[syzbot] WARNING in unsafe_follow_pfn
Dmitry Vyukov
dvyukov at google.com
Tue Apr 13 18:27:57 UTC 2021
On Tue, Apr 13, 2021 at 8:11 PM Jason Gunthorpe <jgg at ziepe.ca> wrote:
>
> On Tue, Apr 13, 2021 at 07:20:12PM +0200, Dmitry Vyukov wrote:
> > > > Plus users are going to be seeing this as well. According to the commit
> > > > message for 69bacee7f9ad ("mm: Add unsafe_follow_pfn") "Unfortunately
> > > > there's some users where this is not fixable (like v4l userptr of iomem
> > > > mappings)". It sort of seems crazy to dump this giant splat and then
> > > > tell users to ignore it forever because it can't be fixed... 0_0
> > >
> > > I think the discussion conclusion was that this interface should not
> > > be used by userspace anymore, it is obsolete by some new interface?
> > >
> > > It should be protected by some kconfig and the kconfig should be
> > > turned off for syzkaller runs.
> >
> > If this is not a kernel bug, then it must not use WARN_ON[_ONCE]. It
> > makes the kernel untestable for both automated systems and humans:
>
> It is a kernel security bug triggerable by userspace.
>
> > And if it's a kernel bug reachable from user-space, then I think this
> > code should be removed entirely, not just on all testing systems. Or
> > otherwise if we are not removing it for some reason, then it needs to
> > be fixed.
>
> Legacy embedded systems apparently require it.
>
> It should be blocked by a kconfig. Distributions and syzkaller runs
> should not enable that kconfig. What else can we do for insane uapi?
I see. Adding a config gives at least some path forward, so if there
are no better options, that's do that. If we default it to 'n' and add
a bold warning in the description, it may work.
More information about the Linux-security-module-archive
mailing list