lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 30 Jul 2023 07:54:40 +0200
From:   Mike Galbraith <efault@....de>
To:     Will Deacon <will@...nel.org>
Cc:     lkml <linux-kernel@...r.kernel.org>,
        Mark Rutland <mark.rutland@....com>
Subject: Re: arm64: perf test 26 rpi4 oops

On Fri, 2023-07-28 at 15:18 +0100, Will Deacon wrote:
>
> Looking at this quickly with Mark, the most likely explanation is that
> a bogus kernel address is being passed as the source pointer to
> copy_to_user(). On a whim, are you able to revert 4c91c07c93bb ("mm:
> vmalloc: convert vread() to vread_iter()") and see if the issue persists? If
> not, maybe you can try the commit before?

Ok, did that.  Neither helped, I had to revert 2e1c0170771e

6.1.42 clean
6.2.16 not so clean
[  180.564427] __vm_enough_memory: pid: 1935, comm: objdump, no enough memory for the allocation
[  180.564445] __vm_enough_memory: pid: 1935, comm: objdump, no enough memory for the allocation
6.4.7  oops
+Revert-mm-vmalloc-convert-vread-to-vread_iter.patch               oops
+Revert-iov_iter-add-copy_page_to_iter_nofault.patch               oops
+Revert-fs-proc-kcore-convert-read_kcore-to-read_kcore_iter.patch  oops
+Revert-fs-proc-kcore-avoid-bounce-buffer-for-ktext-data.patch     back to 6.2 induced alloc failures
[   48.718233] __vm_enough_memory: pid: 1747, comm: objdump, not enough memory for the allocation
[   48.718264] __vm_enough_memory: pid: 1747, comm: objdump, not enough memory for the allocation

6.4.7 plus only arm64 revert (sorta) of e025ab842ec3 does the same
[   37.587688] Unhandled KCORE type: 0
[   37.611042] __vm_enough_memory: pid: 1736, comm: objdump, not enough memory for the allocation
[   37.611073] __vm_enough_memory: pid: 1736, comm: objdump, not enough memory for the allocation

--- a/fs/proc/kcore.c
+++ b/fs/proc/kcore.c
@@ -554,6 +554,8 @@ static ssize_t read_kcore_iter(struct ki
 			fallthrough;
 		case KCORE_VMEMMAP:
 		case KCORE_TEXT:
+			if (!kern_addr_valid(start))
+				goto invalid_addr;
 			/*
 			 * We use _copy_to_iter() to bypass usermode hardening
 			 * which would otherwise prevent this operation.
@@ -563,6 +565,7 @@ static ssize_t read_kcore_iter(struct ki
 				goto out;
 			}
 			break;
+invalid_addr:
 		default:
 			pr_warn_once("Unhandled KCORE type: %d\n", m->type);
 			if (iov_iter_zero(tsz, iter) != tsz) {

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ