lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAGXu5jK4_A7gez9p_h9dn0f1keyCzAh1C-ZMqgZ-hoko9NtAbA@mail.gmail.com>
Date:   Thu, 9 Feb 2017 15:49:27 -0800
From:   Kees Cook <keescook@...omium.org>
To:     Brian Norris <briannorris@...omium.org>
Cc:     Anton Vorontsov <anton@...msg.org>,
        Colin Cross <ccross@...roid.com>,
        Tony Luck <tony.luck@...el.com>,
        LKML <linux-kernel@...r.kernel.org>,
        Joel Fernandes <joelaf@...gle.com>,
        Guenter Roeck <linux@...ck-us.net>
Subject: Re: [PATCH] pstore: unconditionally initialize spinlock and flags

On Thu, Feb 9, 2017 at 3:04 PM, Brian Norris <briannorris@...omium.org> wrote:
> We check to see if a buffer is already sane-looking, and if it's sane,
> we don't wipe it. But that's not an excuse to avoid initializing our
> spinlocks or setting our flags. Without this, we might see spinlock
> debugging messages like this at boot:

Aaaand, now I've added CONFIG_DEBUG_SPINLOCK to all my test builds...
:P Thanks for catching this!

> [    0.760836] persistent_ram: found existing buffer, size 29988, start 29988
> [    0.765112] persistent_ram: found existing buffer, size 30105, start 30105
> [    0.769435] persistent_ram: found existing buffer, size 118542, start 118542
> [    0.785960] persistent_ram: found existing buffer, size 0, start 0
> [    0.786098] persistent_ram: found existing buffer, size 0, start 0
> [    0.786131] pstore: using zlib compression
> [    0.790716] BUG: spinlock bad magic on CPU#0, swapper/0/1
> [    0.790729]  lock: 0xffffffc0d1ca9bb0, .magic: 00000000, .owner: <none>/-1, .owner_cpu: 0
> [    0.790742] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.10.0-rc2+ #913
> [    0.790747] Hardware name: Google Kevin (DT)
> [    0.790750] Call trace:
> [    0.790768] [<ffffff900808ae88>] dump_backtrace+0x0/0x2bc
> [    0.790780] [<ffffff900808b164>] show_stack+0x20/0x28
> [    0.790794] [<ffffff9008460ee0>] dump_stack+0xa4/0xcc
> [    0.790809] [<ffffff9008113cfc>] spin_dump+0xe0/0xf0
> [    0.790821] [<ffffff9008113d3c>] spin_bug+0x30/0x3c
> [    0.790834] [<ffffff9008113e28>] do_raw_spin_lock+0x50/0x1b8
> [    0.790846] [<ffffff9008a2d2ec>] _raw_spin_lock_irqsave+0x54/0x6c
> [    0.790862] [<ffffff90083ac3b4>] buffer_size_add+0x48/0xcc
> [    0.790875] [<ffffff90083acb34>] persistent_ram_write+0x60/0x11c
> [    0.790888] [<ffffff90083aab1c>] ramoops_pstore_write_buf+0xd4/0x2a4
> [    0.790900] [<ffffff90083a9d3c>] pstore_console_write+0xf0/0x134
> [    0.790912] [<ffffff900811c304>] console_unlock+0x48c/0x5e8
> [    0.790923] [<ffffff900811da18>] register_console+0x3b0/0x4d4
> [    0.790935] [<ffffff90083aa7d0>] pstore_register+0x1a8/0x234
> [    0.790947] [<ffffff90083ac250>] ramoops_probe+0x6b8/0x7d4
> [    0.790961] [<ffffff90085ca548>] platform_drv_probe+0x7c/0xd0
> [    0.790972] [<ffffff90085c76ac>] driver_probe_device+0x1b4/0x3bc
> [    0.790982] [<ffffff90085c7ac8>] __device_attach_driver+0xc8/0xf4
> [    0.790996] [<ffffff90085c4bfc>] bus_for_each_drv+0xb4/0xe4
> [    0.791006] [<ffffff90085c7414>] __device_attach+0xd0/0x158
> [    0.791016] [<ffffff90085c7b18>] device_initial_probe+0x24/0x30
> [    0.791026] [<ffffff90085c648c>] bus_probe_device+0x50/0xe4
> [    0.791038] [<ffffff90085c35b8>] device_add+0x3a4/0x76c
> [    0.791051] [<ffffff90087d0e84>] of_device_add+0x74/0x84
> [    0.791062] [<ffffff90087d19b8>] of_platform_device_create_pdata+0xc0/0x100
> [    0.791073] [<ffffff90087d1a2c>] of_platform_device_create+0x34/0x40
> [    0.791086] [<ffffff900903c910>] of_platform_default_populate_init+0x58/0x78
> [    0.791097] [<ffffff90080831fc>] do_one_initcall+0x88/0x160
> [    0.791109] [<ffffff90090010ac>] kernel_init_freeable+0x264/0x31c
> [    0.791123] [<ffffff9008a25bd0>] kernel_init+0x18/0x11c
> [    0.791133] [<ffffff9008082ec0>] ret_from_fork+0x10/0x50
> [    0.793717] console [pstore-1] enabled
> [    0.797845] pstore: Registered ramoops as persistent store backend
> [    0.804647] ramoops: attached 0x100000@...7edc000, ecc: 0/0
>
> Fixes: 663deb47880f ("pstore: Allow prz to control need for locking")
> Fixes: 109704492ef6 ("pstore: Make spinlock per zone instead of global")
> Signed-off-by: Brian Norris <briannorris@...omium.org>
> ---
>> > Sorry for the late notice, but I just booted 4.10 on a Chromebook. This also
>> > may not be the "perfect" fix, but it's what I scrounged up in 5 minutes today.
>>
>> Eek! Thank you for catching this. I'll send to Linus for -rc8 (or
>> final?). If it's too late we'll get it in via -stable.
>
> Sorry, there's one more regression... This might be relatively harmless,
> since a 0-initialized spinlock is probably OK?

Yeah, I checked that at least x86 and ARM's unlocked spinlock
initializer is 0, so this is fix isn't critical, but it may cause
issues with the flags setting. I've rearranged the solution a bit, and
I'll get it into my -next tree. Thanks again!

-Kees

-- 
Kees Cook
Pixel Security

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ