| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250910194921.GA3153735@google.com> Date: Wed, 10 Sep 2025 19:49:21 +0000 From: Eric Biggers <ebiggers@...nel.org> To: Alexander Potapenko <glider@...gle.com>, Marco Elver <elver@...gle.com>, kasan-dev@...glegroups.com Cc: Dmitry Vyukov <dvyukov@...gle.com>, linux-mm@...ck.org, linux-kernel@...r.kernel.org, linux-crypto@...r.kernel.org, stable@...r.kernel.org Subject: Re: [PATCH] kmsan: Fix out-of-bounds access to shadow memory On Fri, Aug 29, 2025 at 09:45:00AM -0700, Eric Biggers wrote: > Running sha224_kunit on a KMSAN-enabled kernel results in a crash in > kmsan_internal_set_shadow_origin(): > > BUG: unable to handle page fault for address: ffffbc3840291000 > #PF: supervisor read access in kernel mode > #PF: error_code(0x0000) - not-present page > PGD 1810067 P4D 1810067 PUD 192d067 PMD 3c17067 PTE 0 > Oops: 0000 [#1] SMP NOPTI > CPU: 0 UID: 0 PID: 81 Comm: kunit_try_catch Tainted: G N 6.17.0-rc3 #10 PREEMPT(voluntary) > Tainted: [N]=TEST > Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.17.0-0-gb52ca86e094d-prebuilt.qemu.org 04/01/2014 > RIP: 0010:kmsan_internal_set_shadow_origin+0x91/0x100 > [...] > Call Trace: > <TASK> > __msan_memset+0xee/0x1a0 > sha224_final+0x9e/0x350 > test_hash_buffer_overruns+0x46f/0x5f0 > ? kmsan_get_shadow_origin_ptr+0x46/0xa0 > ? __pfx_test_hash_buffer_overruns+0x10/0x10 > kunit_try_run_case+0x198/0xa00 Any thoughts on this patch from the KMSAN folks? I'd love to add CONFIG_KMSAN=y to my crypto subsystem testing, but unfortunately the kernel crashes due to this bug :-( - Eric
Powered by blists - more mailing lists