| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200205110522.GA456@jagdpanzerIV.localdomain>
Date: Wed, 5 Feb 2020 20:07:44 +0900
From: Sergey Senozhatsky <sergey.senozhatsky@...il.com>
To: John Ogness <john.ogness@...utronix.de>
Cc: Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>,
lijiang <lijiang@...hat.com>, Petr Mladek <pmladek@...e.com>,
Peter Zijlstra <peterz@...radead.org>,
Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
Steven Rostedt <rostedt@...dmis.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Andrea Parri <parri.andrea@...il.com>,
Thomas Gleixner <tglx@...utronix.de>,
kexec@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/2] printk: replace ringbuffer
On (20/02/05 10:00), John Ogness wrote:
> On 2020-02-05, Sergey Senozhatsky <sergey.senozhatsky.work@...il.com> wrote:
> >>>> So there is a General protection fault. That's the type of a
> >>>> problem that kills the boot for me as well (different backtrace,
> >>>> tho).
> >>>
> >>> Do you have CONFIG_RELOCATABLE and CONFIG_RANDOMIZE_BASE (KASLR)
> >>> enabled?
> >>
> >> Yes. These two options are enabled.
> >>
> >> CONFIG_RELOCATABLE=y
> >> CONFIG_RANDOMIZE_BASE=y
> >
> > So KASLR kills the boot for me. So does KASAN.
>
> Sergey, thanks for looking into this already!
>
So I hacked the system a bit.
3BUG: KASAN: wild-memory-access in copy_data+0x129/0x220>
3Write of size 4 at addr 5a5a5a5a5a5a5a5a by task cat/474>
Call Trace:>
dump_stack+0x76/0xa0>
? copy_data+0x129/0x220>
__kasan_report.cold+0x5/0x3b>
? get_page_from_freelist+0x1224/0x1490>
? copy_data+0x129/0x220>
copy_data+0x129/0x220>
_prb_read_valid+0x1a0/0x330>
? prb_first_seq+0xe0/0xe0>
? __might_sleep+0x2f/0xd0>
? __zone_watermark_ok+0x180/0x180>
? ___might_sleep+0xbe/0xe0>
prb_read_valid+0x4f/0x60>
? _prb_read_valid+0x330/0x330>
devkmsg_read+0x12e/0x3d0>
? __mod_node_page_state+0x1a/0xa0>
? info_print_ext_header.constprop.0+0x120/0x120>
? __lru_cache_add+0x16c/0x190>
? __handle_mm_fault+0x1097/0x1f60>
vfs_read+0xdc/0x200>
ksys_read+0xa0/0x130>
? kernel_write+0xb0/0xb0>
? up_read+0x56/0x130>
do_syscall_64+0xa0/0x520>
? syscall_return_slowpath+0x210/0x210>
? do_page_fault+0x399/0x4fa>
entry_SYSCALL_64_after_hwframe+0x44/0xa9>
RIP: 0033:0x7ff5f39813f2>
Code: c0 e9 c2 fe ff ff 50 48 8d 3d 9a 0d 0a 00 e8 95 ed 01 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 <48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24>
RSP: 002b:00007ffc47b3ee58 EFLAGS: 0000024>
c ORIG_RAX: 0000000000000000>
RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007ff5f39813f2>
RDX: 0000000000020000 RSI: 00007ff5f3588000 RDI: 0000000000000003>
RBP: 00007ff5f3588000 R08: 00007ff5f3587010 R09: 0000000000000000>
R10: 0000000000000022 R11: 0000000000000246 R12: 000055f9c8a81c00>
R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000>
-ss
Powered by blists - more mailing lists