lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250902175903.1124555-1-vishal.moola@gmail.com>
Date: Tue,  2 Sep 2025 10:59:03 -0700
From: "Vishal Moola (Oracle)" <vishal.moola@...il.com>
To: linux-mm@...ck.org
Cc: linux-kernel@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>,
	David Hildenbrand <david@...hat.com>,
	Ingo Molnar <mingo@...hat.com>,
	Peter Zijlstra <peterz@...radead.org>,
	Juri Lelli <juri.lelli@...hat.com>,
	Vincent Guittot <vincent.guittot@...aro.org>,
	Kees Cook <kees@...nel.org>,
	"Vishal Moola (Oracle)" <vishal.moola@...il.com>,
	kernel test robot <lkp@...el.com>,
	Dan Carpenter <dan.carpenter@...aro.org>
Subject: [PATCH] mm: Fix kernel stack tagging for certain configs

Commit 4ef905bda61f ("mm: tag kernel stack pages") began marking pages
that were being used for the kernel stack.

There are 3 cases where kernel pages are allocated for kernel stacks:
CONFIG_VMAP_STACK, THREAD_SIZE >= PAGE_SIZE, THREAD_SIZE < PAGE_SIZE.
These cases use vmalloc(), alloc_pages() and kmem_cache_alloc()
respectively.

In the first 2 cases, THREAD_SIZE / PAGE_SIZE will always be greater
than 0, and pages are tagged as expected. In the third case,
THREAD_SIZE / PAGE_SIZE evaluates to 0 and doesn't tag any pages at all.
This meant that in those configs, the stack tagging was a no-op, and led
to smatch build warnings.

We definitely have at least 1 page we want tagged at this point, so fix
it by using a do {} while loop instead of a for loop.

Fixes: 4ef905bda61f ("mm: tag kernel stack pages")
Reported-by: kernel test robot <lkp@...el.com>
Reported-by: Dan Carpenter <dan.carpenter@...aro.org>
Closes: https://lore.kernel.org/r/202508300929.TrRovUMu-lkp@intel.com/
Signed-off-by: Vishal Moola (Oracle) <vishal.moola@...il.com>
---
 kernel/fork.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/kernel/fork.c b/kernel/fork.c
index 1b394426ab4a..9b13cb83e1c6 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -448,14 +448,15 @@ static void account_kernel_stack(struct task_struct *tsk, int account)
 	} else {
 		void *stack = task_stack_page(tsk);
 		struct page *page = virt_to_head_page(stack);
-		int i;
+		int i = 0;
 
 		/* All stack pages are in the same node. */
 		mod_lruvec_kmem_state(stack, NR_KERNEL_STACK_KB,
 				      account * (THREAD_SIZE / 1024));
 
-		for (i = 0; i < THREAD_SIZE / PAGE_SIZE; i++, page++)
-			__SetPageStack(page);
+		do {
+			__SetPageStack(page++);
+		} while (++i < THREAD_SIZE / PAGE_SIZE);
 	}
 }
 
@@ -474,10 +475,11 @@ void exit_task_stack_account(struct task_struct *tsk)
 		}
 	} else {
 		struct page *page = virt_to_head_page(task_stack_page(tsk));
-		int i;
+		int i = 0;
 
-		for (i = 0; i < THREAD_SIZE / PAGE_SIZE; i++, page++)
-			__ClearPageStack(page);
+		do {
+			__ClearPageStack(page++);
+		} while (++i < THREAD_SIZE / PAGE_SIZE);
 	}
 }
 
-- 
2.51.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ