From: Bagas Sanjaya <bagasdotme@gmail.com>
To: "Ondrej Mosnáček" <omosnacek@gmail.com>,
"Linux Crypto Mailing List" <linux-crypto@vger.kernel.org>
Cc: David Howells <dhowells@redhat.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
Paolo Abeni <pabeni@redhat.com>,
netdev@vger.kernel.org, regressions@lists.linux.dev,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: Another regression in the af_alg series (s390x-specific)
Date: Fri, 14 Jul 2023 09:10:35 +0700 [thread overview]
Message-ID: <ZLCumw4oY5QGL8Wi@debian.me> (raw)
In-Reply-To: <CAAUqJDuRkHE8fPgZJGaKjUjd3QfGwzfumuJBmStPqBhubxyk_A@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 2528 bytes --]
On Thu, Jul 13, 2023 at 10:03:45AM +0200, Ondrej Mosnáček wrote:
> Hi,
>
> It turns out that beneath the first bug [1] there was another one
> hiding. It seems to happen only on the s390x architecture when running
> the following libkcapi [2] reproducer:
>
> kcapi -x 2 -s -c "gcm(aes)" -i 0d92aa861746b324f20ee6b7 \
> -k f4a6a5e5f2066f6dd9ec6fc5169c29043560ef595c9e81e76f42d29212cc581c \
> -a "" -t 5f24c68cbe6f32c29652442bf5d483ad -q ""
>
> Frequently (but not always) it triggers an oops like this one:
>
> [ 3986.766763] Unable to handle kernel pointer dereference in virtual
> kernel address space
> [ 3986.766774] Failing address: 0000000a00000000 TEID: 0000000a00000803
> [ 3986.766776] Fault in home space mode while using kernel ASCE.
> [ 3986.766778] AS:00000000a43a0007 R3:0000000000000024
> [ 3986.766825] Oops: 003b ilc:2 [#1] SMP
> <snip>
> [ 3986.766877] CPU: 0 PID: 271064 Comm: kcapi Tainted: G W
> 6.5.0-rc1 #1
> [ 3986.767070] Hardware name: IBM 8561 LT1 400 (z/VM 7.2.0)
> <snip>
> [ 3986.767151] Call Trace:
> [ 3986.767153] [<000003ff7fc3d47e>] gcm_walk_start+0x16/0x28 [aes_s390]
> [ 3986.767160] [<00000000a2a342f2>] crypto_aead_decrypt+0x9a/0xb8
> [ 3986.767166] [<00000000a2a60888>] aead_recvmsg+0x478/0x698
> [ 3986.767169] [<00000000a2e519a0>] sock_recvmsg+0x70/0xb0
> [ 3986.767175] [<00000000a2e51a56>] sock_read_iter+0x76/0xa0
> [ 3986.767177] [<00000000a273e066>] vfs_read+0x26e/0x2a8
> [ 3986.767182] [<00000000a273e8c4>] ksys_read+0xbc/0x100
> [ 3986.767184] [<00000000a311d808>] __do_syscall+0x1d0/0x1f8
> [ 3986.767189] [<00000000a312ff30>] system_call+0x70/0x98
> [ 3986.767193] Last Breaking-Event-Address:
> [ 3986.767193] [<000003ff7fc3e6b4>] gcm_aes_crypt+0x104/0xa68 [aes_s390]
> [ 3986.767198] Kernel panic - not syncing: Fatal exception: panic_on_oops
>
> This time the regression was bisected to:
>
> commit c1abe6f570aff4b6d396dc551e60570d2f50bd79
> Author: David Howells <dhowells@redhat.com>
> Date: Tue Jun 6 14:08:52 2023 +0100
>
> crypto: af_alg: Use extract_iter_to_sg() to create scatterlists
>
> I can't see what the problem is with the commit, so I'm reporting here
> hoping that David or someone else can pick it up from here.
>
Thanks for the regression report. I'm adding it to regzbot:
#regzbot ^introduced: c1abe6f570aff4b
#regzbot title: kernel pointer dereference regression due to extract_iter_to_sg()
--
An old man doll... just what I always wanted! - Clara
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]
next prev parent reply other threads:[~2023-07-14 2:10 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-13 8:03 Another regression in the af_alg series (s390x-specific) Ondrej Mosnáček
2023-07-14 2:10 ` Bagas Sanjaya [this message]
2023-07-26 10:15 ` Linux regression tracking (Thorsten Leemhuis)
2023-07-26 10:43 ` David Howells
2023-07-26 11:02 ` Linux regression tracking (Thorsten Leemhuis)
2023-07-26 15:38 ` David Howells
2023-07-26 19:20 ` Sven Schnelle
2023-07-26 21:53 ` [PATCH] crypto: Fix missing initialisation affecting gcm-aes-s390 David Howells
2023-07-27 5:55 ` Sven Schnelle
2023-07-31 13:35 ` Ondrej Mosnáček
2023-07-31 14:18 ` Ard Biesheuvel
2023-08-04 9:11 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZLCumw4oY5QGL8Wi@debian.me \
--to=bagasdotme@gmail.com \
--cc=dhowells@redhat.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=omosnacek@gmail.com \
--cc=pabeni@redhat.com \
--cc=regressions@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.