[Devel] [PATCH vz7 0/5] kasan: avoid false positive reports related to stack handling
Konstantin Khorenko
khorenko at virtuozzo.com
Wed Oct 31 12:43:31 MSK 2018
Running LTP testsuit on debug kernel we got a KASan complain:
==================================================================
BUG: KASan: out of bounds on stack in update_stack_state+0x219/0x260 at addr ffff880385997cc8
Read of size 8 by task watchdog/12577
page:ffffea000e1665c0 count:0 mapcount:0 mapping: (null) index:0x0
page flags: 0x2fffff00000000()
page dumped because: kasan: bad access detected
CPU: 0 PID: 12577 Comm: watchdog ve: 0 Kdump: loaded Tainted: G W ------------ 3.10.0-862.14.4.vz7.72.14.debug #1 72.14
Hardware name: DEPO Computers To Be Filled By O.E.M./H77 Pro4/MVP, BIOS P1.30 05/10/2012
Call Trace:
[<ffffffffa7fa0cd5>] dump_stack+0x19/0x1b
[<ffffffffa6e74187>] kasan_report+0x4b7/0x4f0
[<ffffffffa6944769>] ? update_stack_state+0x219/0x260
[<ffffffffa6e74239>] __asan_report_load8_noabort+0x19/0x20
[<ffffffffa6944769>] update_stack_state+0x219/0x260
[<ffffffffa6944c2d>] __unwind_start+0x10d/0x380
[<ffffffffa69e52a9>] ? ptrace_may_access+0x39/0x50
[<ffffffffa68bbe2e>] __save_stack_trace+0x5e/0x100
[<ffffffffa68bbf2c>] save_stack_trace_tsk+0x2c/0x40
[<ffffffffa7070f75>] proc_pid_stack+0x145/0x220
[<ffffffffa7070e30>] ? lock_trace+0xb0/0xb0
[<ffffffffa70730fd>] proc_single_show+0xfd/0x170
[<ffffffffa6f669d9>] seq_read+0x339/0x1290
[<ffffffffa6f666a0>] ? single_open_size+0x130/0x130
[<ffffffffa71312b6>] ? security_file_permission+0x136/0x190
[<ffffffffa6ee7d3e>] ? rw_verify_area+0xbe/0x2c0
[<ffffffffa6ee80c6>] vfs_read+0x186/0x440
[<ffffffffa6eeb4dc>] SyS_read+0x17c/0x290
[<ffffffffa6eeb360>] ? __kernel_write+0x450/0x450
[<ffffffffa7fd4e8b>] ? sysret_check+0x26/0xfd
[<ffffffffa6b6656d>] ? trace_hardirqs_on_caller+0x40d/0x5a0
[<ffffffffa73142d0>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[<ffffffffa7fd4e5b>] system_call_fastpath+0x22/0x27
Memory state around the buggy address:
ffff880385997b80: 00 00 00 00 00 00 00 00 00 00 f4 00 00 00 00 00
ffff880385997c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff880385997c80: 00 00 00 00 00 00 00 f1 f1 f1 f1 00 f4 f4 f4 f2
^
ffff880385997d00: f2 f2 f2 00 f4 f4 f4 00 00 00 00 00 00 00 00 00
ffff880385997d80: 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00
==================================================================
The real fix for this false positive is the last patch,
others are just "worth to apply".
https://jira.sw.ru/browse/HCI-171
https://pmc.acronis.com/browse/VSTOR-16798
Brian Gerst (1):
ms/sched/x86: Add 'struct inactive_task_frame' to better document the
sleeping task stack frame
Dmitry Vyukov (2):
ms/kprobes: Avoid false KASAN reports during stack copy
ms/kprobes: Unpoison stack in jprobe_return() for KASAN
Josh Poimboeuf (1):
ms/x86/unwind: Disable KASAN checks for non-current tasks
Mark Rutland (1):
ms/kasan: add functions to clear stack poison
arch/x86/include/asm/stacktrace.h | 7 +++++--
arch/x86/include/asm/switch_to.h | 5 +++++
arch/x86/kernel/kgdb.c | 3 ++-
arch/x86/kernel/kprobes/core.c | 11 ++++++++---
arch/x86/kernel/process.c | 3 ++-
arch/x86/kernel/unwind_frame.c | 19 +++++++++++++++++--
include/linux/kasan.h | 8 +++++++-
mm/kasan/kasan.c | 36 ++++++++++++++++++++++++++++++++++++
8 files changed, 82 insertions(+), 10 deletions(-)
--
2.15.1
More information about the Devel
mailing list