| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <a877028a-7879-0925-4887-b9502e197f82@oracle.com>
Date: Fri, 1 May 2020 12:17:21 +0530
From: Allen <allen.pais@...cle.com>
To: Andrew Lunn <andrew@...n.ch>
Cc: netdev@...r.kernel.org, Vivien Didelot <vivien.didelot@...il.com>,
Florian Fainelli <f.fainelli@...il.com>
Subject: Re: Net: [DSA]: dsa-loop kernel panic
Andrew,
>
> Can you reproduce it? If so, could you do:
>
> make net/core/dev.lst
Yes. Attached is the file.
ffff8000113adb60 <__dev_set_rx_mode>:
{
ffff8000113adb60: a9bd7bfd stp x29, x30, [sp,#-48]!
ffff8000113adb64: 910003fd mov x29, sp
ffff8000113adb68: a90153f3 stp x19, x20, [sp,#16]
ffff8000113adb6c: f90013f5 str x21, [sp,#32]
ffff8000113adb70: aa0003f3 mov x19, x0
ffff8000113adb74: aa1e03e0 mov x0, x30
ffff8000113adb78: 94000000 bl 0 <_mcount>
ffff8000113adb78: R_AARCH64_CALL26 _mcount
if (!(dev->flags&IFF_UP))
ffff8000113adb7c: b9422a60 ldr w0, [x19,#552]
const struct net_device_ops *ops = dev->netdev_ops;
ffff8000113adb80: f940fa74 ldr x20, [x19,#496]
if (!(dev->flags&IFF_UP))
ffff8000113adb84: 360001a0 tbz w0, #0, ffff8000113adbb8
<__dev_set_rx_mode+0x58>
ffff8000113adb88: f9402260 ldr x0, [x19,#64]
if (!netif_device_present(dev))
ffff8000113adb8c: 36080160 tbz w0, #1, ffff8000113adbb8
<__dev_set_rx_mode+0x58>
if (!(dev->priv_flags & IFF_UNICAST_FLT)) {
ffff8000113adb90: b9422e60 ldr w0, [x19,#556]
ffff8000113adb94: 376000a0 tbnz w0, #12, ffff8000113adba8
<__dev_set_rx_mode+0x48>
if (!netdev_uc_empty(dev) && !dev->uc_promisc) {
ffff8000113adb98: b9429275 ldr w21, [x19,#656]
ffff8000113adb9c: 35000175 cbnz w21, ffff8000113adbc8
<__dev_set_rx_mode+0x68>
} else if (netdev_uc_empty(dev) && dev->uc_promisc) {
ffff8000113adba0: 3949f660 ldrb w0, [x19,#637]
ffff8000113adba4: 35000220 cbnz w0, ffff8000113adbe8
<__dev_set_rx_mode+0x88>
if (ops->ndo_set_rx_mode)
ffff8000113adba8: f9402281 ldr x1, [x20,#64]
ffff8000113adbac: b4000061 cbz x1, ffff8000113adbb8
<__dev_set_rx_mode+0x58>
ops->ndo_set_rx_mode(dev);
ffff8000113adbb0: aa1303e0 mov x0, x19
ffff8000113adbb4: d63f0020 blr x1
}
ffff8000113adbb8: a94153f3 ldp x19, x20, [sp,#16]
ffff8000113adbbc: f94013f5 ldr x21, [sp,#32]
ffff8000113adbc0: a8c37bfd ldp x29, x30, [sp],#48
ffff8000113adbc4: d65f03c0 ret
if (!netdev_uc_empty(dev) && !dev->uc_promisc) {
ffff8000113adbc8: 3949f662 ldrb w2, [x19,#637]
ffff8000113adbcc: 35fffee2 cbnz w2, ffff8000113adba8
<__dev_set_rx_mode+0x48>
__dev_set_promiscuity(dev, 1, false);
ffff8000113adbd0: aa1303e0 mov x0, x19
ffff8000113adbd4: 52800021 mov w1, #0x1 // #1
ffff8000113adbd8: 97ffff6a bl ffff8000113ad980 <__dev_set_promiscuity>
dev->uc_promisc = true;
ffff8000113adbdc: 52800020 mov w0, #0x1 // #1
ffff8000113adbe0: 3909f660 strb w0, [x19,#637]
ffff8000113adbe4: 17fffff1 b ffff8000113adba8 <__dev_set_rx_mode+0x48>
__dev_set_promiscuity(dev, -1, false);
ffff8000113adbe8: aa1303e0 mov x0, x19
ffff8000113adbec: 12800001 mov w1, #0xffffffff // #-1
ffff8000113adbf0: 2a1503e2 mov w2, w21
ffff8000113adbf4: 97ffff63 bl ffff8000113ad980 <__dev_set_promiscuity>
dev->uc_promisc = false;
ffff8000113adbf8: 3909f675 strb w21, [x19,#637]
ffff8000113adbfc: 17ffffeb b ffff8000113adba8 <__dev_set_rx_mode+0x48>
> and then show us the listing for __dev_set_rx_mode. The instructions
> around 0x48/0xa0 will tell us what structure is a NULL pointer.
>
> For this to work, it is important the build to create the .lst file is
> the same as the build which fails. Changing the kernel configuration,
> compiler flags etc can change 0x48/0xa0.
- Allen
View attachment "dev.lst" of type "text/plain" (1432037 bytes)
Powered by blists - more mailing lists