[Devel] [PATCH vz8] ve, coredump: Fix usercopy warning.
Andrey Ryabinin
aryabinin at virtuozzo.com
Fri Jul 24 18:37:12 MSK 2020
Usercopy WARNs about copying ve.core_pattern to user space:
vzctl exec e2783e5e-840e-4c9a-9ef2-7ead73afb81c cat /proc/sys/kernel/core_pattern
------------[ cut here ]------------
Bad or missing usercopy whitelist? Kernel memory exposure attempt detected from SLUB object 've_struct' (offset 704, size 4)!
WARNING: CPU: 2 PID: 2169 at mm/usercopy.c:78 usercopy_warn+0x7d/0xa0
CPU: 2 PID: 2169 Comm: cat ve: e2783e5e-840e-4c9a-9ef2-7ead73afb81c Not tainted 4.18.0.ovz.custom #93 custom
Call Trace:
__check_object_size+0x134/0x160
proc_dostring+0x164/0x200
proc_dostring_coredump_virtual+0xb2/0xd0
proc_dostring+0x200/0x200
proc_sys_call_handler+0xa7/0xf0
vfs_read+0x9d/0x150
ksys_read+0x4f/0xb0
do_syscall_64+0x5b/0x1c0
entry_SYSCALL_64_after_hwframe+0x65/0xca
Whitelist core_pattern in ve_struct kmem_cache since copying core_pattern
is allowed by design.
https://jira.sw.ru/browse/PSBM-106216
Signed-off-by: Andrey Ryabinin <aryabinin at virtuozzo.com>
---
kernel/ve/ve.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c
index befc5163cfe6..1688407562d4 100644
--- a/kernel/ve/ve.c
+++ b/kernel/ve/ve.c
@@ -1016,7 +1016,7 @@ EXPORT_SYMBOL_GPL(ve_cgrp_subsys);
static int __init ve_subsys_init(void)
{
- ve_cachep = KMEM_CACHE(ve_struct, SLAB_PANIC);
+ ve_cachep = KMEM_CACHE_USERCOPY(ve_struct, SLAB_PANIC, core_pattern);
list_add(&ve0.ve_list, &ve_list_head);
return 0;
}
--
2.26.2
More information about the Devel
mailing list