Bug 1570493 - please add a function to add kernel module to a whitelist
Summary: please add a function to add kernel module to a whitelist
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 27
Hardware: x86_64
OS: Linux
unspecified
low
Target Milestone: ---
Assignee: Kernel Maintainer List
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 1574617 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-04-23 05:13 UTC by Knut J BJuland
Modified: 2019-02-11 23:18 UTC (History)
22 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-05-09 14:27:17 UTC


Attachments (Terms of Use)
patch to use kmem_cache_create_usercopy (1.70 KB, patch)
2018-04-23 16:56 UTC, Kees Cook
no flags Details | Diff

Description Knut J BJuland 2018-04-23 05:13:39 UTC
Description of problem:

Bad or missing usercopy whitelist? Kernel memory exposure attempt detected from SLUB object 'nvidia_stack_cache'

Version-Release number of selected component (if applicable):
4.16

How reproducible:
a warning is printed

Steps to Reproduce:
1. load th kernel with nvidia
2.
3.

Actual results:
Bad or missing usercopy whitelist? Kernel memory exposure attempt detected from SLUB object 'nvidia_stack_cache'

Expected results:


Additional info:

Comment 1 Laura Abbott 2018-04-23 13:12:31 UTC
That's coming from the out of tree nvidia module. How often does this issue happen?

Comment 2 Knut J BJuland 2018-04-23 13:17:55 UTC
Ir occur when nvidia-modeset are started during boot.

Comment 3 Kees Cook 2018-04-23 16:56:39 UTC
Created attachment 1425704 [details]
patch to use kmem_cache_create_usercopy

This is an untested patch based on https://www.grsecurity.net/~paxguy1/nvidia-drivers-387.12-pax.patch

Comment 4 Laura Abbott 2018-05-03 16:54:02 UTC
*** Bug 1574617 has been marked as a duplicate of this bug. ***

Comment 5 Michal Konecny 2018-05-04 18:59:01 UTC
I found out, that the Fedora 28 is starting without issue if it is building kmod on start.

So today, when the bug occured again I switched to runlevel 3 and removed the kmod-nvidia.
I removed it using rpm -e kmod-nvidia, because dnf didn't find it (which is weird, because kmod-VirtualBox is normally searchable by dnf).

After removing the kmod-nvidia and restarting PC, Fedora 28 started without issue.

Here is the output of lsmod|grep nvidia (so you can see, that I'm running on proprietary driver):
nvidia_drm             45056  2
nvidia_modeset       1110016  7 nvidia_drm
nvidia              14372864  473 nvidia_modeset
drm_kms_helper        200704  1 nvidia_drm
drm                   454656  5 nvidia_drm,drm_kms_helper
ipmi_msghandler        57344  2 nvidia,ipmi_devintf

Comment 6 Knut J BJuland 2018-05-09 05:44:50 UTC
  4.773868] nvidia-modeset: Allocated GPU:0 (GPU-b1ce6fd7-3394-d73e-0681-a84a3f9c6a77) @ PCI:0000:65:00.0
[    4.871948] [drm] Supports vblank timestamp caching Rev 2 (21.10.2013).
[    4.871949] [drm] No driver support for vblank timestamp query.
[    4.953749] [drm] Initialized nvidia-drm 0.0.0 20160202 for 0000:65:00.0 on minor 0

It has been resolved in nvidia 396.24.

Comment 7 Michal Konecny 2018-05-09 06:53:57 UTC
When we can expect this version of nvidia driver will be available in Fedora 28?

Comment 8 Michal Konecny 2018-05-09 07:05:41 UTC
I mean in the fedora-rpmfusion-nonfree-nvidia.repo?

Comment 9 Knut J BJuland 2018-05-09 10:51:55 UTC
I download if from rawhide devel and rebuild the src.rpm for fedora 28.

Comment 10 Laura Abbott 2018-05-09 14:27:17 UTC
Thanks for testing. I'm going to close this bug as fixed in rawhide since this was mostly an FYI/tracking bug.

Comment 11 Kees Cook 2018-06-26 17:52:33 UTC
FWIW, the bug is not fixed, but it's not something RedHat can fixed since it's a third-party driver. The patch above fixes it, but I don't see a fix in 396.24.


Note You need to log in before you can comment on or make changes to this bug.