lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1400287582.11005.118359877.7B81534B@webmail.messagingengine.com>
Date:	Fri, 16 May 2014 17:46:22 -0700
From:	Hannes Frederic Sowa <hannes@...essinduktion.org>
To:	Peter Zijlstra <peterz@...radead.org>,
	"H. Peter Anvin" <hpa@...ux.intel.com>
Cc:	Sasha Levin <sasha.levin@...cle.com>,
	Ingo Molnar <mingo@...nel.org>, acme@...stprotocols.net,
	LKML <linux-kernel@...r.kernel.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	Dave Jones <davej@...hat.com>, tytso@....edu, price@....EDU
Subject: Re: BUG_ON drivers/char/random.c:986 (Was: perf: use after free in
 perf_remove_from_context)

On Fri, May 16, 2014, at 9:21, Peter Zijlstra wrote:
> On Fri, May 16, 2014 at 09:06:13AM -0700, H. Peter Anvin wrote:
> > On 05/16/2014 08:34 AM, Peter Zijlstra wrote:
> > > 
> > > While fuzzing to reproduce my issue I hit the below, its triggered loads
> > > of times and then the machine wedged (needed a power cycle), I can
> > > provide the full console log if people care.
> > > 
> > > Anybody seen that one before?
> > > 
> > 
> > I certainly haven't... this bad.  Any idea what the actual system call
> > looked like?
> 
> Sadly, no, while I had syscall tracing enabled, the bug I'm chasing is
> non fatal so I hadn't set it to dump on bug -- not that dumping 24*1.4M
> trace buffers over serial would've completed this side of the century.
> 
> I did save the trinity output (including seeds) but my experience so far
> is that that is no guarantee for reproduction.

This should do the trick:
dd if=/dev/urandom of=/dev/zero bs=67108707

I suspect ee1de406ba6eb1 ("random: simplify accounting logic") as the
culprit.

Bye,

  Hannes
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ