lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <d6726d0f-3412-b5e9-fbd1-2dae302f0ef3@roeck-us.net>
Date:   Mon, 7 Oct 2019 05:16:55 -0700
From:   Guenter Roeck <linux@...ck-us.net>
To:     Max Filippov <jcmvbkbc@...il.com>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Alexander Viro <viro@...iv.linux.org.uk>,
        linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH] Convert filldir[64]() from __put_user() to
 unsafe_put_user()

Hi Max,

On 10/6/19 9:04 PM, Max Filippov wrote:
> On Sun, Oct 6, 2019 at 3:25 PM Guenter Roeck <linux@...ck-us.net> wrote:
>> this patch causes all my sparc64 emulations to stall during boot. It causes
>> all alpha emulations to crash with [1a] and [1b] when booting from a virtual
>> disk, and one of the xtensa emulations to crash with [2].
> 
> [...]
> 
>> [2]
>>
>> Unable to handle kernel paging request at virtual address 0000000000000004
>> reboot(50): Oops -1
>> pc = [<0000000000000004>]  ra = [<fffffc00004512e4>]  ps = 0000    Tainted: G      D
>> pc is at 0x4
>> ra is at filldir64+0x64/0x320
>> v0 = 0000000000000000  t0 = 0000000067736d6b  t1 = 000000012011445b
>> t2 = 0000000000000000  t3 = 0000000000000000  t4 = 0000000000007ef8
>> t5 = 0000000120114448  t6 = 0000000000000000  t7 = fffffc0007eec000
>> s0 = fffffc000792b5c3  s1 = 0000000000000004  s2 = 0000000000000018
>> s3 = fffffc0007eefec8  s4 = 0000000000000008  s5 = 00000000f00000a3
>> s6 = 000000000000000b
>> a0 = fffffc000792b5c3  a1 = 2f2f2f2f2f2f2f2f  a2 = 0000000000000004
>> a3 = 000000000000000b  a4 = 00000000f00000a3  a5 = 0000000000000008
>> t8 = 0000000000000018  t9 = 0000000000000000  t10= 0000000022e1d02a
>> t11= 000000011fd6f3b8  pv = fffffc0000b9a810  at = 0000000022e1ccf8
>> gp = fffffc0000f03930  sp = (____ptrval____)
>> Trace:
>> [<fffffc00004ccba0>] proc_readdir_de+0x170/0x300
>> [<fffffc0000451280>] filldir64+0x0/0x320
>> [<fffffc00004c565c>] proc_root_readdir+0x3c/0x80
>> [<fffffc0000450c68>] iterate_dir+0x198/0x240
>> [<fffffc00004518b8>] ksys_getdents64+0xa8/0x160
>> [<fffffc0000451990>] sys_getdents64+0x20/0x40
>> [<fffffc0000451280>] filldir64+0x0/0x320
>> [<fffffc0000311634>] entSys+0xa4/0xc0
> 
> This doesn't look like a dump from xtensa core.
> v5.4-rc2 kernel doesn't crash for me on xtensa, but the userspace
> doesn't work well, because all directories appear to be empty.
> 
> __put_user/__get_user don't do unaligned access on xtensa,
> they check address alignment and return -EFAULT if it's bad.
> 
You are right, sorry; I must have mixed that up. xtensa doesn't crash.
The boot stalls, similar to sparc64. This is only seen with my nommu
test (de212:kc705-nommu:nommu_kc705_defconfig). xtensa mmu tests are fine,
at least for me, but then I only run tests with initrd (which for some
reason doesn't crash on alpha either).

Guenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ