| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e7e04692866d02e6d3b32bb43b998e5d17092ba4.1738686764.git.maciej.wieczor-retman@intel.com> Date: Tue, 4 Feb 2025 18:33:48 +0100 From: Maciej Wieczor-Retman <maciej.wieczor-retman@...el.com> To: luto@...nel.org, xin@...or.com, kirill.shutemov@...ux.intel.com, palmer@...belt.com, tj@...nel.org, andreyknvl@...il.com, brgerst@...il.com, ardb@...nel.org, dave.hansen@...ux.intel.com, jgross@...e.com, will@...nel.org, akpm@...ux-foundation.org, arnd@...db.de, corbet@....net, maciej.wieczor-retman@...el.com, dvyukov@...gle.com, richard.weiyang@...il.com, ytcoode@...il.com, tglx@...utronix.de, hpa@...or.com, seanjc@...gle.com, paul.walmsley@...ive.com, aou@...s.berkeley.edu, justinstitt@...gle.com, jason.andryuk@....com, glider@...gle.com, ubizjak@...il.com, jannh@...gle.com, bhe@...hat.com, vincenzo.frascino@....com, rafael.j.wysocki@...el.com, ndesaulniers@...gle.com, mingo@...hat.com, catalin.marinas@....com, junichi.nomura@....com, nathan@...nel.org, ryabinin.a.a@...il.com, dennis@...nel.org, bp@...en8.de, kevinloughlin@...gle.com, morbo@...gle.com, dan.j.williams@...el.com, julian.stecklina@...erus-technology.de, peterz@...radead.org, cl@...ux.com, kees@...nel.org Cc: kasan-dev@...glegroups.com, x86@...nel.org, linux-arm-kernel@...ts.infradead.org, linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org, linux-mm@...ck.org, llvm@...ts.linux.dev, linux-doc@...r.kernel.org Subject: [PATCH 07/15] mm: Pcpu chunk address tag reset The problem presented here is related to NUMA systems and tag-based KASAN mode. Getting to it can be explained in the following points: 1. A new chunk is created with pcpu_create_chunk() and vm_structs are allocated. On systems with one NUMA node only one is allocated, but with more NUMA nodes at least a second one will be allocated too. 2. chunk->base_addr is assigned the modified value of vms[0]->addr and thus inherits the tag of this allocated structure. 3. In pcpu_alloc() for each possible cpu pcpu_chunk_addr() is executed which calculates per cpu pointers that correspond to the vms structure addresses. The calculations are based on adding an offset from a table to chunk->base_addr. Here the problem presents itself since for addresses based on vms[1] and up, the tag will be different than the ones based on vms[0] (base_addr). The tag mismatch happens and an error is reported. Reset the base_addr tag, since it will disable tag checks for pointers derived arithmetically from base_addr that would inherit its tag. Signed-off-by: Maciej Wieczor-Retman <maciej.wieczor-retman@...el.com> --- mm/percpu-vm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/percpu-vm.c b/mm/percpu-vm.c index cd69caf6aa8d..e13750d804f7 100644 --- a/mm/percpu-vm.c +++ b/mm/percpu-vm.c @@ -347,7 +347,7 @@ static struct pcpu_chunk *pcpu_create_chunk(gfp_t gfp) } chunk->data = vms; - chunk->base_addr = vms[0]->addr - pcpu_group_offsets[0]; + chunk->base_addr = kasan_reset_tag(vms[0]->addr) - pcpu_group_offsets[0]; pcpu_stats_chunk_alloc(); trace_percpu_create_chunk(chunk->base_addr); -- 2.47.1
Powered by blists - more mailing lists