Received: by 2002:a05:6a10:7420:0:0:0:0 with SMTP id hk32csp234974pxb; Tue, 15 Feb 2022 12:06:43 -0800 (PST) X-Google-Smtp-Source: ABdhPJxqd2zKHTbrdLuvkUNqapM5MM/Mf7FXegz7IOcHv5ZyroPKwS9kQxHWHwWI/IIhPouI0JcT X-Received: by 2002:a05:6402:1343:: with SMTP id y3mr585498edw.337.1644955602816; Tue, 15 Feb 2022 12:06:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644955602; cv=none; d=google.com; s=arc-20160816; b=VC9MBiU/dKlCKXXJSION0gtONTGjH84UO12z1Hi4prf2oVsLb8gmbpBiiOh63ft9SJ +uPsMxnFNwZ8ech2zfBt+kBdag3GJINEdJD01P9mmZafo9n1wJDylhXMCoUgqpN3pwas yjleT3NsdYe4px4SVz/ISh3cP2D+8SupceKzXPkRD2nbtqbPuDLsGcnLO8737Iq3GX5d P9PW+j+/79GQyxfWTyBvo6yECQ+8qwPgIKI6qvGD61/lipJ8RVYF5u4bvPxmvEfKAwop TEnhtgCnS0sBJdFcX90F7z6h2KktWVw02xV56UoLPvBuytdv0oJ1K5thjOnkkw2F1mx8 AAsg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=x0WqM712H6kGeqw3TwDc06pcqFg5ecYp2OoNXB9nDtc=; b=NCVo1xCTUajCep49efAQ8AT/XlmDC5jgnAFaGeGeVgbJRVmrk3/5ZeC5F9gxd0UE/D 9wbUhOT7+8QhKT/r00jWdew8pakxv+8VQvXDcrxO6WWgFtSAbGV+2f/pYY3PXa5ckjtV f3P23+l7fkXqrJD8HMuTBjkovzqTwuN50ZxSg054B4v01pw/gHaw1AsKJaNDkTHWJruV guJAb6GLMLPSO06goCXfQNQ7V+ve/7YErWZaPJltj1sIk2s6d93nDtPSYkUy/nK5/Y9U 1NX69BepfnYdLT/Y4QKs6bp/nEiaKBuOo2sok0Uk6jFRmKhIJhpRVaBEmX6pzfMCNH8w lwFQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=hpIlGRiz; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g3si28436774ejt.547.2022.02.15.12.06.12; Tue, 15 Feb 2022 12:06:42 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=hpIlGRiz; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238004AbiBOQwf (ORCPT + 99 others); Tue, 15 Feb 2022 11:52:35 -0500 Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:59046 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233641AbiBOQwd (ORCPT ); Tue, 15 Feb 2022 11:52:33 -0500 Received: from out0.migadu.com (out0.migadu.com [IPv6:2001:41d0:2:267::]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4A1CB3AA56 for ; Tue, 15 Feb 2022 08:52:22 -0800 (PST) X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1644943940; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=x0WqM712H6kGeqw3TwDc06pcqFg5ecYp2OoNXB9nDtc=; b=hpIlGRiz9NewVc3tjwMSNma3ps7kUMWeWbHJGVVzUnmYckb+tYbEzRH9bRJHWP+gKCE8af 0aRjRQR2Lza4OahDsRnPFNU8moxBt1CaQjK8Y24us21RgRbLSqKG/oJL3XV3R0hw+R4E4K k7+o60f3sUXhfhpDu9YuRYAjeczwhok= From: andrey.konovalov@linux.dev To: Andrew Morton Cc: Andrey Konovalov , Marco Elver , Alexander Potapenko , Dmitry Vyukov , Andrey Ryabinin , kasan-dev@googlegroups.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Andrey Konovalov Subject: [PATCH mm] fix for "kasan, fork: reset pointer tags of vmapped stacks" Date: Tue, 15 Feb 2022 17:52:17 +0100 Message-Id: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Migadu-Flow: FLOW_OUT X-Migadu-Auth-User: linux.dev X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Andrey Konovalov That patch didn't update the case when a stack is retrived from cached_stacks in alloc_thread_stack_node(). As cached_stacks stores vm_structs and not stack pointers themselves, the pointer tag needs to be reset there as well. Signed-off-by: Andrey Konovalov --- kernel/fork.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/kernel/fork.c b/kernel/fork.c index 57d624f05182..5e3ad2e7a756 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -226,15 +226,17 @@ static unsigned long *alloc_thread_stack_node(struct task_struct *tsk, int node) if (!s) continue; - /* Mark stack accessible for KASAN. */ + /* Reset stack metadata. */ kasan_unpoison_range(s->addr, THREAD_SIZE); + stack = kasan_reset_tag(s->addr); + /* Clear stale pointers from reused stack. */ - memset(s->addr, 0, THREAD_SIZE); + memset(stack, 0, THREAD_SIZE); tsk->stack_vm_area = s; - tsk->stack = s->addr; - return s->addr; + tsk->stack = stack; + return stack; } /* -- 2.25.1