lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080630234837.118fff8c@daedalus.pq.iki.fi>
Date:	Mon, 30 Jun 2008 23:48:37 +0300
From:	Pekka Paalanen <pq@....fi>
To:	Ingo Molnar <mingo@...e.hu>,
	"Vegard Nossum" <vegard.nossum@...il.com>
Cc:	linux-kernel@...r.kernel.org, Steven Rostedt <srostedt@...hat.com>,
	proski@....org
Subject: mmiotrace broken in linux-next (8-bit writes only)

On Mon, 30 Jun 2008 14:37:36 +0200
Ingo Molnar <mingo@...e.hu> wrote:

> it would also be nice if you could check whether ftrace as integrated 
> into linux-next has a functional mmiotrace. (and work with me in -tip on 
> fixing it if it doesnt)

I tested it and it is broken in two ways. First is the NULL pointer
dereference, for which I made a quick patch (in the end of this email)
and I don't know what is going on in there. The patch allows me to run
my simple test. However, the test shows, that all 8-bit MMIO writes are
recorded with datum 0x80, which is incorrect. I've no idea what could
have changed. All the 16 and 32-bit ops are ok, and so are 8-bit reads,
which means the writes really do happen with the correct data, but just
mmiotrace gets it wrong. Mmiotrace source files are unchanged.

Has there been changes in compiler flags or iowrite8() that would cause
different instructions to be used in implementing the MMIO write?
I'm completely baffled.

I guess I should try to bisect, but I don't know when I can do that.
I tested on Athlon64, 64-bit UP kernel.

Vegard, have you experienced any weird issues in instruction decoding?
But I guess sort of bug would not affect you, since kmemcheck is not
interested in the data.

- pq


>From 79e6a8eaf73b778dc76eb3c55bb82b18817c34df Mon Sep 17 00:00:00 2001
From: Pekka Paalanen <pq@....fi>
Date: Mon, 30 Jun 2008 22:02:25 +0300
Subject: [PATCH] ftrace: do not call ftrace_special() from down().

The moment mmiotrace is enabled, I hit a NULL deref in:

IP: [<ffffffff80256e71>] __trace_special+0x17c/0x23a
Call Trace:
 [<ffffffff802573cc>] ftrace_special+0x6f/0x9a
 [<ffffffff8023e3e4>] down+0x19/0x4a
 [<ffffffff80228adc>] acquire_console_sem+0x42/0x58
 [<ffffffff8035d273>] con_flush_chars+0x28/0x43
 [<ffffffff80354a70>] write_chan+0x22e/0x334
 [<ffffffff802244e9>] ? default_wake_function+0x0/0xf
 [<ffffffff8035236d>] tty_write+0x195/0x228
 [<ffffffff80354842>] ? write_chan+0x0/0x334
 [<ffffffff8027c23a>] vfs_write+0xae/0x137
 [<ffffffff8027c6e3>] sys_write+0x47/0x70
 [<ffffffff8020b1db>] system_call_after_swapgs+0x7b/0x80

which means 'entry' in __trace_special() is NULL.

Signed-off-by: Pekka Paalanen <pq@....fi>
---
 kernel/semaphore.c |    1 -
 1 files changed, 0 insertions(+), 1 deletions(-)

diff --git a/kernel/semaphore.c b/kernel/semaphore.c
index bbab232..62f30c2 100644
--- a/kernel/semaphore.c
+++ b/kernel/semaphore.c
@@ -54,7 +54,6 @@ void down(struct semaphore *sem)
 {
 	unsigned long flags;
 
-	ftrace_special(sem->count, 0, __LINE__);
 	spin_lock_irqsave(&sem->lock, flags);
 	if (likely(sem->count > 0))
 		sem->count--;
-- 
1.5.4.5

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ