摘要:
In the Linux kernel, the following vulnerability has been resolved:nitro_enclaves: Use get_user_pages_unlocked() call to handle mmap assertAfter commit 5b78ed24e8ec ( mm/pagemap: add mmap_assert_locked()annotations to find_vma*() ), the call to get_user_pages() will triggerthe mmap assert.static inline void mmap_assert_locked(struct mm_struct *mm){ lockdep_assert_held(&mm->mmap_lock); VM_BUG_ON_MM(!rwsem_is_locked(&mm->mmap_lock), mm);}[ 62.521410] kernel BUG at include/linux/mmap_lock.h:156!...........................................................[ 62.538938] RIP: 0010:find_vma+0x32/0x80...........................................................[ 62.605889] Call Trace:[ 62.608502] <TASK>[ 62.610956] ? lock_timer_base+0x61/0x80[ 62.614106] find_extend_vma+0x19/0x80[ 62.617195] __get_user_pages+0x9b/0x6a0[ 62.620356] __gup_longterm_locked+0x42d/0x450[ 62.623721] ? finish_wait+0x41/0x80[ 62.626748] ? __kmalloc+0x178/0x2f0[ 62.629768] ne_set_user_memory_region_ioctl.isra.0+0x225/0x6a0 [nitro_enclaves][ 62.635776] ne_enclave_ioctl+0x1cf/0x6d7 [nitro_enclaves][ 62.639541] __x64_sys_ioctl+0x82/0xb0[ 62.642620] do_syscall_64+0x3b/0x90[ 62.645642] entry_SYSCALL_64_after_hwframe+0x44/0xaeUse get_user_pages_unlocked() when setting the enclave memory regions.That s a similar pattern as mmap_read_lock() used together withget_user_pages().
安全等级: Low
公告ID: KylinSec-SA-2024-2258
发布日期: 2024年5月27日
关联CVE: CVE-2021-46927
In the Linux kernel, the following vulnerability has been resolved:nitro_enclaves: Use get_user_pages_unlocked() call to handle mmap assertAfter commit 5b78ed24e8ec ( mm/pagemap: add mmap_assert_locked()annotations to find_vma*() ), the call to get_user_pages() will triggerthe mmap assert.static inline void mmap_assert_locked(struct mm_struct *mm){ lockdep_assert_held(&mm->mmap_lock); VM_BUG_ON_MM(!rwsem_is_locked(&mm->mmap_lock), mm);}[ 62.521410] kernel BUG at include/linux/mmap_lock.h:156!...........................................................[ 62.538938] RIP: 0010:find_vma+0x32/0x80...........................................................[ 62.605889] Call Trace:[ 62.608502] <TASK>[ 62.610956] ? lock_timer_base+0x61/0x80[ 62.614106] find_extend_vma+0x19/0x80[ 62.617195] __get_user_pages+0x9b/0x6a0[ 62.620356] __gup_longterm_locked+0x42d/0x450[ 62.623721] ? finish_wait+0x41/0x80[ 62.626748] ? __kmalloc+0x178/0x2f0[ 62.629768] ne_set_user_memory_region_ioctl.isra.0+0x225/0x6a0 [nitro_enclaves][ 62.635776] ne_enclave_ioctl+0x1cf/0x6d7 [nitro_enclaves][ 62.639541] __x64_sys_ioctl+0x82/0xb0[ 62.642620] do_syscall_64+0x3b/0x90[ 62.645642] entry_SYSCALL_64_after_hwframe+0x44/0xaeUse get_user_pages_unlocked() when setting the enclave memory regions.That s a similar pattern as mmap_read_lock() used together withget_user_pages().
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2021-46927 | KY3.4-4A | kernel | Unaffected |
| CVE-2021-46927 | KY3.4-5 | kernel | Unaffected |
| CVE-2021-46927 | KY3.5.1 | kernel | Unaffected |
