| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 7 Jun 2019 09:40:52 +0200
From: Max Kellermann <max@...rg.de>
To: Justin Piszcz <jpiszcz@...idpixels.com>,
"Kirill A. Shutemov" <kirill@...temov.name>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: 5.1 kernel: khugepaged stuck at 100%
On 2019/06/06 19:24, Max Kellermann <max@...rg.de> wrote:
> I have the same problem (kernel 5.1.7), but over here, it's a PHP
> process, not khugepaged, which is looping inside compaction_alloc.
This is what happened an hour later:
kernel tried to execute NX-protected page - exploit attempt? (uid: 33333)
BUG: unable to handle kernel paging request at ffffffffc036f00f
#PF error: [PROT] [INSTR]
PGD 35fa10067 P4D 35fa10067 PUD 35fa12067 PMD 105ba71067 PTE 800000022d28e061
Oops: 0011 [#1] SMP PTI
CPU: 12 PID: 263514 Comm: php-cgi7.0 Not tainted 5.1.7-cmag1-th+ #5
Hardware name: HP ProLiant DL380 Gen9/ProLiant DL380 Gen9, BIOS P89 10/17/2018
RIP: 0010:0xffffffffc036f00f
Code: Bad RIP value.
RSP: 0018:ffffb63c4d547928 EFLAGS: 00010216
RAX: 0000000000000000 RBX: ffffb63c4d547b10 RCX: 0000ffc004d021bd
RDX: ffff9ac83fffc500 RSI: 7fe0026810dee7ff RDI: 7fe0026810dee400
RBP: 7fe0026810dee400 R08: 0000000000000002 R09: 0000000000020300
R10: 00010642641a0d3a R11: 0000000000000001 R12: 7fe0026810dee800
R13: 0000000000000001 R14: 0000000000000000 R15: ffff9ac83fffc500
FS: 00007fa5c1000740(0000) GS:ffff9ad01f600000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffc036efe5 CR3: 00000008eb8a0005 CR4: 00000000001606e0
Call Trace:
? move_freelist_tail+0xd0/0xd0
? migrate_pages+0xaa/0x780
? isolate_freepages_block+0x380/0x380
? compact_zone+0x6ec/0xca0
? compact_zone_order+0xd8/0x120
? try_to_compact_pages+0xb1/0x260
? __alloc_pages_direct_compact+0x87/0x160
? __alloc_pages_slowpath+0x427/0xd50
? __alloc_pages_nodemask+0x2d6/0x310
? do_huge_pmd_anonymous_page+0x131/0x680
? vma_merge+0x24f/0x3a0
? __handle_mm_fault+0xbca/0x1260
? handle_mm_fault+0x135/0x1b0
? __do_page_fault+0x242/0x4b0
? page_fault+0x8/0x30
? page_fault+0x1e/0x30
Modules linked in:
CR2: ffffffffc036f00f
---[ end trace 0f31edf3041f5d9e ]---
RIP: 0010:0xffffffffc036f00f
Code: Bad RIP value.
RSP: 0018:ffffb63c4d547928 EFLAGS: 00010216
RAX: 0000000000000000 RBX: ffffb63c4d547b10 RCX: 0000ffc004d021bd
RDX: ffff9ac83fffc500 RSI: 7fe0026810dee7ff RDI: 7fe0026810dee400
RBP: 7fe0026810dee400 R08: 0000000000000002 R09: 0000000000020300
R10: 00010642641a0d3a R11: 0000000000000001 R12: 7fe0026810dee800
R13: 0000000000000001 R14: 0000000000000000 R15: ffff9ac83fffc500
FS: 00007fa5c1000740(0000) GS:ffff9ad01f600000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffc036efe5 CR3: 00000008eb8a0005 CR4: 00000000001606e0
Powered by blists - more mailing lists