Re: [syzbot] [mm?] BUG: unable to handle kernel paging request in copy_from_kernel_nofault

From: Hou Tao
Date: Thu Dec 21 2023 - 07:00:20 EST

Next message: Andy Shevchenko: "Re: [PATCH 1/2] lib/strtox: introduce kstrtoull_suffix() helper"
Previous message: Jan Kara: "Re: [PATCH 17/17] writeback: update the kerneldoc comment for tag_pages_for_writeback"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Thomas,

On 12/9/2023 5:01 AM, Thomas Gleixner wrote:
> diff --git a/arch/x86/mm/maccess.c b/arch/x86/mm/maccess.c
> index 6993f026adec..8e846833aa37 100644
> --- a/arch/x86/mm/maccess.c
> +++ b/arch/x86/mm/maccess.c
> @@ -3,6 +3,8 @@
> #include <linux/uaccess.h>
> #include <linux/kernel.h>
>
> +#include <uapi/asm/vsyscall.h>
> +
> #ifdef CONFIG_X86_64
> bool copy_from_kernel_nofault_allowed(const void *unsafe_src, size_t size)
> {
> @@ -15,6 +17,9 @@ bool copy_from_kernel_nofault_allowed(const void *unsafe_src, size_t size)
> if (vaddr < TASK_SIZE_MAX + PAGE_SIZE)
> return false;
>
> + if ((vaddr & PAGE_MASK) == VSYSCALL_ADDR)
> + return false;
> +
> /*
> * Allow everything during early boot before 'x86_virt_bits'
> * is initialized. Needed for instruction decoding in early

Tested-by: Hou Tao <houtao1@xxxxxxxxxx>

Could you please post a formal patch for the fix ? The patch fixes the
oops when using bpf_probe_read_kernel() or similar bpf helpers [1] to
read from vsyscall address and you can take my tested-by tag if it is
necessary.

[1]:
https://lore.kernel.org/bpf/CABOYnLynjBoFZOf3Z4BhaZkc5hx_kHfsjiW+UWLoB=w33LvScw@xxxxxxxxxxxxxx/

Next message: Andy Shevchenko: "Re: [PATCH 1/2] lib/strtox: introduce kstrtoull_suffix() helper"
Previous message: Jan Kara: "Re: [PATCH 17/17] writeback: update the kerneldoc comment for tag_pages_for_writeback"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]