lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 13 Mar 2020 15:43:08 -0700
From:   Mina Almasry <almasrymina@...gle.com>
To:     Tejun Heo <tj@...nel.org>, Giuseppe Scrivano <gscrivan@...hat.com>
Cc:     syzbot <syzbot+cac0c4e204952cf449b1@...kaller.appspotmail.com>,
        Andrew Morton <akpm@...ux-foundation.org>, andriin@...com,
        ast@...nel.org, bpf@...r.kernel.org, cgroups@...r.kernel.org,
        christian@...uner.io, daniel@...earbox.net,
        Johannes Weiner <hannes@...xchg.org>, kafai@...com,
        open list <linux-kernel@...r.kernel.org>,
        Li Zefan <lizefan@...wei.com>, netdev@...r.kernel.org,
        sfr@...b.auug.org.au, songliubraving@...com,
        syzkaller-bugs@...glegroups.com, yhs@...com
Subject: Re: KASAN: slab-out-of-bounds Read in cgroup_file_notify

On Thu, Mar 12, 2020 at 2:06 PM Mina Almasry <almasrymina@...gle.com> wrote:
>
> On Thu, Mar 12, 2020 at 11:28 AM Tejun Heo <tj@...nel.org> wrote:
> >
> > On Tue, Mar 10, 2020 at 08:55:14AM -0700, syzbot wrote:
> > > Hello,
> > >
> > > syzbot found the following crash on:
> > >
> > > HEAD commit:    c99b17ac Add linux-next specific files for 20200225
> > > git tree:       linux-next
> > > console output: https://syzkaller.appspot.com/x/log.txt?x=1610d70de00000
> > > kernel config:  https://syzkaller.appspot.com/x/.config?x=6b7ebe4bd0931c45
> > > dashboard link: https://syzkaller.appspot.com/bug?extid=cac0c4e204952cf449b1
> > > compiler:       gcc (GCC) 9.0.0 20181231 (experimental)
> > > syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=1242e1fde00000
> > > C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=1110d70de00000
> > >
> > > The bug was bisected to:
> > >
> > > commit 6863de00e5400b534cd4e3869ffbc8f94da41dfc
> > > Author: Mina Almasry <almasrymina@...gle.com>
> > > Date:   Thu Feb 20 03:55:30 2020 +0000
> > >
> > >     hugetlb_cgroup: add accounting for shared mappings
> >
> > Mina, can you please take a look at this?
> >
>
> Gah, I missed the original syzbot email but I just saw this. I'll take a look.
>

This was easy enough to track down, I just sent out a fix:
https://lore.kernel.org/linux-mm/20200313223920.124230-1-almasrymina@google.com

BTW, even though this was bisected to my patch, the root cause seems
to be a mistake in commit faced7e0806cf ("mm: hugetlb controller for
cgroups v2"), which is not only in linux-next but also in linus's tree
(I did not check if it's in stable). If my fix is reviewed, the patch
should be sent there as well. I'll make the same comment on the above
thread as well.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ