[Devel] [PATCH vz7 0/5] kasan: avoid false positive reports related to stack handling
Konstantin Khorenko
khorenko at virtuozzo.com
Wed Oct 31 12:44:37 MSK 2018
Applied in 3.10.0-862.14.4.vz7.72.16
--
Best regards,
Konstantin Khorenko,
Virtuozzo Linux Kernel Team
On 10/31/2018 12:43 PM, Konstantin Khorenko wrote:
> Running LTP testsuit on debug kernel we got a KASan complain:
>
> ==================================================================
> BUG: KASan: out of bounds on stack in update_stack_state+0x219/0x260 at addr ffff880385997cc8
> Read of size 8 by task watchdog/12577
> page:ffffea000e1665c0 count:0 mapcount:0 mapping: (null) index:0x0
> page flags: 0x2fffff00000000()
> page dumped because: kasan: bad access detected
> CPU: 0 PID: 12577 Comm: watchdog ve: 0 Kdump: loaded Tainted: G W ------------ 3.10.0-862.14.4.vz7.72.14.debug #1 72.14
> Hardware name: DEPO Computers To Be Filled By O.E.M./H77 Pro4/MVP, BIOS P1.30 05/10/2012
> Call Trace:
> [<ffffffffa7fa0cd5>] dump_stack+0x19/0x1b
> [<ffffffffa6e74187>] kasan_report+0x4b7/0x4f0
> [<ffffffffa6944769>] ? update_stack_state+0x219/0x260
> [<ffffffffa6e74239>] __asan_report_load8_noabort+0x19/0x20
> [<ffffffffa6944769>] update_stack_state+0x219/0x260
> [<ffffffffa6944c2d>] __unwind_start+0x10d/0x380
> [<ffffffffa69e52a9>] ? ptrace_may_access+0x39/0x50
> [<ffffffffa68bbe2e>] __save_stack_trace+0x5e/0x100
> [<ffffffffa68bbf2c>] save_stack_trace_tsk+0x2c/0x40
> [<ffffffffa7070f75>] proc_pid_stack+0x145/0x220
> [<ffffffffa7070e30>] ? lock_trace+0xb0/0xb0
> [<ffffffffa70730fd>] proc_single_show+0xfd/0x170
> [<ffffffffa6f669d9>] seq_read+0x339/0x1290
> [<ffffffffa6f666a0>] ? single_open_size+0x130/0x130
> [<ffffffffa71312b6>] ? security_file_permission+0x136/0x190
> [<ffffffffa6ee7d3e>] ? rw_verify_area+0xbe/0x2c0
> [<ffffffffa6ee80c6>] vfs_read+0x186/0x440
> [<ffffffffa6eeb4dc>] SyS_read+0x17c/0x290
> [<ffffffffa6eeb360>] ? __kernel_write+0x450/0x450
> [<ffffffffa7fd4e8b>] ? sysret_check+0x26/0xfd
> [<ffffffffa6b6656d>] ? trace_hardirqs_on_caller+0x40d/0x5a0
> [<ffffffffa73142d0>] ? trace_hardirqs_on_thunk+0x1a/0x1c
> [<ffffffffa7fd4e5b>] system_call_fastpath+0x22/0x27
> Memory state around the buggy address:
> ffff880385997b80: 00 00 00 00 00 00 00 00 00 00 f4 00 00 00 00 00
> ffff880385997c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> >ffff880385997c80: 00 00 00 00 00 00 00 f1 f1 f1 f1 00 f4 f4 f4 f2
> ^
> ffff880385997d00: f2 f2 f2 00 f4 f4 f4 00 00 00 00 00 00 00 00 00
> ffff880385997d80: 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00
> ==================================================================
>
> The real fix for this false positive is the last patch,
> others are just "worth to apply".
>
> https://jira.sw.ru/browse/HCI-171
> https://pmc.acronis.com/browse/VSTOR-16798
>
> Brian Gerst (1):
> ms/sched/x86: Add 'struct inactive_task_frame' to better document the
> sleeping task stack frame
>
> Dmitry Vyukov (2):
> ms/kprobes: Avoid false KASAN reports during stack copy
> ms/kprobes: Unpoison stack in jprobe_return() for KASAN
>
> Josh Poimboeuf (1):
> ms/x86/unwind: Disable KASAN checks for non-current tasks
>
> Mark Rutland (1):
> ms/kasan: add functions to clear stack poison
>
> arch/x86/include/asm/stacktrace.h | 7 +++++--
> arch/x86/include/asm/switch_to.h | 5 +++++
> arch/x86/kernel/kgdb.c | 3 ++-
> arch/x86/kernel/kprobes/core.c | 11 ++++++++---
> arch/x86/kernel/process.c | 3 ++-
> arch/x86/kernel/unwind_frame.c | 19 +++++++++++++++++--
> include/linux/kasan.h | 8 +++++++-
> mm/kasan/kasan.c | 36 ++++++++++++++++++++++++++++++++++++
> 8 files changed, 82 insertions(+), 10 deletions(-)
>
More information about the Devel
mailing list