git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Alexander Potapenko <glider@google.com>
	Tue, 28 May 2024 10:48:06 +0000 (12:48 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sun, 16 Jun 2024 11:41:38 +0000 (13:41 +0200)
commit	9ff078f5bad8990091f1639347de5e02636e9536
tree	425c9d1129b882f7aa01b554a9b0ed566922defc	tree \| snapshot
parent	ca71f204711ad24113e8b344dc5bb8b0385f5672	commit \| diff

kmsan: do not wipe out origin when doing partial unpoisoning

commit 2ef3cec44c60ae171b287db7fc2aa341586d65ba upstream.

As noticed by Brian, KMSAN should not be zeroing the origin when
unpoisoning parts of a four-byte uninitialized value, e.g.:

char a[4];
kmsan_unpoison_memory(a, 1);

This led to false negatives, as certain poisoned values could receive zero
origins, preventing those values from being reported.

To fix the problem, check that kmsan_internal_set_shadow_origin() writes
zero origins only to slots which have zero shadow.

Link: https://lkml.kernel.org/r/20240528104807.738758-1-glider@google.com
Fixes: f80be4571b19 ("kmsan: add KMSAN runtime core")
Signed-off-by: Alexander Potapenko <glider@google.com>
Reported-by: Brian Johannesmeyer <bjohannesmeyer@gmail.com>
Link: https://lore.kernel.org/lkml/20240524232804.1984355-1-bjohannesmeyer@gmail.com/T/
Reviewed-by: Marco Elver <elver@google.com>
Tested-by: Brian Johannesmeyer <bjohannesmeyer@gmail.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>