Re: [RFC v2 02/13] powerpc: mm: Fix kfence page fault reporting
From: Christophe Leroy
Date: Thu Sep 19 2024 - 01:12:57 EST
Le 19/09/2024 à 04:56, Ritesh Harjani (IBM) a écrit :
copy_from_kernel_nofault() can be called when doing read of /proc/kcore.
/proc/kcore can have some unmapped kfence objects which when read via
copy_from_kernel_nofault() can cause page faults. Since *_nofault()
functions define their own fixup table for handling fault, use that
instead of asking kfence to handle such faults.
Hence we search the exception tables for the nip which generated the
fault. If there is an entry then we let the fixup table handler handle the
page fault by returning an error from within ___do_page_fault().
Searching the exception table is a heavy operation and all has been done
in the past to minimise the number of times it is called, see for
instance commit cbd7e6ca0210 ("powerpc/fault: Avoid heavy
search_exception_tables() verification")
Also, by trying to hide false positives you also hide real ones. For
instance if csum_partial_copy_generic() is using a kfence protected
area, it will now go undetected.
IIUC, here your problem is limited to copy_from_kernel_nofault(). You
should handle the root cause, not its effects. For that, you could
perform additional verifications in copy_from_kernel_nofault_allowed().
Christophe