makefile: update makefile #278
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this pull request
Nov 24, 2016
This fixes CVE-2016-8650. If mpi_powm() is given a zero exponent, it wants to immediately return either 1 or 0, depending on the modulus. However, if the result was initalised with zero limb space, no limbs space is allocated and a NULL-pointer exception ensues. Fix this by allocating a minimal amount of limb space for the result when handling the 0-exponent case. BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 PGD 0 Oops: 0002 [#1] SMP Modules linked in: CPU: 3 PID: 3014 Comm: keyctl Not tainted 4.9.0-rc6-fscache+ torvalds#278 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 task: ffff8804011944c0 task.stack: ffff880401294000 RIP: 0010:[<ffffffff8138ce5d>] [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP: 0018:ffff880401297ad8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88040868bec0 RCX: ffff88040868bba0 RDX: ffff88040868b260 RSI: ffff88040868bec0 RDI: ffff88040868bee0 RBP: ffff880401297ba8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000047 R11: ffffffff8183b210 R12: 0000000000000000 R13: ffff8804087c7600 R14: 000000000000001f R15: ffff880401297c50 FS: 00007f7a7918c700(0000) GS:ffff88041fb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000401250000 CR4: 00000000001406e0 Stack: ffff88040868bec0 0000000000000020 ffff880401297b00 ffffffff81376cd4 0000000000000100 ffff880401297b10 ffffffff81376d12 ffff880401297b30 ffffffff81376f37 0000000000000100 0000000000000000 ffff880401297ba8 Call Trace: [<ffffffff81376cd4>] ? __sg_page_iter_next+0x43/0x66 [<ffffffff81376d12>] ? sg_miter_get_next_page+0x1b/0x5d [<ffffffff81376f37>] ? sg_miter_next+0x17/0xbd [<ffffffff8138ba3a>] ? mpi_read_raw_from_sgl+0xf2/0x146 [<ffffffff8132a95c>] rsa_verify+0x9d/0xee [<ffffffff8132acca>] ? pkcs1pad_sg_set_buf+0x2e/0xbb [<ffffffff8132af40>] pkcs1pad_verify+0xc0/0xe1 [<ffffffff8133cb5e>] public_key_verify_signature+0x1b0/0x228 [<ffffffff8133d974>] x509_check_for_self_signed+0xa1/0xc4 [<ffffffff8133cdde>] x509_cert_parse+0x167/0x1a1 [<ffffffff8133d609>] x509_key_preparse+0x21/0x1a1 [<ffffffff8133c3d7>] asymmetric_key_preparse+0x34/0x61 [<ffffffff812fc9f3>] key_create_or_update+0x145/0x399 [<ffffffff812fe227>] SyS_add_key+0x154/0x19e [<ffffffff81001c2b>] do_syscall_64+0x80/0x191 [<ffffffff816825e4>] entry_SYSCALL64_slow_path+0x25/0x25 Code: 56 41 55 41 54 53 48 81 ec a8 00 00 00 44 8b 71 04 8b 42 04 4c 8b 67 18 45 85 f6 89 45 80 0f 84 b4 06 00 00 85 c0 75 2f 41 ff ce <49> c7 04 24 01 00 00 00 b0 01 75 0b 48 8b 41 18 48 83 38 01 0f RIP [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP <ffff880401297ad8> CR2: 0000000000000000 ---[ end trace d82015255d4a5d8d ]--- Fixes: cdec9cb ('crypto: GnuPG based MPI lib - source files (part 1)') Signed-off-by: David Howells <[email protected]> cc: Dmitry Kasatkin <[email protected]> cc: [email protected] cc: [email protected]
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this pull request
Nov 24, 2016
…er #2] This fixes CVE-2016-8650. If mpi_powm() is given a zero exponent, it wants to immediately return either 1 or 0, depending on the modulus. However, if the result was initalised with zero limb space, no limbs space is allocated and a NULL-pointer exception ensues. Fix this by allocating a minimal amount of limb space for the result when handling the 0-exponent case. BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 PGD 0 Oops: 0002 [#1] SMP Modules linked in: CPU: 3 PID: 3014 Comm: keyctl Not tainted 4.9.0-rc6-fscache+ torvalds#278 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 task: ffff8804011944c0 task.stack: ffff880401294000 RIP: 0010:[<ffffffff8138ce5d>] [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP: 0018:ffff880401297ad8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88040868bec0 RCX: ffff88040868bba0 RDX: ffff88040868b260 RSI: ffff88040868bec0 RDI: ffff88040868bee0 RBP: ffff880401297ba8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000047 R11: ffffffff8183b210 R12: 0000000000000000 R13: ffff8804087c7600 R14: 000000000000001f R15: ffff880401297c50 FS: 00007f7a7918c700(0000) GS:ffff88041fb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000401250000 CR4: 00000000001406e0 Stack: ffff88040868bec0 0000000000000020 ffff880401297b00 ffffffff81376cd4 0000000000000100 ffff880401297b10 ffffffff81376d12 ffff880401297b30 ffffffff81376f37 0000000000000100 0000000000000000 ffff880401297ba8 Call Trace: [<ffffffff81376cd4>] ? __sg_page_iter_next+0x43/0x66 [<ffffffff81376d12>] ? sg_miter_get_next_page+0x1b/0x5d [<ffffffff81376f37>] ? sg_miter_next+0x17/0xbd [<ffffffff8138ba3a>] ? mpi_read_raw_from_sgl+0xf2/0x146 [<ffffffff8132a95c>] rsa_verify+0x9d/0xee [<ffffffff8132acca>] ? pkcs1pad_sg_set_buf+0x2e/0xbb [<ffffffff8132af40>] pkcs1pad_verify+0xc0/0xe1 [<ffffffff8133cb5e>] public_key_verify_signature+0x1b0/0x228 [<ffffffff8133d974>] x509_check_for_self_signed+0xa1/0xc4 [<ffffffff8133cdde>] x509_cert_parse+0x167/0x1a1 [<ffffffff8133d609>] x509_key_preparse+0x21/0x1a1 [<ffffffff8133c3d7>] asymmetric_key_preparse+0x34/0x61 [<ffffffff812fc9f3>] key_create_or_update+0x145/0x399 [<ffffffff812fe227>] SyS_add_key+0x154/0x19e [<ffffffff81001c2b>] do_syscall_64+0x80/0x191 [<ffffffff816825e4>] entry_SYSCALL64_slow_path+0x25/0x25 Code: 56 41 55 41 54 53 48 81 ec a8 00 00 00 44 8b 71 04 8b 42 04 4c 8b 67 18 45 85 f6 89 45 80 0f 84 b4 06 00 00 85 c0 75 2f 41 ff ce <49> c7 04 24 01 00 00 00 b0 01 75 0b 48 8b 41 18 48 83 38 01 0f RIP [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP <ffff880401297ad8> CR2: 0000000000000000 ---[ end trace d82015255d4a5d8d ]--- Fixes: cdec9cb ('crypto: GnuPG based MPI lib - source files (part 1)') Signed-off-by: David Howells <[email protected]> cc: Dmitry Kasatkin <[email protected]> cc: [email protected] cc: [email protected]
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this pull request
Nov 25, 2016
This fixes CVE-2016-8650. If mpi_powm() is given a zero exponent, it wants to immediately return either 1 or 0, depending on the modulus. However, if the result was initalised with zero limb space, no limbs space is allocated and a NULL-pointer exception ensues. Fix this by allocating a minimal amount of limb space for the result when the 0-exponent case when the result is 1 and not touching the limb space when the result is 0. This affects the use of RSA keys and X.509 certificates that carry them. BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 PGD 0 Oops: 0002 [#1] SMP Modules linked in: CPU: 3 PID: 3014 Comm: keyctl Not tainted 4.9.0-rc6-fscache+ torvalds#278 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 task: ffff8804011944c0 task.stack: ffff880401294000 RIP: 0010:[<ffffffff8138ce5d>] [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP: 0018:ffff880401297ad8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88040868bec0 RCX: ffff88040868bba0 RDX: ffff88040868b260 RSI: ffff88040868bec0 RDI: ffff88040868bee0 RBP: ffff880401297ba8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000047 R11: ffffffff8183b210 R12: 0000000000000000 R13: ffff8804087c7600 R14: 000000000000001f R15: ffff880401297c50 FS: 00007f7a7918c700(0000) GS:ffff88041fb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000401250000 CR4: 00000000001406e0 Stack: ffff88040868bec0 0000000000000020 ffff880401297b00 ffffffff81376cd4 0000000000000100 ffff880401297b10 ffffffff81376d12 ffff880401297b30 ffffffff81376f37 0000000000000100 0000000000000000 ffff880401297ba8 Call Trace: [<ffffffff81376cd4>] ? __sg_page_iter_next+0x43/0x66 [<ffffffff81376d12>] ? sg_miter_get_next_page+0x1b/0x5d [<ffffffff81376f37>] ? sg_miter_next+0x17/0xbd [<ffffffff8138ba3a>] ? mpi_read_raw_from_sgl+0xf2/0x146 [<ffffffff8132a95c>] rsa_verify+0x9d/0xee [<ffffffff8132acca>] ? pkcs1pad_sg_set_buf+0x2e/0xbb [<ffffffff8132af40>] pkcs1pad_verify+0xc0/0xe1 [<ffffffff8133cb5e>] public_key_verify_signature+0x1b0/0x228 [<ffffffff8133d974>] x509_check_for_self_signed+0xa1/0xc4 [<ffffffff8133cdde>] x509_cert_parse+0x167/0x1a1 [<ffffffff8133d609>] x509_key_preparse+0x21/0x1a1 [<ffffffff8133c3d7>] asymmetric_key_preparse+0x34/0x61 [<ffffffff812fc9f3>] key_create_or_update+0x145/0x399 [<ffffffff812fe227>] SyS_add_key+0x154/0x19e [<ffffffff81001c2b>] do_syscall_64+0x80/0x191 [<ffffffff816825e4>] entry_SYSCALL64_slow_path+0x25/0x25 Code: 56 41 55 41 54 53 48 81 ec a8 00 00 00 44 8b 71 04 8b 42 04 4c 8b 67 18 45 85 f6 89 45 80 0f 84 b4 06 00 00 85 c0 75 2f 41 ff ce <49> c7 04 24 01 00 00 00 b0 01 75 0b 48 8b 41 18 48 83 38 01 0f RIP [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP <ffff880401297ad8> CR2: 0000000000000000 ---[ end trace d82015255d4a5d8d ]--- Basically, this is a backport of a libgcrypt patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=patch;h=6e1adb05d290aeeb1c230c763970695f4a538526 Fixes: cdec9cb ("crypto: GnuPG based MPI lib - source files (part 1)") Signed-off-by: Andrey Ryabinin <[email protected]> Signed-off-by: David Howells <[email protected]> cc: Dmitry Kasatkin <[email protected]> cc: [email protected] cc: [email protected]
torvalds
pushed a commit
that referenced
this pull request
Nov 26, 2016
This fixes CVE-2016-8650. If mpi_powm() is given a zero exponent, it wants to immediately return either 1 or 0, depending on the modulus. However, if the result was initalised with zero limb space, no limbs space is allocated and a NULL-pointer exception ensues. Fix this by allocating a minimal amount of limb space for the result when the 0-exponent case when the result is 1 and not touching the limb space when the result is 0. This affects the use of RSA keys and X.509 certificates that carry them. BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 PGD 0 Oops: 0002 [#1] SMP Modules linked in: CPU: 3 PID: 3014 Comm: keyctl Not tainted 4.9.0-rc6-fscache+ #278 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 task: ffff8804011944c0 task.stack: ffff880401294000 RIP: 0010:[<ffffffff8138ce5d>] [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP: 0018:ffff880401297ad8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88040868bec0 RCX: ffff88040868bba0 RDX: ffff88040868b260 RSI: ffff88040868bec0 RDI: ffff88040868bee0 RBP: ffff880401297ba8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000047 R11: ffffffff8183b210 R12: 0000000000000000 R13: ffff8804087c7600 R14: 000000000000001f R15: ffff880401297c50 FS: 00007f7a7918c700(0000) GS:ffff88041fb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000401250000 CR4: 00000000001406e0 Stack: ffff88040868bec0 0000000000000020 ffff880401297b00 ffffffff81376cd4 0000000000000100 ffff880401297b10 ffffffff81376d12 ffff880401297b30 ffffffff81376f37 0000000000000100 0000000000000000 ffff880401297ba8 Call Trace: [<ffffffff81376cd4>] ? __sg_page_iter_next+0x43/0x66 [<ffffffff81376d12>] ? sg_miter_get_next_page+0x1b/0x5d [<ffffffff81376f37>] ? sg_miter_next+0x17/0xbd [<ffffffff8138ba3a>] ? mpi_read_raw_from_sgl+0xf2/0x146 [<ffffffff8132a95c>] rsa_verify+0x9d/0xee [<ffffffff8132acca>] ? pkcs1pad_sg_set_buf+0x2e/0xbb [<ffffffff8132af40>] pkcs1pad_verify+0xc0/0xe1 [<ffffffff8133cb5e>] public_key_verify_signature+0x1b0/0x228 [<ffffffff8133d974>] x509_check_for_self_signed+0xa1/0xc4 [<ffffffff8133cdde>] x509_cert_parse+0x167/0x1a1 [<ffffffff8133d609>] x509_key_preparse+0x21/0x1a1 [<ffffffff8133c3d7>] asymmetric_key_preparse+0x34/0x61 [<ffffffff812fc9f3>] key_create_or_update+0x145/0x399 [<ffffffff812fe227>] SyS_add_key+0x154/0x19e [<ffffffff81001c2b>] do_syscall_64+0x80/0x191 [<ffffffff816825e4>] entry_SYSCALL64_slow_path+0x25/0x25 Code: 56 41 55 41 54 53 48 81 ec a8 00 00 00 44 8b 71 04 8b 42 04 4c 8b 67 18 45 85 f6 89 45 80 0f 84 b4 06 00 00 85 c0 75 2f 41 ff ce <49> c7 04 24 01 00 00 00 b0 01 75 0b 48 8b 41 18 48 83 38 01 0f RIP [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP <ffff880401297ad8> CR2: 0000000000000000 ---[ end trace d82015255d4a5d8d ]--- Basically, this is a backport of a libgcrypt patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=patch;h=6e1adb05d290aeeb1c230c763970695f4a538526 Fixes: cdec9cb ("crypto: GnuPG based MPI lib - source files (part 1)") Signed-off-by: Andrey Ryabinin <[email protected]> Signed-off-by: David Howells <[email protected]> cc: Dmitry Kasatkin <[email protected]> cc: [email protected] cc: [email protected] Signed-off-by: James Morris <[email protected]>
Noltari
pushed a commit
to Noltari/linux
that referenced
this pull request
Dec 2, 2016
commit f5527ff upstream. This fixes CVE-2016-8650. If mpi_powm() is given a zero exponent, it wants to immediately return either 1 or 0, depending on the modulus. However, if the result was initalised with zero limb space, no limbs space is allocated and a NULL-pointer exception ensues. Fix this by allocating a minimal amount of limb space for the result when the 0-exponent case when the result is 1 and not touching the limb space when the result is 0. This affects the use of RSA keys and X.509 certificates that carry them. BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 PGD 0 Oops: 0002 [#1] SMP Modules linked in: CPU: 3 PID: 3014 Comm: keyctl Not tainted 4.9.0-rc6-fscache+ torvalds#278 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 task: ffff8804011944c0 task.stack: ffff880401294000 RIP: 0010:[<ffffffff8138ce5d>] [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP: 0018:ffff880401297ad8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88040868bec0 RCX: ffff88040868bba0 RDX: ffff88040868b260 RSI: ffff88040868bec0 RDI: ffff88040868bee0 RBP: ffff880401297ba8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000047 R11: ffffffff8183b210 R12: 0000000000000000 R13: ffff8804087c7600 R14: 000000000000001f R15: ffff880401297c50 FS: 00007f7a7918c700(0000) GS:ffff88041fb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000401250000 CR4: 00000000001406e0 Stack: ffff88040868bec0 0000000000000020 ffff880401297b00 ffffffff81376cd4 0000000000000100 ffff880401297b10 ffffffff81376d12 ffff880401297b30 ffffffff81376f37 0000000000000100 0000000000000000 ffff880401297ba8 Call Trace: [<ffffffff81376cd4>] ? __sg_page_iter_next+0x43/0x66 [<ffffffff81376d12>] ? sg_miter_get_next_page+0x1b/0x5d [<ffffffff81376f37>] ? sg_miter_next+0x17/0xbd [<ffffffff8138ba3a>] ? mpi_read_raw_from_sgl+0xf2/0x146 [<ffffffff8132a95c>] rsa_verify+0x9d/0xee [<ffffffff8132acca>] ? pkcs1pad_sg_set_buf+0x2e/0xbb [<ffffffff8132af40>] pkcs1pad_verify+0xc0/0xe1 [<ffffffff8133cb5e>] public_key_verify_signature+0x1b0/0x228 [<ffffffff8133d974>] x509_check_for_self_signed+0xa1/0xc4 [<ffffffff8133cdde>] x509_cert_parse+0x167/0x1a1 [<ffffffff8133d609>] x509_key_preparse+0x21/0x1a1 [<ffffffff8133c3d7>] asymmetric_key_preparse+0x34/0x61 [<ffffffff812fc9f3>] key_create_or_update+0x145/0x399 [<ffffffff812fe227>] SyS_add_key+0x154/0x19e [<ffffffff81001c2b>] do_syscall_64+0x80/0x191 [<ffffffff816825e4>] entry_SYSCALL64_slow_path+0x25/0x25 Code: 56 41 55 41 54 53 48 81 ec a8 00 00 00 44 8b 71 04 8b 42 04 4c 8b 67 18 45 85 f6 89 45 80 0f 84 b4 06 00 00 85 c0 75 2f 41 ff ce <49> c7 04 24 01 00 00 00 b0 01 75 0b 48 8b 41 18 48 83 38 01 0f RIP [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP <ffff880401297ad8> CR2: 0000000000000000 ---[ end trace d82015255d4a5d8d ]--- Basically, this is a backport of a libgcrypt patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=patch;h=6e1adb05d290aeeb1c230c763970695f4a538526 Fixes: cdec9cb ("crypto: GnuPG based MPI lib - source files (part 1)") Signed-off-by: Andrey Ryabinin <[email protected]> Signed-off-by: David Howells <[email protected]> cc: Dmitry Kasatkin <[email protected]> cc: [email protected] Signed-off-by: James Morris <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
Dmole
referenced
this pull request
in Dmole/linux
Dec 2, 2016
commit f5527ff upstream. This fixes CVE-2016-8650. If mpi_powm() is given a zero exponent, it wants to immediately return either 1 or 0, depending on the modulus. However, if the result was initalised with zero limb space, no limbs space is allocated and a NULL-pointer exception ensues. Fix this by allocating a minimal amount of limb space for the result when the 0-exponent case when the result is 1 and not touching the limb space when the result is 0. This affects the use of RSA keys and X.509 certificates that carry them. BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 PGD 0 Oops: 0002 [hardkernel#1] SMP Modules linked in: CPU: 3 PID: 3014 Comm: keyctl Not tainted 4.9.0-rc6-fscache+ hardkernel#278 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 task: ffff8804011944c0 task.stack: ffff880401294000 RIP: 0010:[<ffffffff8138ce5d>] [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP: 0018:ffff880401297ad8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88040868bec0 RCX: ffff88040868bba0 RDX: ffff88040868b260 RSI: ffff88040868bec0 RDI: ffff88040868bee0 RBP: ffff880401297ba8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000047 R11: ffffffff8183b210 R12: 0000000000000000 R13: ffff8804087c7600 R14: 000000000000001f R15: ffff880401297c50 FS: 00007f7a7918c700(0000) GS:ffff88041fb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000401250000 CR4: 00000000001406e0 Stack: ffff88040868bec0 0000000000000020 ffff880401297b00 ffffffff81376cd4 0000000000000100 ffff880401297b10 ffffffff81376d12 ffff880401297b30 ffffffff81376f37 0000000000000100 0000000000000000 ffff880401297ba8 Call Trace: [<ffffffff81376cd4>] ? __sg_page_iter_next+0x43/0x66 [<ffffffff81376d12>] ? sg_miter_get_next_page+0x1b/0x5d [<ffffffff81376f37>] ? sg_miter_next+0x17/0xbd [<ffffffff8138ba3a>] ? mpi_read_raw_from_sgl+0xf2/0x146 [<ffffffff8132a95c>] rsa_verify+0x9d/0xee [<ffffffff8132acca>] ? pkcs1pad_sg_set_buf+0x2e/0xbb [<ffffffff8132af40>] pkcs1pad_verify+0xc0/0xe1 [<ffffffff8133cb5e>] public_key_verify_signature+0x1b0/0x228 [<ffffffff8133d974>] x509_check_for_self_signed+0xa1/0xc4 [<ffffffff8133cdde>] x509_cert_parse+0x167/0x1a1 [<ffffffff8133d609>] x509_key_preparse+0x21/0x1a1 [<ffffffff8133c3d7>] asymmetric_key_preparse+0x34/0x61 [<ffffffff812fc9f3>] key_create_or_update+0x145/0x399 [<ffffffff812fe227>] SyS_add_key+0x154/0x19e [<ffffffff81001c2b>] do_syscall_64+0x80/0x191 [<ffffffff816825e4>] entry_SYSCALL64_slow_path+0x25/0x25 Code: 56 41 55 41 54 53 48 81 ec a8 00 00 00 44 8b 71 04 8b 42 04 4c 8b 67 18 45 85 f6 89 45 80 0f 84 b4 06 00 00 85 c0 75 2f 41 ff ce <49> c7 04 24 01 00 00 00 b0 01 75 0b 48 8b 41 18 48 83 38 01 0f RIP [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP <ffff880401297ad8> CR2: 0000000000000000 ---[ end trace d82015255d4a5d8d ]--- Basically, this is a backport of a libgcrypt patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=patch;h=6e1adb05d290aeeb1c230c763970695f4a538526 Fixes: cdec9cb ("crypto: GnuPG based MPI lib - source files (part 1)") Signed-off-by: Andrey Ryabinin <[email protected]> Signed-off-by: David Howells <[email protected]> cc: Dmitry Kasatkin <[email protected]> cc: [email protected] Signed-off-by: James Morris <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
Noltari
pushed a commit
to Noltari/linux
that referenced
this pull request
Dec 18, 2016
commit f5527ff upstream. This fixes CVE-2016-8650. If mpi_powm() is given a zero exponent, it wants to immediately return either 1 or 0, depending on the modulus. However, if the result was initalised with zero limb space, no limbs space is allocated and a NULL-pointer exception ensues. Fix this by allocating a minimal amount of limb space for the result when the 0-exponent case when the result is 1 and not touching the limb space when the result is 0. This affects the use of RSA keys and X.509 certificates that carry them. BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 PGD 0 Oops: 0002 [#1] SMP Modules linked in: CPU: 3 PID: 3014 Comm: keyctl Not tainted 4.9.0-rc6-fscache+ torvalds#278 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 task: ffff8804011944c0 task.stack: ffff880401294000 RIP: 0010:[<ffffffff8138ce5d>] [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP: 0018:ffff880401297ad8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88040868bec0 RCX: ffff88040868bba0 RDX: ffff88040868b260 RSI: ffff88040868bec0 RDI: ffff88040868bee0 RBP: ffff880401297ba8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000047 R11: ffffffff8183b210 R12: 0000000000000000 R13: ffff8804087c7600 R14: 000000000000001f R15: ffff880401297c50 FS: 00007f7a7918c700(0000) GS:ffff88041fb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000401250000 CR4: 00000000001406e0 Stack: ffff88040868bec0 0000000000000020 ffff880401297b00 ffffffff81376cd4 0000000000000100 ffff880401297b10 ffffffff81376d12 ffff880401297b30 ffffffff81376f37 0000000000000100 0000000000000000 ffff880401297ba8 Call Trace: [<ffffffff81376cd4>] ? __sg_page_iter_next+0x43/0x66 [<ffffffff81376d12>] ? sg_miter_get_next_page+0x1b/0x5d [<ffffffff81376f37>] ? sg_miter_next+0x17/0xbd [<ffffffff8138ba3a>] ? mpi_read_raw_from_sgl+0xf2/0x146 [<ffffffff8132a95c>] rsa_verify+0x9d/0xee [<ffffffff8132acca>] ? pkcs1pad_sg_set_buf+0x2e/0xbb [<ffffffff8132af40>] pkcs1pad_verify+0xc0/0xe1 [<ffffffff8133cb5e>] public_key_verify_signature+0x1b0/0x228 [<ffffffff8133d974>] x509_check_for_self_signed+0xa1/0xc4 [<ffffffff8133cdde>] x509_cert_parse+0x167/0x1a1 [<ffffffff8133d609>] x509_key_preparse+0x21/0x1a1 [<ffffffff8133c3d7>] asymmetric_key_preparse+0x34/0x61 [<ffffffff812fc9f3>] key_create_or_update+0x145/0x399 [<ffffffff812fe227>] SyS_add_key+0x154/0x19e [<ffffffff81001c2b>] do_syscall_64+0x80/0x191 [<ffffffff816825e4>] entry_SYSCALL64_slow_path+0x25/0x25 Code: 56 41 55 41 54 53 48 81 ec a8 00 00 00 44 8b 71 04 8b 42 04 4c 8b 67 18 45 85 f6 89 45 80 0f 84 b4 06 00 00 85 c0 75 2f 41 ff ce <49> c7 04 24 01 00 00 00 b0 01 75 0b 48 8b 41 18 48 83 38 01 0f RIP [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP <ffff880401297ad8> CR2: 0000000000000000 ---[ end trace d82015255d4a5d8d ]--- Basically, this is a backport of a libgcrypt patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=patch;h=6e1adb05d290aeeb1c230c763970695f4a538526 Fixes: cdec9cb ("crypto: GnuPG based MPI lib - source files (part 1)") Signed-off-by: Andrey Ryabinin <[email protected]> Signed-off-by: David Howells <[email protected]> cc: Dmitry Kasatkin <[email protected]> cc: [email protected] Signed-off-by: James Morris <[email protected]> Signed-off-by: Jiri Slaby <[email protected]>
bgly
pushed a commit
to powervm/ibmvscsis
that referenced
this pull request
Jan 31, 2017
BugLink: http://bugs.launchpad.net/bugs/1650601 commit f5527ff upstream. This fixes CVE-2016-8650. If mpi_powm() is given a zero exponent, it wants to immediately return either 1 or 0, depending on the modulus. However, if the result was initalised with zero limb space, no limbs space is allocated and a NULL-pointer exception ensues. Fix this by allocating a minimal amount of limb space for the result when the 0-exponent case when the result is 1 and not touching the limb space when the result is 0. This affects the use of RSA keys and X.509 certificates that carry them. BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 PGD 0 Oops: 0002 [#1] SMP Modules linked in: CPU: 3 PID: 3014 Comm: keyctl Not tainted 4.9.0-rc6-fscache+ torvalds#278 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 task: ffff8804011944c0 task.stack: ffff880401294000 RIP: 0010:[<ffffffff8138ce5d>] [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP: 0018:ffff880401297ad8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88040868bec0 RCX: ffff88040868bba0 RDX: ffff88040868b260 RSI: ffff88040868bec0 RDI: ffff88040868bee0 RBP: ffff880401297ba8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000047 R11: ffffffff8183b210 R12: 0000000000000000 R13: ffff8804087c7600 R14: 000000000000001f R15: ffff880401297c50 FS: 00007f7a7918c700(0000) GS:ffff88041fb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000401250000 CR4: 00000000001406e0 Stack: ffff88040868bec0 0000000000000020 ffff880401297b00 ffffffff81376cd4 0000000000000100 ffff880401297b10 ffffffff81376d12 ffff880401297b30 ffffffff81376f37 0000000000000100 0000000000000000 ffff880401297ba8 Call Trace: [<ffffffff81376cd4>] ? __sg_page_iter_next+0x43/0x66 [<ffffffff81376d12>] ? sg_miter_get_next_page+0x1b/0x5d [<ffffffff81376f37>] ? sg_miter_next+0x17/0xbd [<ffffffff8138ba3a>] ? mpi_read_raw_from_sgl+0xf2/0x146 [<ffffffff8132a95c>] rsa_verify+0x9d/0xee [<ffffffff8132acca>] ? pkcs1pad_sg_set_buf+0x2e/0xbb [<ffffffff8132af40>] pkcs1pad_verify+0xc0/0xe1 [<ffffffff8133cb5e>] public_key_verify_signature+0x1b0/0x228 [<ffffffff8133d974>] x509_check_for_self_signed+0xa1/0xc4 [<ffffffff8133cdde>] x509_cert_parse+0x167/0x1a1 [<ffffffff8133d609>] x509_key_preparse+0x21/0x1a1 [<ffffffff8133c3d7>] asymmetric_key_preparse+0x34/0x61 [<ffffffff812fc9f3>] key_create_or_update+0x145/0x399 [<ffffffff812fe227>] SyS_add_key+0x154/0x19e [<ffffffff81001c2b>] do_syscall_64+0x80/0x191 [<ffffffff816825e4>] entry_SYSCALL64_slow_path+0x25/0x25 Code: 56 41 55 41 54 53 48 81 ec a8 00 00 00 44 8b 71 04 8b 42 04 4c 8b 67 18 45 85 f6 89 45 80 0f 84 b4 06 00 00 85 c0 75 2f 41 ff ce <49> c7 04 24 01 00 00 00 b0 01 75 0b 48 8b 41 18 48 83 38 01 0f RIP [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP <ffff880401297ad8> CR2: 0000000000000000 ---[ end trace d82015255d4a5d8d ]--- Basically, this is a backport of a libgcrypt patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=patch;h=6e1adb05d290aeeb1c230c763970695f4a538526 Fixes: cdec9cb ("crypto: GnuPG based MPI lib - source files (part 1)") Signed-off-by: Andrey Ryabinin <[email protected]> Signed-off-by: David Howells <[email protected]> cc: Dmitry Kasatkin <[email protected]> cc: [email protected] Signed-off-by: James Morris <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]> Signed-off-by: Tim Gardner <[email protected]> Signed-off-by: Luis Henriques <[email protected]>
Noltari
pushed a commit
to Noltari/linux
that referenced
this pull request
Feb 10, 2017
commit f5527ff upstream. This fixes CVE-2016-8650. If mpi_powm() is given a zero exponent, it wants to immediately return either 1 or 0, depending on the modulus. However, if the result was initalised with zero limb space, no limbs space is allocated and a NULL-pointer exception ensues. Fix this by allocating a minimal amount of limb space for the result when the 0-exponent case when the result is 1 and not touching the limb space when the result is 0. This affects the use of RSA keys and X.509 certificates that carry them. BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 PGD 0 Oops: 0002 [#1] SMP Modules linked in: CPU: 3 PID: 3014 Comm: keyctl Not tainted 4.9.0-rc6-fscache+ torvalds#278 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 task: ffff8804011944c0 task.stack: ffff880401294000 RIP: 0010:[<ffffffff8138ce5d>] [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP: 0018:ffff880401297ad8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88040868bec0 RCX: ffff88040868bba0 RDX: ffff88040868b260 RSI: ffff88040868bec0 RDI: ffff88040868bee0 RBP: ffff880401297ba8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000047 R11: ffffffff8183b210 R12: 0000000000000000 R13: ffff8804087c7600 R14: 000000000000001f R15: ffff880401297c50 FS: 00007f7a7918c700(0000) GS:ffff88041fb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000401250000 CR4: 00000000001406e0 Stack: ffff88040868bec0 0000000000000020 ffff880401297b00 ffffffff81376cd4 0000000000000100 ffff880401297b10 ffffffff81376d12 ffff880401297b30 ffffffff81376f37 0000000000000100 0000000000000000 ffff880401297ba8 Call Trace: [<ffffffff81376cd4>] ? __sg_page_iter_next+0x43/0x66 [<ffffffff81376d12>] ? sg_miter_get_next_page+0x1b/0x5d [<ffffffff81376f37>] ? sg_miter_next+0x17/0xbd [<ffffffff8138ba3a>] ? mpi_read_raw_from_sgl+0xf2/0x146 [<ffffffff8132a95c>] rsa_verify+0x9d/0xee [<ffffffff8132acca>] ? pkcs1pad_sg_set_buf+0x2e/0xbb [<ffffffff8132af40>] pkcs1pad_verify+0xc0/0xe1 [<ffffffff8133cb5e>] public_key_verify_signature+0x1b0/0x228 [<ffffffff8133d974>] x509_check_for_self_signed+0xa1/0xc4 [<ffffffff8133cdde>] x509_cert_parse+0x167/0x1a1 [<ffffffff8133d609>] x509_key_preparse+0x21/0x1a1 [<ffffffff8133c3d7>] asymmetric_key_preparse+0x34/0x61 [<ffffffff812fc9f3>] key_create_or_update+0x145/0x399 [<ffffffff812fe227>] SyS_add_key+0x154/0x19e [<ffffffff81001c2b>] do_syscall_64+0x80/0x191 [<ffffffff816825e4>] entry_SYSCALL64_slow_path+0x25/0x25 Code: 56 41 55 41 54 53 48 81 ec a8 00 00 00 44 8b 71 04 8b 42 04 4c 8b 67 18 45 85 f6 89 45 80 0f 84 b4 06 00 00 85 c0 75 2f 41 ff ce <49> c7 04 24 01 00 00 00 b0 01 75 0b 48 8b 41 18 48 83 38 01 0f RIP [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP <ffff880401297ad8> CR2: 0000000000000000 ---[ end trace d82015255d4a5d8d ]--- Basically, this is a backport of a libgcrypt patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=patch;h=6e1adb05d290aeeb1c230c763970695f4a538526 Fixes: cdec9cb ("crypto: GnuPG based MPI lib - source files (part 1)") Signed-off-by: Andrey Ryabinin <[email protected]> Signed-off-by: David Howells <[email protected]> cc: Dmitry Kasatkin <[email protected]> cc: [email protected] Signed-off-by: James Morris <[email protected]> Signed-off-by: Willy Tarreau <[email protected]>
lukenels
pushed a commit
to lukenels/linux
that referenced
this pull request
Feb 12, 2017
BugLink: http://bugs.launchpad.net/bugs/1647465 commit f5527ff upstream. This fixes CVE-2016-8650. If mpi_powm() is given a zero exponent, it wants to immediately return either 1 or 0, depending on the modulus. However, if the result was initalised with zero limb space, no limbs space is allocated and a NULL-pointer exception ensues. Fix this by allocating a minimal amount of limb space for the result when the 0-exponent case when the result is 1 and not touching the limb space when the result is 0. This affects the use of RSA keys and X.509 certificates that carry them. BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 PGD 0 Oops: 0002 [#1] SMP Modules linked in: CPU: 3 PID: 3014 Comm: keyctl Not tainted 4.9.0-rc6-fscache+ torvalds#278 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 task: ffff8804011944c0 task.stack: ffff880401294000 RIP: 0010:[<ffffffff8138ce5d>] [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP: 0018:ffff880401297ad8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88040868bec0 RCX: ffff88040868bba0 RDX: ffff88040868b260 RSI: ffff88040868bec0 RDI: ffff88040868bee0 RBP: ffff880401297ba8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000047 R11: ffffffff8183b210 R12: 0000000000000000 R13: ffff8804087c7600 R14: 000000000000001f R15: ffff880401297c50 FS: 00007f7a7918c700(0000) GS:ffff88041fb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000401250000 CR4: 00000000001406e0 Stack: ffff88040868bec0 0000000000000020 ffff880401297b00 ffffffff81376cd4 0000000000000100 ffff880401297b10 ffffffff81376d12 ffff880401297b30 ffffffff81376f37 0000000000000100 0000000000000000 ffff880401297ba8 Call Trace: [<ffffffff81376cd4>] ? __sg_page_iter_next+0x43/0x66 [<ffffffff81376d12>] ? sg_miter_get_next_page+0x1b/0x5d [<ffffffff81376f37>] ? sg_miter_next+0x17/0xbd [<ffffffff8138ba3a>] ? mpi_read_raw_from_sgl+0xf2/0x146 [<ffffffff8132a95c>] rsa_verify+0x9d/0xee [<ffffffff8132acca>] ? pkcs1pad_sg_set_buf+0x2e/0xbb [<ffffffff8132af40>] pkcs1pad_verify+0xc0/0xe1 [<ffffffff8133cb5e>] public_key_verify_signature+0x1b0/0x228 [<ffffffff8133d974>] x509_check_for_self_signed+0xa1/0xc4 [<ffffffff8133cdde>] x509_cert_parse+0x167/0x1a1 [<ffffffff8133d609>] x509_key_preparse+0x21/0x1a1 [<ffffffff8133c3d7>] asymmetric_key_preparse+0x34/0x61 [<ffffffff812fc9f3>] key_create_or_update+0x145/0x399 [<ffffffff812fe227>] SyS_add_key+0x154/0x19e [<ffffffff81001c2b>] do_syscall_64+0x80/0x191 [<ffffffff816825e4>] entry_SYSCALL64_slow_path+0x25/0x25 Code: 56 41 55 41 54 53 48 81 ec a8 00 00 00 44 8b 71 04 8b 42 04 4c 8b 67 18 45 85 f6 89 45 80 0f 84 b4 06 00 00 85 c0 75 2f 41 ff ce <49> c7 04 24 01 00 00 00 b0 01 75 0b 48 8b 41 18 48 83 38 01 0f RIP [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP <ffff880401297ad8> CR2: 0000000000000000 ---[ end trace d82015255d4a5d8d ]--- Basically, this is a backport of a libgcrypt patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=patch;h=6e1adb05d290aeeb1c230c763970695f4a538526 Fixes: cdec9cb ("crypto: GnuPG based MPI lib - source files (part 1)") Signed-off-by: Andrey Ryabinin <[email protected]> Signed-off-by: David Howells <[email protected]> cc: Dmitry Kasatkin <[email protected]> cc: [email protected] Signed-off-by: James Morris <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]> Signed-off-by: Tim Gardner <[email protected]> Signed-off-by: Luis Henriques <[email protected]>
laijs
pushed a commit
to laijs/linux
that referenced
this pull request
Feb 13, 2017
lkl: avoid dhcp client running if ipv6 addr is specified
paulusmack
pushed a commit
to open-power-host-os/linux
that referenced
this pull request
May 17, 2017
This fixes CVE-2016-8650. If mpi_powm() is given a zero exponent, it wants to immediately return either 1 or 0, depending on the modulus. However, if the result was initalised with zero limb space, no limbs space is allocated and a NULL-pointer exception ensues. Fix this by allocating a minimal amount of limb space for the result when the 0-exponent case when the result is 1 and not touching the limb space when the result is 0. This affects the use of RSA keys and X.509 certificates that carry them. BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 PGD 0 Oops: 0002 [#1] SMP Modules linked in: CPU: 3 PID: 3014 Comm: keyctl Not tainted 4.9.0-rc6-fscache+ torvalds#278 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 task: ffff8804011944c0 task.stack: ffff880401294000 RIP: 0010:[<ffffffff8138ce5d>] [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP: 0018:ffff880401297ad8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88040868bec0 RCX: ffff88040868bba0 RDX: ffff88040868b260 RSI: ffff88040868bec0 RDI: ffff88040868bee0 RBP: ffff880401297ba8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000047 R11: ffffffff8183b210 R12: 0000000000000000 R13: ffff8804087c7600 R14: 000000000000001f R15: ffff880401297c50 FS: 00007f7a7918c700(0000) GS:ffff88041fb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000401250000 CR4: 00000000001406e0 Stack: ffff88040868bec0 0000000000000020 ffff880401297b00 ffffffff81376cd4 0000000000000100 ffff880401297b10 ffffffff81376d12 ffff880401297b30 ffffffff81376f37 0000000000000100 0000000000000000 ffff880401297ba8 Call Trace: [<ffffffff81376cd4>] ? __sg_page_iter_next+0x43/0x66 [<ffffffff81376d12>] ? sg_miter_get_next_page+0x1b/0x5d [<ffffffff81376f37>] ? sg_miter_next+0x17/0xbd [<ffffffff8138ba3a>] ? mpi_read_raw_from_sgl+0xf2/0x146 [<ffffffff8132a95c>] rsa_verify+0x9d/0xee [<ffffffff8132acca>] ? pkcs1pad_sg_set_buf+0x2e/0xbb [<ffffffff8132af40>] pkcs1pad_verify+0xc0/0xe1 [<ffffffff8133cb5e>] public_key_verify_signature+0x1b0/0x228 [<ffffffff8133d974>] x509_check_for_self_signed+0xa1/0xc4 [<ffffffff8133cdde>] x509_cert_parse+0x167/0x1a1 [<ffffffff8133d609>] x509_key_preparse+0x21/0x1a1 [<ffffffff8133c3d7>] asymmetric_key_preparse+0x34/0x61 [<ffffffff812fc9f3>] key_create_or_update+0x145/0x399 [<ffffffff812fe227>] SyS_add_key+0x154/0x19e [<ffffffff81001c2b>] do_syscall_64+0x80/0x191 [<ffffffff816825e4>] entry_SYSCALL64_slow_path+0x25/0x25 Code: 56 41 55 41 54 53 48 81 ec a8 00 00 00 44 8b 71 04 8b 42 04 4c 8b 67 18 45 85 f6 89 45 80 0f 84 b4 06 00 00 85 c0 75 2f 41 ff ce <49> c7 04 24 01 00 00 00 b0 01 75 0b 48 8b 41 18 48 83 38 01 0f RIP [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP <ffff880401297ad8> CR2: 0000000000000000 ---[ end trace d82015255d4a5d8d ]--- Basically, this is a backport of a libgcrypt patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=patch;h=6e1adb05d290aeeb1c230c763970695f4a538526 Fixes: cdec9cb ("crypto: GnuPG based MPI lib - source files (part 1)") Signed-off-by: Andrey Ryabinin <[email protected]> Signed-off-by: David Howells <[email protected]> cc: Dmitry Kasatkin <[email protected]> cc: [email protected] cc: [email protected] Signed-off-by: James Morris <[email protected]> (cherry picked from commit f5527ff) Signed-off-by: Paul Mackerras <[email protected]>
neilbrown
pushed a commit
to neilbrown/linux
that referenced
this pull request
Aug 1, 2019
A partial-page write can cause a read of the whole page, so that just the part being changed can be updated. A read of a whole page can trigger read-ahead. cl_io_read_ahead() asserts that the current ci_type is CIT_READ or CIT_FAULT. So if it is CIT_WRITE, we get a crash. See stack below. So restrict ll_io_read_page() to only enter read-ahead for READ or FAULT. [ 1666.576466] LustreError: 3089:0:(cl_io.c:549:cl_io_read_ahead()) ASSERTION( io->ci_type == CIT_READ || io->ci_type [ 1666.578761] LustreError: 3089:0:(cl_io.c:549:cl_io_read_ahead()) LBUG [ 1666.579807] Pid: 3089, comm: loop3 5.2.0-rc2-00877-gca23fc4b3908 torvalds#278 SMP PREEMPT Mon Jul 22 10:32:24 AEST 2019 [ 1666.581132] Call Trace: [ 1666.581519] libcfs_debug_dumpstack+0x67/0x84 [ 1666.582072] lbug_with_loc+0x33/0x75 [ 1666.582520] cl_io_read_ahead+0x86/0xd6 [ 1666.582979] ll_io_read_page+0x887/0x1089 [ 1666.583457] ll_write_begin+0x4fa/0x69b [ 1666.583917] generic_perform_write+0xb4/0x193 [ 1666.584448] __generic_file_write_iter+0x12c/0x16c [ 1666.585011] vvp_io_write_start+0x492/0x60c [ 1666.585555] cl_io_start+0xef/0x105 [ 1666.586049] cl_io_loop+0xaa/0x1ec [ 1666.586527] ll_file_io_generic+0x475/0x7ca [ 1666.587131] ll_file_write_iter+0x224/0x274 [ 1666.587718] do_iter_readv_writev+0x13a/0x176 [ 1666.588308] do_iter_write+0x8b/0xff [ 1666.588866] lo_write_bvec+0x74/0xf8 [ 1666.589374] loop_queue_work+0x376/0x8bc [ 1666.589908] kthread_worker_fn+0xc3/0x154 [ 1666.590452] kthread+0x111/0x119 [ 1666.590892] ret_from_fork+0x24/0x30 Signed-off-by: NeilBrown <[email protected]>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this pull request
Aug 11, 2021
…CKOPT Add verifier ctx test to call bpf_get_netns_cookie from cgroup/setsockopt. torvalds#269/p pass ctx or null check, 1: ctx Did not run the program (not supported) OK torvalds#270/p pass ctx or null check, 2: null Did not run the program (not supported) OK torvalds#271/p pass ctx or null check, 3: 1 OK torvalds#272/p pass ctx or null check, 4: ctx - const OK torvalds#273/p pass ctx or null check, 5: null (connect) Did not run the program (not supported) OK torvalds#274/p pass ctx or null check, 6: null (bind) Did not run the program (not supported) OK torvalds#275/p pass ctx or null check, 7: ctx (bind) Did not run the program (not supported) OK torvalds#276/p pass ctx or null check, 8: null (bind) OK torvalds#277/p pass ctx or null check, 9: ctx (cgroup/setsockopt) Did not run the program (not supported) OK torvalds#278/p pass ctx or null check, 10: null (cgroup/setsockopt) Did not run the program (not supported) OK Signed-off-by: Stanislav Fomichev <[email protected]>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this pull request
Aug 12, 2021
…CKOPT Add verifier ctx test to call bpf_get_netns_cookie from cgroup/setsockopt. torvalds#269/p pass ctx or null check, 1: ctx Did not run the program (not supported) OK torvalds#270/p pass ctx or null check, 2: null Did not run the program (not supported) OK torvalds#271/p pass ctx or null check, 3: 1 OK torvalds#272/p pass ctx or null check, 4: ctx - const OK torvalds#273/p pass ctx or null check, 5: null (connect) Did not run the program (not supported) OK torvalds#274/p pass ctx or null check, 6: null (bind) Did not run the program (not supported) OK torvalds#275/p pass ctx or null check, 7: ctx (bind) Did not run the program (not supported) OK torvalds#276/p pass ctx or null check, 8: null (bind) OK torvalds#277/p pass ctx or null check, 9: ctx (cgroup/setsockopt) Did not run the program (not supported) OK torvalds#278/p pass ctx or null check, 10: null (cgroup/setsockopt) Did not run the program (not supported) OK Signed-off-by: Stanislav Fomichev <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Nov 20, 2021
This fixes CVE-2016-8650. If mpi_powm() is given a zero exponent, it wants to immediately return either 1 or 0, depending on the modulus. However, if the result was initalised with zero limb space, no limbs space is allocated and a NULL-pointer exception ensues. Fix this by allocating a minimal amount of limb space for the result when the 0-exponent case when the result is 1 and not touching the limb space when the result is 0. This affects the use of RSA keys and X.509 certificates that carry them. Bug: 33401771 BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 PGD 0 Oops: 0002 [#1] SMP Modules linked in: CPU: 3 PID: 3014 Comm: keyctl Not tainted 4.9.0-rc6-fscache+ torvalds#278 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 task: ffff8804011944c0 task.stack: ffff880401294000 RIP: 0010:[<ffffffff8138ce5d>] [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP: 0018:ffff880401297ad8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88040868bec0 RCX: ffff88040868bba0 RDX: ffff88040868b260 RSI: ffff88040868bec0 RDI: ffff88040868bee0 RBP: ffff880401297ba8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000047 R11: ffffffff8183b210 R12: 0000000000000000 R13: ffff8804087c7600 R14: 000000000000001f R15: ffff880401297c50 FS: 00007f7a7918c700(0000) GS:ffff88041fb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000401250000 CR4: 00000000001406e0 Stack: ffff88040868bec0 0000000000000020 ffff880401297b00 ffffffff81376cd4 0000000000000100 ffff880401297b10 ffffffff81376d12 ffff880401297b30 ffffffff81376f37 0000000000000100 0000000000000000 ffff880401297ba8 Call Trace: [<ffffffff81376cd4>] ? __sg_page_iter_next+0x43/0x66 [<ffffffff81376d12>] ? sg_miter_get_next_page+0x1b/0x5d [<ffffffff81376f37>] ? sg_miter_next+0x17/0xbd [<ffffffff8138ba3a>] ? mpi_read_raw_from_sgl+0xf2/0x146 [<ffffffff8132a95c>] rsa_verify+0x9d/0xee [<ffffffff8132acca>] ? pkcs1pad_sg_set_buf+0x2e/0xbb [<ffffffff8132af40>] pkcs1pad_verify+0xc0/0xe1 [<ffffffff8133cb5e>] public_key_verify_signature+0x1b0/0x228 [<ffffffff8133d974>] x509_check_for_self_signed+0xa1/0xc4 [<ffffffff8133cdde>] x509_cert_parse+0x167/0x1a1 [<ffffffff8133d609>] x509_key_preparse+0x21/0x1a1 [<ffffffff8133c3d7>] asymmetric_key_preparse+0x34/0x61 [<ffffffff812fc9f3>] key_create_or_update+0x145/0x399 [<ffffffff812fe227>] SyS_add_key+0x154/0x19e [<ffffffff81001c2b>] do_syscall_64+0x80/0x191 [<ffffffff816825e4>] entry_SYSCALL64_slow_path+0x25/0x25 Code: 56 41 55 41 54 53 48 81 ec a8 00 00 00 44 8b 71 04 8b 42 04 4c 8b 67 18 45 85 f6 89 45 80 0f 84 b4 06 00 00 85 c0 75 2f 41 ff ce <49> c7 04 24 01 00 00 00 b0 01 75 0b 48 8b 41 18 48 83 38 01 0f RIP [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP <ffff880401297ad8> CR2: 0000000000000000 ---[ end trace d82015255d4a5d8d ]--- Basically, this is a backport of a libgcrypt patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=patch;h=6e1adb05d290aeeb1c230c763970695f4a538526 Fixes: cdec9cb ("crypto: GnuPG based MPI lib - source files (part 1)") Signed-off-by: Andrey Ryabinin <[email protected]> Signed-off-by: David Howells <[email protected]> cc: Dmitry Kasatkin <[email protected]> cc: [email protected] cc: [email protected] Signed-off-by: James Morris <[email protected]> Change-Id: I42a008d34a8ca31406fb545783156fca44fa16b4 (cherry picked from commit f5527ff)
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Nov 20, 2021
This fixes CVE-2016-8650. If mpi_powm() is given a zero exponent, it wants to immediately return either 1 or 0, depending on the modulus. However, if the result was initalised with zero limb space, no limbs space is allocated and a NULL-pointer exception ensues. Fix this by allocating a minimal amount of limb space for the result when the 0-exponent case when the result is 1 and not touching the limb space when the result is 0. This affects the use of RSA keys and X.509 certificates that carry them. Bug: 33401771 BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 PGD 0 Oops: 0002 [#1] SMP Modules linked in: CPU: 3 PID: 3014 Comm: keyctl Not tainted 4.9.0-rc6-fscache+ torvalds#278 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 task: ffff8804011944c0 task.stack: ffff880401294000 RIP: 0010:[<ffffffff8138ce5d>] [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP: 0018:ffff880401297ad8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88040868bec0 RCX: ffff88040868bba0 RDX: ffff88040868b260 RSI: ffff88040868bec0 RDI: ffff88040868bee0 RBP: ffff880401297ba8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000047 R11: ffffffff8183b210 R12: 0000000000000000 R13: ffff8804087c7600 R14: 000000000000001f R15: ffff880401297c50 FS: 00007f7a7918c700(0000) GS:ffff88041fb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000401250000 CR4: 00000000001406e0 Stack: ffff88040868bec0 0000000000000020 ffff880401297b00 ffffffff81376cd4 0000000000000100 ffff880401297b10 ffffffff81376d12 ffff880401297b30 ffffffff81376f37 0000000000000100 0000000000000000 ffff880401297ba8 Call Trace: [<ffffffff81376cd4>] ? __sg_page_iter_next+0x43/0x66 [<ffffffff81376d12>] ? sg_miter_get_next_page+0x1b/0x5d [<ffffffff81376f37>] ? sg_miter_next+0x17/0xbd [<ffffffff8138ba3a>] ? mpi_read_raw_from_sgl+0xf2/0x146 [<ffffffff8132a95c>] rsa_verify+0x9d/0xee [<ffffffff8132acca>] ? pkcs1pad_sg_set_buf+0x2e/0xbb [<ffffffff8132af40>] pkcs1pad_verify+0xc0/0xe1 [<ffffffff8133cb5e>] public_key_verify_signature+0x1b0/0x228 [<ffffffff8133d974>] x509_check_for_self_signed+0xa1/0xc4 [<ffffffff8133cdde>] x509_cert_parse+0x167/0x1a1 [<ffffffff8133d609>] x509_key_preparse+0x21/0x1a1 [<ffffffff8133c3d7>] asymmetric_key_preparse+0x34/0x61 [<ffffffff812fc9f3>] key_create_or_update+0x145/0x399 [<ffffffff812fe227>] SyS_add_key+0x154/0x19e [<ffffffff81001c2b>] do_syscall_64+0x80/0x191 [<ffffffff816825e4>] entry_SYSCALL64_slow_path+0x25/0x25 Code: 56 41 55 41 54 53 48 81 ec a8 00 00 00 44 8b 71 04 8b 42 04 4c 8b 67 18 45 85 f6 89 45 80 0f 84 b4 06 00 00 85 c0 75 2f 41 ff ce <49> c7 04 24 01 00 00 00 b0 01 75 0b 48 8b 41 18 48 83 38 01 0f RIP [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP <ffff880401297ad8> CR2: 0000000000000000 ---[ end trace d82015255d4a5d8d ]--- Basically, this is a backport of a libgcrypt patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=patch;h=6e1adb05d290aeeb1c230c763970695f4a538526 Fixes: cdec9cb ("crypto: GnuPG based MPI lib - source files (part 1)") Signed-off-by: Andrey Ryabinin <[email protected]> Signed-off-by: David Howells <[email protected]> cc: Dmitry Kasatkin <[email protected]> cc: [email protected] cc: [email protected] Signed-off-by: James Morris <[email protected]> Change-Id: I42a008d34a8ca31406fb545783156fca44fa16b4
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Dec 16, 2021
commit f5527ff upstream. This fixes CVE-2016-8650. If mpi_powm() is given a zero exponent, it wants to immediately return either 1 or 0, depending on the modulus. However, if the result was initalised with zero limb space, no limbs space is allocated and a NULL-pointer exception ensues. Fix this by allocating a minimal amount of limb space for the result when the 0-exponent case when the result is 1 and not touching the limb space when the result is 0. This affects the use of RSA keys and X.509 certificates that carry them. BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 PGD 0 Oops: 0002 [#1] SMP Modules linked in: CPU: 3 PID: 3014 Comm: keyctl Not tainted 4.9.0-rc6-fscache+ torvalds#278 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 task: ffff8804011944c0 task.stack: ffff880401294000 RIP: 0010:[<ffffffff8138ce5d>] [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP: 0018:ffff880401297ad8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: ffff88040868bec0 RCX: ffff88040868bba0 RDX: ffff88040868b260 RSI: ffff88040868bec0 RDI: ffff88040868bee0 RBP: ffff880401297ba8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000047 R11: ffffffff8183b210 R12: 0000000000000000 R13: ffff8804087c7600 R14: 000000000000001f R15: ffff880401297c50 FS: 00007f7a7918c700(0000) GS:ffff88041fb80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000401250000 CR4: 00000000001406e0 Stack: ffff88040868bec0 0000000000000020 ffff880401297b00 ffffffff81376cd4 0000000000000100 ffff880401297b10 ffffffff81376d12 ffff880401297b30 ffffffff81376f37 0000000000000100 0000000000000000 ffff880401297ba8 Call Trace: [<ffffffff81376cd4>] ? __sg_page_iter_next+0x43/0x66 [<ffffffff81376d12>] ? sg_miter_get_next_page+0x1b/0x5d [<ffffffff81376f37>] ? sg_miter_next+0x17/0xbd [<ffffffff8138ba3a>] ? mpi_read_raw_from_sgl+0xf2/0x146 [<ffffffff8132a95c>] rsa_verify+0x9d/0xee [<ffffffff8132acca>] ? pkcs1pad_sg_set_buf+0x2e/0xbb [<ffffffff8132af40>] pkcs1pad_verify+0xc0/0xe1 [<ffffffff8133cb5e>] public_key_verify_signature+0x1b0/0x228 [<ffffffff8133d974>] x509_check_for_self_signed+0xa1/0xc4 [<ffffffff8133cdde>] x509_cert_parse+0x167/0x1a1 [<ffffffff8133d609>] x509_key_preparse+0x21/0x1a1 [<ffffffff8133c3d7>] asymmetric_key_preparse+0x34/0x61 [<ffffffff812fc9f3>] key_create_or_update+0x145/0x399 [<ffffffff812fe227>] SyS_add_key+0x154/0x19e [<ffffffff81001c2b>] do_syscall_64+0x80/0x191 [<ffffffff816825e4>] entry_SYSCALL64_slow_path+0x25/0x25 Code: 56 41 55 41 54 53 48 81 ec a8 00 00 00 44 8b 71 04 8b 42 04 4c 8b 67 18 45 85 f6 89 45 80 0f 84 b4 06 00 00 85 c0 75 2f 41 ff ce <49> c7 04 24 01 00 00 00 b0 01 75 0b 48 8b 41 18 48 83 38 01 0f RIP [<ffffffff8138ce5d>] mpi_powm+0x32/0x7e6 RSP <ffff880401297ad8> CR2: 0000000000000000 ---[ end trace d82015255d4a5d8d ]--- Basically, this is a backport of a libgcrypt patch: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=patch;h=6e1adb05d290aeeb1c230c763970695f4a538526 Fixes: cdec9cb ("crypto: GnuPG based MPI lib - source files (part 1)") Signed-off-by: Andrey Ryabinin <[email protected]> Signed-off-by: David Howells <[email protected]> cc: Dmitry Kasatkin <[email protected]> cc: [email protected] Signed-off-by: James Morris <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
jonhunter
pushed a commit
to jonhunter/linux
that referenced
this pull request
Feb 2, 2022
WARNING: please, no spaces at the start of a line torvalds#249: FILE: mm/page-writeback.c:2089: + {$ ERROR: code indent should use tabs where possible torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ WARNING: please, no spaces at the start of a line torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ ERROR: code indent should use tabs where possible torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ WARNING: please, no spaces at the start of a line torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ ERROR: code indent should use tabs where possible torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ WARNING: please, no spaces at the start of a line torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ ERROR: code indent should use tabs where possible torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#257: FILE: mm/page-writeback.c:2097: + },$ WARNING: please, no spaces at the start of a line torvalds#258: FILE: mm/page-writeback.c:2098: + {$ ERROR: code indent should use tabs where possible torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ WARNING: please, no spaces at the start of a line torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ ERROR: code indent should use tabs where possible torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ WARNING: please, no spaces at the start of a line torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ ERROR: code indent should use tabs where possible torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ WARNING: please, no spaces at the start of a line torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ ERROR: code indent should use tabs where possible torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#265: FILE: mm/page-writeback.c:2105: + },$ WARNING: please, no spaces at the start of a line torvalds#266: FILE: mm/page-writeback.c:2106: + {$ ERROR: code indent should use tabs where possible torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ WARNING: please, no spaces at the start of a line torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ ERROR: code indent should use tabs where possible torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ WARNING: please, no spaces at the start of a line torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ ERROR: code indent should use tabs where possible torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ WARNING: please, no spaces at the start of a line torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ ERROR: code indent should use tabs where possible torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#274: FILE: mm/page-writeback.c:2114: + },$ WARNING: please, no spaces at the start of a line torvalds#275: FILE: mm/page-writeback.c:2115: + {$ ERROR: code indent should use tabs where possible torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ WARNING: please, no spaces at the start of a line torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ ERROR: code indent should use tabs where possible torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ WARNING: please, no spaces at the start of a line torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ ERROR: code indent should use tabs where possible torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ WARNING: please, no spaces at the start of a line torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ ERROR: code indent should use tabs where possible torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#282: FILE: mm/page-writeback.c:2122: + },$ WARNING: please, no spaces at the start of a line torvalds#283: FILE: mm/page-writeback.c:2123: + {$ ERROR: code indent should use tabs where possible torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ ERROR: code indent should use tabs where possible torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ WARNING: please, no spaces at the start of a line torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ ERROR: code indent should use tabs where possible torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ WARNING: please, no spaces at the start of a line torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ ERROR: code indent should use tabs where possible torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#289: FILE: mm/page-writeback.c:2129: + },$ WARNING: please, no spaces at the start of a line torvalds#290: FILE: mm/page-writeback.c:2130: + {$ ERROR: code indent should use tabs where possible torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ ERROR: code indent should use tabs where possible torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ WARNING: please, no spaces at the start of a line torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ ERROR: code indent should use tabs where possible torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ WARNING: please, no spaces at the start of a line torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ ERROR: code indent should use tabs where possible torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ WARNING: please, no spaces at the start of a line torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ ERROR: code indent should use tabs where possible torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#297: FILE: mm/page-writeback.c:2137: + },$ total: 37 errors, 49 warnings, 287 lines checked NOTE: For some of the reported defects, checkpatch may be able to mechanically convert to the typical style using --fix or --fix-inplace. NOTE: Whitespace errors detected. You may wish to use scripts/cleanpatch or scripts/cleanfile ./patches/mm-move-page-writeback-sysctls-to-is-own-file.patch has style problems, please review. NOTE: If any of the errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS. Please run checkpatch prior to sending patches Cc: Iurii Zaikin <[email protected]> Cc: Kees Cook <[email protected]> Cc: Luis Chamberlain <[email protected]> Cc: zhanglianjie <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Stephen Rothwell <[email protected]>
jonhunter
pushed a commit
to jonhunter/linux
that referenced
this pull request
Feb 7, 2022
WARNING: please, no spaces at the start of a line torvalds#249: FILE: mm/page-writeback.c:2089: + {$ ERROR: code indent should use tabs where possible torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ WARNING: please, no spaces at the start of a line torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ ERROR: code indent should use tabs where possible torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ WARNING: please, no spaces at the start of a line torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ ERROR: code indent should use tabs where possible torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ WARNING: please, no spaces at the start of a line torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ ERROR: code indent should use tabs where possible torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#257: FILE: mm/page-writeback.c:2097: + },$ WARNING: please, no spaces at the start of a line torvalds#258: FILE: mm/page-writeback.c:2098: + {$ ERROR: code indent should use tabs where possible torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ WARNING: please, no spaces at the start of a line torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ ERROR: code indent should use tabs where possible torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ WARNING: please, no spaces at the start of a line torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ ERROR: code indent should use tabs where possible torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ WARNING: please, no spaces at the start of a line torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ ERROR: code indent should use tabs where possible torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#265: FILE: mm/page-writeback.c:2105: + },$ WARNING: please, no spaces at the start of a line torvalds#266: FILE: mm/page-writeback.c:2106: + {$ ERROR: code indent should use tabs where possible torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ WARNING: please, no spaces at the start of a line torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ ERROR: code indent should use tabs where possible torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ WARNING: please, no spaces at the start of a line torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ ERROR: code indent should use tabs where possible torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ WARNING: please, no spaces at the start of a line torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ ERROR: code indent should use tabs where possible torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#274: FILE: mm/page-writeback.c:2114: + },$ WARNING: please, no spaces at the start of a line torvalds#275: FILE: mm/page-writeback.c:2115: + {$ ERROR: code indent should use tabs where possible torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ WARNING: please, no spaces at the start of a line torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ ERROR: code indent should use tabs where possible torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ WARNING: please, no spaces at the start of a line torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ ERROR: code indent should use tabs where possible torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ WARNING: please, no spaces at the start of a line torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ ERROR: code indent should use tabs where possible torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#282: FILE: mm/page-writeback.c:2122: + },$ WARNING: please, no spaces at the start of a line torvalds#283: FILE: mm/page-writeback.c:2123: + {$ ERROR: code indent should use tabs where possible torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ ERROR: code indent should use tabs where possible torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ WARNING: please, no spaces at the start of a line torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ ERROR: code indent should use tabs where possible torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ WARNING: please, no spaces at the start of a line torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ ERROR: code indent should use tabs where possible torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#289: FILE: mm/page-writeback.c:2129: + },$ WARNING: please, no spaces at the start of a line torvalds#290: FILE: mm/page-writeback.c:2130: + {$ ERROR: code indent should use tabs where possible torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ ERROR: code indent should use tabs where possible torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ WARNING: please, no spaces at the start of a line torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ ERROR: code indent should use tabs where possible torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ WARNING: please, no spaces at the start of a line torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ ERROR: code indent should use tabs where possible torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ WARNING: please, no spaces at the start of a line torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ ERROR: code indent should use tabs where possible torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#297: FILE: mm/page-writeback.c:2137: + },$ total: 37 errors, 49 warnings, 287 lines checked NOTE: For some of the reported defects, checkpatch may be able to mechanically convert to the typical style using --fix or --fix-inplace. NOTE: Whitespace errors detected. You may wish to use scripts/cleanpatch or scripts/cleanfile ./patches/mm-move-page-writeback-sysctls-to-is-own-file.patch has style problems, please review. NOTE: If any of the errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS. Please run checkpatch prior to sending patches Cc: Iurii Zaikin <[email protected]> Cc: Kees Cook <[email protected]> Cc: Luis Chamberlain <[email protected]> Cc: zhanglianjie <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Stephen Rothwell <[email protected]>
jonhunter
pushed a commit
to jonhunter/linux
that referenced
this pull request
Feb 8, 2022
WARNING: please, no spaces at the start of a line torvalds#249: FILE: mm/page-writeback.c:2089: + {$ ERROR: code indent should use tabs where possible torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ WARNING: please, no spaces at the start of a line torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ ERROR: code indent should use tabs where possible torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ WARNING: please, no spaces at the start of a line torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ ERROR: code indent should use tabs where possible torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ WARNING: please, no spaces at the start of a line torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ ERROR: code indent should use tabs where possible torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#257: FILE: mm/page-writeback.c:2097: + },$ WARNING: please, no spaces at the start of a line torvalds#258: FILE: mm/page-writeback.c:2098: + {$ ERROR: code indent should use tabs where possible torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ WARNING: please, no spaces at the start of a line torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ ERROR: code indent should use tabs where possible torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ WARNING: please, no spaces at the start of a line torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ ERROR: code indent should use tabs where possible torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ WARNING: please, no spaces at the start of a line torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ ERROR: code indent should use tabs where possible torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#265: FILE: mm/page-writeback.c:2105: + },$ WARNING: please, no spaces at the start of a line torvalds#266: FILE: mm/page-writeback.c:2106: + {$ ERROR: code indent should use tabs where possible torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ WARNING: please, no spaces at the start of a line torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ ERROR: code indent should use tabs where possible torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ WARNING: please, no spaces at the start of a line torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ ERROR: code indent should use tabs where possible torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ WARNING: please, no spaces at the start of a line torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ ERROR: code indent should use tabs where possible torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#274: FILE: mm/page-writeback.c:2114: + },$ WARNING: please, no spaces at the start of a line torvalds#275: FILE: mm/page-writeback.c:2115: + {$ ERROR: code indent should use tabs where possible torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ WARNING: please, no spaces at the start of a line torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ ERROR: code indent should use tabs where possible torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ WARNING: please, no spaces at the start of a line torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ ERROR: code indent should use tabs where possible torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ WARNING: please, no spaces at the start of a line torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ ERROR: code indent should use tabs where possible torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#282: FILE: mm/page-writeback.c:2122: + },$ WARNING: please, no spaces at the start of a line torvalds#283: FILE: mm/page-writeback.c:2123: + {$ ERROR: code indent should use tabs where possible torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ ERROR: code indent should use tabs where possible torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ WARNING: please, no spaces at the start of a line torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ ERROR: code indent should use tabs where possible torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ WARNING: please, no spaces at the start of a line torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ ERROR: code indent should use tabs where possible torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#289: FILE: mm/page-writeback.c:2129: + },$ WARNING: please, no spaces at the start of a line torvalds#290: FILE: mm/page-writeback.c:2130: + {$ ERROR: code indent should use tabs where possible torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ ERROR: code indent should use tabs where possible torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ WARNING: please, no spaces at the start of a line torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ ERROR: code indent should use tabs where possible torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ WARNING: please, no spaces at the start of a line torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ ERROR: code indent should use tabs where possible torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ WARNING: please, no spaces at the start of a line torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ ERROR: code indent should use tabs where possible torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#297: FILE: mm/page-writeback.c:2137: + },$ total: 37 errors, 49 warnings, 287 lines checked NOTE: For some of the reported defects, checkpatch may be able to mechanically convert to the typical style using --fix or --fix-inplace. NOTE: Whitespace errors detected. You may wish to use scripts/cleanpatch or scripts/cleanfile ./patches/mm-move-page-writeback-sysctls-to-is-own-file.patch has style problems, please review. NOTE: If any of the errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS. Please run checkpatch prior to sending patches Cc: Iurii Zaikin <[email protected]> Cc: Kees Cook <[email protected]> Cc: Luis Chamberlain <[email protected]> Cc: zhanglianjie <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Stephen Rothwell <[email protected]>
jonhunter
pushed a commit
to jonhunter/linux
that referenced
this pull request
Feb 9, 2022
WARNING: please, no spaces at the start of a line torvalds#249: FILE: mm/page-writeback.c:2089: + {$ ERROR: code indent should use tabs where possible torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ WARNING: please, no spaces at the start of a line torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ ERROR: code indent should use tabs where possible torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ WARNING: please, no spaces at the start of a line torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ ERROR: code indent should use tabs where possible torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ WARNING: please, no spaces at the start of a line torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ ERROR: code indent should use tabs where possible torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#257: FILE: mm/page-writeback.c:2097: + },$ WARNING: please, no spaces at the start of a line torvalds#258: FILE: mm/page-writeback.c:2098: + {$ ERROR: code indent should use tabs where possible torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ WARNING: please, no spaces at the start of a line torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ ERROR: code indent should use tabs where possible torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ WARNING: please, no spaces at the start of a line torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ ERROR: code indent should use tabs where possible torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ WARNING: please, no spaces at the start of a line torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ ERROR: code indent should use tabs where possible torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#265: FILE: mm/page-writeback.c:2105: + },$ WARNING: please, no spaces at the start of a line torvalds#266: FILE: mm/page-writeback.c:2106: + {$ ERROR: code indent should use tabs where possible torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ WARNING: please, no spaces at the start of a line torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ ERROR: code indent should use tabs where possible torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ WARNING: please, no spaces at the start of a line torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ ERROR: code indent should use tabs where possible torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ WARNING: please, no spaces at the start of a line torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ ERROR: code indent should use tabs where possible torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#274: FILE: mm/page-writeback.c:2114: + },$ WARNING: please, no spaces at the start of a line torvalds#275: FILE: mm/page-writeback.c:2115: + {$ ERROR: code indent should use tabs where possible torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ WARNING: please, no spaces at the start of a line torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ ERROR: code indent should use tabs where possible torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ WARNING: please, no spaces at the start of a line torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ ERROR: code indent should use tabs where possible torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ WARNING: please, no spaces at the start of a line torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ ERROR: code indent should use tabs where possible torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#282: FILE: mm/page-writeback.c:2122: + },$ WARNING: please, no spaces at the start of a line torvalds#283: FILE: mm/page-writeback.c:2123: + {$ ERROR: code indent should use tabs where possible torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ ERROR: code indent should use tabs where possible torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ WARNING: please, no spaces at the start of a line torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ ERROR: code indent should use tabs where possible torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ WARNING: please, no spaces at the start of a line torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ ERROR: code indent should use tabs where possible torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#289: FILE: mm/page-writeback.c:2129: + },$ WARNING: please, no spaces at the start of a line torvalds#290: FILE: mm/page-writeback.c:2130: + {$ ERROR: code indent should use tabs where possible torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ ERROR: code indent should use tabs where possible torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ WARNING: please, no spaces at the start of a line torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ ERROR: code indent should use tabs where possible torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ WARNING: please, no spaces at the start of a line torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ ERROR: code indent should use tabs where possible torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ WARNING: please, no spaces at the start of a line torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ ERROR: code indent should use tabs where possible torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#297: FILE: mm/page-writeback.c:2137: + },$ total: 37 errors, 49 warnings, 287 lines checked NOTE: For some of the reported defects, checkpatch may be able to mechanically convert to the typical style using --fix or --fix-inplace. NOTE: Whitespace errors detected. You may wish to use scripts/cleanpatch or scripts/cleanfile ./patches/mm-move-page-writeback-sysctls-to-is-own-file.patch has style problems, please review. NOTE: If any of the errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS. Please run checkpatch prior to sending patches Cc: Iurii Zaikin <[email protected]> Cc: Kees Cook <[email protected]> Cc: Luis Chamberlain <[email protected]> Cc: zhanglianjie <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Stephen Rothwell <[email protected]>
staging-kernelci-org
pushed a commit
to kernelci/linux
that referenced
this pull request
Feb 11, 2022
WARNING: please, no spaces at the start of a line torvalds#249: FILE: mm/page-writeback.c:2089: + {$ ERROR: code indent should use tabs where possible torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ WARNING: please, no spaces at the start of a line torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ ERROR: code indent should use tabs where possible torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ WARNING: please, no spaces at the start of a line torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ ERROR: code indent should use tabs where possible torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ WARNING: please, no spaces at the start of a line torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ ERROR: code indent should use tabs where possible torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#257: FILE: mm/page-writeback.c:2097: + },$ WARNING: please, no spaces at the start of a line torvalds#258: FILE: mm/page-writeback.c:2098: + {$ ERROR: code indent should use tabs where possible torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ WARNING: please, no spaces at the start of a line torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ ERROR: code indent should use tabs where possible torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ WARNING: please, no spaces at the start of a line torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ ERROR: code indent should use tabs where possible torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ WARNING: please, no spaces at the start of a line torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ ERROR: code indent should use tabs where possible torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#265: FILE: mm/page-writeback.c:2105: + },$ WARNING: please, no spaces at the start of a line torvalds#266: FILE: mm/page-writeback.c:2106: + {$ ERROR: code indent should use tabs where possible torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ WARNING: please, no spaces at the start of a line torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ ERROR: code indent should use tabs where possible torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ WARNING: please, no spaces at the start of a line torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ ERROR: code indent should use tabs where possible torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ WARNING: please, no spaces at the start of a line torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ ERROR: code indent should use tabs where possible torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#274: FILE: mm/page-writeback.c:2114: + },$ WARNING: please, no spaces at the start of a line torvalds#275: FILE: mm/page-writeback.c:2115: + {$ ERROR: code indent should use tabs where possible torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ WARNING: please, no spaces at the start of a line torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ ERROR: code indent should use tabs where possible torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ WARNING: please, no spaces at the start of a line torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ ERROR: code indent should use tabs where possible torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ WARNING: please, no spaces at the start of a line torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ ERROR: code indent should use tabs where possible torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#282: FILE: mm/page-writeback.c:2122: + },$ WARNING: please, no spaces at the start of a line torvalds#283: FILE: mm/page-writeback.c:2123: + {$ ERROR: code indent should use tabs where possible torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ ERROR: code indent should use tabs where possible torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ WARNING: please, no spaces at the start of a line torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ ERROR: code indent should use tabs where possible torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ WARNING: please, no spaces at the start of a line torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ ERROR: code indent should use tabs where possible torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#289: FILE: mm/page-writeback.c:2129: + },$ WARNING: please, no spaces at the start of a line torvalds#290: FILE: mm/page-writeback.c:2130: + {$ ERROR: code indent should use tabs where possible torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ ERROR: code indent should use tabs where possible torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ WARNING: please, no spaces at the start of a line torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ ERROR: code indent should use tabs where possible torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ WARNING: please, no spaces at the start of a line torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ ERROR: code indent should use tabs where possible torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ WARNING: please, no spaces at the start of a line torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ ERROR: code indent should use tabs where possible torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#297: FILE: mm/page-writeback.c:2137: + },$ total: 37 errors, 49 warnings, 287 lines checked NOTE: For some of the reported defects, checkpatch may be able to mechanically convert to the typical style using --fix or --fix-inplace. NOTE: Whitespace errors detected. You may wish to use scripts/cleanpatch or scripts/cleanfile ./patches/mm-move-page-writeback-sysctls-to-is-own-file.patch has style problems, please review. NOTE: If any of the errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS. Please run checkpatch prior to sending patches Cc: Iurii Zaikin <[email protected]> Cc: Kees Cook <[email protected]> Cc: Luis Chamberlain <[email protected]> Cc: zhanglianjie <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Stephen Rothwell <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 11, 2022
When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected]
jonhunter
pushed a commit
to jonhunter/linux
that referenced
this pull request
Feb 14, 2022
WARNING: please, no spaces at the start of a line torvalds#249: FILE: mm/page-writeback.c:2089: + {$ ERROR: code indent should use tabs where possible torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ WARNING: please, no spaces at the start of a line torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ ERROR: code indent should use tabs where possible torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ WARNING: please, no spaces at the start of a line torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ ERROR: code indent should use tabs where possible torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ WARNING: please, no spaces at the start of a line torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ ERROR: code indent should use tabs where possible torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#257: FILE: mm/page-writeback.c:2097: + },$ WARNING: please, no spaces at the start of a line torvalds#258: FILE: mm/page-writeback.c:2098: + {$ ERROR: code indent should use tabs where possible torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ WARNING: please, no spaces at the start of a line torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ ERROR: code indent should use tabs where possible torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ WARNING: please, no spaces at the start of a line torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ ERROR: code indent should use tabs where possible torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ WARNING: please, no spaces at the start of a line torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ ERROR: code indent should use tabs where possible torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#265: FILE: mm/page-writeback.c:2105: + },$ WARNING: please, no spaces at the start of a line torvalds#266: FILE: mm/page-writeback.c:2106: + {$ ERROR: code indent should use tabs where possible torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ WARNING: please, no spaces at the start of a line torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ ERROR: code indent should use tabs where possible torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ WARNING: please, no spaces at the start of a line torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ ERROR: code indent should use tabs where possible torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ WARNING: please, no spaces at the start of a line torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ ERROR: code indent should use tabs where possible torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#274: FILE: mm/page-writeback.c:2114: + },$ WARNING: please, no spaces at the start of a line torvalds#275: FILE: mm/page-writeback.c:2115: + {$ ERROR: code indent should use tabs where possible torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ WARNING: please, no spaces at the start of a line torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ ERROR: code indent should use tabs where possible torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ WARNING: please, no spaces at the start of a line torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ ERROR: code indent should use tabs where possible torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ WARNING: please, no spaces at the start of a line torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ ERROR: code indent should use tabs where possible torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#282: FILE: mm/page-writeback.c:2122: + },$ WARNING: please, no spaces at the start of a line torvalds#283: FILE: mm/page-writeback.c:2123: + {$ ERROR: code indent should use tabs where possible torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ ERROR: code indent should use tabs where possible torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ WARNING: please, no spaces at the start of a line torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ ERROR: code indent should use tabs where possible torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ WARNING: please, no spaces at the start of a line torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ ERROR: code indent should use tabs where possible torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#289: FILE: mm/page-writeback.c:2129: + },$ WARNING: please, no spaces at the start of a line torvalds#290: FILE: mm/page-writeback.c:2130: + {$ ERROR: code indent should use tabs where possible torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ ERROR: code indent should use tabs where possible torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ WARNING: please, no spaces at the start of a line torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ ERROR: code indent should use tabs where possible torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ WARNING: please, no spaces at the start of a line torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ ERROR: code indent should use tabs where possible torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ WARNING: please, no spaces at the start of a line torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ ERROR: code indent should use tabs where possible torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#297: FILE: mm/page-writeback.c:2137: + },$ total: 37 errors, 49 warnings, 287 lines checked NOTE: For some of the reported defects, checkpatch may be able to mechanically convert to the typical style using --fix or --fix-inplace. NOTE: Whitespace errors detected. You may wish to use scripts/cleanpatch or scripts/cleanfile ./patches/mm-move-page-writeback-sysctls-to-is-own-file.patch has style problems, please review. NOTE: If any of the errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS. Please run checkpatch prior to sending patches Cc: Iurii Zaikin <[email protected]> Cc: Kees Cook <[email protected]> Cc: Luis Chamberlain <[email protected]> Cc: zhanglianjie <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Stephen Rothwell <[email protected]>
jonhunter
pushed a commit
to jonhunter/linux
that referenced
this pull request
Feb 15, 2022
WARNING: please, no spaces at the start of a line torvalds#249: FILE: mm/page-writeback.c:2089: + {$ ERROR: code indent should use tabs where possible torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ WARNING: please, no spaces at the start of a line torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ ERROR: code indent should use tabs where possible torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ WARNING: please, no spaces at the start of a line torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ ERROR: code indent should use tabs where possible torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ WARNING: please, no spaces at the start of a line torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ ERROR: code indent should use tabs where possible torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#257: FILE: mm/page-writeback.c:2097: + },$ WARNING: please, no spaces at the start of a line torvalds#258: FILE: mm/page-writeback.c:2098: + {$ ERROR: code indent should use tabs where possible torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ WARNING: please, no spaces at the start of a line torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ ERROR: code indent should use tabs where possible torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ WARNING: please, no spaces at the start of a line torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ ERROR: code indent should use tabs where possible torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ WARNING: please, no spaces at the start of a line torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ ERROR: code indent should use tabs where possible torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#265: FILE: mm/page-writeback.c:2105: + },$ WARNING: please, no spaces at the start of a line torvalds#266: FILE: mm/page-writeback.c:2106: + {$ ERROR: code indent should use tabs where possible torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ WARNING: please, no spaces at the start of a line torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ ERROR: code indent should use tabs where possible torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ WARNING: please, no spaces at the start of a line torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ ERROR: code indent should use tabs where possible torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ WARNING: please, no spaces at the start of a line torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ ERROR: code indent should use tabs where possible torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#274: FILE: mm/page-writeback.c:2114: + },$ WARNING: please, no spaces at the start of a line torvalds#275: FILE: mm/page-writeback.c:2115: + {$ ERROR: code indent should use tabs where possible torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ WARNING: please, no spaces at the start of a line torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ ERROR: code indent should use tabs where possible torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ WARNING: please, no spaces at the start of a line torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ ERROR: code indent should use tabs where possible torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ WARNING: please, no spaces at the start of a line torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ ERROR: code indent should use tabs where possible torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#282: FILE: mm/page-writeback.c:2122: + },$ WARNING: please, no spaces at the start of a line torvalds#283: FILE: mm/page-writeback.c:2123: + {$ ERROR: code indent should use tabs where possible torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ ERROR: code indent should use tabs where possible torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ WARNING: please, no spaces at the start of a line torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ ERROR: code indent should use tabs where possible torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ WARNING: please, no spaces at the start of a line torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ ERROR: code indent should use tabs where possible torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#289: FILE: mm/page-writeback.c:2129: + },$ WARNING: please, no spaces at the start of a line torvalds#290: FILE: mm/page-writeback.c:2130: + {$ ERROR: code indent should use tabs where possible torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ ERROR: code indent should use tabs where possible torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ WARNING: please, no spaces at the start of a line torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ ERROR: code indent should use tabs where possible torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ WARNING: please, no spaces at the start of a line torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ ERROR: code indent should use tabs where possible torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ WARNING: please, no spaces at the start of a line torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ ERROR: code indent should use tabs where possible torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#297: FILE: mm/page-writeback.c:2137: + },$ total: 37 errors, 49 warnings, 287 lines checked NOTE: For some of the reported defects, checkpatch may be able to mechanically convert to the typical style using --fix or --fix-inplace. NOTE: Whitespace errors detected. You may wish to use scripts/cleanpatch or scripts/cleanfile ./patches/mm-move-page-writeback-sysctls-to-is-own-file.patch has style problems, please review. NOTE: If any of the errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS. Please run checkpatch prior to sending patches Cc: Iurii Zaikin <[email protected]> Cc: Kees Cook <[email protected]> Cc: Luis Chamberlain <[email protected]> Cc: zhanglianjie <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Stephen Rothwell <[email protected]>
jonhunter
pushed a commit
to jonhunter/linux
that referenced
this pull request
Feb 16, 2022
WARNING: please, no spaces at the start of a line torvalds#249: FILE: mm/page-writeback.c:2089: + {$ ERROR: code indent should use tabs where possible torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ WARNING: please, no spaces at the start of a line torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ ERROR: code indent should use tabs where possible torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ WARNING: please, no spaces at the start of a line torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ ERROR: code indent should use tabs where possible torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ WARNING: please, no spaces at the start of a line torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ ERROR: code indent should use tabs where possible torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#257: FILE: mm/page-writeback.c:2097: + },$ WARNING: please, no spaces at the start of a line torvalds#258: FILE: mm/page-writeback.c:2098: + {$ ERROR: code indent should use tabs where possible torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ WARNING: please, no spaces at the start of a line torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ ERROR: code indent should use tabs where possible torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ WARNING: please, no spaces at the start of a line torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ ERROR: code indent should use tabs where possible torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ WARNING: please, no spaces at the start of a line torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ ERROR: code indent should use tabs where possible torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#265: FILE: mm/page-writeback.c:2105: + },$ WARNING: please, no spaces at the start of a line torvalds#266: FILE: mm/page-writeback.c:2106: + {$ ERROR: code indent should use tabs where possible torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ WARNING: please, no spaces at the start of a line torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ ERROR: code indent should use tabs where possible torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ WARNING: please, no spaces at the start of a line torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ ERROR: code indent should use tabs where possible torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ WARNING: please, no spaces at the start of a line torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ ERROR: code indent should use tabs where possible torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#274: FILE: mm/page-writeback.c:2114: + },$ WARNING: please, no spaces at the start of a line torvalds#275: FILE: mm/page-writeback.c:2115: + {$ ERROR: code indent should use tabs where possible torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ WARNING: please, no spaces at the start of a line torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ ERROR: code indent should use tabs where possible torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ WARNING: please, no spaces at the start of a line torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ ERROR: code indent should use tabs where possible torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ WARNING: please, no spaces at the start of a line torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ ERROR: code indent should use tabs where possible torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#282: FILE: mm/page-writeback.c:2122: + },$ WARNING: please, no spaces at the start of a line torvalds#283: FILE: mm/page-writeback.c:2123: + {$ ERROR: code indent should use tabs where possible torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ ERROR: code indent should use tabs where possible torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ WARNING: please, no spaces at the start of a line torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ ERROR: code indent should use tabs where possible torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ WARNING: please, no spaces at the start of a line torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ ERROR: code indent should use tabs where possible torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#289: FILE: mm/page-writeback.c:2129: + },$ WARNING: please, no spaces at the start of a line torvalds#290: FILE: mm/page-writeback.c:2130: + {$ ERROR: code indent should use tabs where possible torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ ERROR: code indent should use tabs where possible torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ WARNING: please, no spaces at the start of a line torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ ERROR: code indent should use tabs where possible torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ WARNING: please, no spaces at the start of a line torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ ERROR: code indent should use tabs where possible torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ WARNING: please, no spaces at the start of a line torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ ERROR: code indent should use tabs where possible torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#297: FILE: mm/page-writeback.c:2137: + },$ total: 37 errors, 49 warnings, 287 lines checked NOTE: For some of the reported defects, checkpatch may be able to mechanically convert to the typical style using --fix or --fix-inplace. NOTE: Whitespace errors detected. You may wish to use scripts/cleanpatch or scripts/cleanfile ./patches/mm-move-page-writeback-sysctls-to-is-own-file.patch has style problems, please review. NOTE: If any of the errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS. Please run checkpatch prior to sending patches Cc: Iurii Zaikin <[email protected]> Cc: Kees Cook <[email protected]> Cc: Luis Chamberlain <[email protected]> Cc: zhanglianjie <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Stephen Rothwell <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 24, 2022
WARNING: please, no spaces at the start of a line torvalds#249: FILE: mm/page-writeback.c:2089: + {$ ERROR: code indent should use tabs where possible torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ WARNING: please, no spaces at the start of a line torvalds#250: FILE: mm/page-writeback.c:2090: + .procname = "dirty_background_ratio",$ ERROR: code indent should use tabs where possible torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ WARNING: please, no spaces at the start of a line torvalds#251: FILE: mm/page-writeback.c:2091: + .data = &dirty_background_ratio,$ ERROR: code indent should use tabs where possible torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ WARNING: please, no spaces at the start of a line torvalds#252: FILE: mm/page-writeback.c:2092: + .maxlen = sizeof(dirty_background_ratio),$ ERROR: code indent should use tabs where possible torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#253: FILE: mm/page-writeback.c:2093: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#254: FILE: mm/page-writeback.c:2094: + .proc_handler = dirty_background_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#255: FILE: mm/page-writeback.c:2095: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#256: FILE: mm/page-writeback.c:2096: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#257: FILE: mm/page-writeback.c:2097: + },$ WARNING: please, no spaces at the start of a line torvalds#258: FILE: mm/page-writeback.c:2098: + {$ ERROR: code indent should use tabs where possible torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ WARNING: please, no spaces at the start of a line torvalds#259: FILE: mm/page-writeback.c:2099: + .procname = "dirty_background_bytes",$ ERROR: code indent should use tabs where possible torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ WARNING: please, no spaces at the start of a line torvalds#260: FILE: mm/page-writeback.c:2100: + .data = &dirty_background_bytes,$ ERROR: code indent should use tabs where possible torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ WARNING: please, no spaces at the start of a line torvalds#261: FILE: mm/page-writeback.c:2101: + .maxlen = sizeof(dirty_background_bytes),$ ERROR: code indent should use tabs where possible torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#262: FILE: mm/page-writeback.c:2102: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#263: FILE: mm/page-writeback.c:2103: + .proc_handler = dirty_background_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#264: FILE: mm/page-writeback.c:2104: + .extra1 = SYSCTL_LONG_ONE,$ WARNING: please, no spaces at the start of a line torvalds#265: FILE: mm/page-writeback.c:2105: + },$ WARNING: please, no spaces at the start of a line torvalds#266: FILE: mm/page-writeback.c:2106: + {$ ERROR: code indent should use tabs where possible torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ WARNING: please, no spaces at the start of a line torvalds#267: FILE: mm/page-writeback.c:2107: + .procname = "dirty_ratio",$ ERROR: code indent should use tabs where possible torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ WARNING: please, no spaces at the start of a line torvalds#268: FILE: mm/page-writeback.c:2108: + .data = &vm_dirty_ratio,$ ERROR: code indent should use tabs where possible torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ WARNING: please, no spaces at the start of a line torvalds#269: FILE: mm/page-writeback.c:2109: + .maxlen = sizeof(vm_dirty_ratio),$ ERROR: code indent should use tabs where possible torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#270: FILE: mm/page-writeback.c:2110: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ WARNING: please, no spaces at the start of a line torvalds#271: FILE: mm/page-writeback.c:2111: + .proc_handler = dirty_ratio_handler,$ ERROR: code indent should use tabs where possible torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#272: FILE: mm/page-writeback.c:2112: + .extra1 = SYSCTL_ZERO,$ ERROR: code indent should use tabs where possible torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#273: FILE: mm/page-writeback.c:2113: + .extra2 = SYSCTL_ONE_HUNDRED,$ WARNING: please, no spaces at the start of a line torvalds#274: FILE: mm/page-writeback.c:2114: + },$ WARNING: please, no spaces at the start of a line torvalds#275: FILE: mm/page-writeback.c:2115: + {$ ERROR: code indent should use tabs where possible torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ WARNING: please, no spaces at the start of a line torvalds#276: FILE: mm/page-writeback.c:2116: + .procname = "dirty_bytes",$ ERROR: code indent should use tabs where possible torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ WARNING: please, no spaces at the start of a line torvalds#277: FILE: mm/page-writeback.c:2117: + .data = &vm_dirty_bytes,$ ERROR: code indent should use tabs where possible torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ WARNING: please, no spaces at the start of a line torvalds#278: FILE: mm/page-writeback.c:2118: + .maxlen = sizeof(vm_dirty_bytes),$ ERROR: code indent should use tabs where possible torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#279: FILE: mm/page-writeback.c:2119: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ WARNING: please, no spaces at the start of a line torvalds#280: FILE: mm/page-writeback.c:2120: + .proc_handler = dirty_bytes_handler,$ ERROR: code indent should use tabs where possible torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#281: FILE: mm/page-writeback.c:2121: + .extra1 = (void *)&dirty_bytes_min,$ WARNING: please, no spaces at the start of a line torvalds#282: FILE: mm/page-writeback.c:2122: + },$ WARNING: please, no spaces at the start of a line torvalds#283: FILE: mm/page-writeback.c:2123: + {$ ERROR: code indent should use tabs where possible torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#284: FILE: mm/page-writeback.c:2124: + .procname = "dirty_writeback_centisecs",$ ERROR: code indent should use tabs where possible torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ WARNING: please, no spaces at the start of a line torvalds#285: FILE: mm/page-writeback.c:2125: + .data = &dirty_writeback_interval,$ ERROR: code indent should use tabs where possible torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ WARNING: please, no spaces at the start of a line torvalds#286: FILE: mm/page-writeback.c:2126: + .maxlen = sizeof(dirty_writeback_interval),$ ERROR: code indent should use tabs where possible torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#287: FILE: mm/page-writeback.c:2127: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#288: FILE: mm/page-writeback.c:2128: + .proc_handler = dirty_writeback_centisecs_handler,$ WARNING: please, no spaces at the start of a line torvalds#289: FILE: mm/page-writeback.c:2129: + },$ WARNING: please, no spaces at the start of a line torvalds#290: FILE: mm/page-writeback.c:2130: + {$ ERROR: code indent should use tabs where possible torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ WARNING: please, no spaces at the start of a line torvalds#291: FILE: mm/page-writeback.c:2131: + .procname = "dirty_expire_centisecs",$ ERROR: code indent should use tabs where possible torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ WARNING: please, no spaces at the start of a line torvalds#292: FILE: mm/page-writeback.c:2132: + .data = &dirty_expire_interval,$ ERROR: code indent should use tabs where possible torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ WARNING: please, no spaces at the start of a line torvalds#293: FILE: mm/page-writeback.c:2133: + .maxlen = sizeof(dirty_expire_interval),$ ERROR: code indent should use tabs where possible torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ WARNING: please, no spaces at the start of a line torvalds#294: FILE: mm/page-writeback.c:2134: + .mode = 0644,$ ERROR: code indent should use tabs where possible torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ WARNING: please, no spaces at the start of a line torvalds#295: FILE: mm/page-writeback.c:2135: + .proc_handler = proc_dointvec_minmax,$ ERROR: code indent should use tabs where possible torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#296: FILE: mm/page-writeback.c:2136: + .extra1 = SYSCTL_ZERO,$ WARNING: please, no spaces at the start of a line torvalds#297: FILE: mm/page-writeback.c:2137: + },$ total: 37 errors, 49 warnings, 287 lines checked NOTE: For some of the reported defects, checkpatch may be able to mechanically convert to the typical style using --fix or --fix-inplace. NOTE: Whitespace errors detected. You may wish to use scripts/cleanpatch or scripts/cleanfile ./patches/mm-move-page-writeback-sysctls-to-is-own-file.patch has style problems, please review. NOTE: If any of the errors are false positives, please report them to the maintainer, see CHECKPATCH in MAINTAINERS. Please run checkpatch prior to sending patches Cc: Iurii Zaikin <[email protected]> Cc: Kees Cook <[email protected]> Cc: Luis Chamberlain <[email protected]> Cc: zhanglianjie <[email protected]> Signed-off-by: Andrew Morton <[email protected]> Signed-off-by: Mark Brown <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Feb 28, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Mar 2, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Mar 2, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Mar 2, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Mar 2, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Mar 2, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Mar 2, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Mar 2, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Mar 2, 2022
commit a8abb0c upstream. When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected] Signed-off-by: Greg Kroah-Hartman <[email protected]>
DorianRudolph
pushed a commit
to DorianRudolph/linux
that referenced
this pull request
Mar 21, 2022
When both bpf_spin_lock and bpf_timer are present in a BPF map value, copy_map_value needs to skirt both objects when copying a value into and out of the map. However, the current code does not set both s_off and t_off in copy_map_value, which leads to a crash when e.g. bpf_spin_lock is placed in map value with bpf_timer, as bpf_map_update_elem call will be able to overwrite the other timer object. When the issue is not fixed, an overwriting can produce the following splat: [root@(none) bpf]# ./test_progs -t timer_crash [ 15.930339] bpf_testmod: loading out-of-tree module taints kernel. [ 16.037849] ================================================================== [ 16.038458] BUG: KASAN: user-memory-access in __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.038944] Write of size 8 at addr 0000000000043ec0 by task test_progs/325 [ 16.039399] [ 16.039514] CPU: 0 PID: 325 Comm: test_progs Tainted: G OE 5.16.0+ torvalds#278 [ 16.039983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ArchLinux 1.15.0-1 04/01/2014 [ 16.040485] Call Trace: [ 16.040645] <TASK> [ 16.040805] dump_stack_lvl+0x59/0x73 [ 16.041069] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.041427] kasan_report.cold+0x116/0x11b [ 16.041673] ? __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042040] __pv_queued_spin_lock_slowpath+0x32b/0x520 [ 16.042328] ? memcpy+0x39/0x60 [ 16.042552] ? pv_hash+0xd0/0xd0 [ 16.042785] ? lockdep_hardirqs_off+0x95/0xd0 [ 16.043079] __bpf_spin_lock_irqsave+0xdf/0xf0 [ 16.043366] ? bpf_get_current_comm+0x50/0x50 [ 16.043608] ? jhash+0x11a/0x270 [ 16.043848] bpf_timer_cancel+0x34/0xe0 [ 16.044119] bpf_prog_c4ea1c0f7449940d_sys_enter+0x7c/0x81 [ 16.044500] bpf_trampoline_6442477838_0+0x36/0x1000 [ 16.044836] __x64_sys_nanosleep+0x5/0x140 [ 16.045119] do_syscall_64+0x59/0x80 [ 16.045377] ? lock_is_held_type+0xe4/0x140 [ 16.045670] ? irqentry_exit_to_user_mode+0xa/0x40 [ 16.046001] ? mark_held_locks+0x24/0x90 [ 16.046287] ? asm_exc_page_fault+0x1e/0x30 [ 16.046569] ? asm_exc_page_fault+0x8/0x30 [ 16.046851] ? lockdep_hardirqs_on+0x7e/0x100 [ 16.047137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 16.047405] RIP: 0033:0x7f9e4831718d [ 16.047602] Code: b4 0c 00 0f 05 eb a9 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d b3 6c 0c 00 f7 d8 64 89 01 48 [ 16.048764] RSP: 002b:00007fff488086b8 EFLAGS: 00000206 ORIG_RAX: 0000000000000023 [ 16.049275] RAX: ffffffffffffffda RBX: 00007f9e48683740 RCX: 00007f9e4831718d [ 16.049747] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fff488086d0 [ 16.050225] RBP: 00007fff488086f0 R08: 00007fff488085d7 R09: 00007f9e4cb594a0 [ 16.050648] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f9e484cde30 [ 16.051124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 16.051608] </TASK> [ 16.051762] ================================================================== Fixes: 6813466 ("bpf: Add map side support for bpf timers.") Signed-off-by: Kumar Kartikeya Dwivedi <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Link: https://lore.kernel.org/bpf/[email protected]
intel-lab-lkp
pushed a commit
to intel-lab-lkp/linux
that referenced
this pull request
Apr 13, 2023
also extend prog_tests with a small retval test: values other than accept or drop (0, 1) will cause issues. NF_QUEUE could be implemented later if we can guarantee that attachment of such programs can be rejected if they get attached to a pf/hook that doesn't support async reinjection. NF_STOLEN could be implemented via trusted helpers that can guarantee that the skb will eventually be free'd. $ ./test_progs --allow=verifier_netfilter_retcode torvalds#278/1 verifier_netfilter_retcode/bpf_exit with invalid return code. test1:OK torvalds#278/2 verifier_netfilter_retcode/bpf_exit with valid return code. test2:OK torvalds#278/3 verifier_netfilter_retcode/bpf_exit with valid return code. test3:OK torvalds#278/4 verifier_netfilter_retcode/bpf_exit with invalid return code. test4:OK torvalds#278 verifier_netfilter_retcode:OK Signed-off-by: Florian Westphal <[email protected]>
intel-lab-lkp
pushed a commit
to intel-lab-lkp/linux
that referenced
this pull request
Apr 18, 2023
also extend prog_tests with a small retval test: values other than accept or drop (0, 1) will cause issues. NF_QUEUE could be implemented later if we can guarantee that attachment of such programs can be rejected if they get attached to a pf/hook that doesn't support async reinjection. NF_STOLEN could be implemented via trusted helpers that can guarantee that the skb will eventually be free'd. $ ./test_progs --allow=verifier_netfilter_retcode torvalds#278/1 verifier_netfilter_retcode/bpf_exit with invalid return code. test1:OK torvalds#278/2 verifier_netfilter_retcode/bpf_exit with valid return code. test2:OK torvalds#278/3 verifier_netfilter_retcode/bpf_exit with valid return code. test3:OK torvalds#278/4 verifier_netfilter_retcode/bpf_exit with invalid return code. test4:OK torvalds#278 verifier_netfilter_retcode:OK Signed-off-by: Florian Westphal <[email protected]>
intel-lab-lkp
pushed a commit
to intel-lab-lkp/linux
that referenced
this pull request
Apr 20, 2023
Extend prog_tests with two test cases: # ./test_progs --allow=verifier_netfilter_retcode torvalds#278/1 verifier_netfilter_retcode/bpf_exit with invalid return code. test1:OK torvalds#278/2 verifier_netfilter_retcode/bpf_exit with valid return code. test2:OK torvalds#278/3 verifier_netfilter_retcode/bpf_exit with valid return code. test3:OK torvalds#278/4 verifier_netfilter_retcode/bpf_exit with invalid return code. test4:OK torvalds#278 verifier_netfilter_retcode:OK This checks that only accept and drop (0,1) are permitted. NF_QUEUE could be implemented later if we can guarantee that attachment of such programs can be rejected if they get attached to a pf/hook that doesn't support async reinjection. NF_STOLEN could be implemented via trusted helpers that can guarantee that the skb will eventually be free'd. v4: test case for bpf_nf_ctx access checks, requested by Alexei Starovoitov. # ./test_progs --allow=verifier_netfilter_ctx torvalds#280/1 verifier_netfilter_ctx/netfilter invalid context access, size too short:OK torvalds#280/2 verifier_netfilter_ctx/netfilter invalid context access, size too short:OK torvalds#280/3 verifier_netfilter_ctx/netfilter invalid context access, past end of ctx:OK torvalds#280/4 verifier_netfilter_ctx/netfilter invalid context, write:OK torvalds#280/5 verifier_netfilter_ctx/netfilter valid context access:OK torvalds#280/6 verifier_netfilter_ctx/netfilter valid context access @unpriv:OK torvalds#280 verifier_netfilter_ctx:OK Summary: 1/6 PASSED, 0 SKIPPED, 0 FAILED This checks: 1/2: partial reads of ctx->{skb,state} are rejected 3. read access past sizeof(ctx) is rejected 4. write to ctx content, e.g. 'ctx->skb = NULL;' is rejected 5. ctx->skb and ctx->state can be read (valid case), but ... 6. ... same program fails for unpriv (CAP_NET_ADMIN needed). Link: https://lore.kernel.org/bpf/20230419021152.sjq4gttphzzy6b5f@dhcp-172-26-102-232.dhcp.thefacebook.com/ Signed-off-by: Florian Westphal <[email protected]>
intel-lab-lkp
pushed a commit
to intel-lab-lkp/linux
that referenced
this pull request
Apr 21, 2023
Extend prog_tests with two test cases: # ./test_progs --allow=verifier_netfilter_retcode torvalds#278/1 verifier_netfilter_retcode/bpf_exit with invalid return code. test1:OK torvalds#278/2 verifier_netfilter_retcode/bpf_exit with valid return code. test2:OK torvalds#278/3 verifier_netfilter_retcode/bpf_exit with valid return code. test3:OK torvalds#278/4 verifier_netfilter_retcode/bpf_exit with invalid return code. test4:OK torvalds#278 verifier_netfilter_retcode:OK This checks that only accept and drop (0,1) are permitted. NF_QUEUE could be implemented later if we can guarantee that attachment of such programs can be rejected if they get attached to a pf/hook that doesn't support async reinjection. NF_STOLEN could be implemented via trusted helpers that can guarantee that the skb will eventually be free'd. v4: test case for bpf_nf_ctx access checks, requested by Alexei Starovoitov. v5: also check ctx->{state,skb} can be dereferenced (Alexei). # ./test_progs --allow=verifier_netfilter_ctx torvalds#281/1 verifier_netfilter_ctx/netfilter invalid context access, size too short:OK torvalds#281/2 verifier_netfilter_ctx/netfilter invalid context access, size too short:OK torvalds#281/3 verifier_netfilter_ctx/netfilter invalid context access, past end of ctx:OK torvalds#281/4 verifier_netfilter_ctx/netfilter invalid context, write:OK torvalds#281/5 verifier_netfilter_ctx/netfilter valid context read and invalid write:OK torvalds#281/6 verifier_netfilter_ctx/netfilter test prog with skb and state read access:OK torvalds#281/7 verifier_netfilter_ctx/netfilter test prog with skb and state read access @unpriv:OK torvalds#281 verifier_netfilter_ctx:OK Summary: 1/7 PASSED, 0 SKIPPED, 0 FAILED This checks: 1/2: partial reads of ctx->{skb,state} are rejected 3. read access past sizeof(ctx) is rejected 4. write to ctx content, e.g. 'ctx->skb = NULL;' is rejected 5. ctx->state content cannot be altered 6. ctx->state and ctx->skb can be dereferenced 7. ... same program fails for unpriv (CAP_NET_ADMIN needed). Link: https://lore.kernel.org/bpf/20230419021152.sjq4gttphzzy6b5f@dhcp-172-26-102-232.dhcp.thefacebook.com/ Link: https://lore.kernel.org/bpf/[email protected]/ Signed-off-by: Florian Westphal <[email protected]>
ammarfaizi2
pushed a commit
to ammarfaizi2/linux-fork
that referenced
this pull request
Apr 21, 2023
Extend prog_tests with two test cases: # ./test_progs --allow=verifier_netfilter_retcode torvalds#278/1 verifier_netfilter_retcode/bpf_exit with invalid return code. test1:OK torvalds#278/2 verifier_netfilter_retcode/bpf_exit with valid return code. test2:OK torvalds#278/3 verifier_netfilter_retcode/bpf_exit with valid return code. test3:OK torvalds#278/4 verifier_netfilter_retcode/bpf_exit with invalid return code. test4:OK torvalds#278 verifier_netfilter_retcode:OK This checks that only accept and drop (0,1) are permitted. NF_QUEUE could be implemented later if we can guarantee that attachment of such programs can be rejected if they get attached to a pf/hook that doesn't support async reinjection. NF_STOLEN could be implemented via trusted helpers that can guarantee that the skb will eventually be free'd. v4: test case for bpf_nf_ctx access checks, requested by Alexei Starovoitov. v5: also check ctx->{state,skb} can be dereferenced (Alexei). # ./test_progs --allow=verifier_netfilter_ctx torvalds#281/1 verifier_netfilter_ctx/netfilter invalid context access, size too short:OK torvalds#281/2 verifier_netfilter_ctx/netfilter invalid context access, size too short:OK torvalds#281/3 verifier_netfilter_ctx/netfilter invalid context access, past end of ctx:OK torvalds#281/4 verifier_netfilter_ctx/netfilter invalid context, write:OK torvalds#281/5 verifier_netfilter_ctx/netfilter valid context read and invalid write:OK torvalds#281/6 verifier_netfilter_ctx/netfilter test prog with skb and state read access:OK torvalds#281/7 verifier_netfilter_ctx/netfilter test prog with skb and state read access @unpriv:OK torvalds#281 verifier_netfilter_ctx:OK Summary: 1/7 PASSED, 0 SKIPPED, 0 FAILED This checks: 1/2: partial reads of ctx->{skb,state} are rejected 3. read access past sizeof(ctx) is rejected 4. write to ctx content, e.g. 'ctx->skb = NULL;' is rejected 5. ctx->state content cannot be altered 6. ctx->state and ctx->skb can be dereferenced 7. ... same program fails for unpriv (CAP_NET_ADMIN needed). Link: https://lore.kernel.org/bpf/20230419021152.sjq4gttphzzy6b5f@dhcp-172-26-102-232.dhcp.thefacebook.com/ Link: https://lore.kernel.org/bpf/[email protected]/ Signed-off-by: Florian Westphal <[email protected]> Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Alexei Starovoitov <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
test
Signed-off-by: Peter Pan [email protected]