* [PATCH 1/2] /proc/kcore: Fix SMAP violation when dumping vsyscall user page
@ 2018-01-30 6:42 Jia Zhang
2018-01-30 6:42 ` [PATCH 2/2] x86/mm/64: Add vsyscall page to /proc/kcore conditionally Jia Zhang
` (2 more replies)
0 siblings, 3 replies; 8+ messages in thread
From: Jia Zhang @ 2018-01-30 6:42 UTC (permalink / raw)
To: tglx, mingo, hpa; +Cc: x86, linux-kernel, Jia Zhang
The commit df04abfd181a
("fs/proc/kcore.c: Add bounce buffer for ktext data") introduces a
bounce buffer to work around CONFIG_HARDENED_USERCOPY=y. However,
accessing vsyscall user page will cause SMAP violation in this way.
In order to fix this issue, simply replace memcpy() with copy_from_user()
may work, but using a common way to handle this sort of user page may be
useful for future.
Currently, only vsyscall page requires KCORE_USER.
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
---
arch/x86/mm/init_64.c | 2 +-
fs/proc/kcore.c | 4 ++++
include/linux/kcore.h | 1 +
3 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
index 4a83728..dab78f6 100644
--- a/arch/x86/mm/init_64.c
+++ b/arch/x86/mm/init_64.c
@@ -1187,7 +1187,7 @@ void __init mem_init(void)
/* Register memory areas for /proc/kcore */
kclist_add(&kcore_vsyscall, (void *)VSYSCALL_ADDR,
- PAGE_SIZE, KCORE_OTHER);
+ PAGE_SIZE, KCORE_USER);
mem_init_print_info(NULL);
}
diff --git a/fs/proc/kcore.c b/fs/proc/kcore.c
index 4bc85cb..e4b0204 100644
--- a/fs/proc/kcore.c
+++ b/fs/proc/kcore.c
@@ -510,6 +510,10 @@ static void elf_kcore_store_hdr(char *bufp, int nphdr, int dataoff)
/* we have to zero-fill user buffer even if no read */
if (copy_to_user(buffer, buf, tsz))
return -EFAULT;
+ } else if (m->type == KCORE_USER) {
+ /* user page is handled prior to normal kernel page */
+ if (copy_to_user(buffer, (char *)start, tsz))
+ return -EFAULT;
} else {
if (kern_addr_valid(start)) {
unsigned long n;
diff --git a/include/linux/kcore.h b/include/linux/kcore.h
index 7ff25a8..80db19d 100644
--- a/include/linux/kcore.h
+++ b/include/linux/kcore.h
@@ -10,6 +10,7 @@ enum kcore_type {
KCORE_VMALLOC,
KCORE_RAM,
KCORE_VMEMMAP,
+ KCORE_USER,
KCORE_OTHER,
};
--
1.8.3.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH 2/2] x86/mm/64: Add vsyscall page to /proc/kcore conditionally
2018-01-30 6:42 [PATCH 1/2] /proc/kcore: Fix SMAP violation when dumping vsyscall user page Jia Zhang
@ 2018-01-30 6:42 ` Jia Zhang
2018-02-05 9:26 ` Jiri Olsa
2018-02-01 1:03 ` [PATCH 1/2] /proc/kcore: Fix SMAP violation when dumping vsyscall user page Jia Zhang
2018-02-05 1:32 ` Jia Zhang
2 siblings, 1 reply; 8+ messages in thread
From: Jia Zhang @ 2018-01-30 6:42 UTC (permalink / raw)
To: tglx, mingo, hpa; +Cc: x86, linux-kernel, Jia Zhang
The vsyscall page should be visible only if
vsyscall=emulate/native when dumping /proc/kcore.
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
---
arch/x86/mm/init_64.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
index dab78f6..3d4cf33 100644
--- a/arch/x86/mm/init_64.c
+++ b/arch/x86/mm/init_64.c
@@ -1186,8 +1186,9 @@ void __init mem_init(void)
register_page_bootmem_info();
/* Register memory areas for /proc/kcore */
- kclist_add(&kcore_vsyscall, (void *)VSYSCALL_ADDR,
- PAGE_SIZE, KCORE_USER);
+ if (get_gate_vma(&init_mm))
+ kclist_add(&kcore_vsyscall, (void *)VSYSCALL_ADDR,
+ PAGE_SIZE, KCORE_USER);
mem_init_print_info(NULL);
}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [PATCH 1/2] /proc/kcore: Fix SMAP violation when dumping vsyscall user page
2018-01-30 6:42 [PATCH 1/2] /proc/kcore: Fix SMAP violation when dumping vsyscall user page Jia Zhang
2018-01-30 6:42 ` [PATCH 2/2] x86/mm/64: Add vsyscall page to /proc/kcore conditionally Jia Zhang
@ 2018-02-01 1:03 ` Jia Zhang
2018-02-05 1:32 ` Jia Zhang
2 siblings, 0 replies; 8+ messages in thread
From: Jia Zhang @ 2018-02-01 1:03 UTC (permalink / raw)
To: tglx, mingo, hpa; +Cc: x86, linux-kernel
Hi,
Are there any comments here?
Thanks,
Jia
On 2018/1/30 下午2:42, Jia Zhang wrote:
> The commit df04abfd181a
> ("fs/proc/kcore.c: Add bounce buffer for ktext data") introduces a
> bounce buffer to work around CONFIG_HARDENED_USERCOPY=y. However,
> accessing vsyscall user page will cause SMAP violation in this way.
>
> In order to fix this issue, simply replace memcpy() with copy_from_user()
> may work, but using a common way to handle this sort of user page may be
> useful for future.
>
> Currently, only vsyscall page requires KCORE_USER.
>
> Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
> ---
> arch/x86/mm/init_64.c | 2 +-
> fs/proc/kcore.c | 4 ++++
> include/linux/kcore.h | 1 +
> 3 files changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
> index 4a83728..dab78f6 100644
> --- a/arch/x86/mm/init_64.c
> +++ b/arch/x86/mm/init_64.c
> @@ -1187,7 +1187,7 @@ void __init mem_init(void)
>
> /* Register memory areas for /proc/kcore */
> kclist_add(&kcore_vsyscall, (void *)VSYSCALL_ADDR,
> - PAGE_SIZE, KCORE_OTHER);
> + PAGE_SIZE, KCORE_USER);
>
> mem_init_print_info(NULL);
> }
> diff --git a/fs/proc/kcore.c b/fs/proc/kcore.c
> index 4bc85cb..e4b0204 100644
> --- a/fs/proc/kcore.c
> +++ b/fs/proc/kcore.c
> @@ -510,6 +510,10 @@ static void elf_kcore_store_hdr(char *bufp, int nphdr, int dataoff)
> /* we have to zero-fill user buffer even if no read */
> if (copy_to_user(buffer, buf, tsz))
> return -EFAULT;
> + } else if (m->type == KCORE_USER) {
> + /* user page is handled prior to normal kernel page */
> + if (copy_to_user(buffer, (char *)start, tsz))
> + return -EFAULT;
> } else {
> if (kern_addr_valid(start)) {
> unsigned long n;
> diff --git a/include/linux/kcore.h b/include/linux/kcore.h
> index 7ff25a8..80db19d 100644
> --- a/include/linux/kcore.h
> +++ b/include/linux/kcore.h
> @@ -10,6 +10,7 @@ enum kcore_type {
> KCORE_VMALLOC,
> KCORE_RAM,
> KCORE_VMEMMAP,
> + KCORE_USER,
> KCORE_OTHER,
> };
>
>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH 1/2] /proc/kcore: Fix SMAP violation when dumping vsyscall user page
2018-01-30 6:42 [PATCH 1/2] /proc/kcore: Fix SMAP violation when dumping vsyscall user page Jia Zhang
2018-01-30 6:42 ` [PATCH 2/2] x86/mm/64: Add vsyscall page to /proc/kcore conditionally Jia Zhang
2018-02-01 1:03 ` [PATCH 1/2] /proc/kcore: Fix SMAP violation when dumping vsyscall user page Jia Zhang
@ 2018-02-05 1:32 ` Jia Zhang
2 siblings, 0 replies; 8+ messages in thread
From: Jia Zhang @ 2018-02-05 1:32 UTC (permalink / raw)
To: tglx, mingo, hpa, jolsa; +Cc: x86, linux-kernel
Hi Jiri,
The maintainers are too busy to review this patchset. You are the author
of the commit df04abfd181a. Please help to review this patchset.
Thanks,
Jia
On 2018/1/30 下午2:42, Jia Zhang wrote:
> The commit df04abfd181a
> ("fs/proc/kcore.c: Add bounce buffer for ktext data") introduces a
> bounce buffer to work around CONFIG_HARDENED_USERCOPY=y. However,
> accessing vsyscall user page will cause SMAP violation in this way.
>
> In order to fix this issue, simply replace memcpy() with copy_from_user()
> may work, but using a common way to handle this sort of user page may be
> useful for future.
>
> Currently, only vsyscall page requires KCORE_USER.
>
> Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
> ---
> arch/x86/mm/init_64.c | 2 +-
> fs/proc/kcore.c | 4 ++++
> include/linux/kcore.h | 1 +
> 3 files changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
> index 4a83728..dab78f6 100644
> --- a/arch/x86/mm/init_64.c
> +++ b/arch/x86/mm/init_64.c
> @@ -1187,7 +1187,7 @@ void __init mem_init(void)
>
> /* Register memory areas for /proc/kcore */
> kclist_add(&kcore_vsyscall, (void *)VSYSCALL_ADDR,
> - PAGE_SIZE, KCORE_OTHER);
> + PAGE_SIZE, KCORE_USER);
>
> mem_init_print_info(NULL);
> }
> diff --git a/fs/proc/kcore.c b/fs/proc/kcore.c
> index 4bc85cb..e4b0204 100644
> --- a/fs/proc/kcore.c
> +++ b/fs/proc/kcore.c
> @@ -510,6 +510,10 @@ static void elf_kcore_store_hdr(char *bufp, int nphdr, int dataoff)
> /* we have to zero-fill user buffer even if no read */
> if (copy_to_user(buffer, buf, tsz))
> return -EFAULT;
> + } else if (m->type == KCORE_USER) {
> + /* user page is handled prior to normal kernel page */
> + if (copy_to_user(buffer, (char *)start, tsz))
> + return -EFAULT;
> } else {
> if (kern_addr_valid(start)) {
> unsigned long n;
> diff --git a/include/linux/kcore.h b/include/linux/kcore.h
> index 7ff25a8..80db19d 100644
> --- a/include/linux/kcore.h
> +++ b/include/linux/kcore.h
> @@ -10,6 +10,7 @@ enum kcore_type {
> KCORE_VMALLOC,
> KCORE_RAM,
> KCORE_VMEMMAP,
> + KCORE_USER,
> KCORE_OTHER,
> };
>
>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH 2/2] x86/mm/64: Add vsyscall page to /proc/kcore conditionally
2018-01-30 6:42 ` [PATCH 2/2] x86/mm/64: Add vsyscall page to /proc/kcore conditionally Jia Zhang
@ 2018-02-05 9:26 ` Jiri Olsa
2018-02-09 1:08 ` Jia Zhang
0 siblings, 1 reply; 8+ messages in thread
From: Jiri Olsa @ 2018-02-05 9:26 UTC (permalink / raw)
To: Jia Zhang; +Cc: tglx, mingo, hpa, x86, linux-kernel
On Tue, Jan 30, 2018 at 02:42:59PM +0800, Jia Zhang wrote:
> The vsyscall page should be visible only if
> vsyscall=emulate/native when dumping /proc/kcore.
>
> Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
> ---
> arch/x86/mm/init_64.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
> index dab78f6..3d4cf33 100644
> --- a/arch/x86/mm/init_64.c
> +++ b/arch/x86/mm/init_64.c
> @@ -1186,8 +1186,9 @@ void __init mem_init(void)
> register_page_bootmem_info();
>
> /* Register memory areas for /proc/kcore */
> - kclist_add(&kcore_vsyscall, (void *)VSYSCALL_ADDR,
> - PAGE_SIZE, KCORE_USER);
> + if (get_gate_vma(&init_mm))
> + kclist_add(&kcore_vsyscall, (void *)VSYSCALL_ADDR,
> + PAGE_SIZE, KCORE_USER);
nit, we use { } when there's more than 1 line code
anyway the approach looks ok to me
Reviewed-by: Jiri Olsa <jolsa@kernel.org>
thanks,
jirka
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH 2/2] x86/mm/64: Add vsyscall page to /proc/kcore conditionally
2018-02-05 9:26 ` Jiri Olsa
@ 2018-02-09 1:08 ` Jia Zhang
2018-02-12 9:59 ` Thomas Gleixner
0 siblings, 1 reply; 8+ messages in thread
From: Jia Zhang @ 2018-02-09 1:08 UTC (permalink / raw)
To: tglx, mingo, hpa; +Cc: Jiri Olsa, x86, linux-kernel
Hi,
Anybody else here who can give an attention on this review?
Thanks,
Jia
On 2018/2/5 下午5:26, Jiri Olsa wrote:
> On Tue, Jan 30, 2018 at 02:42:59PM +0800, Jia Zhang wrote:
>> The vsyscall page should be visible only if
>> vsyscall=emulate/native when dumping /proc/kcore.
>>
>> Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
>> ---
>> arch/x86/mm/init_64.c | 5 +++--
>> 1 file changed, 3 insertions(+), 2 deletions(-)
>>
>> diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
>> index dab78f6..3d4cf33 100644
>> --- a/arch/x86/mm/init_64.c
>> +++ b/arch/x86/mm/init_64.c
>> @@ -1186,8 +1186,9 @@ void __init mem_init(void)
>> register_page_bootmem_info();
>>
>> /* Register memory areas for /proc/kcore */
>> - kclist_add(&kcore_vsyscall, (void *)VSYSCALL_ADDR,
>> - PAGE_SIZE, KCORE_USER);
>> + if (get_gate_vma(&init_mm))
>> + kclist_add(&kcore_vsyscall, (void *)VSYSCALL_ADDR,
>> + PAGE_SIZE, KCORE_USER);
>
> nit, we use { } when there's more than 1 line code
>
> anyway the approach looks ok to me
>
> Reviewed-by: Jiri Olsa <jolsa@kernel.org>
>
> thanks,
> jirka
>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH 2/2] x86/mm/64: Add vsyscall page to /proc/kcore conditionally
2018-02-09 1:08 ` Jia Zhang
@ 2018-02-12 9:59 ` Thomas Gleixner
0 siblings, 0 replies; 8+ messages in thread
From: Thomas Gleixner @ 2018-02-12 9:59 UTC (permalink / raw)
To: Jia Zhang; +Cc: mingo, hpa, Jiri Olsa, x86, linux-kernel
On Fri, 9 Feb 2018, Jia Zhang wrote:
>
> Anybody else here who can give an attention on this review?
Jiri gave you perfectly valid feedback. Please address that and repost a V2.
Thanks,
tglx
^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH 1/2] /proc/kcore: Fix SMAP violation when dumping vsyscall user page
2018-02-12 14:44 [PATCH v2 0/2] " Jia Zhang
@ 2018-02-12 14:44 ` Jia Zhang
0 siblings, 0 replies; 8+ messages in thread
From: Jia Zhang @ 2018-02-12 14:44 UTC (permalink / raw)
To: tglx, jolsa, mingo, hpa; +Cc: x86, linux-kernel
The commit df04abfd181a
("fs/proc/kcore.c: Add bounce buffer for ktext data") introduces a
bounce buffer to work around CONFIG_HARDENED_USERCOPY=y. However,
accessing vsyscall user page will cause SMAP violation in this way.
In order to fix this issue, simply replace memcpy() with copy_from_user()
may work, but using a common way to handle this sort of user page may be
useful for future.
Currently, only vsyscall page requires KCORE_USER.
Signed-off-by: Jia Zhang <zhang.jia@linux.alibaba.com>
Reviewed-by: Jiri Olsa <jolsa@kernel.org>
---
arch/x86/mm/init_64.c | 2 +-
fs/proc/kcore.c | 4 ++++
include/linux/kcore.h | 1 +
3 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
index 1ab42c8..14cd7f8 100644
--- a/arch/x86/mm/init_64.c
+++ b/arch/x86/mm/init_64.c
@@ -1194,7 +1194,7 @@ void __init mem_init(void)
/* Register memory areas for /proc/kcore */
kclist_add(&kcore_vsyscall, (void *)VSYSCALL_ADDR,
- PAGE_SIZE, KCORE_OTHER);
+ PAGE_SIZE, KCORE_USER);
mem_init_print_info(NULL);
}
diff --git a/fs/proc/kcore.c b/fs/proc/kcore.c
index e8a93bc..7d8fa05 100644
--- a/fs/proc/kcore.c
+++ b/fs/proc/kcore.c
@@ -510,6 +510,10 @@ static void elf_kcore_store_hdr(char *bufp, int nphdr, int dataoff)
/* we have to zero-fill user buffer even if no read */
if (copy_to_user(buffer, buf, tsz))
return -EFAULT;
+ } else if (m->type == KCORE_USER) {
+ /* user page is handled prior to normal kernel page */
+ if (copy_to_user(buffer, (char *)start, tsz))
+ return -EFAULT;
} else {
if (kern_addr_valid(start)) {
/*
diff --git a/include/linux/kcore.h b/include/linux/kcore.h
index 7ff25a8..80db19d 100644
--- a/include/linux/kcore.h
+++ b/include/linux/kcore.h
@@ -10,6 +10,7 @@ enum kcore_type {
KCORE_VMALLOC,
KCORE_RAM,
KCORE_VMEMMAP,
+ KCORE_USER,
KCORE_OTHER,
};
--
1.8.3.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
end of thread, other threads:[~2018-02-12 14:45 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-01-30 6:42 [PATCH 1/2] /proc/kcore: Fix SMAP violation when dumping vsyscall user page Jia Zhang
2018-01-30 6:42 ` [PATCH 2/2] x86/mm/64: Add vsyscall page to /proc/kcore conditionally Jia Zhang
2018-02-05 9:26 ` Jiri Olsa
2018-02-09 1:08 ` Jia Zhang
2018-02-12 9:59 ` Thomas Gleixner
2018-02-01 1:03 ` [PATCH 1/2] /proc/kcore: Fix SMAP violation when dumping vsyscall user page Jia Zhang
2018-02-05 1:32 ` Jia Zhang
2018-02-12 14:44 [PATCH v2 0/2] " Jia Zhang
2018-02-12 14:44 ` [PATCH 1/2] " Jia Zhang
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.