lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <6696cc6a-3e3f-035e-5b8c-05ea361383f3@samsung.com>
Date:   Thu, 31 Mar 2022 23:18:03 +0200
From:   Marek Szyprowski <m.szyprowski@...sung.com>
To:     Christoph Hellwig <hch@....de>, Jens Axboe <axboe@...nel.dk>
Cc:     Coly Li <colyli@...e.de>, Mike Snitzer <snitzer@...hat.com>,
        Song Liu <song@...nel.org>,
        "Martin K. Petersen" <martin.petersen@...cle.com>,
        Josef Bacik <josef@...icpanda.com>,
        David Sterba <dsterba@...e.com>,
        Phillip Lougher <phillip@...ashfs.org.uk>,
        linux-block@...r.kernel.org, dm-devel@...hat.com,
        linux-kernel@...r.kernel.org, linux-bcache@...r.kernel.org,
        linux-raid@...r.kernel.org, target-devel@...r.kernel.org,
        linux-btrfs@...r.kernel.org
Subject: Re: [PATCH 4/5] block: turn bio_kmalloc into a simple kmalloc
 wrapper

Hi Christoph,

On 08.03.2022 07:15, Christoph Hellwig wrote:
> Remove the magic autofree semantics and require the callers to explicitly
> call bio_init to initialize the bio.
>
> This allows bio_free to catch accidental bio_put calls on bio_init()ed
> bios as well.
>
> Signed-off-by: Christoph Hellwig <hch@....de>

This patch, which landed in today's next-20220331 as commit 57c47b42f454 
("block: turn bio_kmalloc into a simple kmalloc wrapper"), breaks badly 
all my test systems, which use squashfs initrd:

RAMDISK: squashfs filesystem found at block 0
RAMDISK: Loading 2489KiB [1 disk] into ram disk... done.
using deprecated initrd support, will be removed in 2021.
------------[ cut here ]------------
WARNING: CPU: 4 PID: 1 at block/bio.c:229 bio_free+0x6c/0x70
Modules linked in:
CPU: 4 PID: 1 Comm: swapper/0 Not tainted 5.17.0-next-20220331 #4767
Hardware name: Samsung Exynos (Flattened Device Tree)
  unwind_backtrace from show_stack+0x10/0x14
  show_stack from dump_stack_lvl+0x58/0x70
  dump_stack_lvl from __warn+0xc8/0x218
  __warn from warn_slowpath_fmt+0x5c/0xb4
  warn_slowpath_fmt from bio_free+0x6c/0x70
  bio_free from squashfs_read_data+0x118/0x748
  squashfs_read_data from squashfs_read_table+0xdc/0x144
  squashfs_read_table from squashfs_fill_super+0x100/0x9ec
  squashfs_fill_super from get_tree_bdev+0x154/0x248
  get_tree_bdev from vfs_get_tree+0x24/0xe4
  vfs_get_tree from path_mount+0x3d0/0xb14
  path_mount from init_mount+0x54/0x80
  init_mount from do_mount_root+0x78/0x104
  do_mount_root from mount_block_root+0xf0/0x1fc
  mount_block_root from initrd_load+0xec/0x294
  initrd_load from prepare_namespace+0xdc/0x18c
  prepare_namespace from kernel_init+0x18/0x12c
  kernel_init from ret_from_fork+0x14/0x2c
Exception stack(0xf0835fb0 to 0xf0835ff8)
...
irq event stamp: 398271
hardirqs last  enabled at (398279): [<c019c984>] __up_console_sem+0x50/0x60
hardirqs last disabled at (398338): [<c019c970>] __up_console_sem+0x3c/0x60
softirqs last  enabled at (398352): [<c0101680>] __do_softirq+0x348/0x610
softirqs last disabled at (398347): [<c012f048>] __irq_exit_rcu+0x144/0x1ec
---[ end trace 0000000000000000 ]---
8<--- cut here ---
Unable to handle kernel NULL pointer dereference at virtual address 00000004
[00000004] *pgd=00000000
Internal error: Oops: 5 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 4 PID: 1 Comm: swapper/0 Tainted: G        W 5.17.0-next-20220331 #4767
Hardware name: Samsung Exynos (Flattened Device Tree)
PC is at bio_free+0x24/0x70
LR is at bio_free+0x24/0x70
pc : [<c0502d28>]    lr : [<c0502d28>]    psr: 80000113
sp : f0835cf0  ip : 00000000  fp : c28cae80
r10: ef0a95c0  r9 : c2805cc0  r8 : 00000060
r7 : 00000060  r6 : 00000060  r5 : 00000000  r4 : c2804a80
r3 : c2804ac8  r2 : 00000001  r1 : c2804ac8  r0 : 00000074
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
Control: 10c5387d  Table: 4000406a  DAC: 00000051
Register r0 information: non-paged memory
Register r1 information: slab kmalloc-128 start c2804a80 pointer offset 
72 size 128
Register r2 information: non-paged memory
Register r3 information: slab kmalloc-128 start c2804a80 pointer offset 
72 size 128
Register r4 information: slab kmalloc-128 start c2804a80 pointer offset 
0 size 128
Register r5 information: NULL pointer
Register r6 information: non-paged memory
Register r7 information: non-paged memory
Register r8 information: non-paged memory
Register r9 information: slab kmalloc-192 start c2805cc0 pointer offset 
0 size 192
Register r10 information: non-slab/vmalloc memory
Register r11 information: slab kmalloc-64 start c28cae80 pointer offset 
0 size 64
Register r12 information: NULL pointer
Process swapper/0 (pid: 1, stack limit = 0x(ptrval))
Stack: (0xf0835cf0 to 0xf0836000)
...
  bio_free from squashfs_read_data+0x118/0x748
  squashfs_read_data from squashfs_read_table+0xdc/0x144
  squashfs_read_table from squashfs_fill_super+0x100/0x9ec
  squashfs_fill_super from get_tree_bdev+0x154/0x248
  get_tree_bdev from vfs_get_tree+0x24/0xe4
  vfs_get_tree from path_mount+0x3d0/0xb14
  path_mount from init_mount+0x54/0x80
  init_mount from do_mount_root+0x78/0x104
  do_mount_root from mount_block_root+0xf0/0x1fc
  mount_block_root from initrd_load+0xec/0x294
  initrd_load from prepare_namespace+0xdc/0x18c
  prepare_namespace from kernel_init+0x18/0x12c
  kernel_init from ret_from_fork+0x14/0x2c
Exception stack(0xf0835fb0 to 0xf0835ff8)
...
---[ end trace 0000000000000000 ]---
Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b

Reverting it on top of linux next-20220331 (together with commit 
1292fb59f283 ("pktcdvd: stop using bio_reset")) fixes (or hides?) the issue.

> ---
>   block/bio.c                        | 47 ++++++++++++------------------
>   block/blk-crypto-fallback.c        | 14 +++++----
>   block/blk-map.c                    | 42 ++++++++++++++++----------
>   drivers/block/pktcdvd.c            | 25 ++++++++--------
>   drivers/md/bcache/debug.c          | 10 ++++---
>   drivers/md/dm-bufio.c              |  9 +++---
>   drivers/md/raid1.c                 | 12 +++++---
>   drivers/md/raid10.c                | 21 ++++++++-----
>   drivers/target/target_core_pscsi.c | 10 +++----
>   fs/squashfs/block.c                |  9 +++---
>   include/linux/bio.h                |  2 +-
>   11 files changed, 108 insertions(+), 93 deletions(-)

 > [...]

Best regards
-- 
Marek Szyprowski, PhD
Samsung R&D Institute Poland

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ