lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 4 Sep 2009 09:06:42 +0900
From:	KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>
To:	Pekka Enberg <penberg@...helsinki.fi>
Cc:	Nick Craig-Wood <nick@...ig-wood.com>,
	linux-kernel@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>
Subject: Re: Reading /proc/kcore causes a BUG()

On Thu, 3 Sep 2009 15:14:55 +0300
Pekka Enberg <penberg@...helsinki.fi> wrote:

> On Thu, Sep 3, 2009 at 2:34 PM, Nick Craig-Wood<nick@...ig-wood.com> wrote:
> > Is a fix for this going to make 2.6.31?
> >
> > To replicate
> >
> >  cat /proc/kcore >/dev/null
> >
> > See also
> >
> >  http://bugzilla.kernel.org/show_bug.cgi?id=13850
> >
> > To get
> >
> > BUG: unable to handle kernel paging request at eda08000
> > IP: [<c01a0e98>] read_kcore+0x27f/0x341
> > *pdpt = 0000000071809027
> > Oops: 0000 [#1] SMP
> > last sysfs file: /sys/class/net/lo/operstate
> >
> > Pid: 2361, comm: cat Not tainted (2.6.31.git-x1 #1)
> > EIP: 0061:[<c01a0e98>] EFLAGS: 00010286 CPU: 1
> > EIP is at read_kcore+0x27f/0x341
> > EAX: c04404fc EBX: 00001000 ECX: 00000400 EDX: eda09000
> > ESI: eda08000 EDI: ec129000 EBP: ec60bf48 ESP: ec60bf10
> >  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0069
> > Process cat (pid: 2361, ti=ec60a000 task=ecf800b0 task.ti=ec60a000)
> > Stack:
> >  00001000 08051000 00000000 00001000 00000003 eda08000 ec129000 c04404fc
> > <0> eda09000 00000000 00001000 ecd39380 fffffffb c01a0c19 ec60bf6c c019a907
> > <0> ec60bf98 00001000 08051000 eccbab00 eccbab00 c019a8af 00001000 ec60bf8c
> > Call Trace:
> >  [<c01a0c19>] ? read_kcore+0x0/0x341
> >  [<c019a907>] ? proc_reg_read+0x58/0x6c
> >  [<c019a8af>] ? proc_reg_read+0x0/0x6c
> >  [<c016905e>] ? vfs_read+0x87/0x110
> >  [<c0169180>] ? sys_read+0x3b/0x60
> >  [<c0106a4d>] ? syscall_call+0x7/0xb
> > Code: d3 29 f3 89 f8 29 f0 39 d7 0f 46 d8 8d 0c 33 89 4d e8 29 5d ec 8b 45 e4 f6 40 0c 01 75 18 89 d9 c1 e9 02 89 f7 2b 7d dc 03 7d e0 <f3> a5 89 d9 83 e1 03 74 02 f3 a4 8b 55 e4 8b 12 89 55 e4 83 7d
> > EIP: [<c01a0e98>] read_kcore+0x27f/0x341 SS:ESP 0069:ec60bf10
> > CR2: 00000000eda08000
> > ---[ end trace 4387f828fd1590eb ]---
> >
> > I tried this on the latest git checkout (as of 2009-09-03 11:00 GMT)
> > under Xen as a domU.  The bugzilla report states it happens on non xen
> > machines also.
> >
> > I know reading /proc/kcore isn't such a good idea, but badly written
> > backup scripts are triggering this on our customer's servers :-(
> 
> AFAICT the bug was fixed but I can't seem to find the patches in
> Linus' git either. Lets CC Andrew and Hiroyuki-san.
> 

Ah, it's now tested under mmotm. please wait.

Thanks,
-Kame

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ