lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 16 Nov 2023 15:04:04 -0500
From:   Peter Xu <peterx@...hat.com>
To:     David Hildenbrand <david@...hat.com>
Cc:     Andrew Morton <akpm@...ux-foundation.org>,
        syzbot <syzbot+7ca4b2719dc742b8d0a4@...kaller.appspotmail.com>,
        Muhammad Usama Anjum <usama.anjum@...labora.com>,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-mm@...ck.org, syzkaller-bugs@...glegroups.com,
        wangkefeng.wang@...wei.com
Subject: Re: [syzbot] [mm?] WARNING in unmap_page_range (2)

On Thu, Nov 16, 2023 at 07:13:44PM +0100, David Hildenbrand wrote:
> > It should be fine, as:
> > 
> > static void make_uffd_wp_pte(struct vm_area_struct *vma,
> > 			     unsigned long addr, pte_t *pte)
> > {
> > 	pte_t ptent = ptep_get(pte);
> > 
> > #ifndef CONFIG_USERFAULTFD_
> > 
> > 	if (pte_present(ptent)) {
> > 		pte_t old_pte;
> > 
> > 		old_pte = ptep_modify_prot_start(vma, addr, pte);
> > 		ptent = pte_mkuffd_wp(ptent);
> > 		ptep_modify_prot_commit(vma, addr, pte, old_pte, ptent);
> > 	} else if (is_swap_pte(ptent)) {
> > 		ptent = pte_swp_mkuffd_wp(ptent);
> > 		set_pte_at(vma->vm_mm, addr, pte, ptent);
> > 	} else {                                      <----------------- this must be pte_none() already
> > 		set_pte_at(vma->vm_mm, addr, pte,
> > 			   make_pte_marker(PTE_MARKER_UFFD_WP));
> > 	}
> > }
> 
> Indeed! Is pte_swp_mkuffd_wp() reasonable for pte markers? I rememebr that
> we don't support multiple markers yet, so it might be good enough.

Not really that reasonable, but nothing harmful either that I see so far;
the current code handles any pte marker without caring any of those hint
bits.

I can also reproduce this syzbot error easily with !UFFD config on x86.
Let me send the patchset to fix current known issues first.

Thanks,

-- 
Peter Xu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ