| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 12 Jul 2023 16:06:27 +0200 From: Sven Schnelle <svens@...ux.ibm.com> To: Steven Rostedt <rostedt@...dmis.org> Cc: linux-kernel@...r.kernel.org Subject: Re: [PATCH] tracing: fix memcpy size when copying stack entries Hi Steven, Sven Schnelle <svens@...ux.ibm.com> writes: > Steven Rostedt <rostedt@...dmis.org> writes: > >> On Tue, 13 Jun 2023 07:19:14 +0200 >> Sven Schnelle <svens@...ux.ibm.com> wrote: >> >>> > Yes the above may be special, but your patch breaks it. >>> >>> Indeed, i'm feeling a bit stupid for sending that patch, should have >>> used my brain during reading the source. Thanks for the explanation. >> >> Does this quiet the fortifier? >> [..] > > No, still getting the same warning: > > [ 2.302776] memcpy: detected field-spanning write (size 104) of single field "stack" at kernel/trace/trace.c:3178 (size 64) BTW, i'm seeing the same error on x86 with current master when CONFIG_FORTIFY_SOURCE=y and CONFIG_SCHED_TRACER=y: [ 3.089395] Testing tracer wakeup: [ 3.205602] ------------[ cut here ]------------ [ 3.205958] memcpy: detected field-spanning write (size 112) of single field "&entry->caller" at kernel/trace/trace.c:3173 (size 64) [ 3.205958] WARNING: CPU: 1 PID: 0 at kernel/trace/trace.c:3173 __ftrace_trace_stack+0x1d1/0x1e0 [ 3.205958] Modules linked in: [ 3.205958] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.5.0-rc1-00012-g77341f6d2110-dirty #50 [ 3.205958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014 [ 3.205958] RIP: 0010:__ftrace_trace_stack+0x1d1/0x1e0 [ 3.205958] Code: ff ff ff b9 40 00 00 00 4c 89 f6 48 c7 c2 d8 d3 9a 82 48 c7 c7 e8 82 99 82 48 89 44 24 08 c6 05 9d 8c 30 02 01 e8 0f 88 ed ff <0f> 0b 48 8b 44 24 08 e9 f4 fe ff ff 0f 1f 00 90 90 90 90 90 90 90 [ 3.205958] RSP: 0000:ffffc90000100ee0 EFLAGS: 00010086 [ 3.205958] RAX: 0000000000000000 RBX: ffff8881003db034 RCX: c0000000ffffdfff [ 3.205958] RDX: 0000000000000000 RSI: 00000000ffffdfff RDI: 0000000000000001 [ 3.205958] RBP: ffff8881003db03c R08: 0000000000000000 R09: ffffc90000100d88 [ 3.205958] R10: 0000000000000003 R11: ffffffff83343008 R12: ffff88810007a100 [ 3.205958] R13: 000000000000000e R14: 0000000000000070 R15: 0000000000000070 [ 3.205958] FS: 0000000000000000(0000) GS:ffff88817bc40000(0000) knlGS:0000000000000000 [ 3.205958] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 3.205958] CR2: 0000000000000000 CR3: 000000000322e000 CR4: 00000000000006e0 [ 3.205958] Call Trace: [ 3.205958] <IRQ> [ 3.205958] ? __ftrace_trace_stack+0x1d1/0x1e0 [ 3.205958] ? __warn+0x81/0x130 [ 3.205958] ? __ftrace_trace_stack+0x1d1/0x1e0 [ 3.205958] ? report_bug+0x171/0x1a0 [ 3.205958] ? handle_bug+0x3a/0x70 [ 3.205958] ? exc_invalid_op+0x17/0x70 [ 3.205958] ? asm_exc_invalid_op+0x1a/0x20 [ 3.205958] ? __ftrace_trace_stack+0x1d1/0x1e0 [ 3.205958] probe_wakeup+0x28e/0x340 [ 3.205958] ttwu_do_activate.isra.0+0x132/0x190 [ 3.205958] sched_ttwu_pending+0x97/0x110 [ 3.205958] __flush_smp_call_function_queue+0x131/0x400 [ 3.205958] __sysvec_call_function_single+0x2d/0xd0 [ 3.205958] sysvec_call_function_single+0x65/0x80 [ 3.205958] </IRQ> [ 3.205958] <TASK> [ 3.205958] asm_sysvec_call_function_single+0x1a/0x20 [ 3.205958] RIP: 0010:default_idle+0xf/0x20 [ 3.205958] Code: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 43 5f 31 00 fb f4 <fa> c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
Powered by blists - more mailing lists