Backport of a similar change from commit 5ac9b4e935df ("lib/buildid: Handle memfd_secret() files in build_id_parse()") to address an issue where accessing secret memfd contents through build_id_parse() would trigger faults.
Original report and repro can be found in [0].
[0] https://lore.kernel.org/bpf/ZwyG8Uro%2FSyTXAni@ly-workstation/
This repro will cause BUG: unable to handle kernel paging request in build_id_parse in 5.15/6.1/6.6.
Some other discussions can be found in [1].
[1] https://lore.kernel.org/bpf/20241104175256.2327164-1-jolsa@kernel.org/T/#u
Cc: stable@vger.kernel.org Fixes: 88a16a130933 ("perf: Add build id data in mmap2 event") Signed-off-by: Chen Linxuan chenlinxuan@deepin.org --- lib/buildid.c | 6 ++++++ 1 file changed, 6 insertions(+)
diff --git a/lib/buildid.c b/lib/buildid.c index 9fc46366597e..b78d119ed1f7 100644 --- a/lib/buildid.c +++ b/lib/buildid.c @@ -157,6 +157,12 @@ int build_id_parse(struct vm_area_struct *vma, unsigned char *build_id, if (!vma->vm_file) return -EINVAL;
+#ifdef CONFIG_SECRETMEM + /* reject secretmem folios created with memfd_secret() */ + if (vma->vm_file->f_mapping->a_ops == &secretmem_aops) + return -EFAULT; +#endif + page = find_get_page(vma->vm_file->f_mapping, 0); if (!page) return -EFAULT; /* page not mapped */
On Thu, Mar 06, 2025 at 01:06:58PM +0800, Chen Linxuan wrote:
Backport of a similar change from commit 5ac9b4e935df ("lib/buildid: Handle memfd_secret() files in build_id_parse()") to address an issue where accessing secret memfd contents through build_id_parse() would trigger faults.
Original report and repro can be found in [0].
[0] https://lore.kernel.org/bpf/ZwyG8Uro%2FSyTXAni@ly-workstation/
This repro will cause BUG: unable to handle kernel paging request in build_id_parse in 5.15/6.1/6.6.
hi, so this patch is meant for one of 5.15/6.1/6.6?
if so you need to send it separately and add that to the subject, please check Documentation/process/stable-kernel-rules.rst
and you can check other stable kernel patches on the mailing list like [1][2]
thanks, jirka
[1] https://lore.kernel.org/bpf/20241206153403.273068-2-daniel@iogearbox.net/ [2] https://lore.kernel.org/bpf/20241104175256.2327164-3-jolsa@kernel.org/
Some other discussions can be found in [1].
[1] https://lore.kernel.org/bpf/20241104175256.2327164-1-jolsa@kernel.org/T/#u
Cc: stable@vger.kernel.org Fixes: 88a16a130933 ("perf: Add build id data in mmap2 event") Signed-off-by: Chen Linxuan chenlinxuan@deepin.org
lib/buildid.c | 6 ++++++ 1 file changed, 6 insertions(+)
diff --git a/lib/buildid.c b/lib/buildid.c index 9fc46366597e..b78d119ed1f7 100644 --- a/lib/buildid.c +++ b/lib/buildid.c @@ -157,6 +157,12 @@ int build_id_parse(struct vm_area_struct *vma, unsigned char *build_id, if (!vma->vm_file) return -EINVAL; +#ifdef CONFIG_SECRETMEM
- /* reject secretmem folios created with memfd_secret() */
- if (vma->vm_file->f_mapping->a_ops == &secretmem_aops)
return -EFAULT;+#endif
- page = find_get_page(vma->vm_file->f_mapping, 0); if (!page) return -EFAULT; /* page not mapped */
-- 2.48.1
[ Sasha's backport helper bot ]
Hi,
Summary of potential issues: ❌ Build failures detected ⚠️ Found matching upstream commit but patch is missing proper reference to it
Found matching upstream commit: 5ac9b4e935dfc6af41eee2ddc21deb5c36507a9f
WARNING: Author mismatch between patch and found commit: Backport author: Chen Linxuanchenlinxuan@deepin.org Commit author: Andrii Nakryikoandrii@kernel.org
Status in newer kernel trees: 6.6.y | Not found
Note: The patch differs from the upstream commit: --- Failed to apply patch cleanly. ---
Results of testing on various branches:
| Branch | Patch Apply | Build Test | |---------------------------|-------------|------------| | stable/linux-6.13.y | Failed | N/A | | stable/linux-6.12.y | Failed | N/A | | stable/linux-6.6.y | Success | Failed | | stable/linux-6.1.y | Success | Success | | stable/linux-5.15.y | Success | Success | | stable/linux-5.10.y | Failed | N/A | | stable/linux-5.4.y | Failed | N/A |
Build Errors: Patch failed to apply on stable/linux-6.13.y. Reject:
diff a/lib/buildid.c b/lib/buildid.c (rejected hunks) @@ -157,6 +157,12 @@ int build_id_parse(struct vm_area_struct *vma, unsigned char *build_id, if (!vma->vm_file) return -EINVAL;
+#ifdef CONFIG_SECRETMEM + /* reject secretmem folios created with memfd_secret() */ + if (vma->vm_file->f_mapping->a_ops == &secretmem_aops) + return -EFAULT; +#endif + page = find_get_page(vma->vm_file->f_mapping, 0); if (!page) return -EFAULT; /* page not mapped */ Patch failed to apply on stable/linux-6.12.y. Reject:
diff a/lib/buildid.c b/lib/buildid.c (rejected hunks) @@ -157,6 +157,12 @@ int build_id_parse(struct vm_area_struct *vma, unsigned char *build_id, if (!vma->vm_file) return -EINVAL;
+#ifdef CONFIG_SECRETMEM + /* reject secretmem folios created with memfd_secret() */ + if (vma->vm_file->f_mapping->a_ops == &secretmem_aops) + return -EFAULT; +#endif + page = find_get_page(vma->vm_file->f_mapping, 0); if (!page) return -EFAULT; /* page not mapped */ Build error for stable/linux-6.6.y: lib/buildid.c: In function 'build_id_parse': lib/buildid.c:162:48: error: 'secretmem_aops' undeclared (first use in this function) 162 | if (vma->vm_file->f_mapping->a_ops == &secretmem_aops) | ^~~~~~~~~~~~~~ lib/buildid.c:162:48: note: each undeclared identifier is reported only once for each function it appears in make[3]: *** [scripts/Makefile.build:243: lib/buildid.o] Error 1 lib/test_dhry.o: warning: objtool: dhry() falls through to next function dhry_run_set.cold() make[3]: Target 'lib/' not remade because of errors. make[2]: *** [scripts/Makefile.build:480: lib] Error 2 make[2]: Target './' not remade because of errors. make[1]: *** [/home/sasha/build/linus-next/Makefile:1916: .] Error 2 make[1]: Target '__all' not remade because of errors. make: *** [Makefile:234: __sub-make] Error 2 make: Target '__all' not remade because of errors.
Patch failed to apply on stable/linux-5.10.y but no reject information available. Patch failed to apply on stable/linux-5.4.y but no reject information available.
On Thu, 6 Mar 2025 13:06:58 +0800 Chen Linxuan chenlinxuan@deepin.org wrote:
Backport of a similar change from commit 5ac9b4e935df ("lib/buildid: Handle memfd_secret() files in build_id_parse()") to address an issue where accessing secret memfd contents through build_id_parse() would trigger faults.
Original report and repro can be found in [0].
[0] https://lore.kernel.org/bpf/ZwyG8Uro%2FSyTXAni@ly-workstation/
This repro will cause BUG: unable to handle kernel paging request in build_id_parse in 5.15/6.1/6.6.
...
--- a/lib/buildid.c +++ b/lib/buildid.c @@ -157,6 +157,12 @@ int build_id_parse(struct vm_area_struct *vma, unsigned char *build_id, if (!vma->vm_file) return -EINVAL; +#ifdef CONFIG_SECRETMEM
- /* reject secretmem folios created with memfd_secret() */
- if (vma->vm_file->f_mapping->a_ops == &secretmem_aops)
return -EFAULT;+#endif
- page = find_get_page(vma->vm_file->f_mapping, 0); if (!page) return -EFAULT; /* page not mapped */
Please redo this against a current kernel? build_id_parse() has changed a lot.
On Thu, Mar 06, 2025 at 03:08:11PM -0800, Andrew Morton wrote:
On Thu, 6 Mar 2025 13:06:58 +0800 Chen Linxuan chenlinxuan@deepin.org wrote:
Backport of a similar change from commit 5ac9b4e935df ("lib/buildid: Handle memfd_secret() files in build_id_parse()") to address an issue where accessing secret memfd contents through build_id_parse() would trigger faults.
Original report and repro can be found in [0].
[0] https://lore.kernel.org/bpf/ZwyG8Uro%2FSyTXAni@ly-workstation/
This repro will cause BUG: unable to handle kernel paging request in build_id_parse in 5.15/6.1/6.6.
...
--- a/lib/buildid.c +++ b/lib/buildid.c @@ -157,6 +157,12 @@ int build_id_parse(struct vm_area_struct *vma, unsigned char *build_id, if (!vma->vm_file) return -EINVAL; +#ifdef CONFIG_SECRETMEM
- /* reject secretmem folios created with memfd_secret() */
- if (vma->vm_file->f_mapping->a_ops == &secretmem_aops)
return -EFAULT;+#endif
- page = find_get_page(vma->vm_file->f_mapping, 0); if (!page) return -EFAULT; /* page not mapped */
Please redo this against a current kernel? build_id_parse() has changed a lot.
stable/linux-6.13.y and stable/linux-6.12.y has commit 5ac9b4e935df ("lib/buildid: Handle memfd_secret() files in build_id_parse()").
stable/linux-5.10.y and stable/linux-5.4.y do not have memfd_secret(2) feature, so this patch is not needed.
linux-stable-mirror@lists.linaro.org
-
Andrew Morton -
Chen Linxuan -
Jiri Olsa -
Sasha Levin