lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 2 Feb 2024 16:40:46 -0300
From: "Guilherme G. Piccoli" <gpiccoli@...lia.com>
To: syzbot+239f12e20785af44332c@...kaller.appspotmail.com,
 Thomas Gleixner <tglx@...utronix.de>, jannh@...gle.com
Cc: akpm@...ux-foundation.org, Borislav Petkov <bp@...en8.de>,
 "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
 "H. Peter Anvin" <hpa@...or.com>, linux-kernel
 <linux-kernel@...r.kernel.org>, linux-mm@...ck.org,
 "luto@...nel.org" <luto@...nel.org>, Ingo Molnar <mingo@...hat.com>,
 "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
 Peter Zijlstra <peterz@...radead.org>, syzkaller-bugs@...glegroups.com,
 "x86@...nel.org" <x86@...nel.org>, gpiccoli@...lia.com,
 "Guilherme G. Piccoli" <kernel@...ccoli.net>, houtao1@...wei.com
Subject: Re: [syzbot] [mm?] BUG: unable to handle kernel paging request in
 bpf_probe_read_compat_str

Hi folks, I've been trying to play with this report and was able to
reproduce on v6.8-rc2, in a simple qemu VM.

But the thing is: after looking similar reports in MLs, this seems quite
the same report as [0], so a dup. And we even have a candidate fix for
it, in the form of Thomas's patch
(https://lore.kernel.org/all/87r0jwquhv.ffs@tglx/). I've tested this
patch and it works, preventing the crash.

So...

Jann: could you help me confirm the reproducer here is the same of the
other report, in which you nailed it to accessing the VSYSCALL region?
For me it's quite similar, but I'm not experienced in reading this kind
of BPF program...

Thomas: could you maybe re-submit/merge this patch, if you still agree
this is the proper fix? There's a Tested-by from Hou Tao in that thread,
and feel free to add mine as well!

Thanks in advance and let me know if I can test more stuff / provide
more data, etc - I'm glad to help here.
Cheers,


Guilherme


[0] https://lore.kernel.org/all/000000000000c84343060a850bd0@google.com/
("[syzbot] [mm?] BUG: unable to handle kernel paging request in
copy_from_kernel_nofault")

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ