Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

fs/proc/kcore.c: Add bounce buffer for ktext data

We hit hardened usercopy feature check for kernel text access by reading
kcore file:

usercopy: kernel memory exposure attempt detected from ffffffff8179a01f (<kernel text>) (4065 bytes)
kernel BUG at mm/usercopy.c:75!

Bypassing this check for kcore by adding bounce buffer for ktext data.

Reported-by: Steve Best <sbest@redhat.com>
Fixes: f5509cc18daa ("mm: Hardened usercopy")
Suggested-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by

Jiri Olsa and committed by
Linus Torvalds
df04abfd f5beeb18

+6 -1
+6 -1
fs/proc/kcore.c
··· 509 509 if (kern_addr_valid(start)) { 510 510 unsigned long n; 511 511 512 - n = copy_to_user(buffer, (char *)start, tsz); 512 + /* 513 + * Using bounce buffer to bypass the 514 + * hardened user copy kernel text checks. 515 + */ 516 + memcpy(buf, (char *) start, tsz); 517 + n = copy_to_user(buffer, buf, tsz); 513 518 /* 514 519 * We cannot distinguish between fault on source 515 520 * and fault on destination. When this happens