One the mmap tests will map a single page, then try to extend the mapping by use of mremap, which should fail. Right after that, it unmaps the extended area, which may end up unmapping other valid mapped areas, this causing a segfault.
Only unmap the area that is expected to be mapped.
Fixes: b2fb299c9aa4 ("selftests/bpf: test ringbuf mmap read-only and read-write restrictions") Signed-off-by: Thadeu Lima de Souza Cascardo cascardo@canonical.com --- tools/testing/selftests/bpf/prog_tests/ringbuf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/bpf/prog_tests/ringbuf.c b/tools/testing/selftests/bpf/prog_tests/ringbuf.c index 197e30b83298..f9a8ae331963 100644 --- a/tools/testing/selftests/bpf/prog_tests/ringbuf.c +++ b/tools/testing/selftests/bpf/prog_tests/ringbuf.c @@ -146,7 +146,7 @@ void test_ringbuf(void) ASSERT_ERR(mprotect(mmap_ptr, page_size, PROT_WRITE), "write_protect"); ASSERT_ERR(mprotect(mmap_ptr, page_size, PROT_EXEC), "exec_protect"); ASSERT_ERR_PTR(mremap(mmap_ptr, 0, 3 * page_size, MREMAP_MAYMOVE), "ro_remap"); - ASSERT_OK(munmap(mmap_ptr, 3 * page_size), "unmap_ro"); + ASSERT_OK(munmap(mmap_ptr, page_size), "unmap_ro");
/* only trigger BPF program for current process */ skel->bss->pid = getpid();
On Thu, May 13, 2021 at 6:23 PM Thadeu Lima de Souza Cascardo cascardo@canonical.com wrote:
One the mmap tests will map a single page, then try to extend the mapping by use of mremap, which should fail. Right after that, it unmaps the extended area, which may end up unmapping other valid mapped areas, this causing a segfault.
Only unmap the area that is expected to be mapped.
Fixes: b2fb299c9aa4 ("selftests/bpf: test ringbuf mmap read-only and read-write restrictions")
We backed out this patch because it was causing our CI to crash on the ringbuf test. I think you found out why :)
I'm going to incorporate your fix into my patch and leave your and mine Signed-off-by and post it upstream. Hope that works fine for attribution? And thanks for catching this!
Signed-off-by: Thadeu Lima de Souza Cascardo cascardo@canonical.com
tools/testing/selftests/bpf/prog_tests/ringbuf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/bpf/prog_tests/ringbuf.c b/tools/testing/selftests/bpf/prog_tests/ringbuf.c index 197e30b83298..f9a8ae331963 100644 --- a/tools/testing/selftests/bpf/prog_tests/ringbuf.c +++ b/tools/testing/selftests/bpf/prog_tests/ringbuf.c @@ -146,7 +146,7 @@ void test_ringbuf(void) ASSERT_ERR(mprotect(mmap_ptr, page_size, PROT_WRITE), "write_protect"); ASSERT_ERR(mprotect(mmap_ptr, page_size, PROT_EXEC), "exec_protect"); ASSERT_ERR_PTR(mremap(mmap_ptr, 0, 3 * page_size, MREMAP_MAYMOVE), "ro_remap");
ASSERT_OK(munmap(mmap_ptr, 3 * page_size), "unmap_ro");
ASSERT_OK(munmap(mmap_ptr, page_size), "unmap_ro"); /* only trigger BPF program for current process */ skel->bss->pid = getpid();
-- 2.30.2
linux-kselftest-mirror@lists.linaro.org