Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp1596816ybv; Fri, 21 Feb 2020 00:00:36 -0800 (PST) X-Google-Smtp-Source: APXvYqy79yo6vggWddJPYIbv9nrQtZLEvsasv4BD2orvZdj7BMdbGGvWYfWO3jKgqVGQOHRyXJnB X-Received: by 2002:a05:6808:487:: with SMTP id z7mr957478oid.59.1582272036830; Fri, 21 Feb 2020 00:00:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582272036; cv=none; d=google.com; s=arc-20160816; b=M5yG3TC+gjCyhuLJKTLN23X3BNfEQpKOiEyBf9WaXH1jnGAafojMGdhkKI/ue7RDsa TB+NToCgJHY9yiShRm1zXOlUlRhvLttVx3aYBe6dZAbF5DUQEQ3Rcy4gs5E3SGDXG5Yi R+XM/DJ6y9d5yAWkBhBbPUtF1NZGxibW7cMEj/zxPjoe8I4R8Bx2wRakiEXDVBUECEmF UqtT9ZZO1FZxcZV+QhQN30roNAGrhkvbw90bcWPHprz4M26rusTMxN9NiXtkWHyKb7wo 6nVz5OWzkZMn+Ta5PxIxJupOddPatngTOiyLwbV4QYYC6F7DXMsps9v35daRFJvhXKDN kybQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=OOcIAb8l2cdi0hn2wB/s2lX00w1qBvpBaw1lSoJGNbc=; b=lBFuYPKenKafLJQ4ZWgRhzAfTNIwz/KE0KEtXz1/2JZ5a2gqCOBxrpvbYYbFX17APx rhObMKptRr+srVGLNq5cpRX9bVDkPCkRSsGTqpE66px7T3CD6Sw4G/IGC50CyIrp9w3z 5G0LvsXmf7r9svz7ch5z0+OhFCYmwnXUh31RI8v6T6USZ7O9BdIoGT3W52umL/cKB/8B HGPsbhD7qmUeiUYzhqjxfVK+pwVsuE2ZAfO9oYcBFO0Ul7DWleXAUjZNzf1Lk7xQ20TK CyX6WkHV4IXbJ8Z1hFqGqMaYfz76Ibq1Ol3H1arN+OZNLfyeaYi8/ekdaFUACYzmLSSF Kq1w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=rbo4wvdp; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a12si417459oie.87.2020.02.21.00.00.24; Fri, 21 Feb 2020 00:00:36 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=rbo4wvdp; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730889AbgBUH7S (ORCPT + 99 others); Fri, 21 Feb 2020 02:59:18 -0500 Received: from mail.kernel.org ([198.145.29.99]:59272 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730873AbgBUH7P (ORCPT ); Fri, 21 Feb 2020 02:59:15 -0500 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 2D2D620578; Fri, 21 Feb 2020 07:59:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1582271954; bh=4aonCssWYdstuScFHWHex3lRsbsWzswOK1XgUJWXPzA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=rbo4wvdplNdLmL2j4FBc9dRTw22rFDm215JViWFT2pZgC++s01wVYgwaKsJNaICsk rjJXEcNZadCo9Qr5wxRk0hcbbs/s3tKwinu/qpGr1FNNlBOeCHL78V2A0kuIXheCzx 5c/lTX6fR1+tb8YhPwDIh0Dr5dI81MCAJO6umYf0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Christophe Leroy , Michael Ellerman , Sasha Levin Subject: [PATCH 5.5 354/399] powerpc/mm: Dont log user reads to 0xffffffff Date: Fri, 21 Feb 2020 08:41:19 +0100 Message-Id: <20200221072435.333365196@linuxfoundation.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200221072402.315346745@linuxfoundation.org> References: <20200221072402.315346745@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Christophe Leroy [ Upstream commit 0f9aee0cb9da7db7d96f63cfa2dc5e4f1bffeb87 ] Running vdsotest leaves many times the following log: [ 79.629901] vdsotest[396]: User access of kernel address (ffffffff) - exploit attempt? (uid: 0) A pointer set to (-1) is likely a programming error similar to a NULL pointer and is not worth logging as an exploit attempt. Don't log user accesses to 0xffffffff. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://lore.kernel.org/r/0728849e826ba16f1fbd6fa7f5c6cc87bd64e097.1577087627.git.christophe.leroy@c-s.fr Signed-off-by: Sasha Levin --- arch/powerpc/mm/fault.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/powerpc/mm/fault.c b/arch/powerpc/mm/fault.c index 1baeb045f7f4b..e083a9f67f701 100644 --- a/arch/powerpc/mm/fault.c +++ b/arch/powerpc/mm/fault.c @@ -354,6 +354,9 @@ static void sanity_check_fault(bool is_write, bool is_user, * Userspace trying to access kernel address, we get PROTFAULT for that. */ if (is_user && address >= TASK_SIZE) { + if ((long)address == -1) + return; + pr_crit_ratelimited("%s[%d]: User access of kernel address (%lx) - exploit attempt? (uid: %d)\n", current->comm, current->pid, address, from_kuid(&init_user_ns, current_uid())); -- 2.20.1