| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 1 Feb 2007 16:16:03 +0100 From: "Miguel Ojeda" <maxextreme@...il.com> To: "Daniel Walker" <dwalker@...sta.com> Cc: akpm@...l.org, linux-kernel@...r.kernel.org Subject: Re: crash on CONFIG_CFAG12864B=y in 2.6.20-rc3-mm1 The problem is easy: ks0108_init() prints the error message and exit with -EINVAL, so the module isn't loaded properly. However, cfag12864b_init() is called, although ks0108 failed. It returns 0 and after a while cfag12864b calls ks0108_writecontrol() which dereferences the uninitialized pointer ks0108_parport: parport_write_control(ks0108_parport, byte ^ (bit(0) | bit(1) | bit(3))); Why is cfag12864b_init() called if ks0108 module didn't load properly? Is that normal? If so, how a module should alarm other modules about it failed loading? An easy solution woule be to export a function at ks0108.c like ks0108_inited() that would return if the module was properly inited or not. Is there any better solution? Regards, Miguel On 2/1/07, Miguel Ojeda <maxextreme@...il.com> wrote: > On 1/7/07, Daniel Walker <dwalker@...sta.com> wrote: > > (forgot to CC LKML) > > > > The options, > > > > CONFIG_CFAG12864B=y > > CONFIG_CFAG12864B_RATE=20 > > > > causes a crash at boot in 2.6.20-rc3-mm1. I don't have the hardware > > associated with the options. It looks like it just doesn't have guards > > to detect if the hardware doesn't exists. > > > > Here is the crash, > > > > ks0108: ERROR: parport didn't find 888 port > > BUG: unable to handle kernel NULL pointer dereference at virtual address > > 0000004 printing eip: > > c02dbff9 > > *pde = 00000000 > > Oops: 0000 [#1] > > PREEMPT SMP > > last sysfs file: > > Modules linked in: > > CPU: 3 > > EIP: 0060:[<c02dbff9>] Not tainted VLI > > EFLAGS: 00010246 (2.6.20-rc3-mm1 #11) > > EIP is at ks0108_writecontrol+0x79/0xc0 > > eax: 00001008 ebx: 0000000a ecx: 673e2eb8 edx: 00000001 > > esi: 0000000a edi: 00000000 ebp: f7c3ff6c esp: f7c3ff50 > > ds: 007b es: 007b fs: 00d8 gs: 0000 ss: 0068 > > Process swapper (pid: 1, ti=f7c3e000 task=f7c26a90 task.ti=f7c3e000) > > Stack: 00000001 f7552c40 f7c3ff60 c0120e3f 00000000 c049f450 00000000 > > f7c3ff74 > > c02dc159 f7c3ff80 c02dc177 00000000 f7c3ff98 c048feda 00000378 > > c02d74db > > 00000000 00000000 f7c3ffe0 c0478610 c03d9d35 00000004 f7c26a90 > > c0473fc4 > > Call Trace: > > [<c01053da>] show_trace_log_lvl+0x1a/0x30 > > [<c0105499>] show_stack_log_lvl+0xa9/0xd0 > > [<c01056c7>] show_registers+0x207/0x370 > > [<c0105949>] die+0x119/0x250 > > [<c011d267>] do_page_fault+0x277/0x610 > > [<c038e9d4>] error_code+0x7c/0x84 > > [<c02dc159>] cfag12864b_e+0x19/0x20 > > [<c02dc177>] cfag12864b_page+0x17/0x30 > > [<c048feda>] cfag12864b_init+0x8a/0x130 > > [<c0478610>] init+0x110/0x250 > > [<c0104fd3>] kernel_thread_helper+0x7/0x14 > > ======================= > > Code: 8b 98 ec 00 00 00 0f b6 03 24 df 88 45 f3 80 75 f3 20 0f b6 43 01 20 > > 45 f > > EIP: [<c02dbff9>] ks0108_writecontrol+0x79/0xc0 SS:ESP 0068:f7c3ff50 > > <0>Kernel panic - not syncing: Attempted to kill init! > > > > > > > > > > As Daniel Walker pointed out, the driver doesn't probe for the > hardware because it just uses the parallel port for output (there > isn't any kind of input). > > The driver shouldn't continue execution and using > ks0108_writecontrol() (which writes to the parallel port) after the > "ks0108: ERROR: parport didn't find 888 port" message. > > Will check. > > Thanks for the warning, > Miguel > > (forgot to reply to all). > > -- > Miguel Ojeda > http://maxextreme.googlepages.com/index.htm > -- Miguel Ojeda http://maxextreme.googlepages.com/index.htm - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists