| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Nov 2017 07:48:47 +0100
From: Sebastian Gottschall <s.gottschall@...wrt.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-kernel@...r.kernel.org
Cc: torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
linux@...ck-us.net, shuahkh@....samsung.com, patches@...nelci.org,
ben.hutchings@...ethink.co.uk, stable@...r.kernel.org
Subject: Re: [PATCH 4.9 00/87] 4.9.62-stable review --> crash
ahm it compiles well. but
[ 24.838120] Unable to handle kernel NULL pointer dereference at
virtual address 00000055
[ 24.846193] pgd = c0004000
[ 24.848893] [00000055] *pgd=00000000
[ 24.852472] Internal error: Oops - BUG: 817 [#1] PREEMPT SMP ARM
[ 24.858463] Modules linked in: xhci_plat_hcd xhci_pci xhci_hcd
ohci_hcd ehci_pci ehci_platform ehci_hcd usbcore usb_common nls_base
qca_ssdk gpio_pca953x mii_gpio wil6210 ath10k_pci ath10k_core ath9k
ath9k_common ath9k_hw ath mac80211 cfg80211 compat
[ 24.880852] CPU: 2 PID: 0 Comm: swapper/2 Not tainted 4.9.62-rc1 #90
[ 24.887189] Hardware name: AnnapurnaLabs Alpine (Device Tree)
[ 24.892921] task: ef029ac0 task.stack: ef05a000
[ 24.897444] PC is at nf_nat_cleanup_conntrack+0x4c/0x74
[ 24.902657] LR is at nf_nat_cleanup_conntrack+0x38/0x74
[ 24.907869] pc : [<c04858c8>] lr : [<c04858b4>] psr: 60000153
[ 24.907869] sp : ef05bb58 ip : ef05bb58 fp : ef05bb6c
[ 24.919317] r10: ed230cc0 r9 : ed230c00 r8 : edf45800
[ 24.924529] r7 : ebcd2f00 r6 : ec33739e r5 : c0892294 r4 : ebcd2f00
[ 24.931040] r3 : 00000000 r2 : 00000055 r1 : 00000000 r0 : c0892718
[ 24.937551] Flags: nZCv IRQs on FIQs off Mode SVC_32 ISA ARM
Segment user
[ 24.944755] Control: 10c5387d Table: 2bd1006a DAC: 00000055
[ 24.950486] Process swapper/2 (pid: 0, stack limit = 0xef05a210)
[ 24.956477] Stack: (0xef05bb58 to 0xef05c000)
will dig into the code to find the reason
Am 13.11.2017 um 13:55 schrieb Greg Kroah-Hartman:
> This is the start of the stable review cycle for the 4.9.62 release.
> There are 87 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Wed Nov 15 12:55:40 UTC 2017.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
> kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.62-rc1.gz
> or in the git tree and branch at:
> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y
> and the diffstat can be found below.
>
> thanks,
>
> greg k-h
>
> -------------
> Pseudo-Shortlog of commits:
>
> Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> Linux 4.9.62-rc1
>
> Borislav Petkov <bp@...e.de>
> x86/oprofile/ppro: Do not use __this_cpu*() in preemptible context
>
> Pavel Tatashin <pasha.tatashin@...cle.com>
> x86/smpboot: Make optimization of delay calibration work correctly
>
> Florian Westphal <fw@...len.de>
> netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to rhashtable"
>
> Richard Schütz <rschuetz@...-koblenz.de>
> can: c_can: don't indicate triple sampling support for D_CAN
>
> Marek Vasut <marex@...x.de>
> can: ifi: Fix transmitter delay calculation
>
> Gerhard Bertelsmann <info@...hard-bertelsmann.de>
> can: sun4i: handle overrun in RX FIFO
>
> John Stultz <john.stultz@...aro.org>
> drm/bridge: adv7511: Re-write the i2c address before EDID probing
>
> John Stultz <john.stultz@...aro.org>
> drm/bridge: adv7511: Reuse __adv7511_power_on/off() when probing EDID
>
> John Stultz <john.stultz@...aro.org>
> drm/bridge: adv7511: Rework adv7511_power_on/off() so they can be reused internally
>
> Sinclair Yeh <syeh@...are.com>
> drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue
>
> Ilya Dryomov <idryomov@...il.com>
> rbd: use GFP_NOIO for parent stat and data requests
>
> Kai-Heng Feng <kai.heng.feng@...onical.com>
> Input: elan_i2c - add ELAN060C to the ACPI table
>
> Oswald Buddenhagen <oswald.buddenhagen@....de>
> MIPS: AR7: Ensure that serial ports are properly set up
>
> Jonas Gorski <jonas.gorski@...il.com>
> MIPS: AR7: Defer registration of GPIO
>
> Jaedon Shin <jaedon.shin@...il.com>
> MIPS: BMIPS: Fix missing cbr address
>
> Marcus Cooper <codekipper@...il.com>
> ASoC: sun4i-spdif: remove legacy dapm components
>
> Luis R. Rodriguez <mcgrof@...nel.org>
> tools: firmware: check for distro fallback udev cancel rule
>
> Luis R. Rodriguez <mcgrof@...nel.org>
> selftests: firmware: send expected errors to /dev/null
>
> Matt Redfearn <matt.redfearn@...tec.com>
> MIPS: SMP: Fix deadlock & online race
>
> Matija Glavinic Pecotic <matija.glavinic-pecotic.ext@...ia.com>
> MIPS: Fix race on setting and getting cpu_online_mask
>
> Matt Redfearn <matt.redfearn@...tec.com>
> MIPS: SMP: Use a completion event to signal CPU up
>
> Paul Burton <paul.burton@...s.com>
> MIPS: Fix CM region target definitions
>
> Gustavo A. R. Silva <garsilva@...eddedor.com>
> MIPS: microMIPS: Fix incorrect mask in insn_table_MM
>
> Maarten Lankhorst <maarten.lankhorst@...ux.intel.com>
> drm/i915: Do not rely on wm preservation for ILK watermarks
>
> Takashi Iwai <tiwai@...e.de>
> ALSA: seq: Avoid invalid lockdep class warning
>
> Takashi Iwai <tiwai@...e.de>
> ALSA: seq: Fix OSS sysex delivery in OSS emulation
>
> Mark Rutland <mark.rutland@....com>
> ARM: 8720/1: ensure dump_instr() checks addr_limit
>
> Eric Biggers <ebiggers@...gle.com>
> KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2]
>
> Andrey Ryabinin <aryabinin@...tuozzo.com>
> crypto: x86/sha256-mb - fix panic due to unaligned access
>
> Andrey Ryabinin <aryabinin@...tuozzo.com>
> crypto: x86/sha1-mb - fix panic due to unaligned access
>
> Romain Izard <romain.izard.pro@...il.com>
> crypto: ccm - preserve the IV buffer
>
> Li Bin <huawei.libin@...wei.com>
> workqueue: Fix NULL pointer dereference
>
> Peter Zijlstra <peterz@...radead.org>
> x86/uaccess, sched/preempt: Verify access_ok() context
>
> Carlo Caione <carlo@...lessm.com>
> platform/x86: hp-wmi: Do not shadow error values
>
> Carlo Caione <carlo@...lessm.com>
> platform/x86: hp-wmi: Fix error value for hp_wmi_tablet_state
>
> Eric Biggers <ebiggers@...gle.com>
> KEYS: trusted: fix writing past end of buffer in trusted_read()
>
> Eric Biggers <ebiggers@...gle.com>
> KEYS: trusted: sanitize all key material
>
> Enrico Mioso <mrkiko.rs@...il.com>
> cdc_ncm: Set NTB format again after altsetting switch for Huawei devices
>
> Carlo Caione <carlo@...lessm.com>
> platform/x86: hp-wmi: Fix detection for dock and tablet mode
>
> Vivien Didelot <vivien.didelot@...oirfairelinux.com>
> net: dsa: select NET_SWITCHDEV
>
> Thomas Petazzoni <thomas.petazzoni@...e-electrons.com>
> clk: mvebu: adjust AP806 CPU clock frequencies to production chip
>
> Bart Van Assche <bart.vanassche@...disk.com>
> IB/rxe: Fix reference leaks in memory key invalidation code
>
> Bjorn Andersson <bjorn.andersson@...aro.org>
> wcn36xx: Don't use the destroyed hal_mutex
>
> Julian Wiedmann <jwi@...ux.vnet.ibm.com>
> s390/qeth: issue STARTLAN as first IPA command
>
> Ursula Braun <ubraun@...ux.vnet.ibm.com>
> s390/qeth: fix retrieval of vipa and proxy-arp addresses
>
> Patrice Chotard <patrice.chotard@...com>
> ARM: dts: STiH410-family: fix wrong parent clock frequency
>
> Feras Daoud <ferasda@...lanox.com>
> IB/ipoib: Change list_del to list_del_init in the tx object
>
> Frederic Weisbecker <fweisbec@...il.com>
> sched/cputime, powerpc32: Fix stale scaled stime on context switch
>
> Akinobu Mita <akinobu.mita@...il.com>
> Input: mpr121 - set missing event capability
>
> Akinobu Mita <akinobu.mita@...il.com>
> Input: mpr121 - handle multiple bits change of status register
>
> Heiko Carstens <heiko.carstens@...ibm.com>
> s390/topology: make "topology=off" parameter work
>
> Yazen Ghannam <Yazen.Ghannam@....com>
> EDAC, amd64: Save and return err code from probe_one_instance()
>
> Gilad Ben-Yossef <gilad@...yossef.com>
> IPsec: do not ignore crypto err in ah4 input
>
> John Johansen <john.johansen@...onical.com>
> apparmor: fix undefined reference to `aa_g_hash_policy'
>
> Stanislaw Gruszka <sgruszka@...hat.com>
> rt2800usb: mark tx failure on timeout
>
> Rafał Miłecki <rafal@...ecki.pl>
> brcmfmac: setup wiphy bands after registering it first
>
> Liping Zhang <zlpnobody@...il.com>
> netfilter: nft_meta: deal with PACKET_LOOPBACK in netdev family
>
> William wu <wulf@...k-chips.com>
> usb: hcd: initialize hcd->flags to 0 when rm hcd
>
> Pan Bian <bianpan2016@....com>
> libertas: fix improper return value
>
> Laurent Pinchart <laurent.pinchart+renesas@...asonboard.com>
> serial: sh-sci: Fix register offsets for the IRDA serial port
>
> Volodymyr Bendiuga <volodymyr.bendiuga@...il.com>
> phy: increase size of MII_BUS_ID_SIZE and bus_id
>
> David Lechner <david@...hnology.com>
> dt-bindings: Add vendor prefix for LEGO
>
> David Lechner <david@...hnology.com>
> dt-bindings: Add LEGO MINDSTORMS EV3 compatible specification
>
> Alison Schofield <amsfield22@...il.com>
> iio: proximity: sx9500: claim direct mode during raw proximity reads
>
> Alison Schofield <amsfield22@...il.com>
> iio: magnetometer: mag3110: claim direct mode during raw writes
>
> Alison Schofield <amsfield22@...il.com>
> iio: pressure: ms5611: claim direct mode during oversampling changes
>
> Alison Schofield <amsfield22@...il.com>
> iio: trigger: free trigger resource correctly
>
> Mihail Atanassov <mihail.atanassov@....com>
> drm: mali-dp: fix Lx_CONTROL register fields clobber
>
> Li Zhong <zhong@...ux.vnet.ibm.com>
> crypto: vmx - disable preemption to enable vsx in aes_ctr.c
>
> Will Deacon <will.deacon@....com>
> arm64: dma-mapping: Only swizzle DMA ops for IOMMU_DOMAIN_DMA
>
> Tony Lindgren <tony@...mide.com>
> ARM: omap2plus_defconfig: Fix probe errors on UARTs 5 and 6
>
> Vaibhav Jain <vaibhav@...ux.vnet.ibm.com>
> cxl: Force psl data-cache flush during device shutdown
>
> Valentin Longchamp <valentin.longchamp@...mile.com>
> powerpc/corenet: explicitly disable the SDHC controller on kmcoge4
>
> Alexander Stein <alexander.stein@...tec-electronic.com>
> pinctrl: baytrail: Fix debugfs offset output
>
> Nate Watterson <nwatters@...eaurora.org>
> iommu/arm-smmu-v3: Clear prior settings when updating STEs
>
> Li Zhong <zhong@...ux.vnet.ibm.com>
> KVM: PPC: Book 3S: XICS: correct the real mode ICP rejecting counter
>
> Noralf Trønnes <noralf@...nnes.org>
> drm: drm_minor_register(): Clean up debugfs on failure
>
> Marek Szyprowski <m.szyprowski@...sung.com>
> clk: samsung: exynos5433: Add IDs for PHYCLK_MIPIDPHY0_* clocks
>
> Viresh Kumar <viresh.kumar@...aro.org>
> PM / OPP: Error out on failing to add static OPPs for v1 bindings
>
> Yazen Ghannam <Yazen.Ghannam@....com>
> EDAC, amd64: Add x86cpuid sanity check during init
>
> Harninder Rai <harninder.rai@....com>
> dt-bindings: clockgen: Add compatible string for LS1012A
>
> Patrick Bruenn <p.bruenn@...khoff.com>
> ARM: dts: imx53-qsb-common: fix FEC pinmux config
>
> Juergen Gross <jgross@...e.com>
> xen/netback: set default upper limit of tx/rx queues to 8
>
> Peter Zijlstra <peterz@...radead.org>
> sched/core: Add missing update_rq_clock() call in sched_move_task()
>
> Jason Gunthorpe <jgunthorpe@...idianresearch.com>
> PCI: mvebu: Handle changes to the bridge windows while enabled
>
> Maciej W. Rozycki <macro@...ux-mips.org>
> video: fbdev: pmag-ba-fb: Remove bad `__init' annotation
>
> Lars-Peter Clausen <lars@...afoo.de>
> adv7604: Initialize drive strength to default when using DT
>
>
> -------------
>
> Diffstat:
>
> Documentation/devicetree/bindings/arm/davinci.txt | 4 +
> .../devicetree/bindings/clock/qoriq-clock.txt | 1 +
> .../devicetree/bindings/vendor-prefixes.txt | 1 +
> Makefile | 4 +-
> arch/arm/boot/dts/imx53-qsb-common.dtsi | 20 ++--
> arch/arm/boot/dts/stih410.dtsi | 2 +-
> arch/arm/configs/omap2plus_defconfig | 1 +
> arch/arm/kernel/traps.c | 28 +++--
> arch/arm64/mm/dma-mapping.c | 17 ++-
> arch/mips/ar7/platform.c | 5 +
> arch/mips/ar7/prom.c | 2 -
> arch/mips/include/asm/mips-cm.h | 4 +-
> arch/mips/kernel/process.c | 4 +-
> arch/mips/kernel/smp-bmips.c | 4 +-
> arch/mips/kernel/smp.c | 29 +++--
> arch/mips/mm/uasm-micromips.c | 2 +-
> arch/powerpc/boot/dts/fsl/kmcoge4.dts | 4 +
> arch/powerpc/kernel/time.c | 1 +
> arch/powerpc/kvm/book3s_hv_rm_xics.c | 5 +-
> arch/s390/kernel/early.c | 12 ++
> arch/s390/kernel/topology.c | 11 +-
> arch/sh/kernel/cpu/sh3/setup-sh770x.c | 1 -
> arch/x86/crypto/sha1-mb/sha1_mb_mgr_flush_avx2.S | 12 +-
> .../crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S | 12 +-
> arch/x86/include/asm/uaccess.h | 13 +-
> arch/x86/kernel/smpboot.c | 11 +-
> arch/x86/kernel/tsc.c | 8 +-
> arch/x86/oprofile/op_model_ppro.c | 4 +-
> crypto/ccm.c | 4 +-
> drivers/base/power/opp/of.c | 12 +-
> drivers/block/rbd.c | 4 +-
> drivers/clk/mvebu/ap806-system-controller.c | 28 ++++-
> drivers/clk/samsung/clk-exynos5433.c | 6 +-
> drivers/crypto/vmx/aes_ctr.c | 6 +
> drivers/edac/amd64_edac.c | 12 +-
> drivers/edac/amd64_edac.h | 1 +
> drivers/gpu/drm/arm/malidp_planes.c | 3 +-
> drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 36 +++---
> drivers/gpu/drm/drm_drv.c | 2 +-
> drivers/gpu/drm/i915/intel_drv.h | 1 -
> drivers/gpu/drm/i915/intel_pm.c | 52 ++++----
> drivers/gpu/drm/vmwgfx/vmwgfx_drv.c | 2 +-
> drivers/iio/magnetometer/mag3110.c | 30 +++--
> drivers/iio/pressure/ms5611_core.c | 12 +-
> drivers/iio/proximity/sx9500.c | 10 +-
> drivers/iio/trigger/iio-trig-interrupt.c | 8 +-
> drivers/iio/trigger/iio-trig-sysfs.c | 2 +-
> drivers/infiniband/sw/rxe/rxe_req.c | 1 +
> drivers/infiniband/sw/rxe/rxe_resp.c | 1 +
> drivers/infiniband/ulp/ipoib/ipoib_cm.c | 2 +-
> drivers/input/keyboard/mpr121_touchkey.c | 24 ++--
> drivers/input/mouse/elan_i2c_core.c | 1 +
> drivers/iommu/arm-smmu-v3.c | 10 +-
> drivers/media/i2c/adv7604.c | 3 +
> drivers/misc/cxl/pci.c | 3 +
> drivers/net/can/c_can/c_can_pci.c | 1 -
> drivers/net/can/c_can/c_can_platform.c | 1 -
> drivers/net/can/ifi_canfd/ifi_canfd.c | 6 +-
> drivers/net/can/sun4i_can.c | 12 +-
> drivers/net/usb/cdc_ncm.c | 28 +++++
> drivers/net/usb/huawei_cdc_ncm.c | 6 +
> drivers/net/wireless/ath/wcn36xx/main.c | 3 +-
> .../broadcom/brcm80211/brcmfmac/cfg80211.c | 9 +-
> drivers/net/wireless/marvell/libertas/cmd.c | 2 +-
> drivers/net/wireless/ralink/rt2x00/rt2800usb.c | 5 +-
> drivers/net/xen-netback/netback.c | 6 +-
> drivers/pci/host/pci-mvebu.c | 101 +++++++++-------
> drivers/pinctrl/intel/pinctrl-baytrail.c | 2 +-
> drivers/platform/x86/hp-wmi.c | 60 ++++++----
> drivers/s390/net/qeth_core.h | 1 -
> drivers/s390/net/qeth_core_main.c | 21 +++-
> drivers/s390/net/qeth_l2_main.c | 15 ---
> drivers/s390/net/qeth_l3_main.c | 15 ---
> drivers/s390/net/qeth_l3_sys.c | 30 ++---
> drivers/staging/iio/trigger/iio-trig-bfin-timer.c | 4 +-
> drivers/tty/serial/sh-sci.c | 17 ++-
> drivers/usb/core/hcd.c | 1 +
> drivers/video/fbdev/pmag-ba-fb.c | 2 +-
> include/dt-bindings/clock/exynos5433.h | 5 +-
> include/linux/phy.h | 8 +-
> include/linux/preempt.h | 21 ++--
> include/linux/usb/cdc_ncm.h | 1 +
> include/net/netfilter/nf_conntrack.h | 3 +-
> include/net/netfilter/nf_nat.h | 1 -
> include/sound/seq_kernel.h | 3 +-
> kernel/sched/core.c | 1 +
> kernel/workqueue_internal.h | 3 +-
> lib/asn1_decoder.c | 4 +-
> net/dsa/Kconfig | 5 +-
> net/ipv4/ah4.c | 3 +
> net/netfilter/nf_nat_core.c | 133 +++++++++------------
> net/netfilter/nft_meta.c | 28 ++++-
> security/apparmor/lsm.c | 2 +-
> security/keys/trusted.c | 71 +++++------
> sound/core/seq/oss/seq_oss_midi.c | 4 +-
> sound/core/seq/oss/seq_oss_readq.c | 29 +++++
> sound/core/seq/oss/seq_oss_readq.h | 2 +
> sound/soc/sunxi/sun4i-spdif.c | 8 --
> tools/testing/selftests/firmware/fw_filesystem.sh | 6 +-
> tools/testing/selftests/firmware/fw_userhelper.sh | 28 ++++-
> 100 files changed, 722 insertions(+), 493 deletions(-)
>
>
>
--
Mit freundlichen Grüssen / Regards
Sebastian Gottschall / CTO
NewMedia-NET GmbH - DD-WRT
Firmensitz: Stubenwaldallee 21a, 64625 Bensheim
Registergericht: Amtsgericht Darmstadt, HRB 25473
Geschäftsführer: Peter Steinhäuser, Christian Scheele
http://www.dd-wrt.com
email: s.gottschall@...wrt.com
Tel.: +496251-582650 / Fax: +496251-5826565
Powered by blists - more mailing lists