Received: by 2002:a05:6a10:17d3:0:0:0:0 with SMTP id hz19csp2994801pxb; Tue, 13 Apr 2021 15:53:59 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxRmns5Ym8A97BGNjlOL9RNuJIerBWUAzorqfhwavNBB97SQNE3QD13NzQDoI1aJBfI+iBb X-Received: by 2002:a17:906:c419:: with SMTP id u25mr13164881ejz.332.1618354439160; Tue, 13 Apr 2021 15:53:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1618354439; cv=none; d=google.com; s=arc-20160816; b=T4C0wzA+d75qSPbdaALKFt8OXFIo4izojdUyrDGoFoThqCgDjQJfdpt4M0HD3OpRQ2 M2+9jMSgT/dFcjSklZxYBI6w09cTWyapktk+pWUtfSU0mWLTD5zQAOwkEosl6Cncq6Nb wQNOFoTOLvhk4KMyz1SNmqQrtFooIep2xJIdWgj8a4imHzkQ0nQx7aCECkndt4fpwOcI RKiSDJLRp6C5PEwDRLknjej9qTlHdiB9ZGabcBua5c4p/wlhyfxkaMJ6ispj9+58RU9H XHSFJd2b09uZx+jjH/m37LptxN7TgWXgnJGi5Fn2S88s5YmgTcOjydw19zv1+Dmykpyw 3p4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=1b6fQegDXTfOo9rLlJ7IRs6r0r44VGP2mf4s/0ecvo0=; b=pZbM4BraZkbyJHgkZXjIeaYvKH1wLBNw//8O+MSV6eoW6h7EFmxAdSE2LdNr7PK+Mo 5fQlVNknBexrBE85DZ9zLMrWVk61GyJnOS51kg3OOu0HSTwl0Nh0er4GkjsrGhAXrxGZ eWzjbIwHpwhJZqEbzGEZt5iyYtTJ13M6C1wfxDmdLSjkakTNwLKJm/jtc4g2XqjQc4k3 Qk1VpzWE8t1IuGRfKWJtt6ns0cId6MxtNofkYquCe37s7f9lIHyoiR7xJ+/ZDBAU1PB9 jAsiF+SueSTONsxNE0CAXmKtCv7OYeU2zmrPl3tOcxW7UutEAcj6WjBfZNfCvbzVqJh9 5AsA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=nf9++JWy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id gz22si4611845ejc.373.2021.04.13.15.53.35; Tue, 13 Apr 2021 15:53:59 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=nf9++JWy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347692AbhDMS2b (ORCPT + 99 others); Tue, 13 Apr 2021 14:28:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54974 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1347684AbhDMS2a (ORCPT ); Tue, 13 Apr 2021 14:28:30 -0400 Received: from mail-qt1-x82e.google.com (mail-qt1-x82e.google.com [IPv6:2607:f8b0:4864:20::82e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 604E0C061756 for ; Tue, 13 Apr 2021 11:28:09 -0700 (PDT) Received: by mail-qt1-x82e.google.com with SMTP id c6so13484287qtc.1 for ; Tue, 13 Apr 2021 11:28:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=1b6fQegDXTfOo9rLlJ7IRs6r0r44VGP2mf4s/0ecvo0=; b=nf9++JWyG/M6Mmfdw5aeK45629inqMZeSjVLq5Ax0L9ElgAvhJZyuCM9Te+I9Kyl5a iXyhLLioBiFdGm7rk1wd5p84idU10jAUn8b+WEJAOOAesMCAwY++HYwWDMkblxXty/qX Ed8EmAVdam5KmBxMK8BG7jFPcx6+XSHqoAG6Ao0wVBnAwMfCQjqeDHUhGnI416sQOYgQ SaUoVtqjcAljnkfNMcToorCa9O4pwLNuYDdDZxKLS2QV2l558WY4qtkdRQw7HV+0ZRox dxWme/SMSCjUQFohabSt/7h7D5jN5eiJ0FeGYwd8F8+0u68cr+0EjWl7GULyn7ETPtjr uE+w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1b6fQegDXTfOo9rLlJ7IRs6r0r44VGP2mf4s/0ecvo0=; b=mEQF9ljX3LGirT5fnLnEqJ+u4x6DuNMNJ6BqXJrVWj9tV6L2IR7Ki/wbV2OlWWKPtB LNWedBYJ3MUwpJUKjOVKzMhwxxkDUaspSzHWCAA7vqe36swPqSiP60x1T7k6dPw2qARG e35AAlDWVopG3CGLaX/qRXZtzw0xbuxxI6MSQIRc+tO+BGZ/zXcNZv/SboCuUU5b9kX5 vgCIU5TiO96Ncgp5IHpzfCyP710Pz5NrrE8nDlB4Qj8Ke571+gOTS2cjNPI0sI7P4MOl AssZodPULnsV5/VF8ErMZjzm2JEJB99EG4f8E7ddu6JK0mnooJ/NFi46E/UqC5eY6BUK ymMw== X-Gm-Message-State: AOAM532TU51bTYIA5y+IJkVNZ9aUuiJRm1CtXrjzy6TUfuVLZ1fjfbp9 jYmB2O9NAIS3moZgkmKvPynmfUCUub201JwvZCItrw== X-Received: by 2002:ac8:110d:: with SMTP id c13mr31240232qtj.337.1618338488423; Tue, 13 Apr 2021 11:28:08 -0700 (PDT) MIME-Version: 1.0 References: <000000000000ca9a6005bec29ebe@google.com> <2db3c803-6a94-9345-261a-a2bb74370c02@redhat.com> <20210331042922.GE2065@kadam> <20210401121933.GA2710221@ziepe.ca> <20210413181145.GK227011@ziepe.ca> In-Reply-To: <20210413181145.GK227011@ziepe.ca> From: Dmitry Vyukov Date: Tue, 13 Apr 2021 20:27:57 +0200 Message-ID: Subject: Re: [syzbot] WARNING in unsafe_follow_pfn To: Jason Gunthorpe Cc: Dan Carpenter , Paolo Bonzini , syzbot , Andrew Morton , Borislav Petkov , Daniel Vetter , daniel.vetter@intel.com, "H. Peter Anvin" , Jim Mattson , James Morris , Joerg Roedel , KVM list , LKML , Linux Media Mailing List , Linux-MM , linux-security-module , m.szyprowski@samsung.com, Mauro Carvalho Chehab , Ingo Molnar , Sean Christopherson , "Serge E. Hallyn" , syzkaller-bugs , Tomasz Figa , Thomas Gleixner , Vitaly Kuznetsov , Wanpeng Li , "the arch/x86 maintainers" Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 13, 2021 at 8:11 PM Jason Gunthorpe wrote: > > On Tue, Apr 13, 2021 at 07:20:12PM +0200, Dmitry Vyukov wrote: > > > > Plus users are going to be seeing this as well. According to the commit > > > > message for 69bacee7f9ad ("mm: Add unsafe_follow_pfn") "Unfortunately > > > > there's some users where this is not fixable (like v4l userptr of iomem > > > > mappings)". It sort of seems crazy to dump this giant splat and then > > > > tell users to ignore it forever because it can't be fixed... 0_0 > > > > > > I think the discussion conclusion was that this interface should not > > > be used by userspace anymore, it is obsolete by some new interface? > > > > > > It should be protected by some kconfig and the kconfig should be > > > turned off for syzkaller runs. > > > > If this is not a kernel bug, then it must not use WARN_ON[_ONCE]. It > > makes the kernel untestable for both automated systems and humans: > > It is a kernel security bug triggerable by userspace. > > > And if it's a kernel bug reachable from user-space, then I think this > > code should be removed entirely, not just on all testing systems. Or > > otherwise if we are not removing it for some reason, then it needs to > > be fixed. > > Legacy embedded systems apparently require it. > > It should be blocked by a kconfig. Distributions and syzkaller runs > should not enable that kconfig. What else can we do for insane uapi? I see. Adding a config gives at least some path forward, so if there are no better options, that's do that. If we default it to 'n' and add a bold warning in the description, it may work.