lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 10 Mar 2013 16:53:11 +0800
From:	Ming Lei <tom.leiming@...il.com>
To:	Tommi Rantala <tt.rantala@...il.com>
Cc:	Greg KH <gregkh@...uxfoundation.org>, Jens Axboe <axboe@...nel.dk>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Guo Chao <yan@...ux.vnet.ibm.com>, Tejun Heo <tj@...nel.org>,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	LKML <linux-kernel@...r.kernel.org>,
	Dave Jones <davej@...hat.com>
Subject: Re: kernel BUG at fs/sysfs/group.c:65!

On Sun, Mar 10, 2013 at 12:36 AM, Tommi Rantala <tt.rantala@...il.com> wrote:
> [   40.089036]  [<ffffffff81222e29>] sysfs_get_dirent+0x39/0x80
> [   40.089036]  [<ffffffff81224ad9>] sysfs_remove_group+0x29/0x100
> [   40.089036]  [<ffffffff8113f2c4>] blk_trace_remove_sysfs+0x14/0x20
> [   40.089036]  [<ffffffff813453ae>] blk_unregister_queue+0x5e/0x90
> [   40.089036]  [<ffffffff8134d417>] del_gendisk+0x107/0x250
> [   40.089036]  [<ffffffff814f66b8>] loop_remove+0x18/0x40

Then the crash is triggered in device release path, which should have
been avoided in device add path.

If we want to fix the problem completely, add_disk() must handle failure
path correctly and return error code on failures, which may involve big
work, since add_disk() are called by 50+ drivers.

> [   40.089036]  [<ffffffff814f9369>] loop_control_ioctl+0x109/0x170
> [   40.089036]  [<ffffffff811b9542>] do_vfs_ioctl+0x522/0x570
> [   40.089036]  [<ffffffff8130a4b3>] ? file_has_perm+0x83/0xa0
> [   40.089036]  [<ffffffff811b95ed>] sys_ioctl+0x5d/0xa0
> [   40.089036]  [<ffffffff8136642e>] ? trace_hardirqs_on_thunk+0x3a/0x3f
> [   40.089036]  [<ffffffff81faeda9>] system_call_fastpath+0x16/0x1b
> [   40.089036] Code: d8 4c 8b 65 e0 4c 8b 6d e8 4c 8b 75 f0 4c 8b 7d
> f8 c9 c3 0f 1f 80 00 00 00 00 55 48 89 e5 41 56 49 89 f6 41 55 49 89
> d5 41 54 53 <0f> b7 87 90 00 00 00 48 8b 9f 88 00 00 00 f6 c4 0f 0f 95
> c0 48
> [   40.089036] RIP  [<ffffffff81222c11>] sysfs_find_dirent+0x11/0x100
> [   40.089036]  RSP <ffff880076b61d38>
> [   40.089036] CR2: 0000000000000090
> [   40.141131] ---[ end trace c506c3563256809f ]---
> [3406] Random reseed: 2579687274
> [watchdog] 27757 iterations. [F:24388 S:3368]
> [watchdog] kernel became tainted! Last seed was 2579687274

Thanks,
-- 
Ming Lei
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ