android_kernel_xiaomi_sm8450

History

Haibo Li 632c2199e5 kasan: print the original fault addr when access invalid shadow commit babddbfb7d7d70ae7f10fedd75a45d8ad75fdddf upstream. when the checked address is illegal,the corresponding shadow address from kasan_mem_to_shadow may have no mapping in mmu table. Access such shadow address causes kernel oops. Here is a sample about oops on arm64(VA 39bit) with KASAN_SW_TAGS and KASAN_OUTLINE on: [ffffffb80aaaaaaa] pgd=000000005d3ce003, p4d=000000005d3ce003, pud=000000005d3ce003, pmd=0000000000000000 Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP Modules linked in: CPU: 3 PID: 100 Comm: sh Not tainted 6.6.0-rc1-dirty #43 Hardware name: linux,dummy-virt (DT) pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __hwasan_load8_noabort+0x5c/0x90 lr : do_ib_ob+0xf4/0x110 ffffffb80aaaaaaa is the shadow address for efffff80aaaaaaaa. The problem is reading invalid shadow in kasan_check_range. The generic kasan also has similar oops. It only reports the shadow address which causes oops but not the original address. Commit 2f004eea0fc8("x86/kasan: Print original address on #GP") introduce to kasan_non_canonical_hook but limit it to KASAN_INLINE. This patch extends it to KASAN_OUTLINE mode. Link: https://lkml.kernel.org/r/20231009073748.159228-1-haibo.li@mediatek.com Fixes: 2f004eea0fc8("x86/kasan: Print original address on #GP") Signed-off-by: Haibo Li <haibo.li@mediatek.com> Reviewed-by: Andrey Konovalov <andreyknvl@gmail.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Haibo Li <haibo.li@mediatek.com> Cc: Matthias Brugger <matthias.bgg@gmail.com> Cc: Vincenzo Frascino <vincenzo.frascino@arm.com> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2023-11-08 17:30:43 +01:00
..
acpi	ACPI: APEI: explicit init of HEST and GHES in apci_init()	2023-09-19 12:20:28 +02:00
asm-generic	word-at-a-time: use the same return type for has_zero regardless of endianness	2023-08-11 11:57:47 +02:00
clocksource	clocksource/drivers/timer-ti-dm: Save and restore timer TIOCP_CFG	2021-07-14 16:56:12 +02:00
crypto	crypto: api - Use work queue in crypto_destroy_instance	2023-09-19 12:20:08 +02:00
drm	drm/connector: Add support for out-of-band hotplug notification (v3)	2023-10-25 11:54:22 +02:00
dt-bindings	dt-bindings: iio: add AD74413R	2023-08-26 15:26:47 +02:00
keys	certs: Add EFI_CERT_X509_GUID support for dbx entries	2021-06-30 08:47:30 -04:00
kunit	kunit: fix display of failed expectations for strings	2020-11-10 13:45:15 -07:00
kvm	ARM:	2020-10-23 11:17:56 -07:00
linux	kasan: print the original fault addr when access invalid shadow	2023-11-08 17:30:43 +01:00
math-emu
media	media: v4l2-mem2mem: add lock to protect parameter num_rdy	2023-08-26 15:26:44 +02:00
memory	memory: renesas-rpc-if: Fix HF/OSPI data transfer in Manual Mode	2022-05-09 09:05:02 +02:00
misc
net	Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name	2023-10-25 11:54:26 +02:00
pcmcia
ras	mm,hwpoison: introduce MF_MSG_UNSPLIT_THP	2020-10-16 11:11:17 -07:00
rdma	RDMA/cma: Always set static rate to 0 for RoCE	2023-06-21 15:45:39 +02:00
scsi	scsi: core: Use 32-bit hostnum in scsi_host_lookup()	2023-09-19 12:20:19 +02:00
soc	firmware: raspberrypi: Introduce devm_rpi_firmware_get()	2023-05-17 11:48:02 +02:00
sound	ASoC: soc-pcm: test if a BE can be prepared	2023-06-21 15:45:36 +02:00
target	scsi: target: Fix multiple LUN_RESET handling	2023-05-17 11:47:48 +02:00
trace	neighbor: tracing: Move pin6 inside CONFIG_IPV6=y section	2023-10-25 11:54:20 +02:00
uapi	gtp: uapi: fix GTPA_MAX	2023-11-08 17:30:43 +01:00
vdso
video	video: of_display_timing.h: include errno.h	2022-07-12 16:32:19 +02:00
xen	ACPI: processor: Fix evaluating _PDC method when running as Xen dom0	2023-05-17 11:47:42 +02:00