On 3/17/25 15:11, Greg KH wrote:
CAUTION: This email comes from a non Wind River email account! Do not click links or open attachments unless you recognize the sender and know the content is safe.
On Mon, Mar 17, 2025 at 03:09:50PM +0800, Xiangyu Chen wrote:
On 3/17/25 14:57, Greg KH wrote:
CAUTION: This email comes from a non Wind River email account! Do not click links or open attachments unless you recognize the sender and know the content is safe.
On Mon, Mar 17, 2025 at 02:54:29PM +0800, Xiangyu Chen wrote:
From: Qiao Ma mqaio@linux.alibaba.com
[ Upstream commit 373b9338c9722a368925d83bc622c596896b328e ]
Hi Greg,
<snip>
Why is this an RFC? What needs to be done to make it "real" and ready for you to submit it for actual inclusion?
We try to backport the fix to 5.15/5.10, but some logic functions are different, the prepare_uprobe_buffer() in original
commit is not exists on 5.15/5.10, we moved the fix to uprobe_dispatcher() and uretprobe_dispatcher().
It has been tested in our local environment, the issue was fixed, but due to it different from original commit,
this might still need to author help to review, so I added a RFC label.
Hi Greg,
If you want people to do reviews / work / etc, then you explicitly need to ask for that. Otherwise we all have no idea what problems you have with this change, nor what you expect for anyone else to do.
First off, why do you think this needs to be backported here at all? Do that research and work first, and figure it out with your own testing and evaluation before asking others to do any work for you.
good luck!
Thanks for your advice, I'll pay attention next time, and better use a cover-letter to describe the detail information to others instead of RFC label .
We backport this patch due to a high risky security issue (CVE-2024-50067), the 6.1+ already fixed, but 5.10/15 still exists. Since the uprobe is a common feature in kernel, so it should be fixed.
I read the fix and context commits, on 5.15/10, the original fix in prepare_uprobe_buffer()'s logic can be apply on uretprobe_dispatcher() uprobe_dispatcher(). Based on that, I have verified it on a local setup by manual, without the fix, 5.10/5.15 can be reproduced the KASAN error by test code in commit comment, after applying the patch, the KASAN error won't happen anymore.
It was verified on my local setup, but the fix on 5.10/15 is fully different from original commit, so in order to make sure it can be "clean" fixed, this need to author help to review if anything was missing.
Thanks,
Br,
Xiangyu
greg k-h