| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAAeHK+zTfHp0dob9W5DtYZnpnrFTNxNDM45DA3Q2bTjZngpreg@mail.gmail.com>
Date: Tue, 28 Mar 2017 16:03:30 +0200
From: Andrey Konovalov <andreyknvl@...gle.com>
To: "David S . Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Willem de Bruijn <willemb@...gle.com>,
Craig Gallek <cgallek@...gle.com>
Cc: netdev <netdev@...r.kernel.org>,
Dmitry Vyukov <dvyukov@...gle.com>,
Kostya Serebryany <kcc@...gle.com>,
Andrey Konovalov <andreyknvl@...gle.com>
Subject: Re: [PATCH v4 1/9] kasan: introduce helper functions for determining
bug type
On Tue, Mar 28, 2017 at 4:00 PM, Andrey Konovalov <andreyknvl@...gle.com> wrote:
> Introduce get_shadow_bug_type() function, which determines bug type
> based on the shadow value for a particular kernel address.
> Introduce get_wild_bug_type() function, which determines bug type
> for addresses which don't have a corresponding shadow value.
>
> Signed-off-by: Andrey Konovalov <andreyknvl@...gle.com>
> ---
> mm/kasan/report.c | 40 ++++++++++++++++++++++++++++++----------
> 1 file changed, 30 insertions(+), 10 deletions(-)
>
> diff --git a/mm/kasan/report.c b/mm/kasan/report.c
> index f479365530b6..e3af37b7a74c 100644
> --- a/mm/kasan/report.c
> +++ b/mm/kasan/report.c
> @@ -49,7 +49,13 @@ static const void *find_first_bad_addr(const void *addr, size_t size)
> return first_bad_addr;
> }
>
> -static void print_error_description(struct kasan_access_info *info)
> +static bool addr_has_shadow(struct kasan_access_info *info)
> +{
> + return (info->access_addr >=
> + kasan_shadow_to_mem((void *)KASAN_SHADOW_START));
> +}
> +
> +static const char *get_shadow_bug_type(struct kasan_access_info *info)
> {
> const char *bug_type = "unknown-crash";
> u8 *shadow_addr;
> @@ -96,6 +102,27 @@ static void print_error_description(struct kasan_access_info *info)
> break;
> }
>
> + return bug_type;
> +}
> +
> +static const char *get_wild_bug_type(struct kasan_access_info *info)
> +{
> + const char *bug_type;
> +
> + if ((unsigned long)info->access_addr < PAGE_SIZE)
> + bug_type = "null-ptr-deref";
> + else if ((unsigned long)info->access_addr < TASK_SIZE)
> + bug_type = "user-memory-access";
> + else
> + bug_type = "wild-memory-access";
> +
> + return bug_type;
> +}
> +
> +static void print_error_description(struct kasan_access_info *info)
> +{
> + const char *bug_type = get_shadow_bug_type(info);
> +
> pr_err("BUG: KASAN: %s in %pS at addr %p\n",
> bug_type, (void *)info->ip,
> info->access_addr);
> @@ -265,18 +292,11 @@ static void print_shadow_for_address(const void *addr)
> static void kasan_report_error(struct kasan_access_info *info)
> {
> unsigned long flags;
> - const char *bug_type;
>
> kasan_start_report(&flags);
>
> - if (info->access_addr <
> - kasan_shadow_to_mem((void *)KASAN_SHADOW_START)) {
> - if ((unsigned long)info->access_addr < PAGE_SIZE)
> - bug_type = "null-ptr-deref";
> - else if ((unsigned long)info->access_addr < TASK_SIZE)
> - bug_type = "user-memory-access";
> - else
> - bug_type = "wild-memory-access";
> + if (!addr_has_shadow(info)) {
> + const char *bug_type = get_wild_bug_type(info);
> pr_err("BUG: KASAN: %s on address %p\n",
> bug_type, info->access_addr);
> pr_err("%s of size %zu by task %s/%d\n",
> --
> 2.12.1.578.ge9c3154ca4-goog
>
Oops, accidently resent KASAN patchset together with AF_PACKET fixes.
Please ignore "[PATCH v4] kasan" patches.
Powered by blists - more mailing lists