View Issue Details

IDProjectCategoryView StatusLast Update
0017176CentOS-7kernelpublic2020-03-25 17:30
Reporteralokkataria1 
PriorityhighSeveritymajorReproducibilityalways
Status closedResolutionno change required 
Product Version7.7-1908 
Target VersionFixed in Version 
Summary0017176: Read to /proc/self/pagemap doesn't work after kernel upgrade, not even with the workaround.
DescriptionWith the recent update of the centos 7.7 kernel to 3.10.0-1062.12.1.el7, the kernel now has a fix for row hammer security attack as a result a process running as non-root is not able to get the virtual to physical address (va-to-pa) translations from user space, which it could get earlier via reading ‘/proc/self/pagemap’.

On mainline a workaround has been mentioned for this https://www.kernel.org/doc/html/v4.19/admin-guide/mm/pagemap.html to set the SYS_ADMIN capability to the process to allow this to work. Though that workaround doesn't work on the centos 7 setup.
The same thing works fine on a centos 8 setup running a 4.18 kernel. Details below.
Steps To ReproduceWrote a simple C program to read the /proc/self/pagemap file uploaded the file as pagemap.c, when running as non-root it show that the physical address can't be read, even after giving the appropriate capabilities.


[alok@localhost] uname -r
3.10.0-1062.12.1.el7.x86_64
[alok@localhost] gcc -o pagemap pagemap.c
[alok@localhost] /pagemap
ANK, For virtaddr 0x7fffe36ec4d0 read page 8180000000000000
Failure : unable to read the physical address

[alok@localhost] sudo setcap cap_sys_admin,cap_dac_override=ep pagemap
[alok@localhost] getcap pagemap
pagemap = cap_dac_override,cap_sys_admin+ep
[alok@localhost] ./pagemap
ANK, For virtaddr 0x7fffe36ec4d0 read page 8180000000000000
Failure : unable to read the physical address
[alok@localhost] sudo ./pagemap
ANK, For virtaddr 0x7fffe4367930 read page 818000000085d9aa
ANK, successfully got the phys addr 0x85d9aa930
Additional InformationSame thing on centos 8 works fine

[alok@localhost ~]$ uname -r
4.18.0-147.el8.x86_64

[alok@localhost ~]$ ./pagemap
ANK, For virtaddr 0x7ffcf37bcea0 read page 8180000000000000
Failure : unable to read the physical address
[alok@localhost ~]$ sudo setcap cap_sys_admin,cap_dac_override=ep pagemap
[alok@localhost ~]$ getcap pagemap
pagemap = cap_dac_override,cap_sys_admin+ep
                                                                                                                           
[alok@localhost ~]$ ./pagemap
ANK, For virtaddr 0x7ffeeb998550 read page 81800000001a0de7
ANK, successfully got the phys addr 0x1a0de7550
TagsNo tags attached.
abrt_hash
URL

Activities

alokkataria1

alokkataria1

2020-03-23 04:35

reporter  

pagemap.c (1,472 bytes)
alokkataria1

alokkataria1

2020-03-25 17:06

reporter   ~0036579

As it turns out, this is not a kernel bug after all, the executable's were placed on a mount point which was mounted with nosuid option, and it seems the CAP_SYS_ADMIN too doesn't work for nosuid mount points.

Don't see a way to close this bug, but feel free to close it. Thanks !

Issue History

Date Modified Username Field Change
2020-03-23 04:35 alokkataria1 New Issue
2020-03-23 04:35 alokkataria1 File Added: pagemap.c
2020-03-23 05:05 toracat Category CentOS-7-Plus => kernel
2020-03-25 17:06 alokkataria1 Note Added: 0036579
2020-03-25 17:30 TrevorH Status new => closed
2020-03-25 17:30 TrevorH Resolution open => no change required