| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 6 Jun 2013 20:55:49 +0800
From: Fengguang Wu <fengguang.wu@...el.com>
To: Fan Du <fan.du@...driver.com>
Cc: Steffen Klassert <steffen.klassert@...unet.com>,
linux-kernel@...r.kernel.org, netdev@...r.kernel.org
Subject: [xfrm?] BUG: unable to handle kernel NULL pointer dereference at
00000004
Greetings,
I got the below dmesg and the first bad commit is
commit 4c4d41f200db375b2d2cc6d0a1de0606c8266398
Author: Fan Du <fan.du@...driver.com>
Date: Thu Jun 6 10:15:54 2013 +0800
xfrm: add LINUX_MIB_XFRMACQUIREERROR statistic counter
When host ping its peer, ICMP echo request packet triggers IPsec
policy, then host negotiates SA secret with its peer. After IKE
installed SA for OUT direction, but before SA for IN direction
installed, host get ICMP echo reply from its peer. At the time
being, the SA state for IN direction could be XFRM_STATE_ACQ,
then the received packet will be dropped after adding
LINUX_MIB_XFRMINSTATEINVALID statistic.
Adding a LINUX_MIB_XFRMACQUIREERROR statistic counter for such
scenario when SA in larval state is much clearer for user than
LINUX_MIB_XFRMINSTATEINVALID which indicates the SA is totally
bad.
Signed-off-by: Fan Du <fan.du@...driver.com>
Signed-off-by: Steffen Klassert <steffen.klassert@...unet.com>
[ 157.721828] no cont in shutdown!
[ 158.779481] floppy0: FDC access conflict!
[ 159.555337] BUG: unable to handle kernel NULL pointer dereference at 00000004
[ 160.102544] IP: [<c1609ed5>] reset_interrupt+0x85/0x90
[ 160.102544] *pde = 00000000
[ 160.102544] Oops: 0000 [#1] PREEMPT SMP
[ 160.102544] CPU: 1 PID: 89 Comm: kworker/u4:1 Not tainted 3.10.0-rc2-00597-g4c4d41f #3
[ 160.102544] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2007
[ 160.102544] Workqueue: floppy reset_interrupt
[ 160.102544] task: c5a5ad00 ti: c5b5c000 task.ti: c5b5c000
[ 160.102544] EIP: 0060:[<c1609ed5>] EFLAGS: 00010246 CPU: 1
[ 160.102544] EIP is at reset_interrupt+0x85/0x90
[ 160.102544] EAX: 00000000 EBX: cbd56600 ECX: c5a5ad00 EDX: 000003f4
[ 160.102544] ESI: c1ed0e40 EDI: c5a23200 EBP: c5b5debc ESP: c5b5deac
[ 160.102544] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[ 160.102544] CR0: 8005003b CR2: 00000004 CR3: 02037000 CR4: 00000690
[ 160.102544] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[ 160.102544] DR6: ffff0ff0 DR7: 00000400
[ 160.102544] Stack:
[ 178.765341] pcd0: Autoprobe failed
[ 178.765373] pcd: No CD-ROM drive found
Bisect log shows that
- reverting the commit fixes the problem
- linux-next is also impacted
git bisect start 4c4d41f200db375b2d2cc6d0a1de0606c8266398 5865fc1b6a99bc7dcf245770c2735577b8596b6e --
git bisect good 5865fc1b6a99bc7dcf245770c2735577b8596b6e # 30 2013-06-06 17:34:58 tg3: remove redundant pm init code
git bisect bad 4c4d41f200db375b2d2cc6d0a1de0606c8266398 # 0 2013-06-06 17:34:59 xfrm: add LINUX_MIB_XFRMACQUIREERROR statistic counter
git bisect good ce10982b1a07f6a25bb756b7509188ae8a5060d6 # 30 2013-06-06 20:42:08 Revert "xfrm: add LINUX_MIB_XFRMACQUIREERROR statistic counter"
git bisect bad 4e1e7059d375482daeeda395bba2939679b1ee14 # 0 2013-06-06 20:42:13 Add linux-next specific files for 20130606
Thanks,
Fengguang
View attachment "dmesg-kvm-snb-51548-20130606135557-3.10.0-rc2-00597-g4c4d41f-3" of type "text/plain" (45633 bytes)
Download attachment "4c4d41f200db375b2d2cc6d0a1de0606c8266398-bisect.log" of type "application/octet-stream" (4260 bytes)
View attachment ".config-bisect" of type "text/plain" (79509 bytes)
Powered by blists - more mailing lists