lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <5382A829.1060905@intel.com>
Date:	Mon, 26 May 2014 10:34:17 +0800
From:	Jet Chen <jet.chen@...el.com>
To:	Kees Cook <keescook@...omium.org>
CC:	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	linux-security-module@...r.kernel.org,
	Fengguang Wu <fengguang.wu@...el.com>
Subject: [LSM] Kernel panic - not syncing: Yama: kernel registration failed.

Hi Kees,

0day kernel testing robot got the below dmesg and the first bad commit is

git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git lsm-mod-pin
commit 15e961b72496a2302914a66575f8f4b25463d65c
Author:     Kees Cook <keescook@...omium.org>
AuthorDate: Fri Sep 20 10:06:46 2013 -0700
Commit:     Kees Cook <keescook@...omium.org>
CommitDate: Wed May 21 17:23:01 2014 -0700

    LSM: ModPin LSM for module loading restrictions
        This LSM enforces that modules must all come from the same filesystem,
    with the expectation that such a filesystem is backed by a read-only
    device such as dm-verity or CDROM. This allows systems that have a
    verified or unchanging filesystem to enforce module loading restrictions
    without needing to sign the modules individually.
        Signed-off-by: Kees Cook <keescook@...omium.org>

+----------------------------------------------------------+-----------+------------+
|                                                          | v3.15-rc6 | 15e961b724 |
+----------------------------------------------------------+-----------+------------+
| boot_successes                                           | 60        | 0          |
| boot_failures                                            | 0         | 20         |
| Kernel_panic-not_syncing:Yama:kernel_registration_failed | 0         | 20         |
| backtrace:panic                                          | 0         | 20         |
| backtrace:yama_init                                      | 0         | 20         |
| backtrace:security_init                                  | 0         | 20         |
+----------------------------------------------------------+-----------+------------+


[    0.020000] Security Framework initialized
[    0.020000] ModPin LSM: ready to pin.
[    0.020000] Yama: becoming mindful.
[    0.020000] Kernel panic - not syncing: Yama: kernel registration failed.
[    0.020000] [    0.020000] CPU: 0 PID: 0 Comm: swapper Not tainted 3.15.0-rc6-00001-g15e961b #1
[    0.020000] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[    0.020000]  0000000000000000 ffffffff82801eb0 ffffffff81ebc563 ffffffff82801f28
[    0.020000]  ffffffff81eb665d ffffffff00000008 ffffffff82801f38 ffffffff82801ed8
[    0.020000]  ffffffff81eb762c 0000000000000001 ffffffff8281b480 0000000000000000
[    0.020000] Call Trace:
[    0.020000]  [<ffffffff81ebc563>] dump_stack+0x19/0x1b
[    0.020000]  [<ffffffff81eb665d>] panic+0xcb/0x1e4
[    0.020000]  [<ffffffff81eb762c>] ? printk+0x4f/0x51
[    0.020000]  [<ffffffff829e1232>] yama_init+0x61/0x65
[    0.020000]  [<ffffffff829e0289>] security_init+0x35/0x47
[    0.020000]  [<ffffffff829c5d54>] start_kernel+0x45c/0x4ba
[    0.020000]  [<ffffffff829c5706>] ? repair_env_string+0x5a/0x5a
[    0.020000]  [<ffffffff829c5120>] ? early_idt_handlers+0x120/0x120
[    0.020000]  [<ffffffff829c5421>] x86_64_start_reservations+0x2a/0x2c
[    0.020000]  [<ffffffff829c54fa>] x86_64_start_kernel+0xd7/0xe4

Elapsed time: 5
qemu-system-x86_64 -cpu kvm64 -enable-kvm -kernel /kernel/x86_64-randconfig-s0-05250024/15e961b72496a2302914a66575f8f4b25463d65c/vmlinuz-3.15.0-rc6-00001-g15e961b -append 'hung_task_panic=1 earlyprintk=ttyS0,115200 debug apic=debug sysrq_always_enabled rcupdate.rcu_cpu_stall_timeout=100 panic=10 softlockup_panic=1 nmi_watchdog=panic  prompt_ramdisk=0 console=ttyS0,115200 console=tty0 vga=normal  root=/dev/ram0 rw link=/kbuild-tests/run-queue/kvm/x86_64-randconfig-s0-05250024/linux-devel:devel-hourly-2014052422:15e961b72496a2302914a66575f8f4b25463d65c:bisect-linux2/.vmlinuz-15e961b72496a2302914a66575f8f4b25463d65c-20140525020645-18-ivb44 branch=linux-devel/devel-hourly-2014052422 BOOT_IMAGE=/kernel/x86_64-randconfig-s0-05250024/15e961b72496a2302914a66575f8f4b25463d65c/vmlinuz-3.15.0-rc6-00001-g15e961b drbd.minor_count=8'  -initrd /kernel-tests/initrd/quantal-core-x86_64.cgz -m 320 -smp 2 -net nic,vlan=1,model=e1000 -net user,vlan=1 -boot order=nc -no-reboot -watchdog i6300esb -rtc
base=localtime -pidfile /dev/shm/kboot/pid-quantal-ivb44-37 -serial file:/dev/shm/kboot/serial-quantal-ivb44-37 -daemonize -display none -monitor null
git bisect start 2a70639cc4ea08bd40712cb010cabbb24b8ec939 4b660a7f5c8099d88d1a43d8ae138965112592c7 --
git bisect  bad 3e7094f8f4479ad5c2dae652779385c6a5860963  # 01:10      0-     20  Merge 'arm-soc/sti/dt' into devel-hourly-2014052422
git bisect  bad c758b8624c09283de327df15ba363ad6e19d9cbb  # 01:21      0-     20  Merge 'driver-core/driver-core-next' into devel-hourly-2014052422
git bisect good 45eeb88abd75477c8f2edbaaf193c834e4472f9b  # 01:31     20+      0  Merge 'arm-soc/qcom/dt' into devel-hourly-2014052422
git bisect good bd58b5faa0113b5306697b510f48ae4d684aa4b2  # 01:41     20+      0  Merge 'arm-soc/qcom/defconfig' into devel-hourly-2014052422
git bisect good 6d89122f9b4106872ff4cb08b912ced4418a3611  # 01:47     20+      0  Merge 'pci/next' into devel-hourly-2014052422
git bisect  bad 3fb6f99039f45799a98cd6c9967396b20b7dafcf  # 01:58      0-     20  Merge 'kees/lsm-mod-pin' into devel-hourly-2014052422
git bisect  bad 15e961b72496a2302914a66575f8f4b25463d65c  # 02:07      0-     20  LSM: ModPin LSM for module loading restrictions
# first bad commit: [15e961b72496a2302914a66575f8f4b25463d65c] LSM: ModPin LSM for module loading restrictions
git bisect good 4b660a7f5c8099d88d1a43d8ae138965112592c7  # 02:10     60+      0  Linux 3.15-rc6
git bisect  bad 2a70639cc4ea08bd40712cb010cabbb24b8ec939  # 02:10      0-     13  0day head guard for 'devel-hourly-2014052422'
git bisect good 1ee1ceafb572f1a925809168267a7962a4289de8  # 02:41     60+      0  Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc
git bisect good f13c6d93ae8ebdfb1301e43051bcec78eb92995f  # 02:47     60+      0  Add linux-next specific files for 20140523


This script may reproduce the error.

-----------------------------------------------------------------------------
#!/bin/bash

kernel=$1

kvm=(
	qemu-system-x86_64 -cpu kvm64 -enable-kvm 	-kernel $kernel
	-smp 2
	-m 256M
	-net nic,vlan=0,macaddr=00:00:00:00:00:00,model=virtio
	-net user,vlan=0
	-net nic,vlan=1,model=e1000
	-net user,vlan=1
	-boot order=nc
	-no-reboot
	-watchdog i6300esb
	-serial stdio
	-display none
	-monitor null
)

append=(
	debug
	sched_debug
	apic=debug
	ignore_loglevel
	sysrq_always_enabled
	panic=10
	prompt_ramdisk=0
	earlyprintk=ttyS0,115200
	console=ttyS0,115200
	console=tty0
	vga=normal
	root=/dev/ram0
	rw
)

"${kvm[@]}" --append "${append[*]}"
-----------------------------------------------------------------------------

Thanks,
Jet


View attachment "dmesg-quantal-ivb44-37:20140525020656:x86_64-randconfig-s0-05250024:3.15.0-rc6-00001-g15e961b:1" of type "text/plain" (19742 bytes)

Download attachment "x86_64-randconfig-s0-05250024-2a70639cc4ea08bd40712cb010cabbb24b8ec939-Kernel-panic---not-syncing:-Yama:-kernel-registration-failed--122975.log" of type "application/octet-stream" (42359 bytes)

View attachment "config-3.15.0-rc6-00001-g15e961b" of type "text/plain" (96455 bytes)

View attachment "Attached Message Part" of type "text/plain" (87 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ