lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CA+ydwtqyfZE0Fe0LkpkyJeFFBHhyXm1kUUGJtPkwuBLJ-LS4fw@mail.gmail.com>
Date:	Thu, 27 Feb 2014 21:05:09 +0200
From:	Tommi Rantala <tt.rantala@...il.com>
To:	David Howells <dhowells@...hat.com>,
	James Morris <james.l.morris@...cle.com>,
	keyrings@...ux-nfs.org, linux-security-module@...r.kernel.org
Cc:	LKML <linux-kernel@...r.kernel.org>, trinity@...r.kernel.org,
	Dave Jones <davej@...hat.com>
Subject: kernel BUG at security/keys/keyring.c:1003!

Hello,

Hit the following BUG while fuzzing 3.14.0-rc3 with trinity.

Tommi

[708836.755392] ------------[ cut here ]------------
[708836.756044] kernel BUG at /build/linux/security/keys/keyring.c:1003!
[708836.756044] invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC
[708836.756044] CPU: 0 PID: 5594 Comm: trinity-c26 Not tainted 3.14.0-rc3 #1
[708836.756044] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[708836.756044] task: ffff880036a3ca40 ti: ffff880003e6e000 task.ti:
ffff880003e6e000
[708836.756044] RIP: 0010:[<ffffffff814ac7be>]  [<ffffffff814ac7be>]
keyring_detect_cycle_iterator+0xe/0x20
[708836.756044] RSP: 0000:ffff880003e6fdb0  EFLAGS: 00010206
[708836.756044] RAX: ffff880056025b82 RBX: 000000000000003a RCX:
0000000000000003
[708836.756044] RDX: 0000000000000003 RSI: ffff880003e6fe98 RDI:
ffff880056025b80
[708836.756044] RBP: ffff880003e6fdb0 R08: 0000000000000064 R09:
0000000000000000
[708836.756044] R10: ffff880036a3ca40 R11: 0000000000000000 R12:
ffff880003e6fe98
[708836.756044] R13: 0000000000000000 R14: ffff880003e6fe98 R15:
ffff88006c950780
[708836.756044] FS:  00007f88ae6bd700(0000) GS:ffff8800bf600000(0000)
knlGS:0000000000000000
[708836.756044] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[708836.756044] CR2: 0000000000000004 CR3: 000000003ba4d000 CR4:
00000000000006f0
[708836.756044] DR0: 0000000000899000 DR1: 000000000115a000 DR2:
0000000001b66000
[708836.756044] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7:
0000000000000600
[708836.756044] Stack:
[708836.756044]  ffff880003e6fe80 ffffffff814ac9e2 ffffffff81078869
ffff880003e6fdf0
[708836.756044]  ffffffff81179f4d ffff8800bf7d5a40 00000000001d5a40
0000000000000000
[708836.756044]  ffff88006c950780 0000000000000000 0000000000000002
0000000000000001
[708836.756044] Call Trace:
[708836.756044]  [<ffffffff814ac9e2>] search_nested_keyrings+0xf2/0x340
[708836.756044]  [<ffffffff81078869>] ? sched_clock+0x9/0x10
[708836.756044]  [<ffffffff81179f4d>] ? sched_clock_local+0x1d/0x90
[708836.756044]  [<ffffffff814ad246>] ? __key_link_check_live_key+0x26/0x160
[708836.756044]  [<ffffffff814ad303>] __key_link_check_live_key+0xe3/0x160
[708836.756044]  [<ffffffff814ad246>] ? __key_link_check_live_key+0x26/0x160
[708836.756044]  [<ffffffff814ac7b0>] ? keyring_instantiate+0xf0/0xf0
[708836.756044]  [<ffffffff814ad4ac>] key_link+0x5c/0xb0
[708836.756044]  [<ffffffff814adfee>] keyctl_keyring_link+0x7e/0xb0
[708836.756044]  [<ffffffff814af508>] SyS_keyctl+0x98/0x1a0
[708836.756044]  [<ffffffff82381209>] ia32_do_call+0x13/0x13
[708836.756044] Code: c0 eb 12 66 2e 0f 1f 84 00 00 00 00 00 31 c0 66
0f 1f 44 00 00 5b 41 5c 5d f3 c3 66 90 48 83 e7 fc 48 39 7e 28 55 48
89 e5 74 02 <0f> 0b b8 01 00 00 00 48 c7 46 48 dd ff ff ff 5d c3 90 55
48 89
[708836.756044] RIP  [<ffffffff814ac7be>] keyring_detect_cycle_iterator+0xe/0x20
[708836.756044]  RSP <ffff880003e6fdb0>
[708836.855231] ---[ end trace e2b699c76aca5cff ]---
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ