On Thu, Mar 06, 2025 at 03:08:11PM -0800, Andrew Morton wrote:
On Thu, 6 Mar 2025 13:06:58 +0800 Chen Linxuan chenlinxuan@deepin.org wrote:
Backport of a similar change from commit 5ac9b4e935df ("lib/buildid: Handle memfd_secret() files in build_id_parse()") to address an issue where accessing secret memfd contents through build_id_parse() would trigger faults.
Original report and repro can be found in [0].
[0] https://lore.kernel.org/bpf/ZwyG8Uro%2FSyTXAni@ly-workstation/
This repro will cause BUG: unable to handle kernel paging request in build_id_parse in 5.15/6.1/6.6.
...
--- a/lib/buildid.c +++ b/lib/buildid.c @@ -157,6 +157,12 @@ int build_id_parse(struct vm_area_struct *vma, unsigned char *build_id, if (!vma->vm_file) return -EINVAL; +#ifdef CONFIG_SECRETMEM
- /* reject secretmem folios created with memfd_secret() */
- if (vma->vm_file->f_mapping->a_ops == &secretmem_aops)
return -EFAULT;+#endif
- page = find_get_page(vma->vm_file->f_mapping, 0); if (!page) return -EFAULT; /* page not mapped */
Please redo this against a current kernel? build_id_parse() has changed a lot.
stable/linux-6.13.y and stable/linux-6.12.y has commit 5ac9b4e935df ("lib/buildid: Handle memfd_secret() files in build_id_parse()").
stable/linux-5.10.y and stable/linux-5.4.y do not have memfd_secret(2) feature, so this patch is not needed.