* kernel panic: smack: Failed to initialize cipso DOI.
@ 2020-03-30 13:51 ` syzbot
0 siblings, 0 replies; 7+ messages in thread
From: syzbot @ 2020-03-30 13:51 UTC (permalink / raw)
To: a, b.a.t.m.a.n, casey, davem, intel-wired-lan, jeffrey.t.kirsher,
jkc, jmorris, linux-kernel, linux-security-module, mareklindner,
netdev, serge, sw, syzkaller-bugs
Hello,
syzbot found the following crash on:
HEAD commit: 1b649e0b Merge git://git.kernel.org/pub/scm/linux/kernel/g..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=14957099e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=4ac76c43beddbd9
dashboard link: https://syzkaller.appspot.com/bug?extid=89731ccb6fec15ce1c22
compiler: clang version 10.0.0 (https://github.com/llvm/llvm-project/ c2443155a0fb245c8f17f2c1c72b6ea391e86e81)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1202c375e00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1390bb03e00000
The bug was bisected to:
commit a9d2d53a788a9c5bc8a7d1b4ea7857b68e221357
Author: Ken Cox <jkc@redhat.com>
Date: Tue Nov 15 19:00:37 2016 +0000
ixgbe: test for trust in macvlan adjustments for VF
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=13cb06f3e00000
final crash: https://syzkaller.appspot.com/x/report.txt?x=102b06f3e00000
console output: https://syzkaller.appspot.com/x/log.txt?x=17cb06f3e00000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+89731ccb6fec15ce1c22@syzkaller.appspotmail.com
Fixes: a9d2d53a788a ("ixgbe: test for trust in macvlan adjustments for VF")
RSP: 002b:00007ffebd499a38 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007ffebd499a40 RCX: 00000000004404e9
RDX: 0000000000000014 RSI: 0000000020000040 RDI: 0000000000000003
RBP: 0000000000000004 R08: 0000000000000001 R09: 00007ffebd490031
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401dd0
R13: 0000000000401e60 R14: 0000000000000000 R15: 0000000000000000
Kernel panic - not syncing: smack: Failed to initialize cipso DOI.
CPU: 1 PID: 7197 Comm: syz-executor480 Not tainted 5.6.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1e9/0x30e lib/dump_stack.c:118
panic+0x264/0x7a0 kernel/panic.c:221
smk_cipso_doi+0x4d8/0x4e0 security/smack/smackfs.c:698
smk_write_doi+0x123/0x190 security/smack/smackfs.c:1595
__vfs_write+0xa7/0x710 fs/read_write.c:494
vfs_write+0x271/0x570 fs/read_write.c:558
ksys_write+0x115/0x220 fs/read_write.c:611
do_syscall_64+0xf3/0x1b0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x4404e9
Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 5b 14 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffebd499a38 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007ffebd499a40 RCX: 00000000004404e9
RDX: 0000000000000014 RSI: 0000000020000040 RDI: 0000000000000003
RBP: 0000000000000004 R08: 0000000000000001 R09: 00007ffebd490031
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401dd0
R13: 0000000000401e60 R14: 0000000000000000 R15: 0000000000000000
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Intel-wired-lan] kernel panic: smack: Failed to initialize cipso DOI.
@ 2020-03-30 13:51 ` syzbot
0 siblings, 0 replies; 7+ messages in thread
From: syzbot @ 2020-03-30 13:51 UTC (permalink / raw)
To: intel-wired-lan
Hello,
syzbot found the following crash on:
HEAD commit: 1b649e0b Merge git://git.kernel.org/pub/scm/linux/kernel/g..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=14957099e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=4ac76c43beddbd9
dashboard link: https://syzkaller.appspot.com/bug?extid=89731ccb6fec15ce1c22
compiler: clang version 10.0.0 (https://github.com/llvm/llvm-project/ c2443155a0fb245c8f17f2c1c72b6ea391e86e81)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1202c375e00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1390bb03e00000
The bug was bisected to:
commit a9d2d53a788a9c5bc8a7d1b4ea7857b68e221357
Author: Ken Cox <jkc@redhat.com>
Date: Tue Nov 15 19:00:37 2016 +0000
ixgbe: test for trust in macvlan adjustments for VF
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=13cb06f3e00000
final crash: https://syzkaller.appspot.com/x/report.txt?x=102b06f3e00000
console output: https://syzkaller.appspot.com/x/log.txt?x=17cb06f3e00000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+89731ccb6fec15ce1c22 at syzkaller.appspotmail.com
Fixes: a9d2d53a788a ("ixgbe: test for trust in macvlan adjustments for VF")
RSP: 002b:00007ffebd499a38 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007ffebd499a40 RCX: 00000000004404e9
RDX: 0000000000000014 RSI: 0000000020000040 RDI: 0000000000000003
RBP: 0000000000000004 R08: 0000000000000001 R09: 00007ffebd490031
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401dd0
R13: 0000000000401e60 R14: 0000000000000000 R15: 0000000000000000
Kernel panic - not syncing: smack: Failed to initialize cipso DOI.
CPU: 1 PID: 7197 Comm: syz-executor480 Not tainted 5.6.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1e9/0x30e lib/dump_stack.c:118
panic+0x264/0x7a0 kernel/panic.c:221
smk_cipso_doi+0x4d8/0x4e0 security/smack/smackfs.c:698
smk_write_doi+0x123/0x190 security/smack/smackfs.c:1595
__vfs_write+0xa7/0x710 fs/read_write.c:494
vfs_write+0x271/0x570 fs/read_write.c:558
ksys_write+0x115/0x220 fs/read_write.c:611
do_syscall_64+0xf3/0x1b0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x4404e9
Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 5b 14 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffebd499a38 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007ffebd499a40 RCX: 00000000004404e9
RDX: 0000000000000014 RSI: 0000000020000040 RDI: 0000000000000003
RBP: 0000000000000004 R08: 0000000000000001 R09: 00007ffebd490031
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401dd0
R13: 0000000000401e60 R14: 0000000000000000 R15: 0000000000000000
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller at googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: kernel panic: smack: Failed to initialize cipso DOI.
2020-03-30 13:51 ` [Intel-wired-lan] " syzbot
@ 2020-03-30 15:13 ` Tetsuo Handa
-1 siblings, 0 replies; 7+ messages in thread
From: Tetsuo Handa @ 2020-03-30 15:13 UTC (permalink / raw)
To: syzbot, casey; +Cc: jmorris, linux-security-module, serge, syzkaller-bugs
On 2020/03/30 22:51, syzbot wrote:
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit: 1b649e0b Merge git://git.kernel.org/pub/scm/linux/kernel/g..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=14957099e00000
> kernel config: https://syzkaller.appspot.com/x/.config?x=4ac76c43beddbd9
> dashboard link: https://syzkaller.appspot.com/bug?extid=89731ccb6fec15ce1c22
> compiler: clang version 10.0.0 (https://github.com/llvm/llvm-project/ c2443155a0fb245c8f17f2c1c72b6ea391e86e81)
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1202c375e00000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1390bb03e00000
Wrong bisection. This is not a network / driver problem.
There is a memory allocation fault injection prior to this panic.
[ T1576] FAULT_INJECTION: forcing a failure.
[ T1576] Kernel panic - not syncing: smack: Failed to initialize cipso DOI.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Intel-wired-lan] kernel panic: smack: Failed to initialize cipso DOI.
@ 2020-03-30 15:13 ` Tetsuo Handa
0 siblings, 0 replies; 7+ messages in thread
From: Tetsuo Handa @ 2020-03-30 15:13 UTC (permalink / raw)
To: intel-wired-lan
On 2020/03/30 22:51, syzbot wrote:
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit: 1b649e0b Merge git://git.kernel.org/pub/scm/linux/kernel/g..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=14957099e00000
> kernel config: https://syzkaller.appspot.com/x/.config?x=4ac76c43beddbd9
> dashboard link: https://syzkaller.appspot.com/bug?extid=89731ccb6fec15ce1c22
> compiler: clang version 10.0.0 (https://github.com/llvm/llvm-project/ c2443155a0fb245c8f17f2c1c72b6ea391e86e81)
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1202c375e00000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1390bb03e00000
Wrong bisection. This is not a network / driver problem.
There is a memory allocation fault injection prior to this panic.
[ T1576] FAULT_INJECTION: forcing a failure.
[ T1576] Kernel panic - not syncing: smack: Failed to initialize cipso DOI.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: kernel panic: smack: Failed to initialize cipso DOI.
2020-03-30 13:51 ` [Intel-wired-lan] " syzbot
(?)
(?)
@ 2020-07-08 20:25 ` Eric Biggers
-1 siblings, 0 replies; 7+ messages in thread
From: Eric Biggers @ 2020-07-08 20:25 UTC (permalink / raw)
To: Casey Schaufler
Cc: syzbot, linux-kernel, linux-security-module, syzkaller-bugs
Hi Casey,
On Mon, Mar 30, 2020 at 06:51:18AM -0700, syzbot wrote:
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit: 1b649e0b Merge git://git.kernel.org/pub/scm/linux/kernel/g..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=14957099e00000
> kernel config: https://syzkaller.appspot.com/x/.config?x=4ac76c43beddbd9
> dashboard link: https://syzkaller.appspot.com/bug?extid=89731ccb6fec15ce1c22
> compiler: clang version 10.0.0 (https://github.com/llvm/llvm-project/ c2443155a0fb245c8f17f2c1c72b6ea391e86e81)
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1202c375e00000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1390bb03e00000
>
> The bug was bisected to:
>
> commit a9d2d53a788a9c5bc8a7d1b4ea7857b68e221357
> Author: Ken Cox <jkc@redhat.com>
> Date: Tue Nov 15 19:00:37 2016 +0000
>
> ixgbe: test for trust in macvlan adjustments for VF
>
> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=13cb06f3e00000
> final crash: https://syzkaller.appspot.com/x/report.txt?x=102b06f3e00000
> console output: https://syzkaller.appspot.com/x/log.txt?x=17cb06f3e00000
>
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+89731ccb6fec15ce1c22@syzkaller.appspotmail.com
> Fixes: a9d2d53a788a ("ixgbe: test for trust in macvlan adjustments for VF")
>
> RSP: 002b:00007ffebd499a38 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
> RAX: ffffffffffffffda RBX: 00007ffebd499a40 RCX: 00000000004404e9
> RDX: 0000000000000014 RSI: 0000000020000040 RDI: 0000000000000003
> RBP: 0000000000000004 R08: 0000000000000001 R09: 00007ffebd490031
> R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401dd0
> R13: 0000000000401e60 R14: 0000000000000000 R15: 0000000000000000
> Kernel panic - not syncing: smack: Failed to initialize cipso DOI.
> CPU: 1 PID: 7197 Comm: syz-executor480 Not tainted 5.6.0-rc7-syzkaller #0
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
> Call Trace:
> __dump_stack lib/dump_stack.c:77 [inline]
> dump_stack+0x1e9/0x30e lib/dump_stack.c:118
> panic+0x264/0x7a0 kernel/panic.c:221
> smk_cipso_doi+0x4d8/0x4e0 security/smack/smackfs.c:698
> smk_write_doi+0x123/0x190 security/smack/smackfs.c:1595
> __vfs_write+0xa7/0x710 fs/read_write.c:494
> vfs_write+0x271/0x570 fs/read_write.c:558
> ksys_write+0x115/0x220 fs/read_write.c:611
> do_syscall_64+0xf3/0x1b0 arch/x86/entry/common.c:294
> entry_SYSCALL_64_after_hwframe+0x49/0xbe
> RIP: 0033:0x4404e9
> Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 5b 14 fc ff c3 66 2e 0f 1f 84 00 00 00 00
> RSP: 002b:00007ffebd499a38 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
> RAX: ffffffffffffffda RBX: 00007ffebd499a40 RCX: 00000000004404e9
> RDX: 0000000000000014 RSI: 0000000020000040 RDI: 0000000000000003
> RBP: 0000000000000004 R08: 0000000000000001 R09: 00007ffebd490031
> R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401dd0
> R13: 0000000000401e60 R14: 0000000000000000 R15: 0000000000000000
> Kernel Offset: disabled
> Rebooting in 86400 seconds..
>
This means that writing to /smack/doi will panic the kernel if kmalloc fails.
Why doesn't it handle errors? Is this really an unrecoverable situation?
- Eric
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH] smackfs: use __GFP_NOFAIL for smk_cipso_doi()
2020-03-30 15:13 ` [Intel-wired-lan] " Tetsuo Handa
(?)
@ 2021-10-19 11:54 ` Tetsuo Handa
2021-10-22 18:03 ` Casey Schaufler
-1 siblings, 1 reply; 7+ messages in thread
From: Tetsuo Handa @ 2021-10-19 11:54 UTC (permalink / raw)
To: syzbot, casey; +Cc: jmorris, linux-security-module, serge, syzkaller-bugs
syzbot is reporting kernel panic at smk_cipso_doi() due to memory
allocation fault injection [1]. The reason for need to use panic() was
not explained. But since no fix was proposed for 18 months, for now
let's use __GFP_NOFAIL for utilizing syzbot resource on other bugs.
Link: https://syzkaller.appspot.com/bug?extid=89731ccb6fec15ce1c22 [1]
Reported-by: syzbot <syzbot+89731ccb6fec15ce1c22@syzkaller.appspotmail.com>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
---
security/smack/smackfs.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
index 83b90442f963..3e6a198dd3dd 100644
--- a/security/smack/smackfs.c
+++ b/security/smack/smackfs.c
@@ -693,9 +693,7 @@ static void smk_cipso_doi(void)
printk(KERN_WARNING "%s:%d remove rc = %d\n",
__func__, __LINE__, rc);
- doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL);
- if (doip == NULL)
- panic("smack: Failed to initialize cipso DOI.\n");
+ doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL | __GFP_NOFAIL);
doip->map.std = NULL;
doip->doi = smk_cipso_doi_value;
doip->type = CIPSO_V4_MAP_PASS;
--
2.18.4
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH] smackfs: use __GFP_NOFAIL for smk_cipso_doi()
2021-10-19 11:54 ` [PATCH] smackfs: use __GFP_NOFAIL for smk_cipso_doi() Tetsuo Handa
@ 2021-10-22 18:03 ` Casey Schaufler
0 siblings, 0 replies; 7+ messages in thread
From: Casey Schaufler @ 2021-10-22 18:03 UTC (permalink / raw)
To: Tetsuo Handa, syzbot
Cc: jmorris, linux-security-module, serge, syzkaller-bugs,
Casey Schaufler
On 10/19/2021 4:54 AM, Tetsuo Handa wrote:
> syzbot is reporting kernel panic at smk_cipso_doi() due to memory
> allocation fault injection [1]. The reason for need to use panic() was
> not explained. But since no fix was proposed for 18 months, for now
> let's use __GFP_NOFAIL for utilizing syzbot resource on other bugs.
>
> Link: https://syzkaller.appspot.com/bug?extid=89731ccb6fec15ce1c22 [1]
> Reported-by: syzbot <syzbot+89731ccb6fec15ce1c22@syzkaller.appspotmail.com>
> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Added to smack-next. Thank you.
> ---
> security/smack/smackfs.c | 4 +---
> 1 file changed, 1 insertion(+), 3 deletions(-)
>
> diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
> index 83b90442f963..3e6a198dd3dd 100644
> --- a/security/smack/smackfs.c
> +++ b/security/smack/smackfs.c
> @@ -693,9 +693,7 @@ static void smk_cipso_doi(void)
> printk(KERN_WARNING "%s:%d remove rc = %d\n",
> __func__, __LINE__, rc);
>
> - doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL);
> - if (doip == NULL)
> - panic("smack: Failed to initialize cipso DOI.\n");
> + doip = kmalloc(sizeof(struct cipso_v4_doi), GFP_KERNEL | __GFP_NOFAIL);
> doip->map.std = NULL;
> doip->doi = smk_cipso_doi_value;
> doip->type = CIPSO_V4_MAP_PASS;
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2021-10-22 18:03 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-03-30 13:51 kernel panic: smack: Failed to initialize cipso DOI syzbot
2020-03-30 13:51 ` [Intel-wired-lan] " syzbot
2020-03-30 15:13 ` Tetsuo Handa
2020-03-30 15:13 ` [Intel-wired-lan] " Tetsuo Handa
2021-10-19 11:54 ` [PATCH] smackfs: use __GFP_NOFAIL for smk_cipso_doi() Tetsuo Handa
2021-10-22 18:03 ` Casey Schaufler
2020-07-08 20:25 ` kernel panic: smack: Failed to initialize cipso DOI Eric Biggers
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.