Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp579125rwi;
        Thu, 20 Oct 2022 02:33:17 -0700 (PDT)
X-Google-Smtp-Source: AMsMyM4djeC8htqNHOtvPB0vHU4OPKRLQhH/vAe6kpgTSfmnKJIGws4BVMNanPFDsJtREcV++K4+
X-Received: by 2002:a17:907:2d2c:b0:78d:d289:7efd with SMTP id gs44-20020a1709072d2c00b0078dd2897efdmr10263111ejc.166.1666258387063;
        Thu, 20 Oct 2022 02:33:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1666258387; cv=none;
        d=google.com; s=arc-20160816;
        b=YPDAfo58jZpQwJGIBa7T2eSjY/AR5vo3ou7WPwYivcl+nSrNUQK5k5A39+jg2ZqUvq
         prIf4bJBIzv9npXtXgWoG+9X6ECz2WbK4HMNq5XL7H4Kr7ov09iVwMlwfVFVNEk22yFr
         2kgw5B/BUYqUGkmAy1ZWS+R09hAHk0SvE89/UGQ/rlOfnYA709pqLeg9pQIJlz/eUFOX
         x8KYz6xiev7ghKURJh/S+9kKBIomy/ZToN0bZ6s5qkMgQ4HRxg+MD1hFcjTLhmNrjRaY
         JYpyekRyU+370uG/tuXVQVzul/KuiaO4pEv6rimaH6MMS69TsU796I1RTq7lxRc30Ccv
         YRbQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=GIeFesqoPVDLGuMTiujmZeuxlDUx092KNDrnzgeJWXs=;
        b=bJrqpV1zfM5i8HkGaFwyefFx6CCHXNfrebTVsqknxc2K99vIxLyLrKI1DfZ2fziVlK
         bTmJ7rwEYPexQOkKARXZdkQE5URx5WM9x5Ud8yE7xZVyprThkJ6s1vPLyurwGoRD2Fy0
         +de513m4JaQuQnMWwTBnKmIMmN32OXxeA3sKjMv9WD+6QFanJUs9NkRnKQQpwfPIwXJv
         eCn+Qtj0/b2GMGvG4Fw7JbZ8H4cIkIMdPY2srGqIu+CP7tBqaweI8aWun8T/H9ttlgrr
         Sid68mqYY5PAOTvfCD7iqHwkCxhg2gzNJAU4z/7z37z9vnKBispGetr8FVCRhsJHj9Xg
         qvpQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@suse.com header.s=susede1 header.b=mYZOLgLK;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id cn4-20020a0564020ca400b0045c4b1f4315si15003733edb.485.2022.10.20.02.32.41;
        Thu, 20 Oct 2022 02:33:07 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@suse.com header.s=susede1 header.b=mYZOLgLK;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230265AbiJTJ2T (ORCPT <rfc822;arunks.linux@gmail.com>
        + 99 others); Thu, 20 Oct 2022 05:28:19 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45574 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230263AbiJTJ2L (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 20 Oct 2022 05:28:11 -0400
Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D11441C19FD
        for <linux-kernel@vger.kernel.org>; Thu, 20 Oct 2022 02:28:07 -0700 (PDT)
Received: from relay2.suse.de (relay2.suse.de [149.44.160.134])
        by smtp-out2.suse.de (Postfix) with ESMTP id 2BDBB1F381;
        Thu, 20 Oct 2022 09:28:06 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1;
        t=1666258086; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
         mime-version:mime-version:content-type:content-type:
         in-reply-to:in-reply-to:references:references;
        bh=GIeFesqoPVDLGuMTiujmZeuxlDUx092KNDrnzgeJWXs=;
        b=mYZOLgLK1yliL2zk1vvyi9P11BlK6wNhApGpIotJjsA/EMUcMroedb3M7BInJeyxc0dUUn
        b3fw6ZU/JFMWqQ5sXwUSmvGSgGBT1w7IvPhATnEPS0ivfdqhzzyPNCrGtCuRKRbBPCvcPS
        G+VBgzYPSghZekXGsMP7GwbebzahlQo=
Received: from suse.cz (unknown [10.100.208.146])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by relay2.suse.de (Postfix) with ESMTPS id 07DF02C15C;
        Thu, 20 Oct 2022 09:28:06 +0000 (UTC)
Date:   Thu, 20 Oct 2022 11:28:05 +0200
From:   Petr Mladek <pmladek@suse.com>
To:     Jane Chu <jane.chu@oracle.com>
Cc:     rostedt@goodmis.org, senozhatsky@chromium.org,
        andriy.shevchenko@linux.intel.com, linux@rasmusvillemoes.dk,
        linux-mm@kvack.org, linux-kernel@vger.kernel.org,
        wangkefeng.wang@huawei.com, konrad.wilk@oracle.com,
        haakon.bugge@oracle.com, john.haxby@oracle.com
Subject: Re: [PATCH v3 1/1] vsprintf: protect kernel from panic due to
 non-canonical pointer dereference
Message-ID: <Y1EUpXnGeUh9yslc@alley>
References: <20221019194159.2923873-1-jane.chu@oracle.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20221019194159.2923873-1-jane.chu@oracle.com>
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,
        SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed 2022-10-19 13:41:59, Jane Chu wrote:
> Having stepped on a local kernel bug where reading sysfs has led to
> out-of-bound pointer dereference by vsprintf() which led to GPF panic.
> And the reason for GPF is that the OOB pointer was turned to a
> non-canonical address such as 0x7665645f63616465.
> 
> vsprintf() already has this line of defense
> 	if ((unsigned long)ptr < PAGE_SIZE || IS_ERR_VALUE(ptr))
>                 return "(efault)";
> Since a non-canonical pointer can be detected by kern_addr_valid()
> on architectures that present VM holes as well as meaningful
> implementation of kern_addr_valid() that detects the non-canonical
> addresses, this patch adds a check on non-canonical string pointer by
> kern_addr_valid() and "(efault)" to alert user that something
> is wrong instead of unecessarily panic the server.
> 
> On the other hand, if the non-canonical string pointer is dereferenced
> else where in the kernel, by virtue of being non-canonical, a crash
> is expected to be immediate.

Just for record, this patch is going to be abandoned.

Some reasons are mentioned in this thread. Others are in the threads
for previous versions, see
https://lore.kernel.org/r/20221017194447.2579441-1-jane.chu@oracle.com
https://lore.kernel.org/r/20221017191611.2577466-1-jane.chu@oracle.com

Best Regards,
Petr