Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp5176505yba; Mon, 13 May 2019 06:41:23 -0700 (PDT) X-Google-Smtp-Source: APXvYqzGqqOvO+54cImMhQhnrrW6E8z8pCZmBOz0GaLuv8yf+nx/5uQGvsbsS/zCsvkyl+Iz8UfB X-Received: by 2002:aa7:9a8c:: with SMTP id w12mr32869973pfi.187.1557754883633; Mon, 13 May 2019 06:41:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557754883; cv=none; d=google.com; s=arc-20160816; b=d3f0jmcqK7V8iBicFOEsZZjb4EQJj8lLGYmKJfuOz/x78UoYiy+ocO4Yu57/XiVvoh 2qSR+NOXElgUsIVOEVyKNbJQDXeDZJQHExb2GoPvfXIwRujc9i93ibT+3OJQx3HVHvvf mfb19MFpf17o4LYi7Rk1Zjivx9UJ0c8UsUKmndkh8yqd1lVZLU2Acy91tE5abrEFEN5H fG1LGpfRGEFbSI2K6CHuBMZ9rJ4FFc8O2904+WIz4YoIYIC5RCGOYKOnP5DAFdQCONLl buApqz+uAYOQGPJ+H1GvYSyZpLP3nq1MSrRWfNiFA1Mx/pae7MmeLy80HWg4WIG8sWG5 mJyw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=EyY9RQIrZMYrvl0q1l1huYO8XPz7WlDo277h9NE+eA0=; b=wXLfDPuD7n8CtXDLwh0DmUdNtfU8m09xgaeDvJSCF+89X+52zOR/XfNu+I6N0Ws62c n+rwETOLWWXLNgMz9/Xw7hgwEN171ZAYMN0gCdSJ19NEp6D3OOnvvGN4SyuYyq0GrpcY fTGc3WUoIS5hChdGLJXPy0IW+tf16NTT+lMPGXS6ZnNMrh9h+mXIKD1A5A8a4QoHU09S WFzPIhOd76ZMwe3uR/FyuCpX8TG9yEWIvYPRDJqOR00gza0icKPtaAteF2ASH0RvaeQm e8hKoAUWaQBPsY+o21nVYLo1tVgUZweQHwklQZ/T/84i2h4FWcGiTCzicQ9oYwv7mry4 HSVg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id cn19si18781816plb.400.2019.05.13.06.41.07; Mon, 13 May 2019 06:41:23 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729842AbfEMMY3 (ORCPT + 99 others); Mon, 13 May 2019 08:24:29 -0400 Received: from mx2.suse.de ([195.135.220.15]:33716 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1727414AbfEMMY2 (ORCPT ); Mon, 13 May 2019 08:24:28 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id 3605CAEFC; Mon, 13 May 2019 12:24:27 +0000 (UTC) Date: Mon, 13 May 2019 14:24:24 +0200 From: Petr Mladek To: Steven Rostedt Cc: Martin Schwidefsky , Linus Torvalds , Andy Shevchenko , Rasmus Villemoes , "Tobin C . Harding" , Michal Hocko , Sergey Senozhatsky , Sergey Senozhatsky , linux-kernel@vger.kernel.org, Michael Ellerman , linuxppc-dev@lists.ozlabs.org, Russell Currey , Christophe Leroy , Stephen Rothwell , Heiko Carstens , linux-arch@vger.kernel.org, linux-s390@vger.kernel.org Subject: Re: [PATCH] vsprintf: Do not break early boot with probing addresses Message-ID: <20190513122424.ynaox4v77uhgmvn6@pathway.suse.cz> References: <20190510081635.GA4533@jagdpanzerIV> <20190510084213.22149-1-pmladek@suse.com> <20190510122401.21a598f6@gandalf.local.home> <20190510183258.1f6c4153@mschwideX1> <20190510124058.0d44b441@gandalf.local.home> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190510124058.0d44b441@gandalf.local.home> User-Agent: NeoMutt/20170912 (1.9.0) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri 2019-05-10 12:40:58, Steven Rostedt wrote: > On Fri, 10 May 2019 18:32:58 +0200 > Martin Schwidefsky wrote: > > > On Fri, 10 May 2019 12:24:01 -0400 > > Steven Rostedt wrote: > > > > > On Fri, 10 May 2019 10:42:13 +0200 > > > Petr Mladek wrote: > > > > > > > static const char *check_pointer_msg(const void *ptr) > > > > { > > > > - char byte; > > > > - > > > > if (!ptr) > > > > return "(null)"; > > > > > > > > - if (probe_kernel_address(ptr, byte)) > > > > + if ((unsigned long)ptr < PAGE_SIZE || IS_ERR_VALUE(ptr)) > > > > return "(efault)"; > > > > > > > > > > > > > < PAGE_SIZE ? > > > > > > do you mean: < TASK_SIZE ? > > > > The check with < TASK_SIZE would break on s390. The 'ptr' is > > in the kernel address space, *not* in the user address space. > > Remember s390 has two separate address spaces for kernel/user > > the check < TASK_SIZE only makes sense with a __user pointer. > > > > So we allow this to read user addresses? Can't that cause a fault? I did some quick check and did not found anywhere a user pointer being dereferenced via vsprintf(). In each case, %s did the check (ptr < PAGE_SIZE) even before this patchset. The other checks are in %p format modifiers that are used to print various kernel structures. Finally, it accesses the pointer directly. I am not completely sure but I think that it would not work that easily with an address from the user address space. Best Regards, Petr