.
https://jira.sw.ru/browse/PSBM-33841
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
mm/page-writeback.c | 122 +++-
1 file changed, 121 insertions(+), 1 deletion(-)
diff --git a/mm/page-writeback.c b/mm/page-writeback.c
index 4
This patch adds balance_dirty_pages_ub() which is mostly copy-paste
of balance_dirty_pages() from PCS6. balance_dirty_pages_ub() is invoked
only for containers. The original balance_dirty_pages() still used for
global writeback.
https://jira.sw.ru/browse/PSBM-33841
Signed-off-by: Andrey Ryabinin
Small preparational chages for the next patch:
* export writeback_inodes_wb() and add new argument 'struct user_beancounter
*ub'
* add beancounter pointer to struct wb_writeback_work.
* Pass beacounter to __bdi_start_writeback().
https://jira.sw.ru/browse/PSBM-33841
Signed-off-by: Andrey
don't TAINT the kernel with 'tech preview' when using user namespaces.
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
kernel/user_namespace.c | 4
1 file changed, 4 deletions(-)
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
index 060a6f7..fe53b77
It seems that commit d23da150a37c ("fs/superblock: avoid locking
counting inodes and dentries before reclaiming them")
wasn't applied correctly durring rebase to RHEL 7.2.
Fix this up.
https://bugs.openvz.org/browse/OVZ-6646
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo
On 12/25/2015 03:42 PM, Dmitry Safonov wrote:
>
> Signed-off-by: Dmitry Safonov
@virtuozzo.com
___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
-link:
http://lkml.kernel.org/g/<1450691685-29413-1-git-send-email-aryabi...@virtuozzo.com>
Fixes: 2a8cc6c89039 ("[IPV6] ADDRCONF: Support RFC3484 configurable address
selection policy table.")
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
net/ipv6/addr
On 12/10/2015 07:06 PM, Andrew Vagin wrote:
> #define JOBCTL_TRAPPING_BIT 21 /* switching to TRACED */
> #define JOBCTL_TRAPPING (1 << JOBCTL_TRAPPING_BIT)
>
> https://jira.sw.ru/browse/PSBM-42052
Fucked-up-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
On 12/09/2015 12:55 PM, Vladimir Davydov wrote:
>> +/*
>> + * Restart iteration over the radix tree, because the
>> + * current node could have been freed when we dropped
>> + * the lock.
>> + */
eed to resched the task.
https://jira.sw.ru/browse/PSBM-42104
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
mm/tcache.c | 23 +++
1 file changed, 15 insertions(+), 8 deletions(-)
diff --git a/mm/tcache.c b/mm/tcache.c
index b8757cf..a09ae49 100644
eed to resched the task.
https://jira.sw.ru/browse/PSBM-42104
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
mm/tcache.c | 28 ++--
1 file changed, 18 insertions(+), 10 deletions(-)
diff --git a/mm/tcache.c b/mm/tcache.c
index b8757cf..9bf7564 100644
tcache_invalidate_node_pages() temporarly drops/takes back node->tree_lock.
Once lock was dropped, another thread might remove and free the next slot.
Don't drop the looks.
https://jira.sw.ru/browse/PSBM-42104
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
mm/tcac
pre-mount namespace days,
we don't need it today.
https://jira.sw.ru/browse/PSBM-41919
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
fs/dcache.c| 53 --
fs/proc/base.c | 31 +
f
<da...@davemloft.net>
> Signed-off-by: Stanislav Kinsburskiy <skinsbur...@odin.com>
> ---
> net/ipv4/ipmr.c |7 +--
> net/ipv6/ip6mr.c |7 +--
> 2 files changed, 10 insertions(+), 4 deletions(-)
>
What about dn_fib_lookup()? Do we need a similar patch
Global root is allowed to exceed memlock limit, so this should be
allowed for container's root too.
capable() works only for global root, so use ve_capable() instead.
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
mm/mlock.c | 8
mm/mmap.c | 6 +++---
mm/mremap
On 11/23/2015 12:51 PM, Andrey Ryabinin wrote:
> Global root is allowed to exceed memlock limit, so this should be
> allowed for container's root too.
> capable() works only for global root, so use ve_capable() instead.
>
https://jira.sw.ru/browse/PSBM-41405
> Signed-off-by:
On 11/23/2015 03:47 PM, Stanislav Kinsburskiy wrote:
> This patch fixed flase positive, reported by KASan.
>
s/flase/false
s/KASan/kmemleak
> https://jira.sw.ru/browse/PSBM-41453
>
> Signed-off-by: Stanislav Kinsburskiy
> ---
> net/core/fib_rules.c |4
> 1
On 11/23/2015 06:46 PM, Stanislav Kinsburskiу wrote:
> +1
> I'm curious, why network namespace is not reported as leaked...
>
>>
>>> 3) This object holds network namespace. And it also have to be leaked
>>> leaked after CT stop. Is it?
Why do you think it leaked?
How the rule could hold the
On 11/23/2015 06:09 PM, Stanislav Kinsburskiy wrote:
>
>
> 23.11.2015 14:49, Andrey Ryabinin пишет:
>> On 11/23/2015 03:47 PM, Stanislav Kinsburskiy wrote:
>>> This patch fixed flase positive, reported by KASan.
>>>
>> s/flase/false
>> s/KASan/k
On 11/23/2015 07:04 PM, Stanislav Kinsburskiy wrote:
>
>
> 23.11.2015 16:53, Andrey Ryabinin пишет:
>>
>> On 11/23/2015 06:46 PM, Stanislav Kinsburskiу wrote:
>>
>>> +1
>>> I'm curious, why network namespace is not reported as leaked...
>
ns Axboe <ax...@fb.com>
https://jira.sw.ru/browse/PSBM-41334
(cherry picked from commit 95e5d6f62693f27d9011ec307eb32c6126314ea3)
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
block/cfq-iosched.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/block
.com>
Cc: Vivek Goyal <vgo...@redhat.com>
Cc: Arianna Avanzini <avanzini.aria...@gmail.com>
Signed-off-by: Jens Axboe <ax...@fb.com>
https://jira.sw.ru/browse/PSBM-41334
(cherry picked from commit bce6133b09013f70d41a678d262a12147ed43889)
Signed-off-by: Andrey Ryabinin <
jira.sw.ru/browse/PSBM-41334
(cherry picked from commit 4ebc1c61d6185604c97fd0b0355ab668052044ab)
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
block/cfq-iosched.c | 13 +++--
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/block/cfq-iosched.c b/block/cfq-i
is the only place which sets that bit iff
task_is_stopped(), thus TRAPPING_BIT is clear indication that ptrace_attach
waits for clearing that bit => we shouldn't freeze.
https://jira.sw.ru/browse/PSBM-40683
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
kernel/freezer.c | 3
his memory
doesn't contain any pointers.
https://jira.sw.ru/browse/PSBM-41328
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
Changes since v1:
- Use kmemleak_ignore() instead of kmemleak_not_leak(), since shadow memory
doesn't contain
any pointers
mm/kasan/kasan.c | 2 ++
<a...@linux-foundation.org>
Signed-off-by: Linus Torvalds <torva...@linux-foundation.org>
(cherry picked from commit 66f2ca7e3f59312888131546176b42d6e248558a)
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
include/linux/kmemleak.h | 2 ++
1 file changed, 2 insertions(
On 11/18/2015 04:09 PM, Cyrill Gorcunov wrote:
> On Wed, Nov 18, 2015 at 03:49:57PM +0300, Konstantin Khorenko wrote:
>> And do we need the following patch after sig_ve_ignored() is removed?
>>
>>
>> commit 5bd842976fb9d014452287bdadc9d592aabe688b
>> Author: Cyrill Gorcunov
On 11/18/2015 04:18 PM, Cyrill Gorcunov wrote:
> On Wed, Nov 18, 2015 at 04:16:32PM +0300, Andrey Ryabinin wrote:
>> On 11/18/2015 04:09 PM, Cyrill Gorcunov wrote:
>>> On Wed, Nov 18, 2015 at 03:49:57PM +0300, Konstantin Khorenko wrote:
>>>> And do we need the follow
<a...@linux-foundation.org>
Signed-off-by: Linus Torvalds <torva...@linux-foundation.org>
(cherry picked from commit 66f2ca7e3f59312888131546176b42d6e248558a)
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
include/linux/kmemleak.h | 2 ++
1 file changed, 2 insertions(
PSBM-41328
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
mm/kasan/kasan.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/mm/kasan/kasan.c b/mm/kasan/kasan.c
index d6798bc..8853b7e 100644
--- a/mm/kasan/kasan.c
+++ b/mm/kasan/kasan.c
@@ -19,6 +19,7 @@
#include
#in
-checks-from-READ-WRITE-_ONCE.patch
0005-x86-process-Add-proper-bound-checks-in-64bit-get_wch.patch
0006-x86-process-Unify-32bit-and-64bit-implementations-of.patch
0007-compiler-atomics-kasan-Provide-READ_ONCE_NOCHECK.patch
0008-x86-mm-kasan-Silence-KASAN-warnings-in-get_wchan.patch
Andrey
. ]
Signed-off-by: Ingo Molnar <mi...@kernel.org>
(cherry picked from commit 3ee4298f440c81638cbb5ec06f2497fb7a9a9eb4)
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
arch/x86/include/asm/processor.h | 3 ++-
arch/x86/include/asm/thread_info.h | 27
not be applied to that function. We
declare it as static '__maybe_unsed' because GCC is not capable
to inline such function:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67368
With KASAN=n READ_ONCE_NOCHECK() is just a clone of READ_ONCE().
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com&
get_wchan() is racy by design, it may access volatile stack
of running task, thus it may access redzone in a stack frame
and cause KASAN to warn about this.
Use READ_ONCE_NOCHECK() to silence these warnings.
Reported-by: Sasha Levin <sasha.le...@oracle.com>
Signed-off-by: Andrey Ryabinin &
herry picked from commit dd36929720f40f17685e841ae0d4c581c165ea60)
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
include/linux/compiler.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/linux/compiler.h b/include/linux/compiler.h
index 0737107..39fe1dc 100644
--- a/include/linux/
l...@linux.vnet.ibm.com>
Cc: Stephen Rothwell <s...@canb.auug.org.au>
Cc: Thomas Gleixner <t...@linutronix.de>
Signed-off-by: Ingo Molnar <mi...@kernel.org>
(cherry picked from commit 7bd3e239d6c6d1cad276e8f130b386df4234dcd7)
Signed-off-by: Andrey Ryabinin <aryabi...@virtu
ix.de
Signed-off-by: Thomas Gleixner <t...@linutronix.de>
(cherry picked from commit 7ba78053aacb89998a052843e3c56983c31d57f0)
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
arch/x86/kernel/process.c| 55 +++
arch/x86/kernel/process_32.c | 28 --
i-muenchen.de>
Signed-off-by: Thomas Gleixner <t...@linutronix.de>
Reviewed-by: Borislav Petkov <b...@alien8.de>
Reviewed-by: Dmitry Vyukov <dvyu...@google.com>
Cc: Andrey Ryabinin <ryabinin@gmail.com>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Andrey Kono
;borntrae...@de.ibm.com>
(cherry picked from commit 230fa253df6352af12ad0a16128760b5cb3f92df)
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
include/linux/compiler.h | 74
1 file changed, 74 insertions(+)
diff --git a/include/linux/co
On 11/12/2015 08:07 PM, Stanislav Kinsburskiу wrote:
>
> 12 нояб. 2015 г. 17:51 пользователь Andrey Wagin написал:
>>
>>
>>
>> [root@fc22-vm ~]# unshare --fork -p
>> [root@fc22-vm ~]# kill -9 1
>> [root@fc22-vm ~]# kill -9 1
>> [root@fc22-vm ~]# kill -9 1
>> [root@fc22-vm
.
https://jira.sw.ru/browse/PSBM-40896
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
include/linux/ve_proto.h | 3 ---
kernel/signal.c | 27 ++-
2 files changed, 2 insertions(+), 28 deletions(-)
diff --git a/include/linux/ve_proto.h b/i
On 11/12/2015 05:59 PM, Stanislav Kinsburskiy wrote:
>
> 12.11.2015 15:53, Andrey Wagin пишет:
>> 2015-11-12 17:46 GMT+03:00 Stanislav Kinsburskiу <skinsbur...@odin.com>:
>>> 12 нояб. 2015 г. 15:14 пользователь Andrey Ryabinin
>>> <aryabi...@virtuozz
On 11/12/2015 07:08 PM, Stanislav Kinsburskiy wrote:
>
>
> 12.11.2015 16:47, Andrey Ryabinin пишет:
>> On 11/12/2015 05:59 PM, Stanislav Kinsburskiy wrote:
>>> 12.11.2015 15:53, Andrey Wagin пишет:
>>>> 2015-11-12 17:46 GMT+03:00 Stanislav Kinsburskiу &
Add new helper ve_init_user_ns() which returns initial namespace for
current ve, and use it in do_new_mount()
https://jira.sw.ru/browse/PSBM-41075
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
fs/namespace.c | 8 +---
include/linux/ve.h | 9 +
kernel/v
Currently mounting fuse fs inside CT fails because
we don't pass (file->f_cred->user_ns != _user_ns) check.
Test file's namespace against VE's init_cred->user_ns instead.
This allows to use fuse inside containers.
https://jira.sw.ru/browse/PSBM-41075
Signed-off-by: Andrey Ryabini
On 11/10/2015 05:52 PM, Stanislav Kinsburskiy wrote:
>> goto err;
>> +if (get_exec_env()->init_cred)
>> +root_user_ns = get_exec_env()->init_cred->user_ns;
>> +else
>> +root_user_ns = _user_ns;
>> +
>
> We have some helper for this, if I'm not mistaken.
>
herry picked from commit 8818970d8d361e358dd61e5d5774e67794cde791)
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 17 +++--
1 file changed, 7 insertions(+), 10 deletions(-)
diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_
herry picked from commit f1f965793b2bb8a75067e94acbe886a61637cab8)
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 13 +
1 file changed, 5 insertions(+), 8 deletions(-)
diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
b/drivers/net/eth
Currently mounting fuse fs inside CT fails because
we don't pass (file->f_cred->user_ns != _user_ns) check.
Test file's namespace against VE's init_cred->user_ns instead.
This allows to use fuse inside containers.
https://jira.sw.ru/browse/PSBM-41075
Signed-off-by: Andrey Ryabini
dmesg |grep Killed
Before:
Killed process 14892 (trinity-c271) total-vm:97920kB, anon-rss:2508kB,
file-rss:1060kB
After:
Killed process 14892 (trinity-c271) in ve 4 total-vm:97920kB,
anon-rss:2508kB, file-rss:1060kB
https://jira.sw.ru/browse/PSBM-40610
Signed-off-by: Andrey
erent net namespaces will not be able
share the same nsm_handle.
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
Signed-off-by: J. Bruce Fields <bfie...@redhat.com>
https://jira.sw.ru/browse/PSBM-39721
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
issue]
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
fs/lockd/mon.c | 13 +
include/linux/sunrpc/clnt.h | 3 ++-
net/sunrpc/clnt.c | 12 +++-
net/sunrpc/rpcb_clnt.c | 8 ++--
4 files changed, 24 insertions(+), 12 deletions(-)
diff
..@intel.com>
Cc: Johannes Weiner <han...@cmpxchg.org>
Signed-off-by: Andrew Morton <a...@linux-foundation.org>
Signed-off-by: Linus Torvalds <torva...@linux-foundation.org>
Fixes: https://jira.sw.ru/browse/PSBM-40116
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.co
motoh...@jp.fujitsu.com>
Cc: Wu Fengguang <fengguang...@intel.com>
Cc: Johannes Weiner <han...@cmpxchg.org>
Signed-off-by: Andrew Morton <a...@linux-foundation.org>
Signed-off-by: Linus Torvalds <torva...@linux-foundation.org>
Fixes: https://jira.sw.ru/browse/PSBM-40116
S
On 09/17/2015 10:46 AM, Andrey Ryabinin wrote:
> From: Trond Myklebust <trond.mykleb...@primarydata.com>
>
> commit 03a9a42a1a7e5b3e7919ddfacc1d1cc81882a955 upstream.
>
> Fix an Oopsable condition when nsm_mon_unmon is called as part of the
> namespace cleanup, whic
issue]
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
fs/lockd/mon.c | 13 +
include/linux/sunrpc/clnt.h | 3 ++-
net/sunrpc/clnt.c | 12 +++-
net/sunrpc/rpcb_clnt.c | 8 ++--
4 files changed, 24 insertions(+), 12 deletions(-)
diff
On 09/07/2015 04:56 PM, Vladimir Davydov wrote:
> On Fri, Sep 04, 2015 at 05:06:14PM +0300, Andrey Ryabinin wrote:
> ...
>> @@ -457,6 +457,8 @@ static void get_map(struct kmem_cache *s, struct page
>> *page, unsigned long *map)
>> */
>> #ifdef CONFIG_SLUB_DEBU
On 09/07/2015 04:59 PM, Vladimir Davydov wrote:
> On Fri, Sep 04, 2015 at 05:06:15PM +0300, Andrey Ryabinin wrote:
> ...
>> diff --git a/mm/kasan/report.c b/mm/kasan/report.c
>> index ad69bac..17af572 100644
>> --- a/mm/kasan/report.c
>> +++ b/mm/kasan/report.c
>
CONFIG_KASAN=y significantly increases kernel's memory usage.
160Mb for crash kernel is not enough. Increase it up to
196Mb.
https://jira.sw.ru/browse/PSBM-39339
Signed-off-by: Andrey Ryabinin <aryabi...@odin.com>
---
include/asm-generic/kexec.h | 4
1 file changed, 4 insertions(+)
This is usefull for automated testing.
https://jira.sw.ru/browse/PSBM-39339
Signed-off-by: Andrey Ryabinin <aryabi...@odin.com>
---
mm/kasan/report.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/mm/kasan/report.c b/mm/kasan/report.c
index ad69bac..17af572 100644
--- a/mm/kasan/re
.
So we should enable this by default.
https://jira.sw.ru/browse/PSBM-39339
Signed-off-by: Andrey Ryabinin <aryabi...@odin.com>
---
Documentation/kasan.txt | 3 +--
mm/slub.c | 2 ++
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/Documentation/kasan
value.
https://jira.sw.ru/browse/PSBM-39339
Signed-off-by: Andrey Konovalov <andreyk...@google.com>
Signed-off-by: Andrey Ryabinin <aryabi...@odin.com>
---
mm/kasan/kasan.c | 8 +---
mm/kasan/kasan.h | 3 ---
mm/kasan/report.c | 45 +++--
3
'kasan_print_till_death'
boot option.
https://jira.sw.ru/browse/PSBM-39339
Signed-off-by: Andrey Ryabinin <aryabi...@odin.com>
---
mm/kasan/report.c | 14 ++
1 file changed, 14 insertions(+)
diff --git a/mm/kasan/report.c b/mm/kasan/report.c
index 17af572..515ab38 100644
--- a/mm
Currently context size (cra_ctxsize) doesn't specified for
ghash_async_alg. Which means it's zero. Thus crypto_create_tfm()
doesn't allocate needed space for ghash_async_ctx, so any
read/write to ctx becomes invalid.
https://jira.sw.ru/browse/PSBM-38669
Signed-off-by: Andrey Ryabinin aryabi
Commit 18f83b2460e2 (ve/kmod: Port autoloading from CT) extended
argv array for one more element, however it wasn't extended
on allocation site.
https://jira.sw.ru/browse/PSBM-38666
Fixes: 18f83b2460e2 (ve/kmod: Port autoloading from CT)
Signed-off-by: Andrey Ryabinin aryabi...@odin.com
Cc
-initialized.patch
Alexander Popov (1):
x86/kasan: Fix KASAN shadow region page tables
Andrew Morton (1):
MODULE_DEVICE_TABLE: fix some callsites
Andrey Ryabinin (30):
lib/idr.c: fix out-of-bounds pointer dereference
mm: move slab related stuff from util.c to slab_common.c
mm: slub
-off-by: Sasha Levin sasha.le...@oracle.com
Singed-off-by: Kirill A. Shutemov kirill.shute...@linux.intel.com
Signed-off-by: Linus Torvalds torva...@linux-foundation.org
Signed-off-by: Andrey Ryabinin aryabi...@odin.com
---
Makefile | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff
: Alan Modra amo...@gmail.com
Signed-off-by: Andrew Morton a...@linux-foundation.org
Signed-off-by: Linus Torvalds torva...@linux-foundation.org
Signed-off-by: Andrey Ryabinin aryabi...@odin.com
---
include/linux/compiler-gcc.h | 120 --
include/linux/compiler
://lkml.kernel.org/r/1399972261-25693-1-git-send-email-vincent.guit...@linaro.org
Signed-off-by: Ingo Molnar mi...@kernel.org
Signed-off-by: Andrey Ryabinin aryabi...@odin.com
---
kernel/sched/core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 93b7aca35dd7bf0c3ba7ea0542b556bcfdb28e76 upstream.
I'm working on address sanitizer project for kernel. Recently we
started experiments with stack instrumentation, to detect out-of-bounds
read/write bugs on stack.
Just after booting I've hit
: Jiri Kosina jkos...@suse.cz
Cc: Wanpeng Li liw...@linux.vnet.ibm.com
Signed-off-by: Andrew Morton a...@linux-foundation.org
Signed-off-by: Linus Torvalds torva...@linux-foundation.org
Signed-off-by: Andrey Ryabinin aryabi...@odin.com
---
mm/vmalloc.c | 12 ++--
1 file changed, 6 insertions
a...@linux-foundation.org
Signed-off-by: Linus Torvalds torva...@linux-foundation.org
Signed-off-by: Andrey Ryabinin aryabi...@odin.com
---
arch/arm/kernel/module.c| 2 +-
arch/arm64/kernel/module.c | 2 +-
arch/parisc/kernel/module.c | 2 +-
arch/s390/kernel/module.c | 2 +-
arch/sparc
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 928cec9cd6db53a68f54bc9ef1c54c674ba1c6bb upstream.
Functions krealloc(), __krealloc(), kzfree() belongs to slab API, so
should be placed in slab_common.c
Also move slab allocator's tracepoints defenitions to slab_common.c No
functional changes
From: Ralf Baechle r...@linux-mips.org
commit 761845f0f68cf6eba9cad0a58d977b89f8d4486f upstream.
Original patch by Jianguo Wu wujian...@huawei.com.
Signed-off-by: Ralf Baechle r...@linux-mips.org
Signed-off-by: Andrey Ryabinin aryabi...@odin.com
---
arch/mips/kernel/module.c | 3 ++-
1 file
From: Andrey Ryabinin a.ryabi...@samsung.com
commit cb4188ac8e5779f66b9f55888ac2c75b391cde44 upstream.
To be consistent with other compiler attributes introduce __alias(symbol)
macro expanding into __attribute__((alias(#symbol)))
Signed-off-by: Andrey Ryabinin a.ryabi...@samsung.com
Cc: Dmitry
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 0b24becc810dc3be6e3f94103a866f214c282394 upstream.
Kernel Address sanitizer (KASan) is a dynamic memory error detector. It
provides fast and comprehensive solution for finding use-after-free and
out-of-bounds bugs.
KASAN uses compile-time
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 786a8959912eb94fc2381c2ae487a96ce55dabca upstream.
Currently memory hotplug won't work with KASan. As we don't have shadow
for hotplugged memory, kernel will crash on the first access to it. To
make this work we will need to allocate shadow
From: Andrey Ryabinin a.ryabi...@samsung.com
commit ef7f0d6a6ca8c9e4b27d78895af86c2fbfaeedb2 upstream.
This patch adds arch specific code for kernel address sanitizer.
16TB of virtual addressed used for shadow memory. It's located in range
[ec00 - fc00] between vmemmap
From: Andrey Ryabinin a.ryabi...@samsung.com
commit b8c73fc2493d42517be95cf2c89659fc6c6f4d02 upstream.
Add kernel address sanitizer hooks to mark allocated page's addresses as
accessible in corresponding shadow region. Mark freed pages as
inaccessible.
Signed-off-by: Andrey Ryabinin a.ryabi
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 912f5fbf1d3060f25d6994aed0265c55b974b2e9 upstream.
virt_to_obj takes kmem_cache address, address of slab page, address x
pointing somewhere inside slab object, and returns address of the
beginning of object.
Signed-off-by: Andrey Ryabinin
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 75c66def8d815201aa0386ecc7c66a5c8dbca1ee upstream.
Remove static and add function declarations to linux/slub_def.h so it
could be used by kernel address sanitizer.
Signed-off-by: Andrey Ryabinin a.ryabi...@samsung.com
Cc: Dmitry Vyukov dvyu
From: Andrey Ryabinin a.ryabi...@samsung.com
commit a79316c6178ca419e35feef47d47f50b4e0ee9f2 upstream.
It's ok for slub to access memory that marked by kasan as inaccessible
(object's metadata). Kasan shouldn't print report in that case because
these accesses are valid. Disabling
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 0316bec22ec95ea2faca6406437b0b5950553b7c upstream.
With this patch kasan will be able to catch bugs in memory allocated by
slub. Initially all objects in newly allocated slab page, marked as
redzone. Later, when allocation of slub object
From: Andrey Ryabinin a.ryabi...@samsung.com
commit df4c0e36f1b1782b0611a77c52cc240e5c4752dd upstream.
We need to manually unpoison rounded up allocation size for dname to avoid
kasan's reports in dentry_string_cmp(). When CONFIG_DCACHE_WORD_ACCESS=y
dentry_string_cmp may access few bytes
From: Andrey Ryabinin a.ryabi...@samsung.com
commit e79ed2f13faab8fc9d4ad76d5f5a241724e45836 upstream.
kmalloc internally round up allocation size, and kmemleak uses rounded up
size as object's size. This makes kasan to complain while kmemleak scans
memory or calculates of object's checksum
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 3f15801cdc2379ca4bf507f48bffd788f9e508ae upstream.
This is a test module doing various nasty things like out of bounds
accesses, use after free. It is useful for testing kernel debugging
features like kernel address sanitizer.
It mostly
From: Andrey Ryabinin a.ryabi...@samsung.com
commit c420f167db8c799d69fe43a801c58a7f02e9d57c upstream.
Stack instrumentation allows to detect out of bounds memory accesses for
variables allocated on stack. Compiler adds redzones around every
variable on stack and poisons redzones in function's
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 71394fe50146202f2c8d92cf50f5ebc761acf254 upstream.
For instrumenting global variables KASan will shadow memory backing memory
for modules. So on module loading we will need to allocate memory for
shadow and map it at address in shadow
From: Andrey Ryabinin a.ryabi...@samsung.com
commit cb9e3c292d0115499c660028ad35ac5501d722b5 upstream.
For instrumenting global variables KASan will shadow memory backing memory
for modules. So on module loading we will need to allocate memory for
shadow and map it at address in shadow
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 9ddf82521c86ae07af79dbe5a93c52890f2bab23 upstream.
KASan uses constructors for initializing redzones for global variables.
Globals instrumentation in GCC 4.9.2 produces constructors with priority
(.init_array.00099)
Currently kernel ignores
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 6301939d97d079f0d3dbe71e750f4daf5d39fc33 upstream.
MODULE_DEVICE_TABLE() macro used to create aliases to device tables.
Normally alias should have the same type as aliased symbol.
Device tables are arrays, so they have 'struct type##_device_id
From: Andrey Ryabinin a.ryabi...@samsung.com
commit bebf56a1b176c2e1c9efe44e7e6915532cc682cf upstream.
This feature let us to detect accesses out of bounds of global variables.
This will work as for globals in kernel image, so for globals in modules.
Currently this won't work for symbols in user
Cc: Catalin Marinas catalin.mari...@arm.com
Signed-off-by: Fabio Estevam fabio.este...@freescale.com
Signed-off-by: Arnd Bergmann a...@arndb.de
Signed-off-by: Andrew Morton a...@linux-foundation.org
Signed-off-by: Linus Torvalds torva...@linux-foundation.org
Signed-off-by: Andrey Ryabinin aryabi
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 923936157b158f36bd6a3d86496dce82b1a957de upstream.
Mempools keep allocated objects in reserved for situations when ordinary
allocation may not be possible to satisfy. These objects shouldn't be
accessed before they leave the pool.
This patch
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 6e54abac1b8e0b7febffdbad37b605daef1cfcff upstream.
It might be annoying to constantly see this:
scripts/Makefile.kasan:16: Cannot use CONFIG_KASAN:
-fsanitize=kernel-address is not supported by compiler
while performing allmodconfig
From: Andrey Ryabinin a.ryabi...@samsung.com
commit d0f77d4d04b222a817925d33ba3589b190bfa863 upstream.
Currently x86_64_start_kernel() has two KASAN related
function calls. The first call maps shadow to early_level4_pgt,
the second maps shadow to init_level4_pgt.
If we move clear_page
profit to the code readability. Otherwise describing all
the new order dependencies would be too verbose.
Signed-off-by: Alexander Popov alpo...@ptsecurity.com
Signed-off-by: Andrey Ryabinin a.ryabi...@samsung.com
Cc: sta...@vger.kernel.org # 4.0+
Cc: Alexander Potapenko gli...@google.com
Cc
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 241d2c54c62fa0939fc9a9512b48ac3434e90a89 upstream.
load_cr3() doesn't cause tlb_flush if PGE enabled.
This may cause tons of false positive reports spamming the
kernel to death.
To fix this __flush_tlb_all() should be called explicitly
after
From: Andrey Ryabinin a.ryabi...@samsung.com
commit d4f86beacc21d538dc41e1fc75a22e084f547edf upstream.
While populating zero shadow wrong bits in upper level page
tables used. __PAGE_KERNEL_RO that was used for pgd/pud/pmd has
_PAGE_BIT_GLOBAL set. Global bit is present only in the lowest
level
From: Andrey Ryabinin a.ryabi...@samsung.com
commit 8515522949951d81fe2d06c0a3292f171f2b8ec4 upstream.
Print informational message to tell user that kernel
runs with KASAN enabled.
Add a kasan: prefix to all messages in kasan_init_64.c.
Signed-off-by: Andrey Ryabinin a.ryabi...@samsung.com
Cc
901 - 1000 of 1007 matches
Mail list logo