Re: general protection fault in tomoyo_check_acl
From: Tetsuo Handa
Date: Tue May 26 2020 - 08:58:57 EST
On 2020/05/26 12:46, syzbot wrote:
> general protection fault, probably for non-canonical address 0xe000026660000003: 0000 [#1] PREEMPT SMP KASAN
> KASAN: probably user-memory-access in range [0x0000333300000018-0x000033330000001f]
> CPU: 0 PID: 12489 Comm: systemd-rfkill Not tainted 5.7.0-rc6-syzkaller #0
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
> RIP: 0010:tomoyo_check_acl+0xa9/0x3e0 security/tomoyo/domain.c:173
struct tomoyo_acl_info *ptr == 0x0000333300000000 is strange; such pointer
can't be linked into standard doubly linked list using list_add_tail_rcu().
Thus, this report would to be an victim of memory corruption.