| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 Jun 2022 11:11:54 +0100
From: Will Deacon <will@...nel.org>
To: Kefeng Wang <wangkefeng.wang@...wei.com>
Cc: Vasily Averin <vvs@...nvz.org>,
Naresh Kamboju <naresh.kamboju@...aro.org>,
Shakeel Butt <shakeelb@...gle.com>,
Linux ARM <linux-arm-kernel@...ts.infradead.org>,
Stephen Rothwell <sfr@...b.auug.org.au>,
Linux-Next Mailing List <linux-next@...r.kernel.org>,
open list <linux-kernel@...r.kernel.org>,
regressions@...ts.linux.dev, lkft-triage@...ts.linaro.org,
linux-mm <linux-mm@...ck.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Ard Biesheuvel <ardb@...nel.org>,
Arnd Bergmann <arnd@...db.de>,
Catalin Marinas <catalin.marinas@....com>,
Raghuram Thammiraju <raghuram.thammiraju@....com>,
Mark Brown <broonie@...nel.org>,
Roman Gushchin <roman.gushchin@...ux.dev>,
Qian Cai <quic_qiancai@...cinc.com>
Subject: Re: [next] arm64: boot failed - next-20220606
On Thu, Jun 09, 2022 at 11:44:09AM +0800, Kefeng Wang wrote:
> On 2022/6/9 10:49, Vasily Averin wrote:
> > mem_cgroup_from_obj():
> > ffff80000836cf40: d503245f bti c
> > ffff80000836cf44: d503201f nop
> > ffff80000836cf48: d503201f nop
> > ffff80000836cf4c: d503233f paciasp
> > ffff80000836cf50: d503201f nop
> > ffff80000836cf54: d2e00021 mov x1, #0x1000000000000 // #281474976710656
> > ffff80000836cf58: 8b010001 add x1, x0, x1
> > ffff80000836cf5c: b25657e4 mov x4, #0xfffffc0000000000 // #-4398046511104
> > ffff80000836cf60: d34cfc21 lsr x1, x1, #12
> > ffff80000836cf64: d37ae421 lsl x1, x1, #6
> > ffff80000836cf68: 8b040022 add x2, x1, x4
> > ffff80000836cf6c: f9400443 ldr x3, [x2, #8]
> >
> > x5 : ffff80000a96f000 x4 : fffffc0000000000 x3 : ffff80000ad5e680
> > x2 : fffffe00002bc240 x1 : 00000200002bc240 x0 : ffff80000af09740
> >
> > x0 = 0xffff80000af09740 is an argument of mem_cgroup_from_obj()
> > according to System.map it is init_net
> >
> > This issue is caused by calling virt_to_page() on address of static variable init_net.
> > Arm64 consider that addresses of static variables are not valid virtual addresses.
> > On x86_64 the same API works without any problem.
This just depends on whether or not the kernel is running out of the linear
mapping or not. On arm64, we use the vmalloc area for the kernel image and
so virt_to_page() won't work, just like it won't work for modules on other
architectures.
How are module addresses handled by mem_cgroup_from_obj()?
> > Unfortunately I do not understand the cause of the problem.
> > I do not see any bugs in my patch.
> > I'm using an existing API, mem_cgroup_from_obj(), to find the memory cgroup used
> > to account for the specified object.
> > In particular, in the current case, I wanted to get the memory cgroup of the
> > specified network namespace by the name taken from for_each_net().
> > The first object in this list is the static structure unit_net
>
> root@...t:~# cat /proc/kallsyms |grep -w _data
> ffff80000a110000 D _data
> root@...t:~# cat /proc/kallsyms |grep -w _end
> ffff80000a500000 B _end
> root@...t:~# cat /proc/kallsyms |grep -w init_net
> ffff80000a4eb980 B init_net
>
> the init_net is located in data section, on arm64, it is allowed by vmalloc,
> see
>
> map_kernel_segment(pgdp, _data, _end, PAGE_KERNEL, &vmlinux_data, 0, 0);
>
> and the arm has same behavior.
>
> We could let init_net be allocated dynamically, but I think it could change
> a lot.
>
> Any better sugguestion, Catalin?
For this specific issue, can you use lm_alias to get a virtual address
suitable for virt_to_page()? My question about modules still applies though.
Will
Powered by blists - more mailing lists