From patchwork Fri Mar 14 06:40:12 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chen Linxuan X-Patchwork-Id: 14016337 Received: from smtpbgau1.qq.com (smtpbgau1.qq.com [54.206.16.166]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E637E78F4E; Fri, 14 Mar 2025 06:40:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=54.206.16.166 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741934452; cv=none; b=eWif0nqnUlW5/LJwkhYix3+Ppa/WWwhliDrpzcNUD8mn+2BETJpaoBVzL9JekgyGUHFId7Mw9pz+Qy0qpmi/8oJgxBAH7k1gxt6JI7dY8nOMj3Hb/wP3IJYHkA5+SIahnd6xz+PaBTO+/5qV6PHnDDsOsJwkct+KbA+ZWgyrPx0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741934452; c=relaxed/simple; bh=1/P245BJsOOizxZd8xVholcTcwS3i4f6zEkYxyH+TzU=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=h1XmEBGxfzJ8SrvlQkqaGEKyR7yaTFbGMly/FYi5UuEomhoPxruXALToS7psdp0l+IwHInXoTqty5+dAPXxy8exQxrdWLdOG/SKmq/oLYmLhNeABOLq09soLwffJxe4MUmLx1GbejlYxqIiZnH6OsSKUfWivKQv/yPQnM4igLEc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=deepin.org; spf=pass smtp.mailfrom=deepin.org; dkim=pass (1024-bit key) header.d=deepin.org header.i=@deepin.org header.b=ygBjTxqh; arc=none smtp.client-ip=54.206.16.166 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=deepin.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=deepin.org Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=deepin.org header.i=@deepin.org header.b="ygBjTxqh" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=deepin.org; s=ukjg2408; t=1741934435; bh=CwPqh3dkCrhZ/eHvLeAux7HyOEkcWfxttE3ma/av6pE=; h=From:To:Subject:Date:Message-ID:MIME-Version; b=ygBjTxqhV7SSUDru9u1MzyXpFmH35dvBh19biWjd5i5JOJrw3xO6nVDHiAoYuOT/E oCxLNyLlrEooEP37HTeg8+vcU2D6JfaxFla5nixCy8p7/+a0gbIppFgE6bJ2aCzoH2 SDhQlWJb9+239BpBREL1SWCpbiQqe1Gm3bvG16g8= X-QQ-mid: bizesmtpsz4t1741934433t0mk8d1 X-QQ-Originating-IP: JFoJuAy/Sh8Xwtg3iarI2liwPQ2wX2lew8yCiTQnoKc= Received: from localhost.localdomain ( [113.57.152.160]) by bizesmtp.qq.com (ESMTP) with id ; Fri, 14 Mar 2025 14:40:31 +0800 (CST) X-QQ-SSF: 0000000000000000000000000000000 X-QQ-GoodBg: 0 X-BIZMAIL-ID: 18429496349673007941 From: Chen Linxuan To: Andrii Nakryiko , Jiri Olsa , Sasha Levin , Andrew Morton , Shakeel Butt , Chen Linxuan , Alexey Dobriyan , Alexei Starovoitov , Eduard Zingerman , "Peter Zijlstra (Intel)" Cc: Yi Lai , Daniel Borkmann , linux-kernel@vger.kernel.org, bpf@vger.kernel.org Subject: [PATCH stable 6.1] lib/buildid: Handle memfd_secret() files in build_id_parse() Date: Fri, 14 Mar 2025 14:40:12 +0800 Message-ID: <07E50D508253C123+20250314064012.20951-2-chenlinxuan@deepin.org> X-Mailer: git-send-email 2.48.1 Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-QQ-SENDSIZE: 520 Feedback-ID: bizesmtpsz:deepin.org:qybglogicsvrgz:qybglogicsvrgz7a-0 X-QQ-XMAILINFO: MrCQuGXFssgk07nHilX1OC02btZqIuKjUIXiPumvMT6wQpnvVnh670ic UAF+dzvzXpg3toeHyKUaErrY+kBsnbXzDmXgRmOye/VAeerK1dyOiHAY+vGoaPj/K6hLn2z vnT3HWysjg5eUlALaEe5UZXpTGu6SOsRJBC/VI9Fs3MY4JAJwbUd5bw0tGIGg+mhaFm9LX2 MX2DYN0BK+yzpzQhL7yKGNEIREBbe7AcIfIr57hOjNAEh8trdBhcOj78SiLUnue5blnMZa2 JNyRm9yzEpNssmCNJHCQaTZ4+LTY3+pzFgVr9n0yOtkz5Qb+qBT1+LXV5Q/3BcoPiA48rlL 0XkaYligwz5MF/10jRrQLQCGLOad/5SKSDoum/6Q9/6DisaLovE2jJLJl7hqW6I4nabWpZQ JWPHosY67ryNtgTH4cFJU3KeEmwKYhlUH8K8lBMTDyZtwa5HeOABCV2mWQs1/Vd9kPy13Cu nASyjKFp94DSOg7UsZz1d6MmCGyRRmlYrqe3U2nrrun46tnak7OCcg8qR1ZjellvECXcheP fbbu6KqM0h2ICWDP+ToHHZsINOoYhwv33vIesduoxcwgNfEL1DSqVFdpptElAJh4bDI5vwg M2zVh44lnEisyQZz+3bxp0RB6XkMDsN0D94pwMlCRkBmPL/BydIJH+bs9/tC1nZc7HxOeqS MnZt3TU6xzSVpGfvOsJkLjJ/ZThAH7zYf2akSmwjcKNKS+LHupRrnmKeRYsGdFv7GypJ5Kq v8hX4ypTIaURCay7YXIds0fIMS2CZQgCU4EuZe+23JKf+v8mNyUJeCjaixTDh5sq99sdaYm 6+/7AdXTTwdXpmlkrhFNKx2ezBbgCdYY7Jb9Y2nHXKGqaMoroG2Ozqnm0ca+eBdJQO5P39y NYmcH+q1hjG4V+tJzHY80PA1HYCwe+WAdZZkewybwmPllAzRzgYZs50mI8q2XpRMLIchMgz j9q5hgd/lhPysZTvIXtyi3PDsFNwJvGnVwoDx2AQz6KmA7VfP8IKqM+IIzOBuPDqDY5w= X-QQ-XMRINFO: Nq+8W0+stu50PRdwbJxPCL0= X-QQ-RECHKSPAM: 0 [ Upstream commit 5ac9b4e935dfc6af41eee2ddc21deb5c36507a9f ] >From memfd_secret(2) manpage: The memory areas backing the file created with memfd_secret(2) are visible only to the processes that have access to the file descriptor. The memory region is removed from the kernel page tables and only the page tables of the processes holding the file descriptor map the corresponding physical memory. (Thus, the pages in the region can't be accessed by the kernel itself, so that, for example, pointers to the region can't be passed to system calls.) We need to handle this special case gracefully in build ID fetching code. Return -EFAULT whenever secretmem file is passed to build_id_parse() family of APIs. Original report and repro can be found in [0]. [0] https://lore.kernel.org/bpf/ZwyG8Uro%2FSyTXAni@ly-workstation/ Fixes: de3ec364c3c3 ("lib/buildid: add single folio-based file reader abstraction") Reported-by: Yi Lai Suggested-by: Shakeel Butt Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Shakeel Butt Link: https://lore.kernel.org/bpf/20241017175431.6183-A-hca@linux.ibm.com Link: https://lore.kernel.org/bpf/20241017174713.2157873-1-andrii@kernel.org [ Linxuan: perform an equivalent direct check without folio-based changes ] Fixes: 88a16a130933 ("perf: Add build id data in mmap2 event") Signed-off-by: Chen Linxuan --- Some previous discussions can be found in the following links: https://lore.kernel.org/stable/05D0A9F7DE394601+20250311100555.310788-2-chenlinxuan@deepin.org/ --- lib/buildid.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lib/buildid.c b/lib/buildid.c index 9fc46366597e..6249bd47fb0b 100644 --- a/lib/buildid.c +++ b/lib/buildid.c @@ -5,6 +5,7 @@ #include #include #include +#include #define BUILD_ID 3 @@ -157,6 +158,12 @@ int build_id_parse(struct vm_area_struct *vma, unsigned char *build_id, if (!vma->vm_file) return -EINVAL; +#ifdef CONFIG_SECRETMEM + /* reject secretmem folios created with memfd_secret() */ + if (vma->vm_file->f_mapping->a_ops == &secretmem_aops) + return -EFAULT; +#endif + page = find_get_page(vma->vm_file->f_mapping, 0); if (!page) return -EFAULT; /* page not mapped */