lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <96a99291-7caa-429c-9bbd-29721a2b5637@app.fastmail.com>
Date:   Wed, 09 Nov 2022 23:03:04 +0100
From:   "Arnd Bergmann" <arnd@...db.de>
To:     "Naresh Kamboju" <naresh.kamboju@...aro.org>,
        linux-stable <stable@...r.kernel.org>,
        "open list" <linux-kernel@...r.kernel.org>,
        "Linux ARM" <linux-arm-kernel@...ts.infradead.org>,
        lkft-triage@...ts.linaro.org
Cc:     "Greg Kroah-Hartman" <gregkh@...uxfoundation.org>,
        "Sasha Levin" <sashal@...nel.org>,
        "Linus Walleij" <linus.walleij@...aro.org>,
        "Mark Brown" <broonie@...nel.org>,
        "Liam Girdwood" <lgirdwood@...il.com>
Subject: Re: arm: TI BeagleBoard X15 : Unable to handle kernel NULL pointer dereference
 at virtual address 00000369 - Internal error: Oops: 5 [#1] SMP ARM

On Wed, Nov 9, 2022, at 13:57, Arnd Bergmann wrote:
>
> One thing that sticks out is the print_constraints_debug() function
> in the regulator framework, which uses a larger-than-average stack
> to hold a string buffer, and then calls into the low-level
> driver to get the actual data (regulator_get_voltage_rdev,
> _regulator_is_enabled). Splitting the device access out into a
> different function from the string handling might reduce the
> stack usage enough to stay just under the 8KB limit, though it's
> probably not a complete fix. I added the regulator maintainers
> to Cc for thoughts on this.

I checked the stack usage for each of the 147 functions in the
backtrace, and as I was guessing print_constraints_debug() is
the largest, but it's still only 168 bytes, and everything else
is smaller, so no point hacking this.

168 	print_constraints_debug
96 	timekeeping_advance
64 	set_machine_constraints
64 	of_i2c_register_device
56 	of_platform_bus_create
48 	schedule_timeout

One more idea I had is the unwinder: since this kernel is built
with the frame-pointer unwinder, I think the stack usage per
function is going to be slightly larger than with the arm unwinder.

Naresh, how hard is it to reproduce this bug intentionally?
Can you try if it still happens if you change the .config to
use these:?

# CONFIG_FUNCTION_GRAPH_TRACER is not set
# CONFIG_UNWINDER_FRAME_POINTER is not set
CONFIG_UNWINDER_ARM=y

       Arnd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ