| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aHftpSnSit__laMx@pc636>
Date: Wed, 16 Jul 2025 20:21:25 +0200
From: Uladzislau Rezki <urezki@...il.com>
To: Marco Elver <elver@...gle.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Alexander Potapenko <glider@...gle.com>,
Dmitry Vyukov <dvyukov@...gle.com>,
Andrey Ryabinin <ryabinin.a.a@...il.com>,
Andrey Konovalov <andreyknvl@...il.com>,
Vincenzo Frascino <vincenzo.frascino@....com>,
kasan-dev@...glegroups.com, linux-mm@...ck.org,
linux-kernel@...r.kernel.org, Uladzislau Rezki <urezki@...il.com>,
Sebastian Andrzej Siewior <bigeasy@...utronix.de>,
Yeoreum Yun <yeoreum.yun@....com>, Yunseong Kim <ysk@...lloc.com>,
stable@...r.kernel.org
Subject: Re: [PATCH] kasan: use vmalloc_dump_obj() for vmalloc error reports
On Wed, Jul 16, 2025 at 05:23:28PM +0200, Marco Elver wrote:
> Since 6ee9b3d84775 ("kasan: remove kasan_find_vm_area() to prevent
> possible deadlock"), more detailed info about the vmalloc mapping and
> the origin was dropped due to potential deadlocks.
>
> While fixing the deadlock is necessary, that patch was too quick in
> killing an otherwise useful feature, and did no due-diligence in
> understanding if an alternative option is available.
>
> Restore printing more helpful vmalloc allocation info in KASAN reports
> with the help of vmalloc_dump_obj(). Example report:
>
> | BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x4c9/0x610
> | Read of size 1 at addr ffffc900002fd7f3 by task kunit_try_catch/493
> |
> | CPU: [...]
> | Call Trace:
> | <TASK>
> | dump_stack_lvl+0xa8/0xf0
> | print_report+0x17e/0x810
> | kasan_report+0x155/0x190
> | vmalloc_oob+0x4c9/0x610
> | [...]
> |
> | The buggy address belongs to a 1-page vmalloc region starting at 0xffffc900002fd000 allocated at vmalloc_oob+0x36/0x610
> | The buggy address belongs to the physical page:
> | page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x126364
> | flags: 0x200000000000000(node=0|zone=2)
> | raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
> | raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
> | page dumped because: kasan: bad access detected
> |
> | [..]
>
> Fixes: 6ee9b3d84775 ("kasan: remove kasan_find_vm_area() to prevent possible deadlock")
> Suggested-by: Uladzislau Rezki <urezki@...il.com>
> Cc: Alexander Potapenko <glider@...gle.com>
> Cc: Andrey Konovalov <andreyknvl@...il.com>
> Cc: Andrey Ryabinin <ryabinin.a.a@...il.com>
> Cc: Sebastian Andrzej Siewior <bigeasy@...utronix.de>
> Cc: Yeoreum Yun <yeoreum.yun@....com>
> Cc: Yunseong Kim <ysk@...lloc.com>
> Cc: <stable@...r.kernel.org>
> Signed-off-by: Marco Elver <elver@...gle.com>
> ---
> mm/kasan/report.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/mm/kasan/report.c b/mm/kasan/report.c
> index b0877035491f..62c01b4527eb 100644
> --- a/mm/kasan/report.c
> +++ b/mm/kasan/report.c
> @@ -399,7 +399,9 @@ static void print_address_description(void *addr, u8 tag,
> }
>
> if (is_vmalloc_addr(addr)) {
> - pr_err("The buggy address %px belongs to a vmalloc virtual mapping\n", addr);
> + pr_err("The buggy address belongs to a");
> + if (!vmalloc_dump_obj(addr))
> + pr_cont(" vmalloc virtual mapping\n");
> page = vmalloc_to_page(addr);
> }
>
> --
> 2.50.0.727.gbf7dc18ff4-goog
>
Acked-by: Uladzislau Rezki (Sony) <urezki@...il.com>
--
Uladzislau Rezki
Powered by blists - more mailing lists