Re: [PATCH 1/2] /proc/kcore: Fix SMAP violation when dumping vsyscall user page

From: Jia Zhang
Date: Sun Feb 04 2018 - 20:32:36 EST

Next message: Davidlohr Bueso: "[PATCH 50/64] arch/unicore32: use mm locking wrappers"
Previous message: Davidlohr Bueso: "[PATCH 59/64] drivers/iommu: use mm locking helpers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Jiri,

The maintainers are too busy to review this patchset. You are the author
of the commit df04abfd181a. Please help to review this patchset.

Thanks,
Jia

On 2018/1/30 äå2:42, Jia Zhang wrote:
> The commit df04abfd181a
> ("fs/proc/kcore.c: Add bounce buffer for ktext data") introduces a
> bounce buffer to work around CONFIG_HARDENED_USERCOPY=y. However,
> accessing vsyscall user page will cause SMAP violation in this way.
>
> In order to fix this issue, simply replace memcpy() with copy_from_user()
> may work, but using a common way to handle this sort of user page may be
> useful for future.
>
> Currently, only vsyscall page requires KCORE_USER.
>
> Signed-off-by: Jia Zhang <zhang.jia@xxxxxxxxxxxxxxxxx>
> ---
> arch/x86/mm/init_64.c | 2 +-
> fs/proc/kcore.c | 4 ++++
> include/linux/kcore.h | 1 +
> 3 files changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
> index 4a83728..dab78f6 100644
> --- a/arch/x86/mm/init_64.c
> +++ b/arch/x86/mm/init_64.c
> @@ -1187,7 +1187,7 @@ void __init mem_init(void)
>
> /* Register memory areas for /proc/kcore */
> kclist_add(&kcore_vsyscall, (void *)VSYSCALL_ADDR,
> - PAGE_SIZE, KCORE_OTHER);
> + PAGE_SIZE, KCORE_USER);
>
> mem_init_print_info(NULL);
> }
> diff --git a/fs/proc/kcore.c b/fs/proc/kcore.c
> index 4bc85cb..e4b0204 100644
> --- a/fs/proc/kcore.c
> +++ b/fs/proc/kcore.c
> @@ -510,6 +510,10 @@ static void elf_kcore_store_hdr(char *bufp, int nphdr, int dataoff)
> /* we have to zero-fill user buffer even if no read */
> if (copy_to_user(buffer, buf, tsz))
> return -EFAULT;
> + } else if (m->type == KCORE_USER) {
> + /* user page is handled prior to normal kernel page */
> + if (copy_to_user(buffer, (char *)start, tsz))
> + return -EFAULT;
> } else {
> if (kern_addr_valid(start)) {
> unsigned long n;
> diff --git a/include/linux/kcore.h b/include/linux/kcore.h
> index 7ff25a8..80db19d 100644
> --- a/include/linux/kcore.h
> +++ b/include/linux/kcore.h
> @@ -10,6 +10,7 @@ enum kcore_type {
> KCORE_VMALLOC,
> KCORE_RAM,
> KCORE_VMEMMAP,
> + KCORE_USER,
> KCORE_OTHER,
> };
>
>

Next message: Davidlohr Bueso: "[PATCH 50/64] arch/unicore32: use mm locking wrappers"
Previous message: Davidlohr Bueso: "[PATCH 59/64] drivers/iommu: use mm locking helpers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]