| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200708013739.GG3874@shao2-debian>
Date: Wed, 8 Jul 2020 09:37:39 +0800
From: kernel test robot <lkp@...el.com>
To: Kees Cook <keescook@...omium.org>
Cc: James Morris <jmorris@...ei.org>,
Kees Cook <keescook@...omium.org>,
Luis Chamberlain <mcgrof@...nel.org>,
Mimi Zohar <zohar@...ux.ibm.com>,
Scott Branden <scott.branden@...adcom.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"Rafael J. Wysocki" <rafael@...nel.org>,
Alexander Viro <viro@...iv.linux.org.uk>,
Jessica Yu <jeyu@...nel.org>,
Dmitry Kasatkin <dmitry.kasatkin@...il.com>,
"Serge E. Hallyn" <serge@...lyn.com>,
Casey Schaufler <casey@...aufler-ca.com>,
"Eric W. Biederman" <ebiederm@...ssion.com>,
Peter Zijlstra <peterz@...radead.org>,
Matthew Garrett <matthewgarrett@...gle.com>,
David Howells <dhowells@...hat.com>,
Mauro Carvalho Chehab <mchehab+huawei@...nel.org>,
Randy Dunlap <rdunlap@...radead.org>,
"Joel Fernandes (Google)" <joel@...lfernandes.org>,
KP Singh <kpsingh@...gle.com>, Dave Olsthoorn <dave@...aar.me>,
Hans de Goede <hdegoede@...hat.com>,
Peter Jones <pjones@...hat.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Stephen Boyd <stephen.boyd@...aro.org>,
Paul Moore <paul@...l-moore.com>, linux-kernel@...r.kernel.org,
linux-fsdevel@...r.kernel.org, linux-integrity@...r.kernel.org,
linux-security-module@...r.kernel.org, lkp@...ts.01.org
Subject: [fs] 676800b78f: BUG:unable_to_handle_page_fault_for_address
Greeting,
FYI, we noticed the following commit (built with gcc-9):
commit: 676800b78feedea6751fad36ce1ab41947e5689b ("[PATCH 2/4] fs: Remove FIRMWARE_PREALLOC_BUFFER from kernel_read_file() enums")
url: https://github.com/0day-ci/linux/commits/Kees-Cook/Fix-misused-kernel_read_file-enums/20200707-162205
base: https://git.kernel.org/cgit/linux/kernel/git/gregkh/driver-core.git 0a2fae2aea4a21b59d4a920b9765aaa696270b16
in testcase: rcuperf
with following parameters:
runtime: 300s
perf_type: rcu
on test machine: qemu-system-i386 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):
+-----------------------------------------------------------------------------------------------+------------+------------+
| | 618ef49cdf | 676800b78f |
+-----------------------------------------------------------------------------------------------+------------+------------+
| boot_successes | 26 | 8 |
| boot_failures | 0 | 24 |
| BUG:unable_to_handle_page_fault_for_address | 0 | 24 |
| WARNING:at_mm/vmalloc.c:#__vunmap | 0 | 21 |
| Oops:#[##] | 0 | 24 |
| Kernel_panic-not_syncing:Fatal_exception | 0 | 2 |
| EIP:__vunmap | 0 | 18 |
| Kernel_panic-not_syncing:stack-protector:Kernel_stack_is_corrupted_in:__ia32_sys_finit_module | 0 | 13 |
| WARNING:at_kernel/kthread.c:#kthread_probe_data/0x | 0 | 3 |
| EIP:kthread_probe_data | 0 | 3 |
| EIP:no_context | 0 | 10 |
| EIP:__run_timers | 0 | 10 |
| Kernel_panic-not_syncing:Fatal_exception_in_interrupt | 0 | 9 |
| BUG:kernel_NULL_pointer_dereference,address | 0 | 3 |
| EIP:_raw_spin_lock_irqsave | 0 | 3 |
| EIP:vma_interval_tree_insert_after | 0 | 1 |
| WARNING:at_kernel/rcu/tree.c:#rcu_sched_clock_irq | 0 | 1 |
| EIP:rcu_sched_clock_irq | 0 | 1 |
+-----------------------------------------------------------------------------------------------+------------+------------+
If you fix the issue, kindly add following tag
Reported-by: kernel test robot <lkp@...el.com>
[ 12.579581] BUG: unable to handle page fault for address: 88060345
[ 12.588865] WARNING: CPU: 0 PID: 1 at mm/vmalloc.c:2277 __vunmap+0x1eb/0x200
[ 12.590307] #PF: supervisor read access in kernel mode
[ 12.591988] Modules linked in:
[ 12.593387] #PF: error_code(0x0000) - not-present page
[ 12.594216] CPU: 0 PID: 1 Comm: systemd Not tainted 5.8.0-rc3-00009-g676800b78feed #1
[ 12.595529] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.597396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 12.598793] BUG: unable to handle page fault for address: 0504042e
[ 12.611746] EIP: __vunmap+0x1eb/0x200
[ 12.613257] #PF: supervisor read access in kernel mode
[ 12.614206] Code: cc 8d b6 00 00 00 00 31 c9 31 d2 b8 ff ff ff ff e8 9a d0 ff ff eb af 8d b4 26 00 00 00 00 90 50 68 54 e0 b9 dc e8 9a 34 e4 ff <0f> 0b 59 5b e9 7b ff ff ff 8d b4 26 00 00 00 00 8d 74 26 00 90 66
[ 12.615471] #PF: error_code(0x0000) - not-present page
[ 12.638948] EAX: 00000028 EBX: ddd21ee8 ECX: 00000001 EDX: 00000000
[ 12.640082] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.640093] BUG: unable to handle page fault for address: 0504042e
[ 12.640096] #PF: supervisor read access in kernel mode
[ 12.641575] ESI: 00000ee8 EDI: ddd21ee8 EBP: ddd21dfc ESP: ddd21ddc
[ 12.642836] #PF: error_code(0x0000) - not-present page
[ 12.644338] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010296
[ 12.645459] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.646912] CR0: 80050033 CR2: b7b34650 CR3: 36246000 CR4: 000406f0
[ 12.648162] BUG: unable to handle page fault for address: 0504042e
[ 12.648163] #PF: supervisor read access in kernel mode
[ 12.648164] #PF: error_code(0x0000) - not-present page
[ 12.648165] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.648168] BUG: unable to handle page fault for address: 0504042e
[ 12.648169] #PF: supervisor read access in kernel mode
[ 12.648170] #PF: error_code(0x0000) - not-present page
[ 12.648170] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.648173] BUG: unable to handle page fault for address: 0504042e
[ 12.648175] #PF: supervisor read access in kernel mode
[ 12.649736] Call Trace:
[ 12.651177] #PF: error_code(0x0000) - not-present page
[ 12.651179] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.652680] __vfree+0x22/0x60
[ 12.653978] BUG: unable to handle page fault for address: 0504042e
[ 12.655324] vfree+0x2a/0x60
[ 12.656444] #PF: supervisor read access in kernel mode
[ 12.656445] #PF: error_code(0x0000) - not-present page
[ 12.656446] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.656452] BUG: unable to handle page fault for address: 0504042e
[ 12.656452] #PF: supervisor read access in kernel mode
[ 12.656453] #PF: error_code(0x0000) - not-present page
[ 12.656454] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.656456] BUG: unable to handle page fault for address: 0504042e
[ 12.656457] #PF: supervisor read access in kernel mode
[ 12.656457] #PF: error_code(0x0000) - not-present page
[ 12.656458] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.656460] BUG: unable to handle page fault for address: 0504042e
[ 12.656460] #PF: supervisor read access in kernel mode
[ 12.656461] #PF: error_code(0x0000) - not-present page
[ 12.656461] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.656464] BUG: unable to handle page fault for address: 0504042e
[ 12.656465] #PF: supervisor read access in kernel mode
[ 12.656467] #PF: error_code(0x0000) - not-present page
[ 12.657815] load_module+0x3aa/0xf90
[ 12.659197] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.660466] ? vfs_read+0x142/0x180
[ 12.661533] BUG: unable to handle page fault for address: 0504042e
[ 12.662964] ? kernel_read_file+0x1b2/0x230
[ 12.664174] #PF: supervisor read access in kernel mode
[ 12.664176] #PF: error_code(0x0000) - not-present page
[ 12.664177] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.664182] BUG: unable to handle page fault for address: 0504042e
[ 12.664183] #PF: supervisor read access in kernel mode
[ 12.664183] #PF: error_code(0x0000) - not-present page
[ 12.664184] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.664186] BUG: unable to handle page fault for address: 0504042e
[ 12.664187] #PF: supervisor read access in kernel mode
[ 12.664187] #PF: error_code(0x0000) - not-present page
[ 12.664188] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.664190] BUG: unable to handle page fault for address: 0504042e
[ 12.664191] #PF: supervisor read access in kernel mode
[ 12.664191] #PF: error_code(0x0000) - not-present page
[ 12.664192] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.664195] BUG: unable to handle page fault for address: 0504042e
[ 12.665429] ? kernel_read_file_from_fd+0x36/0x70
[ 12.666061] #PF: supervisor read access in kernel mode
[ 12.667419] __ia32_sys_finit_module+0x8f/0xe0
[ 12.668671] #PF: error_code(0x0000) - not-present page
[ 12.668672] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.668681] BUG: unable to handle page fault for address: 0504042e
[ 12.668682] #PF: supervisor read access in kernel mode
[ 12.668683] #PF: error_code(0x0000) - not-present page
[ 12.668683] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.668686] BUG: unable to handle page fault for address: 0504042e
[ 12.668687] #PF: supervisor read access in kernel mode
[ 12.668688] #PF: error_code(0x0000) - not-present page
[ 12.668688] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.668691] BUG: unable to handle page fault for address: 0504042e
[ 12.668691] #PF: supervisor read access in kernel mode
[ 12.668692] #PF: error_code(0x0000) - not-present page
[ 12.668692] *pdpt = 0000000000000000 *pde = f000ff53f000ff53
[ 12.668695] BUG: unable to handle page fault for address: 0504042e
[ 12.669508] ---[ end trace fc996799a48790a6 ]---
To reproduce:
# build kernel
cd linux
cp config-5.8.0-rc3-00009-g676800b78feed .config
make HOSTCC=gcc-9 CC=gcc-9 ARCH=i386 olddefconfig prepare modules_prepare bzImage
git clone https://github.com/intel/lkp-tests.git
cd lkp-tests
bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email
Thanks,
lkp
View attachment "config-5.8.0-rc3-00009-g676800b78feed" of type "text/plain" (142804 bytes)
View attachment "job-script" of type "text/plain" (4299 bytes)
Download attachment "dmesg.xz" of type "application/x-xz" (15504 bytes)
Powered by blists - more mailing lists