On Mon, Aug 24, 2015 at 02:58:07PM +0300, Vladimir Davydov wrote:
>
> As you wish.
Thank you!
> ---
> From: Vladimir Davydov
> Subject: [PATCH rh7] cgroup: do not virtualize output of cgroup_path
>
> When cgroup_path() is called from inside a container, its output is
> "virtualized", i.e. cgro
On Mon, Aug 24, 2015 at 02:46:31PM +0300, Cyrill Gorcunov wrote:
...
> > diff --git a/kernel/cgroup.c b/kernel/cgroup.c
> > index aa3546d93f88..0ff3b5254b5f 100644
> > --- a/kernel/cgroup.c
> > +++ b/kernel/cgroup.c
> > @@ -1804,11 +1804,13 @@ static struct kobject *cgroup_kobj;
> > * inode's i_m
On Mon, Aug 24, 2015 at 01:04:35PM +0300, Vladimir Davydov wrote:
> When cgroup_path() is called from inside a container, its output is
> "virtualized", i.e. cgroup /CTID/A/B is reported as /A/B. This was done
> for userspace tools to not get confused by the output of some proc files
> (namely, /pr
Previously in commit 8674c044330fad1458bd59b02f9037fb97e8b7af stubs for
virtual terminals have been added, they support writes from kernel side
which simply drops into the void.
In the patch the code has been moved from kernel/ve/console.c
to drivers/tty/pty.c to reuse a couple of pty helpers.
No
From: Andrey Ryabinin
commit 8515522949951d81fe2d06c0a3292f171f2b8ec4 upstream.
Print informational message to tell user that kernel
runs with KASAN enabled.
Add a "kasan: " prefix to all messages in kasan_init_64.c.
Signed-off-by: Andrey Ryabinin
Cc: Alexander Popov
Cc: Alexander Potapenko
On Fri, Aug 21, 2015 at 06:22:18PM +0300, Cyrill Gorcunov wrote:
> >> +static envid_t vtty_get_context(void)
> >> +{
> >> + BUILD_BUG_ON(sizeof(current_veid) < sizeof(envid_t));
> >> + lockdep_assert_held(&tty_mutex);
> >> +
> >> + if (likely(current_veid == VTTY_USE_EXEC_VEID))
> >
> > Nit: l
From: Andrey Ryabinin
commit d4f86beacc21d538dc41e1fc75a22e084f547edf upstream.
While populating zero shadow wrong bits in upper level page
tables used. __PAGE_KERNEL_RO that was used for pgd/pud/pmd has
_PAGE_BIT_GLOBAL set. Global bit is present only in the lowest
level of the page translation
From: Andrey Ryabinin
commit 241d2c54c62fa0939fc9a9512b48ac3434e90a89 upstream.
load_cr3() doesn't cause tlb_flush if PGE enabled.
This may cause tons of false positive reports spamming the
kernel to death.
To fix this __flush_tlb_all() should be called explicitly
after CR3 changed.
Signed-of
From: Alexander Popov
commit 5d5aa3cfca5cf74cd928daf3674642e6004328d1 upstream.
Currently KASAN shadow region page tables created without
respect of physical offset (phys_base). This causes kernel halt
when phys_base is not zero.
So let's initialize KASAN shadow region page tables in
kasan_earl
From: Andrey Ryabinin
commit d0f77d4d04b222a817925d33ba3589b190bfa863 upstream.
Currently x86_64_start_kernel() has two KASAN related
function calls. The first call maps shadow to early_level4_pgt,
the second maps shadow to init_level4_pgt.
If we move clear_page(init_level4_pgt) earlier, we cou
From: Andrey Ryabinin
commit 6e54abac1b8e0b7febffdbad37b605daef1cfcff upstream.
It might be annoying to constantly see this:
scripts/Makefile.kasan:16: Cannot use CONFIG_KASAN:
-fsanitize=kernel-address is not supported by compiler
while performing allmodconfig/allyesconfig build test
From: Andrey Ryabinin
commit 923936157b158f36bd6a3d86496dce82b1a957de upstream.
Mempools keep allocated objects in reserved for situations when ordinary
allocation may not be possible to satisfy. These objects shouldn't be
accessed before they leave the pool.
This patch poison elements when ge
From: David Rientjes
commit bdfedb76f4f5aa5e37380e3b71adee4a39f30fc6 upstream.
Mempools keep elements in a reserved pool for contexts in which allocation
may not be possible. When an element is allocated from the reserved pool,
its memory contents is the same as when it was added to the reserve
From: Andrey Ryabinin
commit d3733e5c98e952d419e77fa721912f09d15a2806 upstream.
include/linux/moduleloader.h is more suitable place for this macro.
Also change alignment to PAGE_SIZE for CONFIG_KASAN=n as such
alignment already assumed in several places.
Signed-off-by: Andrey Ryabinin
Cc: Dmit
From: Andrey Ryabinin
commit a5af5aa8b67dfdba36c853b70564fd2dfe73d478 upstream.
Current approach in handling shadow memory for modules is broken.
Shadow memory could be freed only after memory shadow corresponds it is no
longer used. vfree() called from interrupt context could use memory its
f
From: Andrey Ryabinin
commit bebf56a1b176c2e1c9efe44e7e6915532cc682cf upstream.
This feature let us to detect accesses out of bounds of global variables.
This will work as for globals in kernel image, so for globals in modules.
Currently this won't work for symbols in user-specified sections (e.
From: Andrey Ryabinin
commit 6301939d97d079f0d3dbe71e750f4daf5d39fc33 upstream.
MODULE_DEVICE_TABLE() macro used to create aliases to device tables.
Normally alias should have the same type as aliased symbol.
Device tables are arrays, so they have 'struct type##_device_id[x]'
types. Alias creat
From: Andrey Ryabinin
commit 9ddf82521c86ae07af79dbe5a93c52890f2bab23 upstream.
KASan uses constructors for initializing redzones for global variables.
Globals instrumentation in GCC 4.9.2 produces constructors with priority
(.init_array.00099)
Currently kernel ignores such constructors. Only
From: Andrey Ryabinin
commit cb9e3c292d0115499c660028ad35ac5501d722b5 upstream.
For instrumenting global variables KASan will shadow memory backing memory
for modules. So on module loading we will need to allocate memory for
shadow and map it at address in shadow that corresponds to the address
From: Andrey Ryabinin
commit 71394fe50146202f2c8d92cf50f5ebc761acf254 upstream.
For instrumenting global variables KASan will shadow memory backing memory
for modules. So on module loading we will need to allocate memory for
shadow and map it at address in shadow that corresponds to the address
From: Andrey Ryabinin
commit c420f167db8c799d69fe43a801c58a7f02e9d57c upstream.
Stack instrumentation allows to detect out of bounds memory accesses for
variables allocated on stack. Compiler adds redzones around every
variable on stack and poisons redzones in function's prologue.
Such approac
From: Andrey Ryabinin
commit 393f203f5fd54421fddb1e2a263f64d3876eeadb upstream.
Recently instrumentation of builtin functions calls was removed from GCC
5.0. To check the memory accessed by such functions, userspace asan
always uses interceptors for them.
So now we should do this as well. Thi
From: Andrey Ryabinin
commit 3f15801cdc2379ca4bf507f48bffd788f9e508ae upstream.
This is a test module doing various nasty things like out of bounds
accesses, use after free. It is useful for testing kernel debugging
features like kernel address sanitizer.
It mostly concentrates on testing of s
From: Andrey Ryabinin
commit e79ed2f13faab8fc9d4ad76d5f5a241724e45836 upstream.
kmalloc internally round up allocation size, and kmemleak uses rounded up
size as object's size. This makes kasan to complain while kmemleak scans
memory or calculates of object's checksum. The simplest solution he
From: Andrey Ryabinin
commit df4c0e36f1b1782b0611a77c52cc240e5c4752dd upstream.
We need to manually unpoison rounded up allocation size for dname to avoid
kasan's reports in dentry_string_cmp(). When CONFIG_DCACHE_WORD_ACCESS=y
dentry_string_cmp may access few bytes beyound requested in kmalloc
From: Andrey Ryabinin
commit 0316bec22ec95ea2faca6406437b0b5950553b7c upstream.
With this patch kasan will be able to catch bugs in memory allocated by
slub. Initially all objects in newly allocated slab page, marked as
redzone. Later, when allocation of slub object happens, requested by
calle
From: Andrey Ryabinin
commit a79316c6178ca419e35feef47d47f50b4e0ee9f2 upstream.
It's ok for slub to access memory that marked by kasan as inaccessible
(object's metadata). Kasan shouldn't print report in that case because
these accesses are valid. Disabling instrumentation of slub.c code is no
From: Andrey Ryabinin
commit 75c66def8d815201aa0386ecc7c66a5c8dbca1ee upstream.
Remove static and add function declarations to linux/slub_def.h so it
could be used by kernel address sanitizer.
Signed-off-by: Andrey Ryabinin
Cc: Dmitry Vyukov
Cc: Konstantin Serebryany
Cc: Dmitry Chernenkov
S
From: Andrey Ryabinin
commit 912f5fbf1d3060f25d6994aed0265c55b974b2e9 upstream.
virt_to_obj takes kmem_cache address, address of slab page, address x
pointing somewhere inside slab object, and returns address of the
beginning of object.
Signed-off-by: Andrey Ryabinin
Acked-by: Christoph Lamete
From: Andrey Ryabinin
commit b8c73fc2493d42517be95cf2c89659fc6c6f4d02 upstream.
Add kernel address sanitizer hooks to mark allocated page's addresses as
accessible in corresponding shadow region. Mark freed pages as
inaccessible.
Signed-off-by: Andrey Ryabinin
Cc: Dmitry Vyukov
Cc: Konstanti
From: Andrey Ryabinin
commit ef7f0d6a6ca8c9e4b27d78895af86c2fbfaeedb2 upstream.
This patch adds arch specific code for kernel address sanitizer.
16TB of virtual addressed used for shadow memory. It's located in range
[ec00 - fc00] between vmemmap and %esp fixup
stacks.
From: Andrey Ryabinin
commit 786a8959912eb94fc2381c2ae487a96ce55dabca upstream.
Currently memory hotplug won't work with KASan. As we don't have shadow
for hotplugged memory, kernel will crash on the first access to it. To
make this work we will need to allocate shadow for new memory.
At some
From: Andrey Ryabinin
commit 0b24becc810dc3be6e3f94103a866f214c282394 upstream.
Kernel Address sanitizer (KASan) is a dynamic memory error detector. It
provides fast and comprehensive solution for finding use-after-free and
out-of-bounds bugs.
KASAN uses compile-time instrumentation for checki
From: Andrey Ryabinin
commit cb4188ac8e5779f66b9f55888ac2c75b391cde44 upstream.
To be consistent with other compiler attributes introduce __alias(symbol)
macro expanding into __attribute__((alias(#symbol)))
Signed-off-by: Andrey Ryabinin
Cc: Dmitry Vyukov
Cc: Konstantin Serebryany
Cc: Dmitry
From: Andrew Morton
commit 0f989f749b51ec1fd94bb5a42f8ad10c8b9f73cb upstream.
The patch "module: fix types of device tables aliases" newly requires that
invocations of
MODULE_DEVICE_TABLE(type, name);
come *after* the definition of `name'. That is reasonable, but some
drivers weren't doing th
From: Andrey Ryabinin
commit 02e72cc61713185013d958baba508288ba2a0157 upstream.
There are two versions of alloc/free hooks now - one for
CONFIG_SLUB_DEBUG=y and another one for CONFIG_SLUB_DEBUG=n.
I see no reason why calls to other debugging subsystems (LOCKDEP,
DEBUG_ATOMIC_SLEEP, KMEMCHECK a
From: Andrey Ryabinin
commit 928cec9cd6db53a68f54bc9ef1c54c674ba1c6bb upstream.
Functions krealloc(), __krealloc(), kzfree() belongs to slab API, so
should be placed in slab_common.c
Also move slab allocator's tracepoints defenitions to slab_common.c No
functional changes here.
Signed-off-by:
From: Ralf Baechle
commit 761845f0f68cf6eba9cad0a58d977b89f8d4486f upstream.
Original patch by Jianguo Wu .
Signed-off-by: Ralf Baechle
Signed-off-by: Andrey Ryabinin
---
arch/mips/kernel/module.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/mips/kernel/module.c
From: Jianguo Wu
commit 40c3baa7c66f1352521378ee83509fb8f4c465de upstream.
Use more appropriate NUMA_NO_NODE instead of -1 in all archs' module_alloc()
Signed-off-by: Jianguo Wu
Acked-by: David Rientjes
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
Signed-off-by: Andrey Ryabini
From: Wanpeng Li
commit 762216ab4e175f49d17bc7ad778c57b9028184e6 upstream.
Use wrapper function get_vm_area_size to calculate size of vm area.
Signed-off-by: Wanpeng Li
Cc: Dave Hansen
Cc: Rik van Riel
Cc: Fengguang Wu
Cc: Joonsoo Kim
Cc: Johannes Weiner
Cc: Tejun Heo
Cc: Yasuaki Ishimat
From: Andrey Ryabinin
commit 93b7aca35dd7bf0c3ba7ea0542b556bcfdb28e76 upstream.
I'm working on address sanitizer project for kernel. Recently we
started experiments with stack instrumentation, to detect out-of-bounds
read/write bugs on stack.
Just after booting I've hit out-of-bounds read on s
From: Vincent Guittot
commit c515db8cd311ef77b2dc7cbd6b695022655bb0f3 upstream.
Jet Chen has reported a kernel panics when booting qemu-system-x86_64 with
kvm64 cpu. A panic occured while building the sched_domain.
In sched_init_numa, we create a new topology table in which both default
levels
From: Joe Perches
commit cb984d101b30eb7478d32df56a0023e4603cba7f upstream.
As gcc major version numbers are going to advance rather rapidly in the
future, there's no real value in separate files for each compiler
version.
Deduplicate some of the macros #defined in each file too.
Neaten commen
From: "Kirill A. Shutemov"
commit 51b97e354ba9fce1890cf38ecc754aa49677fc89 upstream.
Sasha Levin reports:
"gcc5 changes the default standard to c11, which makes kernel build
unhappy
Explicitly define the kernel standard to be gnu89 which should keep
everything working exactly like it was
paches:
1-2 - fixes compilation with gcc >= 5
3-4 - small bugfixes.
5-11 - misc pathces, clenups mostly, needed
to avoid a lot of confilcts for the rest series.
6 - 39 - KASAN related patches
0001-kernel-use-the-gnu89-standard-explicitly.patch
0002-compiler-gcc-integrate-the-various-co
When cgroup_path() is called from inside a container, its output is
"virtualized", i.e. cgroup /CTID/A/B is reported as /A/B. This was done
for userspace tools to not get confused by the output of some proc files
(namely, /proc/PID/{cgroup,cpuset}). However, it is wrong to virtualize
cgroup_path()
On 22.08.2015 17:51, Vladimir Davydov wrote:
> These modules are required for adding the LOG iptables target.
>
> In PCS6 the LOG target is provided by ipt_LOG (in case of ipv4) or
> ip6t_LOG (in case of ipv6) module. In Vz7 it is split between xt_LOG
> (generic) and nf_log_ipv[46] (ipv[46] spec
47 matches
Mail list logo
