From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C5936D1713E for ; Tue, 22 Oct 2024 03:39:54 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 55ABA6B0088; Mon, 21 Oct 2024 23:39:54 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 50B566B0089; Mon, 21 Oct 2024 23:39:54 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3F9A96B008C; Mon, 21 Oct 2024 23:39:54 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 22EFD6B0088 for ; Mon, 21 Oct 2024 23:39:54 -0400 (EDT) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 7DE931C7494 for ; Tue, 22 Oct 2024 03:39:35 +0000 (UTC) X-FDA: 82699833720.06.152D5DB Received: from mail-pj1-f47.google.com (mail-pj1-f47.google.com [209.85.216.47]) by imf24.hostedemail.com (Postfix) with ESMTP id 52B0D180011 for ; Tue, 22 Oct 2024 03:39:49 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=RgEEcA1+; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf24.hostedemail.com: domain of ritesh.list@gmail.com designates 209.85.216.47 as permitted sender) smtp.mailfrom=ritesh.list@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1729568281; a=rsa-sha256; cv=none; b=YVjv2MaNfScrrPhrfbFgQvqRGiKnxFAVXoMv4fhQGtG8QAstm1Z/tInixWtJmpA8hYx9wv L5eeTLapizs5epJxIZpynGV0ENY56PUIZCKXWNexAUs/HnxQeTkg7P8dxbV1jWDaylTnq/ OoxjTGuntsmkaP7+Edx3Q1qEVwqUKXc= ARC-Authentication-Results: i=1; imf24.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=RgEEcA1+; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf24.hostedemail.com: domain of ritesh.list@gmail.com designates 209.85.216.47 as permitted sender) smtp.mailfrom=ritesh.list@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1729568281; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references:dkim-signature; bh=spsaMZsKCVaR6klXBbr2ISPdVYP/2QLSe1/E8O7xM2w=; b=WtPmDutd4559OzUGwmXK3KPiZKQyp7q0hST11L6CulAOteQ7UFeGAT750diY0eKoVcuznI CvtMdEqJmK37j0rrtncbDuLyhBpAL7dwfwGkvepsNDjl+hkPUOPqmy56dUiJcPBhdJsuym 8uAYMf2uAJ5oRHDJli5bjoiTPOtTfRk= Received: by mail-pj1-f47.google.com with SMTP id 98e67ed59e1d1-2e59746062fso1747408a91.2 for ; Mon, 21 Oct 2024 20:39:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1729568390; x=1730173190; darn=kvack.org; h=references:message-id:date:in-reply-to:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=spsaMZsKCVaR6klXBbr2ISPdVYP/2QLSe1/E8O7xM2w=; b=RgEEcA1+eD9sOfleFbG0SC60NLtjAYQmGjWb2oSQ7qsLeuz3mmrSq/AAfJ8BU0Yspo IahfwkK+bDXRKryOt6JjHfMeFYVpI0YSFh5MujlHPkSUGD5I9BcdyL0vgvYbY2I1FDrV vWqdJG6Lrx1hvX+YiYMVbLQcEfdv5DOfz/Ken6n5dy8OP9evfoN4waWP/E5OZGJ7iiwq FsdvEVcGv5lppi6a6pOzB5t16sKIKASF2SNwidz/LB4N0ibDKHUpKN9ZGNBbvVrmqQcH 2gAv2lhXaXk1paKIl+htS6EEqGmV9lOsVmXFRtt4wgz+jYuxVTYQHm7QiIqO001+dp0B HZuQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1729568390; x=1730173190; h=references:message-id:date:in-reply-to:subject:cc:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=spsaMZsKCVaR6klXBbr2ISPdVYP/2QLSe1/E8O7xM2w=; b=nkoZKC2fTnJdNWbq+YaZXY+PwMkZmRqoIOavzppjITaXmVSk2sLrp7jIJsLfzVskeg +p8ai4xUqvPp2l6Gh7beMRPCl2IleNQnNE59+D/zkcYXBz44883vlfbUuy07Ba+O52I+ Gi1iaIgjh+3Ytftwh/wdtyoB2Mw3LXMJugvt1QAFCYFIJFpnw+X7cKoHhxsgK50NQts5 Uc3lvWETXb4q+wZ/C2w+eRpShMizblTC7ggNlqvCqx5NGNwUMzO7sg4VnsH6OS+UK7VF YpE5aUgtz0cSPhTvBo/a/tYPsr+rLQh+KKYJq6iW7RYFNrQw9u06Wfm4rho0/oMwSBeU 1JhQ== X-Forwarded-Encrypted: i=1; AJvYcCUFuwpOO3FEHWVs6m994EZ9M/7DgWef+dICdMcbYP3KtF4rksGBq0gopUkW1o4ugdZ0p2lUarM5eQ==@kvack.org X-Gm-Message-State: AOJu0YwpWlWTuOtxcu5BW6JUvtP6Wvhs4ODDHhAFmBXGnj4kX1r5rnGM Qse9jIMnRcrakzw/aelNmNIeDWfvDyQIrOUiBaw/c5ECqerEMn4r X-Google-Smtp-Source: AGHT+IGddUf1mPCsPCWffBNPDtLWSUehvxpbptM8hcCGx+md9aZqciN7QKYEXR3bow3OQyfazrO4aw== X-Received: by 2002:a17:90a:ac1:b0:2e5:e43a:1413 with SMTP id 98e67ed59e1d1-2e5e43a16dcmr348166a91.9.1729568390362; Mon, 21 Oct 2024 20:39:50 -0700 (PDT) Received: from dw-tp ([171.76.85.20]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2e5ad25cb7asm4873339a91.9.2024.10.21.20.39.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 21 Oct 2024 20:39:49 -0700 (PDT) From: Ritesh Harjani (IBM) To: Michael Ellerman , linuxppc-dev@lists.ozlabs.org Cc: kasan-dev@googlegroups.com, linux-mm@kvack.org, Marco Elver , Alexander Potapenko , Heiko Carstens , Nicholas Piggin , Madhavan Srinivasan , Christophe Leroy , Hari Bathini , "Aneesh Kumar K . V" , Donet Tom , Pavithra Prakash , LKML , Disha Goel Subject: Re: [PATCH v3 01/12] powerpc: mm/fault: Fix kfence page fault reporting In-Reply-To: <87plnsoo2y.fsf@mail.lhotse> Date: Tue, 22 Oct 2024 08:39:05 +0530 Message-ID: <87o73cygtq.fsf@gmail.com> References: <87plnsoo2y.fsf@mail.lhotse> X-Rspamd-Queue-Id: 52B0D180011 X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: yszatz79w36ztuubumriaryy1cdmuakj X-HE-Tag: 1729568389-208449 X-HE-Meta: U2FsdGVkX1+JyGEwO1Iq+yNolzY207wK5JKy+hDxtrFyIWm4YsvT5XjjhXOdL8I3UbPqBvXi2bVp+QZNfflmwqOlbWqxvTyGdNW3PB6cYplEU6CpgQ0BX4tOffKfc0AJ8jAGRh1FX3xlgpoYfvNZFM0tnc8xXtzU675PrT6E3lvNuw/hdbPldgqY8z9Tm7rxvkqUFnNCY99yqMcsJRcA5sE+mBxO0x/E74Et8LQj5UWk0X/P0trrPOLQpAVN/rgmF1ka8ABdpRKurAcjXQMKkFvoQ0s8B6dkJa69bP8CWc6k7i/hJsmDCe4Oq7Q6BEfj2unE88v7+yET9vPyelrPL5XH04PhAvJI1vrApFwJa9QgZUTa/oJW22aR2OyVH7qu0eLO6Sgr+AJ0Qa1hvsPZAcNKdzsCrFf5G0msUfiKEfXbWhgC2AC0yakXsfGfRM3MpL/1Bw+kWh1z6LaaAXvzRTsh1HxUzNSIL0WKYPzD0mhmWbpuxLHlk0mAF1UtLNivWJDtTQXxGUdwIfSaRm+xs897WXCws+Ai7LHbZ2eTG4ybmLkYI3TWcYB2eB/Gg7bVXFgvxjNkt5RWepHO4GkpZL6Bojd4pbdeXUyVGtTp/6A+s3kKvzyB2k316+3PJu87HViFRQn9NuoGZ819nikJxujYMEPr9YblPVPVHFt8y11WtfiFUbdag/AbeTiYgAGvlGF12UASytNeK/GvJ/bNoPfCwuhU2VA9kMsxiQ5mpshDMQB5UixJXrA9agzcCdmzJdKXE0U5+vVLx49ZymZMRMBLYEeWiBNklHU7slAU9Z2QEEQnYNwkGxzxDEN74S042wUWN0MUyAL2FZDw6BjLxNvzHtBEnXahINQ0ESIgoK5we0obBo2qbqIfvhv6FwC1q/zmJ7aV/wT9s4w/OGGGcvPAU/NcKBWhfKw3UObqN2XqGICYn5icUH497uEe9sNVYyNLdexle1nbOxLQ7Z2 6/Dwu1wk 7LTqoDKI04sA6Kb2bmWeODFVFOdjmb9inXjUEw44Uke/56PT4TQA1eVQPXtj6bo8OSeVR0DJDnK++PALV2NNdqQwLU3U5Ls48dRjLdqn9bQg7l970/3+12UFJ0a/58iO2a5Lo/wI+FXQJb2yWBC/k9R88t/K9qUwytTmd2RYodS17TchXMgi9xbOmDx9pDcef3I3Q+6yBmGmevPVwXjdYKnnYOTzk66/Y9chFOONKAs+8+xZ9rBH1lJiPgO45VaWwFE9cH2rS46sG/LqSaodXKgFwog9nWOmBSorO4HUaYuh2pcgVVfYqE8Sz9rx/iE8EWok7g1lUd0FJmm3fUGUYsXhSFgPkcn5zwmAY3WBZxLDJHQpl6HEKrTaQDkbM2AhqSNwbyc7uox4ce2SOObjBNbmNDak9lHsH0NAl X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Michael Ellerman writes: > Hi Ritesh, > > "Ritesh Harjani (IBM)" writes: >> copy_from_kernel_nofault() can be called when doing read of /proc/kcore. >> /proc/kcore can have some unmapped kfence objects which when read via >> copy_from_kernel_nofault() can cause page faults. Since *_nofault() >> functions define their own fixup table for handling fault, use that >> instead of asking kfence to handle such faults. >> >> Hence we search the exception tables for the nip which generated the >> fault. If there is an entry then we let the fixup table handler handle the >> page fault by returning an error from within ___do_page_fault(). >> >> This can be easily triggered if someone tries to do dd from /proc/kcore. >> dd if=/proc/kcore of=/dev/null bs=1M >> >> >> =============================== >> BUG: KFENCE: invalid read in copy_from_kernel_nofault+0xb0/0x1c8 >> Invalid read at 0x000000004f749d2e: >> copy_from_kernel_nofault+0xb0/0x1c8 >> 0xc0000000057f7950 >> read_kcore_iter+0x41c/0x9ac >> proc_reg_read_iter+0xe4/0x16c >> vfs_read+0x2e4/0x3b0 >> ksys_read+0x88/0x154 >> system_call_exception+0x124/0x340 >> system_call_common+0x160/0x2c4 > > I haven't been able to reproduce this. Can you give some more details on > the exact machine/kernel-config/setup where you saw this? w/o this patch I am able to hit this on book3s64 with both Radix and Hash. I believe these configs should do the job. We should be able to reproduce it on qemu and/or LPAR or baremetal. root-> cat .out-ppc/.config |grep -i KFENCE CONFIG_HAVE_ARCH_KFENCE=y CONFIG_KFENCE=y CONFIG_KFENCE_SAMPLE_INTERVAL=100 CONFIG_KFENCE_NUM_OBJECTS=255 # CONFIG_KFENCE_DEFERRABLE is not set # CONFIG_KFENCE_STATIC_KEYS is not set CONFIG_KFENCE_STRESS_TEST_FAULTS=0 CONFIG_KFENCE_KUNIT_TEST=y root-> cat .out-ppc/.config |grep -i KCORE CONFIG_PROC_KCORE=y root-> cat .out-ppc/.config |grep -i KUNIT CONFIG_KFENCE_KUNIT_TEST=y CONFIG_KUNIT=y CONFIG_KUNIT_DEFAULT_ENABLED=y Then doing running dd like below can hit the issue. Maybe let it run for few mins and see? ~ # dd if=/proc/kcore of=/dev/null bs=1M Otherwise running this kfence kunit test also can reproduce the same bug [1]. Above configs have kfence kunit config shown as well which will run during boot time itself. [1]: https://lore.kernel.org/linuxppc-dev/210e561f7845697a32de44b643393890f180069f.1729272697.git.ritesh.list@gmail.com/ Note: This was originally reported internally in which the tester was doing - perf test 'Object code reading' [2] [2]: https://github.com/torvalds/linux/blob/master/tools/perf/tests/code-reading.c#L737 Thanks for looking into this. Let me know if this helped. -ritesh