Re: [PATCH v2] proc/vmcore: fix clearing user buffer by properly using clear_user()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 15.11.21 23:04, Andrew Morton wrote:
> On Fri, 12 Nov 2021 10:27:50 +0100 David Hildenbrand <david@xxxxxxxxxx> wrote:
> 
>> To clear a user buffer we cannot simply use memset, we have to use
>> clear_user(). With a virtio-mem device that registers a vmcore_cb and has
>> some logically unplugged memory inside an added Linux memory block, I can
>> easily trigger a BUG by copying the vmcore via "cp":
>>
>> ...
>>
>> Some x86-64 CPUs have a CPU feature called "Supervisor Mode Access
>> Prevention (SMAP)", which is used to detect wrong access from the kernel to
>> user buffers like this: SMAP triggers a permissions violation on wrong
>> access. In the x86-64 variant of clear_user(), SMAP is properly
>> handled via clac()+stac().
>>
>> To fix, properly use clear_user() when we're dealing with a user buffer.
>>
> 
> I added cc:stable, OK?
> 

I was a bit hesitant because this would (beofe the virtio-mem changes)
only trigger under XEN and I was wondering why nobody notices under XEN
so far. But yes, even though it only applies to the kdump kernel,
cc:stable sounds like the right think to do!

Thanks Andrew!

-- 
Thanks,

David / dhildenb


_______________________________________________
kexec mailing list
kexec@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/kexec



[Index of Archives]     [LM Sensors]     [Linux Sound]     [ALSA Users]     [ALSA Devel]     [Linux Audio Users]     [Linux Media]     [Kernel]     [Gimp]     [Yosemite News]     [Linux Media]

  Powered by Linux