lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Fri, 04 Nov 2016 03:57:34 +0800
From:   kernel test robot <xiaolong.ye@...el.com>
To:     Jann Horn <jann@...jh.net>
Cc:     lkp@...org, linux-kernel@...r.kernel.org, linux-mm@...ck.org,
        linux-security-module@...r.kernel.org,
        Janis Danisevskis <jdanis@...gle.com>,
        Nick Kralevich <nnk@...gle.com>,
        Oleg Nesterov <oleg@...hat.com>,
        Ingo Molnar <mingo@...nel.org>,
        Andy Lutomirski <luto@...capital.net>, mchong@...gle.com,
        "Serge E. Hallyn" <serge@...lyn.com>,
        James Morris <james.l.morris@...cle.com>,
        Eric Paris <eparis@...isplace.org>,
        Stephen Smalley <sds@...ho.nsa.gov>,
        Paul Moore <paul@...l-moore.com>,
        Alexander Viro <viro@...iv.linux.org.uk>, security@...nel.org
Subject: [mm]  6bca77bba0: kernel BUG at kernel/cred.c:768!

FYI, we noticed the following commit:

https://github.com/0day-ci/linux Jann-Horn/fs-exec-don-t-force-writing-memory-access/20161103-111351
commit 6bca77bba07125097f31dd8387579ed6829b059a ("mm: add LSM hook for writes to readonly memory")

in testcase: boot

on test machine: qemu-system-x86_64 -enable-kvm -cpu host -smp 2 -m 4G

caused below changes:


+------------------------------------------+------------+------------+
|                                          | 70b85f2496 | 6bca77bba0 |
+------------------------------------------+------------+------------+
| boot_successes                           | 2          | 0          |
| boot_failures                            | 1          | 4          |
| invoked_oom-killer:gfp_mask=0x           | 1          |            |
| Mem-Info                                 | 1          |            |
| kernel_BUG_at_kernel/cred.c              | 0          | 4          |
| invalid_opcode:#[##]SMP                  | 0          | 4          |
| RIP:__invalid_creds                      | 0          | 4          |
| Kernel_panic-not_syncing:Fatal_exception | 0          | 4          |
+------------------------------------------+------------+------------+



[   18.032878] CRED: ->*uid = { -30719,-30719,21927,0 }
[   18.032880] CRED: ->*gid = { 1400324096,288,399048768,112 }
[   18.032904] ------------[ cut here ]------------
[   18.032906] kernel BUG at kernel/cred.c:768!
[   18.032908] invalid opcode: 0000 [#1] SMP
[   18.032910] Modules linked in:
[   18.032914] CPU: 1 PID: 2137 Comm: systemd-fstab-g Not tainted 4.9.0-rc3-00245-g6bca77b #109
[   18.032916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Debian-1.8.2-1 04/01/2014
[   18.032917] task: ffff8801181fa9c0 task.stack: ffffc900006d8000
[   18.032929] RIP: 0010:[<ffffffff810c67e9>]  [<ffffffff810c67e9>] __invalid_creds+0x4f/0x51
[   18.032930] RSP: 0018:ffffc900006dbe30  EFLAGS: 00010296
[   18.032931] RAX: 000000000000002f RBX: ffff8801187fb270 RCX: ffff8801181fa9c0
[   18.032933] RDX: ffffffff810ebbad RSI: ffffffff81d1689d RDI: 0000000000000202
[   18.032934] RBP: ffffc900006dbe48 R08: 0000000000000001 R09: 0000000000000000
[   18.032936] R10: ffffc900006dbe78 R11: ffffffff83669d0c R12: ffff880117c90040
[   18.032937] R13: ffff88011781f270 R14: ffff88013a1620e0 R15: ffff88011781f270
[   18.032939] FS:  00007ff617430880(0000) GS:ffff88013b400000(0000) knlGS:0000000000000000
[   18.032941] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   18.032942] CR2: 00007ff6170f1ac0 CR3: 0000000117da5000 CR4: 00000000000006e0
[   18.032948] Stack:
[   18.032952]  ffffffff82208cc2 0000010600000000 ffff8801187fb270 ffffc900006dbe68
[   18.032954]  ffffffff8125d9c4 ffff880117f2b840 0000000000000010 ffffc900006dbeb0
[   18.032957]  ffffffff81200c7d ffff880117f2b850 ffff880117810528 ffff880117f2b840
[   18.032957] Call Trace:
[   18.032967]  [<ffffffff8125d9c4>] mem_release+0x4c/0x68
[   18.032974]  [<ffffffff81200c7d>] __fput+0x10b/0x1c4
[   18.032977]  [<ffffffff81200d70>] ____fput+0xe/0x10
[   18.032990]  [<ffffffff810c2ee4>] task_work_run+0x77/0xa0
[   18.032993]  [<ffffffff81001501>] exit_to_usermode_loop+0x5f/0x8c
[   18.032996]  [<ffffffff81001bee>] syscall_return_slowpath+0xb7/0xcc
[   18.033001]  [<ffffffff81d17162>] entry_SYSCALL_64_fastpath+0xc0/0xc2
[   18.033029] Code: 8b 55 f4 48 c7 c7 a6 8c 20 82 48 8b 75 e8 e8 42 68 0d 00 48 c7 c6 b8 8c 20 82 48 89 df 65 48 8b 14 25 80 c6 00 00 e8 bf fe ff ff <0f> 0b 66 66 66 66 90 8b 47 04 85 c0 74 02 0f 0b 8b 07 85 c0 7f 
[   18.033032] RIP  [<ffffffff810c67e9>] __invalid_creds+0x4f/0x51
[   18.033033]  RSP <ffffc900006dbe30>
[   18.033060] ---[ end trace d26f7b8eb57189b9 ]---
[   18.033062] Kernel panic - not syncing: Fatal exception


To reproduce:

        git clone git://git.kernel.org/pub/scm/linux/kernel/git/wfg/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script  # job-script is attached in this email



Thanks,
Kernel Test Robot

View attachment "config-4.9.0-rc3-00245-g6bca77b" of type "text/plain" (112341 bytes)

View attachment "job-script" of type "text/plain" (4085 bytes)

Download attachment "dmesg.xz" of type "application/octet-stream" (14936 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ