lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <b1a924e2-c23b-f09d-9122-fdff360cacff@marcan.st>
Date:   Sat, 19 Feb 2022 19:27:20 +0900
From:   Hector Martin <marcan@...can.st>
To:     Waiman Long <longman@...hat.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
        Ingo Molnar <mingo@...nel.org>,
        Stephen Rothwell <sfr@...b.auug.org.au>
Cc:     linux-mm@...ck.org, linux-kernel@...r.kernel.org,
        Justin Forbes <jforbes@...hat.com>,
        Rafael Aquini <aquini@...hat.com>
Subject: Re: [PATCH] mm/sparsemem: Fix 'mem_section' will never be NULL gcc 12
 warning

On 02/02/2022 04.29, Waiman Long wrote:
> The gcc 12 compiler reports a warning on the following code:
> 
>     static inline struct mem_section *__nr_to_section(unsigned long nr)
>     {
>     #ifdef CONFIG_SPARSEMEM_EXTREME
>         if (!mem_section)
>                 return NULL;
>     #endif
>        :
> 
> With CONFIG_SPARSEMEM_EXTREME on, the mem_section definition is
> 
>     extern struct mem_section **mem_section;
> 
> Obviously, mem_section cannot be NULL, but *mem_section can be if memory
> hasn't been allocated for the dynamic mem_section[] array yet. Fix this
> warning by checking for "!*mem_section" instead.
> 
> Fixes: 83e3c48729d9 ("mm/sparsemem: Allocate mem_section at runtime for CONFIG_SPARSEMEM_EXTREME=y")
> Signed-off-by: Waiman Long <longman@...hat.com>
> ---
>  include/linux/mmzone.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/include/linux/mmzone.h b/include/linux/mmzone.h
> index aed44e9b5d89..bd1b19925f3b 100644
> --- a/include/linux/mmzone.h
> +++ b/include/linux/mmzone.h
> @@ -1390,7 +1390,7 @@ static inline unsigned long *section_to_usemap(struct mem_section *ms)
>  static inline struct mem_section *__nr_to_section(unsigned long nr)
>  {
>  #ifdef CONFIG_SPARSEMEM_EXTREME
> -	if (!mem_section)
> +	if (!*mem_section)
>  		return NULL;
>  #endif
>  	if (!mem_section[SECTION_NR_TO_ROOT(nr)])
> 

This broke booting on Apple T6000 (M1 Pro; support not yet mainlined)
and it is obviously incorrect. !*mem_section is the same thing as
!mem_section[0], which is always checking element 0 for NULL instead of
the element we're interested in. These machines don't have memory at 0,
fail the spurious check, and crash on early boot.

[    0.000000] Booting Linux on physical CPU 0x0000000000 [0x612f0240]
[    0.000000] Linux version
5.17.0-rc4-asahi-next-20220217-00141-g3eb6fdba1573 (marcan@...der)
(aarch64-linux-gnu-gcc (Gentoo 11.2.0 p1) 11.2.0, GNU ld (Gentoo 2.36.1
p1) 2.36.1) #1112 SMP PREEMPT Sat Feb 19 18:01:31 JST 2022
[    0.000000] random: fast init done
[    0.000000] Machine model: Apple MacBook Pro (14-inch, M1 Pro, 2021)
[    0.000000] efi: UEFI not found.
[    0.000000] earlycon: s5l0 at MMIO32 0x000000039b200000 (options '')
[    0.000000] printk: bootconsole [s5l0] enabled
[    0.000000] Unable to handle kernel NULL pointer dereference at
virtual address 0000000000000000
<snip>
[    0.000000] pc : sparse_init+0x150/0x268
<snip>

Please revert fff3b2a167db5 and edecc06b4d34e.

-- 
Hector Martin (marcan@...can.st)
Public Key: https://mrcn.st/pub

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ