[vz8] ve, coredump: Fix usercopy warning.

Submitted by Andrey Ryabinin on July 24, 2020, 3:37 p.m.

Details

Message ID 20200724153712.27078-1-aryabinin@virtuozzo.com
State New
Series "ve, coredump: Fix usercopy warning."
Headers show

Commit Message

Andrey Ryabinin July 24, 2020, 3:37 p.m.
Usercopy WARNs about copying ve.core_pattern to user space:

vzctl exec e2783e5e-840e-4c9a-9ef2-7ead73afb81c cat /proc/sys/kernel/core_pattern
------------[ cut here ]------------
 Bad or missing usercopy whitelist? Kernel memory exposure attempt detected from SLUB object 've_struct' (offset 704, size 4)!
 WARNING: CPU: 2 PID: 2169 at mm/usercopy.c:78 usercopy_warn+0x7d/0xa0
 CPU: 2 PID: 2169 Comm: cat ve: e2783e5e-840e-4c9a-9ef2-7ead73afb81c Not tainted 4.18.0.ovz.custom #93 custom

 Call Trace:
  __check_object_size+0x134/0x160
  proc_dostring+0x164/0x200
  proc_dostring_coredump_virtual+0xb2/0xd0
  proc_dostring+0x200/0x200
  proc_sys_call_handler+0xa7/0xf0
  vfs_read+0x9d/0x150
  ksys_read+0x4f/0xb0
  do_syscall_64+0x5b/0x1c0
  entry_SYSCALL_64_after_hwframe+0x65/0xca

Whitelist core_pattern in ve_struct kmem_cache since copying core_pattern
is allowed by design.

https://jira.sw.ru/browse/PSBM-106216
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
---
 kernel/ve/ve.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c
index befc5163cfe6..1688407562d4 100644
--- a/kernel/ve/ve.c
+++ b/kernel/ve/ve.c
@@ -1016,7 +1016,7 @@  EXPORT_SYMBOL_GPL(ve_cgrp_subsys);
 
 static int __init ve_subsys_init(void)
 {
-	ve_cachep = KMEM_CACHE(ve_struct, SLAB_PANIC);
+	ve_cachep = KMEM_CACHE_USERCOPY(ve_struct, SLAB_PANIC, core_pattern);
 	list_add(&ve0.ve_list, &ve_list_head);
 	return 0;
 }