| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 Jun 2022 08:23:25 -0700
From: Shakeel Butt <shakeelb@...gle.com>
To: Catalin Marinas <catalin.marinas@....com>
Cc: Will Deacon <will@...nel.org>,
Kefeng Wang <wangkefeng.wang@...wei.com>,
Vasily Averin <vvs@...nvz.org>,
Naresh Kamboju <naresh.kamboju@...aro.org>,
Linux ARM <linux-arm-kernel@...ts.infradead.org>,
Stephen Rothwell <sfr@...b.auug.org.au>,
Linux-Next Mailing List <linux-next@...r.kernel.org>,
open list <linux-kernel@...r.kernel.org>,
regressions@...ts.linux.dev, lkft-triage@...ts.linaro.org,
linux-mm <linux-mm@...ck.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Ard Biesheuvel <ardb@...nel.org>,
Arnd Bergmann <arnd@...db.de>,
Raghuram Thammiraju <raghuram.thammiraju@....com>,
Mark Brown <broonie@...nel.org>,
Roman Gushchin <roman.gushchin@...ux.dev>,
Qian Cai <quic_qiancai@...cinc.com>
Subject: Re: [next] arm64: boot failed - next-20220606
On Thu, Jun 9, 2022 at 3:26 AM Catalin Marinas <catalin.marinas@....com> wrote:
>
> On Thu, Jun 09, 2022 at 11:11:54AM +0100, Will Deacon wrote:
> > On Thu, Jun 09, 2022 at 11:44:09AM +0800, Kefeng Wang wrote:
> > > On 2022/6/9 10:49, Vasily Averin wrote:
> > > > mem_cgroup_from_obj():
> > > > ffff80000836cf40: d503245f bti c
> > > > ffff80000836cf44: d503201f nop
> > > > ffff80000836cf48: d503201f nop
> > > > ffff80000836cf4c: d503233f paciasp
> > > > ffff80000836cf50: d503201f nop
> > > > ffff80000836cf54: d2e00021 mov x1, #0x1000000000000 // #281474976710656
> > > > ffff80000836cf58: 8b010001 add x1, x0, x1
> > > > ffff80000836cf5c: b25657e4 mov x4, #0xfffffc0000000000 // #-4398046511104
> > > > ffff80000836cf60: d34cfc21 lsr x1, x1, #12
> > > > ffff80000836cf64: d37ae421 lsl x1, x1, #6
> > > > ffff80000836cf68: 8b040022 add x2, x1, x4
> > > > ffff80000836cf6c: f9400443 ldr x3, [x2, #8]
> > > >
> > > > x5 : ffff80000a96f000 x4 : fffffc0000000000 x3 : ffff80000ad5e680
> > > > x2 : fffffe00002bc240 x1 : 00000200002bc240 x0 : ffff80000af09740
> > > >
> > > > x0 = 0xffff80000af09740 is an argument of mem_cgroup_from_obj()
> > > > according to System.map it is init_net
> > > >
> > > > This issue is caused by calling virt_to_page() on address of static variable init_net.
> > > > Arm64 consider that addresses of static variables are not valid virtual addresses.
> > > > On x86_64 the same API works without any problem.
> >
> > This just depends on whether or not the kernel is running out of the linear
> > mapping or not. On arm64, we use the vmalloc area for the kernel image and
> > so virt_to_page() won't work, just like it won't work for modules on other
> > architectures.
> >
> > How are module addresses handled by mem_cgroup_from_obj()?
>
> It doesn't look like they are handled in any way. It just expects the
> pointer to be a linear map one.
Yes, that is correct.
> Something like below:
>
> diff --git a/mm/memcontrol.c b/mm/memcontrol.c
> index 27cebaa53472..795bf3673fa7 100644
> --- a/mm/memcontrol.c
> +++ b/mm/memcontrol.c
> @@ -2860,6 +2860,11 @@ struct mem_cgroup *mem_cgroup_from_obj(void *p)
> if (mem_cgroup_disabled())
> return NULL;
>
> + if (is_module_address((unsigned long)p))
> + return NULL;
> + else if (is_kernel((unsigned long)p))
> + return NULL;
> +
How about just is_vmalloc_addr(p) check? It should cover modules and
also arm64 using vmalloc for kernel image cases.
> folio = virt_to_folio(p);
>
> /*
>
> --
> Catalin
Powered by blists - more mailing lists