lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 20 Mar 2021 00:35:16 +0000
From:   Matthew Wilcox <willy@...radead.org>
To:     Aili Yao <yaoaili@...gsoft.com>
Cc:     David Hildenbrand <david@...hat.com>, akpm@...ux-foundation.org,
        naoya.horiguchi@....com, linux-mm@...ck.org,
        linux-kernel@...r.kernel.org, yangfeng1@...gsoft.com,
        sunhao2@...gsoft.com, Oscar Salvador <osalvador@...e.de>,
        Mike Kravetz <mike.kravetz@...cle.com>
Subject: Re: [PATCH v3] mm/gup: check page posion status for coredump.

On Fri, Mar 19, 2021 at 10:44:37AM +0800, Aili Yao wrote:
> +++ b/mm/gup.c
> @@ -1536,6 +1536,10 @@ struct page *get_dump_page(unsigned long addr)
>  				      FOLL_FORCE | FOLL_DUMP | FOLL_GET);
>  	if (locked)
>  		mmap_read_unlock(mm);
> +
> +	if (ret == 1 && is_page_poisoned(page))
> +		return NULL;
> +
>  	return (ret == 1) ? page : NULL;
>  }
>  #endif /* CONFIG_ELF_CORE */
> diff --git a/mm/internal.h b/mm/internal.h
> index 25d2b2439..902d993 100644
> --- a/mm/internal.h
> +++ b/mm/internal.h
> @@ -97,6 +97,27 @@ static inline void set_page_refcounted(struct page *page)
>  	set_page_count(page, 1);
>  }
>  
> +/*
> + * When kernel touch the user page, the user page may be have been marked
> + * poison but still mapped in user space, if without this page, the kernel
> + * can guarantee the data integrity and operation success, the kernel is
> + * better to check the posion status and avoid touching it, be good not to
> + * panic, coredump for process fatal signal is a sample case matching this
> + * scenario. Or if kernel can't guarantee the data integrity, it's better
> + * not to call this function, let kernel touch the poison page and get to
> + * panic.
> + */
> +static inline bool is_page_poisoned(struct page *page)
> +{
> +	if (page != NULL) {

Why are you checking page for NULL here?  How can it possibly be NULL?

> +		if (PageHWPoison(page))
> +			return true;
> +		else if (PageHuge(page) && PageHWPoison(compound_head(page)))
> +			return true;
> +	}
> +	return 0;
> +}
> +
>  extern unsigned long highest_memmap_pfn;
>  
>  /*
> -- 
> 1.8.3.1
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ