| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 15 Jul 2021 10:03:37 +0800
From: Chen Wandun <chenwandun@...wei.com>
To: Andrew Morton <akpm@...ux-foundation.org>
CC: <serapheim.dimitro@...phix.com>, <urezki@...il.com>,
<wangkefeng.wang@...wei.com>, <weiyongjun1@...wei.com>,
<linux-mm@...ck.org>, <linux-kernel@...r.kernel.org>,
Hulk Robot <hulkci@...wei.com>
Subject: Re: [PATCH] mm/vmalloc: fix wrong behavior in vread
在 2021/7/15 7:29, Andrew Morton 写道:
> On Wed, 14 Jul 2021 09:59:59 +0800 Chen Wandun <chenwandun@...wei.com> wrote:
>
>> commit f608788cd2d6 ("mm/vmalloc: use rb_tree instead of list for vread()
>> lookups") use rb_tree instread of list to speed up lookup, but function
>> __find_vmap_area is try to find a vmap_area that include target address,
>> if target address is smaller than the leftmost node in vmap_area_root,
>> it will return NULL, then vread will read nothing. This behavior is
>> different from the primitive semantics.
> What is "the primitive semantics"? Does this refer to behaviour prior
> to f608788cd2d6?
If address is smaller than the leftmost node in vmap_area_root and
the read size is big enough when reading [addr, addr + count),
"the primitive semantics" will fill holes by zero and copy valid vmap_area.
In such scenario, f608788cd2d6 will read noting.
>
>> The correct way is find the first vmap_are that bigger than target addr,
>> that is what function find_vmap_area_exceed_addr does.
> Is this problem observable from userspace? If so, what are the effects
> and what must an application do to trigger it?
Reading /proc/kcore will be affected.
Thanks,
Wandun
> .
Powered by blists - more mailing lists