| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 18 Apr 2008 23:02:22 +1000 From: Reuben Farrelly <reuben-linuxkernel@...b.net> To: Andrew Morton <akpm@...ux-foundation.org> CC: linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...e.hu> Subject: StackProtector Oopses - Re: 2.6.25-mm1 On 18/04/2008 6:47 PM, Andrew Morton wrote: > ftp://ftp.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.25/2.6.25-mm1/ The GCC stackprotector option is a no-go for me, and causes 100% repeatable fatal oopses on boot with my x86_64 box. This is not new to 2.6.25-mm1 - but was also present in 2.6.24-rc8-mm2 (2.6.24-rc8-mm1 was good, but this option didn't exist then). It seems that enabling the stackprotector option: tornado boot # diff -u config-2.6.25-mm1 config-2.6.25-mm1.old --- config-2.6.25-mm1 2008-04-18 22:40:15.000000000 +1000 +++ config-2.6.25-mm1.old 2008-04-18 20:09:38.000000000 +1000 @@ -1,7 +1,7 @@ # # Automatically generated make config: don't edit # Linux kernel version: 2.6.25-mm1 -# Fri Apr 18 22:25:04 2008 +# Fri Apr 18 19:57:17 2008 # CONFIG_64BIT=y # CONFIG_X86_32 is not set @@ -256,7 +256,8 @@ CONFIG_X86_PAT=y # CONFIG_EFI is not set CONFIG_SECCOMP=y -# CONFIG_CC_STACKPROTECTOR is not set +CONFIG_CC_STACKPROTECTOR_ALL=y +CONFIG_CC_STACKPROTECTOR=y # CONFIG_HZ_100 is not set # CONFIG_HZ_250 is not set CONFIG_HZ_300=y is enough to prevent my system booting, viz: input: Belkin Components Belkin OmniView KVM Switch as /devices/pci0000:00/0000:00:1d.1/usb3/3-1/3-1.1/3-1.1:1.0/input/input2 input: USB HID v1.00 Keyboard [Belkin Components Belkin OmniView KVM Switch] on usb-0000:00:1d.1-1.1 input: Belkin Components Belkin OmniView KVM Switch as /devices/pci0000:00/0000:00:1d.1/usb3/3-1/3-1.1/3-1.1:1.1/input/input3 input: USB HID v1.00 Mouse [Belkin Components Belkin OmniView KVM Switch] on usb-0000:00:1d.1-1.1 usbcore: registered new interface driver usbhid usbhid: v2.6:USB HID core driver TCP bic registered NET: Registered protocol family 1 NET: Registered protocol family 10 lo: Disabled Privacy Extensions NET: Registered protocol family 17 Testing -fstack-protector-all feature ------------[ cut here ]------------ WARNING: at ™š:-2145164734 0x0() Modules linked in: Pid: 1, comm: swapper Not tainted 2.6.25-mm1 #1 Call Trace: [<ffffffff802362a9>] warn_on_slowpath+0x67/0x98 [<ffffffff802f31da>] ? proc_register+0x104/0x1b0 [<ffffffff80237e2a>] ? printk+0x79/0x94 [<ffffffff804f1d05>] ? register_netdevice_notifier+0xed/0x1c9 [<ffffffff8023da80>] ? insert_resource+0x3c/0x117 [<ffffffff8023630d>] ? __stack_chk_test+0x33/0x7b [<ffffffff80740ff0>] ? kernel_init+0x16d/0x30d [<ffffffff8020c7b8>] ? child_rip+0xa/0x12 [<ffffffff80740e83>] ? kernel_init+0x0/0x30d [<ffffffff8020c7ae>] ? child_rip+0x0/0x12 ---[ end trace 8d584356702633c0 ]--- BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 IP: [<0000000000000000>] PGD 0 Oops: 0010 [1] SMP last sysfs file: CPU 0 Modules linked in: Pid: 1, comm: swapper Tainted: G W 2.6.25-mm1 #1 RIP: 0010:[<0000000000000000>] [<0000000000000000>] RSP: 0000:ffff8100bf05de88 EFLAGS: 00010296 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000046 RDI: 0000000000000200 RBP: ffff8100bf05de90 R08: 0000000000000000 R09: ffff8100000bcce0 R10: 0720072007200720 R11: 0720072007200720 R12: 0000000000000000 R13: ffffffff80787530 R14: 0000000000000000 R15: ffffffff8067fd3c FS: 0000000000000000(0000) GS:ffffffff80721000(0000) knlGS:0000000000000000 CS: 0010 DS: 0018 ES: 0018 CR0: 000000008005003b CR2: 0000000000000000 CR3: 0000000000201000 CR4: 00000000000006e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 Process swapper (pid: 1, threadinfo ffff8100bf05c000, task ffff8100bf060000) Stack: 0000000000000000 ffff8100bf05deb0 ffffffff8023630d 0000000000000000 0000000090e2a955 ffff8100bf05df40 ffffffff80740ff0 aa55aa0000000000 aa55aa55aa55aa55 0000000000000003 55aa55aa55aa55aa 55aa55aa55aa55aa Call Trace: [<ffffffff8023630d>] __stack_chk_test+0x33/0x7b [<ffffffff80740ff0>] kernel_init+0x16d/0x30d [<ffffffff8020c7b8>] child_rip+0xa/0x12 [<ffffffff80740e83>] ? kernel_init+0x0/0x30d [<ffffffff8020c7ae>] ? child_rip+0x0/0x12 Code: Bad RIP value. RIP [<0000000000000000>] RSP <ffff8100bf05de88> CR2: 0000000000000000 ---[ end trace 8d584356702633c0 ]--- Kernel panic - not syncing: Attempted to kill init! Pid: 1, comm: swapper Tainted: G D W 2.6.25-mm1 #1 Call Trace: [<ffffffff80236716>] panic+0xb2/0x187 [<ffffffff802547c7>] ? blocking_notifier_call_chain+0x24/0x42 [<ffffffff8023a5b7>] do_exit+0x772/0x7eb [<ffffffff8020cd1f>] oops_end+0x9a/0x9f [<ffffffff80224349>] do_page_fault+0x61d/0x7c4 [<ffffffff802f31da>] ? proc_register+0x104/0x1b0 [<ffffffff805a51f9>] error_exit+0x0/0x51 [<ffffffff8023630d>] ? __stack_chk_test+0x33/0x7b [<ffffffff80740ff0>] ? kernel_init+0x16d/0x30d [<ffffffff8020c7b8>] ? child_rip+0xa/0x12 [<ffffffff80740e83>] ? kernel_init+0x0/0x30d [<ffffffff8020c7ae>] ? child_rip+0x0/0x12 Rebooting in 30 seconds.. ---------- gcc version 4.2.3 (Gentoo 4.2.3 p1.0) I have put the config and full dmesg of 2.6.25-mm1 both working and not working, up at http://www.reub.net/files/kernel/2.6.25-mm1/ It is the exact same oops with 2.6.24-rc8-mm1. Reuben -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists