Skip to content
Permalink
Tree: 4bb25354f0
Commits on Oct 18, 2018
  1. kmsan: unpoison values coming from X86 special registers

    ramosian-glider committed Oct 10, 2018
    Fuzzing the kernel with KVM enabled leads to bug reports originating
    from these registers.
  2. kmsan: invert the assertions on preempt_count() in NMI hooks

    ramosian-glider committed Oct 10, 2018
    Looks like this code was never executed before we started running
    QEMU with -cpu=host.
  3. kmsan: proper vmalloc() support

    ramosian-glider committed Oct 10, 2018
    For each kernel vm_struct, create two vm_structs for shadow and origin
    pages backing it.
  4. kmsan: suppress false positives in KVM

    ramosian-glider committed Oct 8, 2018
    KMSAN doesn't see writes from inline asm directives and considers some
    locals uninitialized.
  5. kmsan: support non-contiguous shadow in kmsan_internal_check_memory()

    ramosian-glider committed Oct 5, 2018
    It's incorrect to assume that shadow pages of a memory location are
    contiguous, e.g. this isn't so in the case of a vmalloc()'ed region.
    Instead of checking the whole range starting from the shadow of the
    0th byte, calculate the new shadow for every page and check it.
  6. kmsan: force initialize the result of get_freepointer_safe()

    ramosian-glider committed Sep 27, 2018
    The uninitialized value returned by get_freepointer_safe() may be
    passed into CAS, where KMSAN will check it regardless of whether
    CAS failed or not.
  7. kmsan: fix kfree() of unallocated memory in kmsan_vmap()

    nefigtut authored and ramosian-glider committed Sep 23, 2018
    kfree(o_pages) can try to free an unallocated memory in case "if (!s_pages) goto err_free;" and
    o_pages contains garbage from a stack. fix this by initializing o_pages and s_pages, just in case.
    
    Reported-by: https://syzkaller.appspot.com/bug?id=ae239a8b52cf47d202f7ca93d3e861499f9dffcd
    Reported-by: https://syzkaller.appspot.com/text?tag=CrashReport&x=104ebce1400000
  8. kmsan, kcov: don't check atomic functions in kcov.c

    ramosian-glider committed Sep 21, 2018
    We don't instrument kernel/kcov.c, so checking the parameters of
    atomic functions called from it may cause false positives.
    Introduce KMSAN_CHECK_ATOMIC_PARAMS which can be defined to 0
    to disable those checks in atomic-instrumented.h
  9. kmsan: leftover bits for atomic instrumentation

    ramosian-glider committed Sep 20, 2018
    Add INIT_INT(), INIT_S64(), INIT_BOOL() helpers
  10. kmsan: instrument more of vdso

    ramosian-glider committed Sep 20, 2018
    Instrument everything except vgetcpu.c and vclock_gettime.c
    This is a prerequisite to instrumenting atomics (otherwise we'll get
    false positives), and also a good thing to do.
  11. kmsan: disable assembly implementations of crypto algorithms

    ramosian-glider committed Sep 17, 2018
    Instead of carpet unpoisoning in crypto_cipher_encrypt_one() and
    crypto_cipher_decrypt_one() done in 2a40ed8,
    just disable all the possible assembly implementations.
    This may still let us catch bugs in C-based crypto implementations.
  12. Temporarily revert "Revert "kmsan: don't track pages allocated by __d…

    ramosian-glider committed Sep 14, 2018
    …o_page_cache_readahead()""
    
    The original commit ("kmsan: don't track pages allocated by
    __do_page_cache_readahead()") masks real bugs, but otherwise we get too
    many false positives on syzbot.
    
    This reverts commit 1bba65d.
  13. Revert "kmsan: don't track pages allocated by __do_page_cache_readahe…

    ramosian-glider committed Sep 13, 2018
    …ad()"
    
    This reverts commit 1054a1b.
    It masks a real bug in reading /dev/nullb0
  14. kmsan: bail out from kmsan_copy_to_user() if there's nothing to check

    ramosian-glider committed Sep 12, 2018
    If the preceding copy_to_user() failed completely (e.g. because of
    EFAULT), we shouldn't try to check the buffer, because it may not exist
    at all.
Older
You can’t perform that action at this time.