On Thu, May 23, 2019 at 11:57 AM Tetsuo Handa <[email protected]> wrote: > > Well, the culprit of this problem might be syz_execute_func(). > > https://twitter.com/ed_maste/status/1131165065485398016 > > Then, blacklisting specific syscalls/arguments might not work. > We will need to guard specific paths on the kernel side using > some kernel config option...
Yes, that's a nasty issue. We could stop running random code, or setuid into nobody, but then we will lose lots of test coverage... > Anyway, Andrew, will you send this patch to linux-next.git ? > syzbot would identify which syz_execute_func() call is triggering > this problem. > > From 96e0741839f56c461f85d83e20bf5ae6baac9a3a Mon Sep 17 00:00:00 2001 > From: Tetsuo Handa <[email protected]> > Date: Thu, 23 May 2019 05:57:52 +0900 > Subject: [PATCH] printk: Monitor change of console loglevel. > > We are seeing syzbot reports [1] where printk() messages prior to panic() > are missing for unknown reason. To test whether it is due to some testcase > changing console loglevel, let's panic() as soon as console loglevel has > changed. This patch is intended for testing on linux-next.git only, and > will be removed after we found what is wrong. > > [1] > https://lkml.kernel.org/r/[email protected] > > Signed-off-by: Tetsuo Handa <[email protected]> > Cc: Dmitry Vyukov <[email protected]> > Cc: Sergey Senozhatsky <[email protected]> > Cc: Petr Mladek <[email protected]> > --- > kernel/printk/printk.c | 20 ++++++++++++++++++++ > 1 file changed, 20 insertions(+) > > diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c > index 1888f6a..5326015 100644 > --- a/kernel/printk/printk.c > +++ b/kernel/printk/printk.c > @@ -3343,3 +3343,23 @@ void kmsg_dump_rewind(struct kmsg_dumper *dumper) > EXPORT_SYMBOL_GPL(kmsg_dump_rewind); > > #endif > + > +#ifdef CONFIG_DEBUG_AID_FOR_SYZBOT > +static int initial_loglevel; > +static void check_loglevel(struct timer_list *timer) > +{ > + if (console_loglevel < initial_loglevel) > + panic("Console loglevel changed (%d->%d)!", initial_loglevel, > + console_loglevel); > + mod_timer(timer, jiffies + HZ); > +} > +static int __init loglevelcheck_init(void) > +{ > + static DEFINE_TIMER(timer, check_loglevel); > + > + initial_loglevel = console_loglevel; > + mod_timer(&timer, jiffies + HZ); > + return 0; > +} > +late_initcall(loglevelcheck_init); > +#endif > -- > 1.8.3.1
