lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Mon, 24 Oct 2016 10:57:17 +0200
From:   Zdenek Kabelac <zkabelac@...hat.com>
To:     LKML <linux-kernel@...r.kernel.org>, christophe.ricard@...il.com
Subject: BUG: stack guard page was hit tpm_tis_send_data

Hi

I've tried to boot 4.9.0-0.rc1.git3.2.fc26.x86_64 - end experienced this BUG 
report  (on Lenovo T61 4G)

systemd[335]: systemd-udev-settle.service: Executing: /usr/bin/udevadm settle
tpm_tis 00:06: 1.2 TPM (device-id 0x3203, rev-id 9)
FUJITSU Extended Socket Network Device Driver - version 1.1 - Copyright (c) 
2015 FUJITSU LIMITED
wmi: Mapper loaded
BUG: stack guard page was hit at ffffb62000ae0000 (stack is 
ffffb62000adc000..ffffb62000adffff)
kernel stack overflow (page fault): 0000 [#1] SMP
Modules linked in:
systemd[383]: systemd-backlight@...klight:intel_backlight.service: Executing: 
/usr/lib/systemd/systemd-backlight load backlight:intel_backlight
  snd
  wmi soundcore fjes rfkill parport_pc parport tpm_tis(+) tpm_tis_core tpm 
nfsd auth_rpcgss nfs_acl lockd grace binfmt_misc sunrpc loop dm_multipath i915 
i2c_algo_bit drm_kms_helper drm sdhci_pci sdhci mmc_core serio_raw ata_generic 
yenta_socket pata_acpi video
CPU: 1 PID: 350 Comm: systemd-udevd Not tainted 4.9.0-0.rc1.git3.2.fc26.x86_64 #1
Hardware name: LENOVO 6464CTO/6464CTO, BIOS 7LETC9WW (2.29 ) 03/18/2011
task: ffff936f73f057c0 task.stack: ffffb62000adc000
RIP: 0010:[<ffffffffc0478140>]  [<ffffffffc0478140>] 
tpm_tcg_write_bytes+0x30/0x50 [tpm_tis]
RSP: 0000:ffffb62000adf678  EFLAGS: 00010282
RAX: 000000000000ffef RBX: ffffb62000ae0001 RCX: ffffb62000adf83f
RDX: 000000000000fff0 RSI: 0000000000000024 RDI: 0000000000000000
RBP: ffffb62000adf698 R08: 00000000eea8a8a5 R09: 0000000000000000
R10: 0000000000000000 R11: ffff936f76411dc0 R12: 0000000000000024
R13: ffffb62000aef82f R14: ffff936f75555b28 R15: ffffb62000adf83e
FS:  00007ffa019f1680(0000) GS:ffff936f7bb00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffb62000ae0000 CR3: 00000001350c0000 CR4: 00000000000006e0
Stack:
  0000000000000001 ffff936f745a8000 ffff936f75555b28 00000000fffffff0
  ffffb62000adf6f8 ffffffffc0472d03 ffff936f75555b40 0000001500000000
  0000000000000015 c8004000000002ee 000000006813cb59 ffff936f745a8000
Call Trace:
  [<ffffffffc0472d03>] tpm_tis_send_data+0xd3/0x2b0 [tpm_tis_core]
  [<ffffffffc0472f1a>] tpm_tis_send_main+0x3a/0x120 [tpm_tis_core]
  [<ffffffffc0473046>] tpm_tis_send+0x46/0x130 [tpm_tis_core]
  [<ffffffffc0484453>] tpm_transmit+0x73/0x260 [tpm]
  [<ffffffffc048465f>] tpm_transmit_cmd+0x1f/0x70 [tpm]
  [<ffffffffc0484fa6>] tpm_get_timeouts.part.1+0x1e6/0x400 [tpm]
  [<ffffffff9353bf0f>] ? dev_vprintk_emit+0xbf/0x230
  [<ffffffff9353c0ce>] ? dev_printk_emit+0x4e/0x70
  [<ffffffffc0486917>] ? tpm2_probe+0x77/0xb0 [tpm]
  [<ffffffff9353c43c>] ? __dev_printk+0x3c/0x80
  [<ffffffff9353c94c>] ? _dev_info+0x6c/0x90
  [<ffffffffc0485227>] tpm_get_timeouts+0x67/0x70 [tpm]
  [<ffffffffc04733a7>] tpm_tis_core_init+0x277/0xed0 [tpm_tis_core]
  [<ffffffffc0478227>] tpm_tis_init+0x77/0x90 [tpm_tis]
  [<ffffffffc0478550>] ? tpm_tis_plat_probe+0x100/0x100 [tpm_tis]
  [<ffffffffc0478625>] tpm_tis_pnp_init+0xd5/0x196 [tpm_tis]
  [<ffffffff934b9dc5>] pnp_device_probe+0x65/0xc0
  [<ffffffff935408d3>] driver_probe_device+0x223/0x430
  [<ffffffff93540bbf>] __driver_attach+0xdf/0xf0
  [<ffffffff93540ae0>] ? driver_probe_device+0x430/0x430
  [<ffffffff9353e2bc>] bus_for_each_dev+0x6c/0xc0
  [<ffffffff9354001e>] driver_attach+0x1e/0x20
  [<ffffffff9353fa50>] bus_add_driver+0x170/0x270
  [<ffffffffc047d000>] ? 0xffffffffc047d000
  [<ffffffff935414e0>] driver_register+0x60/0xe0
  [<ffffffffc047d000>] ? 0xffffffffc047d000
  [<ffffffff934b9c00>] pnp_register_driver+0x20/0x30
  [<ffffffffc047d0a1>] init_tis+0xa1/0x1000 [tpm_tis]
  [<ffffffff931bb9da>] ? do_init_module+0x27/0x1ef
  [<ffffffff93209c05>] ? vunmap_page_range+0x215/0x380
  [<ffffffff93002190>] do_one_initcall+0x50/0x180
  [<ffffffff9322ad82>] ? kmem_cache_alloc_trace+0x172/0x1b0
  [<ffffffff931bb9da>] ? do_init_module+0x27/0x1ef
  [<ffffffff931bba12>] do_init_module+0x5f/0x1ef
  [<ffffffff9312f5c1>] load_module+0x25b1/0x2980
  [<ffffffff9312bea0>] ? __symbol_put+0x60/0x60
  [<ffffffff9312fb03>] SYSC_init_module+0x173/0x190
  [<ffffffff9312fc3e>] SyS_init_module+0xe/0x10
  [<ffffffff93003c17>] do_syscall_64+0x67/0x180
  [<ffffffff938112ab>] entry_SYSCALL64_slow_path+0x25/0x25
Code: 8d 42 ff 55 66 85 d2 0f b7 c0 48 89 e5 41 56 41 55 4c 8d 6c 01 01 41 54 
53 74 22 49 89 fe 48 89 cb 41 89 f4 48 83 c3 01 4c 89 e6 <0f> b6 7b ff 49 03 
76 50 e8 a3 cc f8 d2 49 39 dd 75 e7 5b 31 c0
RIP  [<ffffffffc0478140>] tpm_tcg_write_bytes+0x30/0x50 [tpm_tis]
  RSP <ffffb62000adf678>
---[ end trace 974f468696d1d0af ]---

Regards

Zdenek

Powered by blists - more mailing lists