lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 4 Jan 2018 12:57:56 -0800
From:   Hugh Dickins <hughd@...gle.com>
To:     Andy Lutomirski <luto@...capital.net>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Thomas Voegtle <tv@...96.de>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Guenter Roeck <linux@...ck-us.net>,
        Shuah Khan <shuahkh@....samsung.com>, patches@...nelci.org,
        Ben Hutchings <ben.hutchings@...ethink.co.uk>,
        lkft-triage@...ts.linaro.org, stable <stable@...r.kernel.org>
Subject: Re: [PATCH 4.4 00/37] 4.4.110-stable review

On Thu, Jan 4, 2018 at 12:43 PM, Andy Lutomirski <luto@...capital.net> wrote:
>
>> On Jan 4, 2018, at 12:29 PM, Linus Torvalds <torvalds@...ux-foundation.org> wrote:
>>
>>> On Thu, Jan 4, 2018 at 12:16 PM, Thomas Voegtle <tv@...96.de> wrote:
>>>
>>> Attached a screenshot.
>>> Is that useful? Are there some debug options I can add?
>>
>> Not much of an oops, because the SIGSEGV happens in user space. The
>> only reason you get any kernel stack printout at all is because 'init'
>> dying will make the kernel print that out.
>>
>> The segfault address for init looks like the fixmap area to me (first
>> byte in the last page of the fixmap?). "Error 5" means that it's a
>> user-space read that got a protection fault. So it's not a LDT of GDT
>> update or anything like that, it's a normal access from user space (or
>> a qemu emulation bug, but that sounds unlikely).
>>
>> Is that the vsyscall page?
>>
>> Adding Luto to the participants. I think he noticed one of the
>> vsyscall patches missing earlier in the 4.9 series. Maybe the 4.4
>> series had something similar..
>>
>
> That's almost certainly it.

I'm hopeless on the FIXMAP arithmetic, but I'm pretty sure that
ffffffffff5ff000 is either VSYSCALL page or PVCLOCK page (I think it
was VVAR page when init segfaulted on it in my 3.2).

I'll forward Borislav's suggested 4.4 VSYSCALL patch from the kaiser
backports ml to Thomas, to see if that sorts his crash (forwarding in
the hope that gmail doesn't mess up the patch).

Seems odd that 4.4 should be broken but 4.9 not broken here, I'd
expect them to be equally known broken with respect to VSYSCALL; but
perhaps it's a matter of userspace trying different fallbacks
according to what kernel supports, and only hitting this on 4.4.

Hugh

>
> I'll try to find some time today  Thomnor tomorrow to add a proper selftest.
>
>>              Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ