lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 28 Mar 2022 19:24:06 +0000
From:   Song Liu <songliubraving@...com>
To:     Paul Menzel <pmenzel@...gen.mpg.de>
CC:     Rick P Edgecombe <rick.p.edgecombe@...el.com>,
        Song Liu <song@...nel.org>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Andrii Nakryiko <andrii@...nel.org>,
        Kernel Team <Kernel-team@...com>,
        Peter Zijlstra <peterz@...radead.org>,
        "x86@...nel.org" <x86@...nel.org>,
        "iii@...ux.ibm.com" <iii@...ux.ibm.com>,
        "bpf@...r.kernel.org" <bpf@...r.kernel.org>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        "regressions@...ts.linux.dev" <regressions@...ts.linux.dev>
Subject: Re: BUG: Bad page state in process systemd-udevd (was: [PATCH v9
 bpf-next 1/9] x86/Kconfig: select HAVE_ARCH_HUGE_VMALLOC with
 HAVE_ARCH_HUGE_VMAP)



> On Mar 27, 2022, at 11:51 PM, Paul Menzel <pmenzel@...gen.mpg.de> wrote:
> 
> Dear Song,
> 
> 
> Am 28.03.22 um 08:37 schrieb Song Liu:
>> Thanks Paul for highlighting the issue.
> 
> Thank you for getting back to me so quickly.
> 
>> + Rick, who highlighted some potential issues with this. (also attached
>> the stack trace).
> 
> I already had added him, but forgot to document it in the message. Sorry for that.
> 
>>> On Mar 27, 2022, at 3:36 AM, Paul Menzel <pmenzel@...gen.mpg.de> wrote:
> 
>>> Am 26.03.22 um 19:46 schrieb Paul Menzel:
>>>> #regzbot introduced: fac54e2bfb5be2b0bbf115fe80d45f59fd773048
>>>> #regzbot title: BUG: Bad page state in process systemd-udevd
>>> 
>>>> Am 04.02.22 um 19:57 schrieb Song Liu:
>>>>> From: Song Liu <songliubraving@...com>
>>>>> 
>>>>> This enables module_alloc() to allocate huge page for 2MB+ requests.
>>>>> To check the difference of this change, we need enable config
>>>>> CONFIG_PTDUMP_DEBUGFS, and call module_alloc(2MB). Before the change,
>>>>> /sys/kernel/debug/page_tables/kernel shows pte for this map. With the
>>>>> change, /sys/kernel/debug/page_tables/ show pmd for thie map.
>>>>> 
>>>>> Signed-off-by: Song Liu <songliubraving@...com>
>>>>> ---
>>>>>   arch/x86/Kconfig | 1 +
>>>>>   1 file changed, 1 insertion(+)
>>>>> 
>>>>> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
>>>>> index 6fddb63271d9..e0e0d00cf103 100644
>>>>> --- a/arch/x86/Kconfig
>>>>> +++ b/arch/x86/Kconfig
>>>>> @@ -159,6 +159,7 @@ config X86
>>>>>       select HAVE_ALIGNED_STRUCT_PAGE        if SLUB
>>>>>       select HAVE_ARCH_AUDITSYSCALL
>>>>>       select HAVE_ARCH_HUGE_VMAP        if X86_64 || X86_PAE
>>>>> +    select HAVE_ARCH_HUGE_VMALLOC        if HAVE_ARCH_HUGE_VMAP
>>>>>       select HAVE_ARCH_JUMP_LABEL
>>>>>       select HAVE_ARCH_JUMP_LABEL_RELATIVE
>>>>>       select HAVE_ARCH_KASAN            if X86_64
>>>> Testing Linus’ current master branch, Linux logs critical messages like below:
>>>>     BUG: Bad page state in process systemd-udevd  pfn:102e03
>>>> I bisected to your commit fac54e2bfb5 (x86/Kconfig: select
>>>> HAVE_ARCH_HUGE_VMALLOC with HAVE_ARCH_HUGE_VMAP).
>>> Sorry, I forget to mention, that this is a 32-bit (i686) userspace,
>>> but a 64-bit Linux kernel, so it might be the same issue as
>>> mentioned in commit eed1fcee556f (x86: Disable
>>> HAVE_ARCH_HUGE_VMALLOC on 32-bit x86), but didn’t fix the issue for
>>> 64-bit Linux kernel and 32-bit userspace.
>> I will look more into this tomorrow. To clarify, what is the 32-bit
>> user space that triggers this? Is it systemd-udevd? Is the systemd
>> also i686?
> 
> Yes, everything – also systemd – is i686. You can build a 32-bit VM image with grml-debootstrap [1]:
> 
>    sudo DEBOOTSTRAP=mmdebstrap ~/src/grml-debootstrap/grml-debootstrap --vm --vmfile --vmsize 3G --target /dev/shm/debian-32.img -r sid --arch i686 --filesystem ext4
> 
> Then run that with QEMU, but pass the 64-bit Linux kernel to QEMU directly with the switches `-kernel` and `-append`, or install the amd64 Linux kernel into the Debian VM image or the package created with `make bindeb-pkg` with `dpkg -i …`.

Thanks for these information!

I tried the following, but couldn't reproduce the issue. 

sudo ./grml-debootstrap --vm --vmfile --vmsize 3G --target ../debian-32.img -r sid --arch i386 --filesystem ext4

Note: s/i686/i386/. Also I run this on Fedora, so I didn't specify DEBOOTSTRAP. 

Then I run it with

qemu-system-x86_64 \
  -boot d ./debian-32.img -m 1024 -smp 4 \
  -kernel ./bzImage \
  -nographic -append 'root=/dev/sda1 ro console=ttyS0,115200'

The VM boots fine. The config being used is x86_64_defconfig + 
CONFIG_DRM_FBDEV_EMULATION. 

I wonder whether this is caused by different config or different image.
Could you please share your config?

Thanks,
Song

PS: I couldn't figure out the root password of the image, --password 
option of grml-debootstrap doesn't seem to work.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ