Re: sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

On Mon, Jan 16, 2017 at 6:56 AM, Dmitry Vyukov wrote: > On Mon, Jan 16, 2017 at 3:50 PM, David Laight wrote: >> From: Dmitry Vyukov >>> Sent: 16 January 2017 14:04 >>> >> >> I've enabled CONFIG_HARDENED_USERCOPY_PAGESPAN on syzkaller fuzzer and >> ...

Re: sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

On Mon, Jan 16, 2017 at 6:56 AM, Dmitry Vyukov wrote: > On Mon, Jan 16, 2017 at 3:50 PM, David Laight wrote: >> From: Dmitry Vyukov >>> Sent: 16 January 2017 14:04 >>> >> >> I've enabled CONFIG_HARDENED_USERCOPY_PAGESPAN on syzkaller fuzzer and >> ... >>> >> The code also takes into account

Re: sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

On Mon, Jan 16, 2017 at 3:50 PM, David Laight wrote: > From: Dmitry Vyukov >> Sent: 16 January 2017 14:04 >> >> >> I've enabled CONFIG_HARDENED_USERCOPY_PAGESPAN on syzkaller fuzzer and > ... >> >> The code also takes into account compound pages. As far as I >> >>

Re: sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

On Mon, Jan 16, 2017 at 3:50 PM, David Laight wrote: > From: Dmitry Vyukov >> Sent: 16 January 2017 14:04 >> >> >> I've enabled CONFIG_HARDENED_USERCOPY_PAGESPAN on syzkaller fuzzer and > ... >> >> The code also takes into account compound pages. As far as I >> >> understand the intention of the

RE: sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

From: Dmitry Vyukov > Sent: 16 January 2017 14:04 > >> >> I've enabled CONFIG_HARDENED_USERCOPY_PAGESPAN on syzkaller fuzzer and ... > >> The code also takes into account compound pages. As far as I > >> understand the intention of the check is to effectively find > >> out-of-bounds copies (e.g.

RE: sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

From: Dmitry Vyukov > Sent: 16 January 2017 14:04 > >> >> I've enabled CONFIG_HARDENED_USERCOPY_PAGESPAN on syzkaller fuzzer and ... > >> The code also takes into account compound pages. As far as I > >> understand the intention of the check is to effectively find > >> out-of-bounds copies (e.g.

Re: sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

On Mon, Jan 16, 2017 at 2:57 PM, Neil Horman wrote: > On Mon, Jan 16, 2017 at 08:11:40AM +0100, Dmitry Vyukov wrote: >> On Sun, Jan 15, 2017 at 9:35 PM, Neil Horman wrote: >> > On Sun, Jan 15, 2017 at 06:29:59PM +0100, Dmitry Vyukov wrote: >> >>

Re: sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

On Mon, Jan 16, 2017 at 2:57 PM, Neil Horman wrote: > On Mon, Jan 16, 2017 at 08:11:40AM +0100, Dmitry Vyukov wrote: >> On Sun, Jan 15, 2017 at 9:35 PM, Neil Horman wrote: >> > On Sun, Jan 15, 2017 at 06:29:59PM +0100, Dmitry Vyukov wrote: >> >> Hello, >> >> >> >> I've enabled

Re: sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

On Mon, Jan 16, 2017 at 08:11:40AM +0100, Dmitry Vyukov wrote: > On Sun, Jan 15, 2017 at 9:35 PM, Neil Horman wrote: > > On Sun, Jan 15, 2017 at 06:29:59PM +0100, Dmitry Vyukov wrote: > >> Hello, > >> > >> I've enabled CONFIG_HARDENED_USERCOPY_PAGESPAN on syzkaller fuzzer

Re: sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

On Mon, Jan 16, 2017 at 08:11:40AM +0100, Dmitry Vyukov wrote: > On Sun, Jan 15, 2017 at 9:35 PM, Neil Horman wrote: > > On Sun, Jan 15, 2017 at 06:29:59PM +0100, Dmitry Vyukov wrote: > >> Hello, > >> > >> I've enabled CONFIG_HARDENED_USERCOPY_PAGESPAN on syzkaller fuzzer and > >> now I am seeing

Re: sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

On Sun, Jan 15, 2017 at 9:35 PM, Neil Horman wrote: > On Sun, Jan 15, 2017 at 06:29:59PM +0100, Dmitry Vyukov wrote: >> Hello, >> >> I've enabled CONFIG_HARDENED_USERCOPY_PAGESPAN on syzkaller fuzzer and >> now I am seeing lots of: >> > If I'm not mistaken, its because

Re: sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

On Sun, Jan 15, 2017 at 9:35 PM, Neil Horman wrote: > On Sun, Jan 15, 2017 at 06:29:59PM +0100, Dmitry Vyukov wrote: >> Hello, >> >> I've enabled CONFIG_HARDENED_USERCOPY_PAGESPAN on syzkaller fuzzer and >> now I am seeing lots of: >> > If I'm not mistaken, its because thats specifically what

Re: sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

On Sun, Jan 15, 2017 at 06:29:59PM +0100, Dmitry Vyukov wrote: > Hello, > > I've enabled CONFIG_HARDENED_USERCOPY_PAGESPAN on syzkaller fuzzer and > now I am seeing lots of: > If I'm not mistaken, its because thats specifically what that option does. From the Kconfig: onfig

Re: sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

On Sun, Jan 15, 2017 at 06:29:59PM +0100, Dmitry Vyukov wrote: > Hello, > > I've enabled CONFIG_HARDENED_USERCOPY_PAGESPAN on syzkaller fuzzer and > now I am seeing lots of: > If I'm not mistaken, its because thats specifically what that option does. From the Kconfig: onfig

sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

Hello, I've enabled CONFIG_HARDENED_USERCOPY_PAGESPAN on syzkaller fuzzer and now I am seeing lots of: usercopy: kernel memory overwrite attempt detected to 8801a74f6f10 () (256 bytes) kernel BUG at mm/usercopy.c:75! invalid opcode: [#1] SMP KASAN Dumping ftrace buffer: (ftrace

sctp: kernel memory overwrite attempt detected in sctp_getsockopt_assoc_stats

Hello, I've enabled CONFIG_HARDENED_USERCOPY_PAGESPAN on syzkaller fuzzer and now I am seeing lots of: usercopy: kernel memory overwrite attempt detected to 8801a74f6f10 () (256 bytes) kernel BUG at mm/usercopy.c:75! invalid opcode: [#1] SMP KASAN Dumping ftrace buffer: (ftrace