Re: [PATCH] fork, vmalloc: KASAN-poison backing pages of vmapped stacks

From: Andrey Konovalov
Date: Mon Jan 23 2023 - 11:46:23 EST

Next message: Paul E. McKenney: "Re: [PATCH 0/2] selftests/nolibc: small simplification of test development phase"
Previous message: Konrad Dybcio: "Re: [PATCH 5/5] ARM: dts: qcom: msm8974-oneplus-bacon: Add notification LED"
In reply to: Dmitry Vyukov: "Re: [PATCH] fork, vmalloc: KASAN-poison backing pages of vmapped stacks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jan 17, 2023 at 5:35 PM Jann Horn <jannh@xxxxxxxxxx> wrote:
>
> KASAN (except in HW_TAGS mode) tracks memory state based on virtual
> addresses. The mappings of kernel stack pages in the linear mapping are
> currently marked as fully accessible.
> Since stack corruption issues can cause some very gnarly errors, let's be
> extra careful and tell KASAN to forbid accesses to stack memory through the
> linear mapping.
>
> Signed-off-by: Jann Horn <jannh@xxxxxxxxxx>
> ---
> I wrote this after seeing
> https://lore.kernel.org/all/Y8W5rjKdZ9erIF14@xxxxxxxxxxxxxxxxxxxx/
> and wondering about possible ways that this kind of stack corruption
> could be sneaking past KASAN.
> That's proooobably not the explanation, but still...

Hi Jann,

if you decide to keep KASAN poisoning after addressing Dmitry's
comments, please add a KASAN KUnit test for this.

Thank you!

Next message: Paul E. McKenney: "Re: [PATCH 0/2] selftests/nolibc: small simplification of test development phase"
Previous message: Konrad Dybcio: "Re: [PATCH 5/5] ARM: dts: qcom: msm8974-oneplus-bacon: Add notification LED"
In reply to: Dmitry Vyukov: "Re: [PATCH] fork, vmalloc: KASAN-poison backing pages of vmapped stacks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]