FAR_EL1 tag bits in siginfo") Fixes: 4291e9ee6189 ("kasan, arm64: print report from tag fault handler") Signed-off-by: Andrey Konovalov <andreyknvl@...gle.com> --- arch/arm64/mm/fault.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c index 3c40da479899..a218f6f2fdc8 100644 --- a/arch/arm64/mm/fault.c +++ b/arch/arm64/mm/fault.c @@ -304,6 +304,8 @@ static void report_tag_fault(unsigned long addr, unsigned int esr, { bool is_write = ((esr & ESR_ELx_WNR) >> ESR_ELx_WNR_SHIFT) != 0; + /* The format of KASAN tags is 0xF<x>. */ + addr |= (0xF0UL << MTE_TAG_SHIFT); /* * SAS bits aren't set for all faults reported in EL1, so we can't * find out access size. -- 2.30.0.284.gd98b1dd5eaa7-goog
Powered by blists - more mailing lists