lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170605134823.GA24454@rei.lan>
Date:   Mon, 5 Jun 2017 15:48:23 +0200
From:   Cyril Hrubis <chrubis@...e.cz>
To:     Bixuan Cui <cuibixuan@...il.com>
Cc:     linux-kernel@...r.kernel.org, David Howells <dhowells@...hat.com>,
        James Morris <james.l.morris@...cle.com>,
        "Serge E. Hallyn" <serge@...lyn.com>, keyrings@...r.kernel.org,
        ltp@...ts.linux.it
Subject: Re: kernel of next-20170602 call trace when run add_key02 in LTP

Hi,
> Compile kernel (next-20170602) and run ltp, find:
> 
> / # ./add_key02
> tst_test.c:878: INFO: Timeout per run is 0h 05m 00s
> [  341.183219] BUG: unable to handle kernel NULL pointer dereference at   (null)
> [  341.183850] IP: memset+0x10/0x20
> [  341.184550] *pdpt = 0000000035441001 *pde = 0000000000000000
> [  341.184550]
> [  341.184550] Oops: 0002 [#2] SMP
> [  341.184550] Modules linked in:
> [  341.184550] CPU: 0 PID: 124 Comm: add_key02 Tainted: G S    D W
>   4.12.0-rc3-next-20170602 #3
> [  341.184550] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),
> BIOS Bochs 01/01/2011
> [  341.184550] task: f5b9ca00 task.stack: f6514000
> [  341.184550] EIP: memset+0x10/0x20
> [  341.184550] EFLAGS: 00000246 CPU: 0
> [  341.184550] EAX: 00000000 EBX: 00000000 ECX: 00000001 EDX: 00000000
> [  341.184550] ESI: 00000000 EDI: 00000000 EBP: f6515f24 ESP: f6515f1c
> [  341.184550]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
> [  341.184550] CR0: 80050033 CR2: 00000000 CR3: 36404920 CR4: 000006f0
> [  341.184550] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
> [  341.184550] DR6: 00000000 DR7: 00000000
> [  341.184550] Call Trace:
> [  341.184550]  memzero_explicit+0xf/0x20
> [  341.184550]  SyS_add_key+0x11f/0x1c0
> [  341.184550]  ? change_pid+0x13/0x50
> [  341.184550]  do_fast_syscall_32+0x8b/0x130
> [  341.184550]  entry_SYSENTER_32+0x4e/0x7c
> [  341.184550] EIP: 0xb772ddc1
> [  341.184550] EFLAGS: 00000246 CPU: 0
> [  341.184550] EAX: ffffffda EBX: 080de341 ECX: 080de346 EDX: 00000000
> [  341.184550] ESI: 00000001 EDI: fffffffc EBP: 0808aa97 ESP: bfe3636c
> [  341.184550]  DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b
> [  341.184550] Code: 8a 0e 88 0f 8d b4 26 00 00 00 00 8b 45 f0 83 c4
> 04 5b 5e 5f 5d c3 90 8d 74 26 00 3e 8d 74 26 00 55 89 e5 57 89 c7 53
> 89 c3 89 d0 <f3> aa 89 d8 5b 5f 5d c3 90 90 90 90 90 90 90 90 3e 8d 74
> 26 00
> [  341.184550] EIP: memset+0x10/0x20 SS:ESP: 0068:f6515f1c
> [  341.184550] CR2: 0000000000000000
> [  341.219144] ---[ end trace e3963c970d107f91 ]---
> tst_test.c:928: INFO: If you are running on slow machine, try
> exporting LTP_TIMEOUT_MUL > 1
> tst_test.c:929: BROK: Test killed! (timeout?)
> 
> I try to use other tags and kernel on next-20170427 is ok, but
> next-20170502 fail.
> Is it bug?

Looks like a kernel bug to me.

The test is a very simple one that just does:

add_key("keyring", "wjkey", NULL, 0, KEY_SPEC_THREAD_KEYRING));

And expects success.


Also CCing LTP ML and relevant maintainers.

-- 
Cyril Hrubis
chrubis@...e.cz

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ