lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <D0F0870A-B396-4390-B5F1-164B68E13C73@vmware.com>
Date:   Fri, 7 Jun 2019 16:38:44 +0000
From:   Nadav Amit <namit@...are.com>
To:     Joseph Qi <joseph.qi@...ux.alibaba.com>
CC:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        the arch/x86 maintainers <x86@...nel.org>,
        "Peter Zijlstra (Intel)" <peterz@...radead.org>,
        Ingo Molnar <mingo@...nel.org>,
        Greg KH <gregkh@...uxfoundation.org>,
        Caspar Zhang <caspar@...ux.alibaba.com>,
        jiufei Xue <jiufei.xue@...ux.alibaba.com>,
        Sasha Levin <sashal@...nel.org>
Subject: Re: [bug report][stable] kernel tried to execute NX-protected page -
 exploit attempt? (uid: 0)

> On Jun 7, 2019, at 3:24 AM, Joseph Qi <joseph.qi@...ux.alibaba.com> wrote:
> 
> Hi all,
> Any idea on this regression? 

Sorry for the late response (I assumed, for some reason, that you also follow 
the second thread about this issue).

Anyhow, it should be fixed by backporting some patches which were mistakenly
missed.

See https://lore.kernel.org/stable/20190606131558.GJ29739@sasha-vm/

Regards,
Nadav


> Thanks,
> Joseph
> 
> On 19/6/5 18:23, Joseph Qi wrote:
>> Hi,
>> 
>> I have encountered a kernel BUG when running ltp ftrace-stress-test
>> on 4.19.48.
>> 
>> [  209.704855] LTP: starting ftrace-stress-test (ftrace_stress_test.sh 90)
>> [  209.739412] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1
>> [  212.054506] kernel tried to execute NX-protected page - exploit attempt? (uid: 0)
>> [  212.055595] BUG: unable to handle kernel paging request at ffffffffc0349000
>> [  212.056589] PGD d00c067 P4D d00c067 PUD d00e067 PMD 23673e067 PTE 800000023457f061
>> [  212.057759] Oops: 0011 [#1] SMP PTI
>> [  212.058303] CPU: 0 PID: 0 Comm: swapper/0 Kdump: loaded Not tainted 4.19.48 #112
>> 
>> After some investigation I have found that it is introduced by commit
>> 8715ce033eb3 ("x86/modules: Avoid breaking W^X while loading modules"),
>> and then revert this commit the issue is gone.
>> 
>> I have also tested the same case on 5.2-rc3 as well as right at
>> upstream commit f2c65fb3221a ("x86/modules: Avoid breaking W^X while
>> loading modules"), which has been merged in 5.2-rc1, it doesn't
>> happen.
>> 
>> So I don't know why only stable has this issue while upstream doesn't.
>> 
>> Thanks,
>> Joseph

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ