lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <202407051002.96bf438-oliver.sang@intel.com>
Date: Fri, 5 Jul 2024 10:52:26 +0800
From: kernel test robot <oliver.sang@...el.com>
To: Maxwell Bland <mbland@...orola.com>
CC: <oe-lkp@...ts.linux.dev>, <lkp@...el.com>, <linux-mm@...ck.org>, "Catalin
 Marinas" <catalin.marinas@....com>, Will Deacon <will@...nel.org>, "Jonathan
 Corbet" <corbet@....net>, Andrew Morton <akpm@...ux-foundation.org>, "Ard
 Biesheuvel" <ardb@...nel.org>, Mark Rutland <mark.rutland@....com>,
	Christophe Leroy <christophe.leroy@...roup.eu>, Maxwell Bland
	<mbland@...orola.com>, Alexandre Ghiti <alexghiti@...osinc.com>,
	<linux-arm-kernel@...ts.infradead.org>, <linux-doc@...r.kernel.org>,
	<linux-kernel@...r.kernel.org>, <oliver.sang@...el.com>
Subject: Re: [PATCH v5 1/6] mm: add ARCH_SUPPORTS_NON_LEAF_PTDUMP



Hello,

kernel test robot noticed "WARNING:at_arch/x86/mm/dump_pagetables.c:#note_page" on:

commit: 14095f3901f4e6cf7be49ce2b0b6477bcc9613b8 ("[PATCH v5 1/6] mm: add ARCH_SUPPORTS_NON_LEAF_PTDUMP")
url: https://github.com/intel-lab-lkp/linux/commits/Maxwell-Bland/mm-add-ARCH_SUPPORTS_NON_LEAF_PTDUMP/20240626-022827
base: https://git.kernel.org/cgit/linux/kernel/git/arm64/linux.git for-next/core
patch link: https://lore.kernel.org/all/yrgrhwfbl7rnmgekiolmojutaqf24x5zphyrwijakzma5pjhre@3yncjv5tqvar/
patch subject: [PATCH v5 1/6] mm: add ARCH_SUPPORTS_NON_LEAF_PTDUMP

in testcase: rcutorture
version: 
with following parameters:

	runtime: 300s
	test: cpuhotplug
	torture_type: srcu



compiler: clang-18
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)


+-----------------------------------------------------+------------+------------+
|                                                     | 39b9075172 | 14095f3901 |
+-----------------------------------------------------+------------+------------+
| WARNING:at_arch/x86/mm/dump_pagetables.c:#note_page | 0          | 12         |
| RIP:note_page                                       | 0          | 12         |
+-----------------------------------------------------+------------+------------+


If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@...el.com>
| Closes: https://lore.kernel.org/oe-lkp/202407051002.96bf438-oliver.sang@intel.com


[   12.539216][    T1] ------------[ cut here ]------------
[   12.539661][    T1] x86/mm: Found insecure W+X mapping at address 0xffff8a0000000000
[ 12.540267][ T1] WARNING: CPU: 0 PID: 1 at arch/x86/mm/dump_pagetables.c:248 note_page (arch/x86/mm/dump_pagetables.c:246) 
[   12.540995][    T1] Modules linked in:
[   12.541300][    T1] CPU: 0 PID: 1 Comm: swapper Not tainted 6.10.0-rc3-00027-g14095f3901f4 #1
[ 12.541987][ T1] RIP: 0010:note_page (arch/x86/mm/dump_pagetables.c:246) 
[ 12.542465][ T1] Code: 0d ba e8 2a 28 0a 01 e9 78 fe ff ff e8 a0 17 1a 00 c6 05 e5 bc 72 02 01 90 48 8b 73 58 48 c7 c7 00 91 16 ba e8 08 d2 08 00 90 <0f> 0b 90 90 e9 5f f7 ff ff e8 79 17 1a 00 89 ee 48 c7 c7 f0 34 46
All code
========
   0:	0d ba e8 2a 28       	or     $0x282ae8ba,%eax
   5:	0a 01                	or     (%rcx),%al
   7:	e9 78 fe ff ff       	jmp    0xfffffffffffffe84
   c:	e8 a0 17 1a 00       	call   0x1a17b1
  11:	c6 05 e5 bc 72 02 01 	movb   $0x1,0x272bce5(%rip)        # 0x272bcfd
  18:	90                   	nop
  19:	48 8b 73 58          	mov    0x58(%rbx),%rsi
  1d:	48 c7 c7 00 91 16 ba 	mov    $0xffffffffba169100,%rdi
  24:	e8 08 d2 08 00       	call   0x8d231
  29:	90                   	nop
  2a:*	0f 0b                	ud2		<-- trapping instruction
  2c:	90                   	nop
  2d:	90                   	nop
  2e:	e9 5f f7 ff ff       	jmp    0xfffffffffffff792
  33:	e8 79 17 1a 00       	call   0x1a17b1
  38:	89 ee                	mov    %ebp,%esi
  3a:	48                   	rex.W
  3b:	c7                   	.byte 0xc7
  3c:	c7                   	(bad)
  3d:	f0 34 46             	lock xor $0x46,%al

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2
   2:	90                   	nop
   3:	90                   	nop
   4:	e9 5f f7 ff ff       	jmp    0xfffffffffffff768
   9:	e8 79 17 1a 00       	call   0x1a1787
   e:	89 ee                	mov    %ebp,%esi
  10:	48                   	rex.W
  11:	c7                   	.byte 0xc7
  12:	c7                   	(bad)
  13:	f0 34 46             	lock xor $0x46,%al
[   12.544127][    T1] RSP: 0000:ffffab0600013c40 EFLAGS: 00010293
[   12.548776][    T1] RAX: ffffffffb85090a7 RBX: ffffab0600013e38 RCX: ffff8a1f806b8000
[   12.549432][    T1] RDX: 0000000000000000 RSI: 00000000ffff7fff RDI: ffffffffba63a550
[   12.550073][    T1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
[   12.550737][    T1] R10: 0000000000000000 R11: ffffffffb8ca1100 R12: 0000000000000000
[   12.551383][    T1] R13: ffff8a0000000000 R14: 0000000000000067 R15: 0000000000000067
[   12.552048][    T1] FS:  0000000000000000(0000) GS:ffffffffba45f000(0000) knlGS:0000000000000000
[   12.552780][    T1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   12.553335][    T1] CR2: ffff8a22bffff000 CR3: 0000000102c30000 CR4: 00000000000406b0
[   12.553993][    T1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   12.554730][    T1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   12.555398][    T1] Call Trace:
[   12.555676][    T1]  <TASK>
[ 12.555924][ T1] ? __warn (kernel/panic.c:239) 
[ 12.556257][ T1] ? note_page (arch/x86/mm/dump_pagetables.c:246) 
[ 12.556625][ T1] ? report_bug (lib/bug.c:?) 
[ 12.557009][ T1] ? handle_bug (arch/x86/kernel/traps.c:239) 
[ 12.557371][ T1] ? exc_invalid_op (arch/x86/kernel/traps.c:260) 
[ 12.557760][ T1] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621) 
[ 12.558171][ T1] ? io_serial_in (arch/x86/kernel/early_printk.c:121) 
[ 12.558591][ T1] ? __warn_printk (include/linux/context_tracking.h:155) 
[ 12.559010][ T1] ? note_page (arch/x86/mm/dump_pagetables.c:246) 
[ 12.559384][ T1] ? note_page (arch/x86/mm/dump_pagetables.c:252) 
[ 12.559751][ T1] ptdump_p4d_entry (mm/ptdump.c:79) 
[ 12.560149][ T1] walk_pgd_range (mm/pagewalk.c:250) 
[ 12.560567][ T1] ? lock_acquire (kernel/locking/lockdep.c:5754) 
[ 12.560941][ T1] walk_page_range_novma (mm/pagewalk.c:589) 
[ 12.561367][ T1] ptdump_walk_pgd (mm/ptdump.c:167) 
[ 12.561761][ T1] ? rest_init (init/main.c:1459) 
[ 12.562131][ T1] ptdump_walk_pgd_level_checkwx (arch/x86/mm/dump_pagetables.c:395 arch/x86/mm/dump_pagetables.c:444) 
[ 12.562636][ T1] ? ptdump_walk_pgd_level_core (arch/x86/mm/dump_pagetables.c:276) 
[ 12.563115][ T1] ? note_page (arch/x86/mm/dump_pagetables.c:252) 
[ 12.563477][ T1] ? rest_init (init/main.c:1459) 
[ 12.563839][ T1] kernel_init (init/main.c:1483) 
[ 12.564187][ T1] ret_from_fork (arch/x86/kernel/process.c:153) 
[ 12.564550][ T1] ? rest_init (init/main.c:1459) 
[ 12.564897][ T1] ret_from_fork_asm (arch/x86/entry/entry_64.S:254) 
[   12.565276][    T1]  </TASK>
[   12.565526][    T1] irq event stamp: 789373
[ 12.565883][ T1] hardirqs last enabled at (789381): console_unlock (arch/x86/include/asm/irqflags.h:19 arch/x86/include/asm/irqflags.h:67 arch/x86/include/asm/irqflags.h:127 kernel/printk/printk.c:341 kernel/printk/printk.c:2746 kernel/printk/printk.c:3065) 
[ 12.566712][ T1] hardirqs last disabled at (789390): console_unlock (kernel/printk/printk.c:339) 
[ 12.567498][ T1] softirqs last enabled at (789142): __irq_exit_rcu (include/linux/sched.h:2189 kernel/softirq.c:620 kernel/softirq.c:639) 
[ 12.568260][ T1] softirqs last disabled at (789131): __irq_exit_rcu (include/linux/sched.h:2189 kernel/softirq.c:620 kernel/softirq.c:639) 
[   12.569027][    T1] ---[ end trace 0000000000000000 ]---



The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20240705/202407051002.96bf438-oliver.sang@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ