[PATCH] parisc: Temporarily disable jump label support

[PATCH] parisc: Temporarily disable jump label support

[Helge Deller]

The 32-bit Debian kernel 6.12 fails to boot and crashes like this:

 init (pid 65): Protection id trap (code 7)
 CPU: 0 UID: 0 PID: 65 Comm: init Not tainted 6.12.9 #2
 Hardware name: 9000/778/B160L

      YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI
 PSW: 00000000000001000000000000001111 Not tainted
 r00-03  0004000f 110d39d0 109a6558 12974400
 r04-07  12a810e0 12a810e0 00000000 12a81144
 r08-11  12a81174 00000007 00000000 00000002
 r12-15  f8c55c08 0000006c 00000001 f8c55c08
 r16-19  00000002 f8c58620 002da3a8 0000004e
 r20-23  00001a46 0000000f 10754f84 00000000
 r24-27  00000000 00000003 12ae6980 1127b9d0
 r28-31  00000000 00000000 12974440 109a6558
 sr00-03  00000000 00000000 00000000 00000010
 sr04-07  00000000 00000000 00000000 00000000

 IASQ: 00000000 00000000 IAOQ: 110d39d0 110d39d4
  IIR: baadf00d    ISR: 00000000  IOR: 110d39d0
  CPU:        0   CR30: 128740c0 CR31: 00000000
  ORIG_R28: 000003f3
  IAOQ[0]: 0x110d39d0
  IAOQ[1]: 0x110d39d4
  RP(r2): security_sk_free+0x70/0x1a4
 Backtrace:
  [<10d8c844>] __sk_destruct+0x2bc/0x378
  [<10d8e33c>] sk_destruct+0x68/0x8c
  [<10d8e3dc>] __sk_free+0x7c/0x148
  [<10d8e560>] sk_free+0xb8/0xf0
  [<10f6420c>] unix_release_sock+0x3ac/0x50c
  [<10f643b8>] unix_release+0x4c/0x7c
  [<10d832f8>] __sock_release+0x5c/0xf8
  [<10d833b4>] sock_close+0x20/0x44
  [<107ba52c>] __fput+0xf8/0x468
  [<107baa08>] __fput_sync+0xb4/0xd4
  [<107b471c>] sys_close+0x44/0x94
  [<10405334>] syscall_exit+0x0/0x10

Bisecting points to this commit which triggers the issue:
	commit  417c5643cd67a55f424b203b492082035d0236c3
	Author: KP Singh <kpsingh@kernel.org>
	Date:   Fri Aug 16 17:43:07 2024 +0200
	        lsm: replace indirect LSM hook calls with static calls

After more analysis it seems that we don't fully implement the static calls
and jump tables yet. Additionally the functions which mark kernel memory
read-only or read-write-executable needs to be further enhanced to be able to
fully support static calls.

CONFIG_SECURITY_YAMA=y was one option to trigger the issue.

As a temporary solution disable JUMP_LABEL functionality to
avoid the crashes.

Signed-off-by: Helge Deller <deller@gmx.de>
Cc: Guenter Roeck <linux@roeck-us.net>

diff --git a/arch/parisc/Kconfig b/arch/parisc/Kconfig
index aa6a3cad275d..fcc5973f7519 100644
--- a/arch/parisc/Kconfig
+++ b/arch/parisc/Kconfig
@@ -60,8 +60,8 @@ config PARISC
 	select HAVE_ARCH_MMAP_RND_BITS
 	select HAVE_ARCH_AUDITSYSCALL
 	select HAVE_ARCH_HASH
-	select HAVE_ARCH_JUMP_LABEL
-	select HAVE_ARCH_JUMP_LABEL_RELATIVE
+	# select HAVE_ARCH_JUMP_LABEL
+	# select HAVE_ARCH_JUMP_LABEL_RELATIVE
 	select HAVE_ARCH_KFENCE
 	select HAVE_ARCH_SECCOMP_FILTER
 	select HAVE_ARCH_TRACEHOOK

Re: [PATCH] parisc: Temporarily disable jump label support

[Guenter Roeck]

On 1/16/25 12:17, Helge Deller wrote:
> The 32-bit Debian kernel 6.12 fails to boot and crashes like this:
> 
>   init (pid 65): Protection id trap (code 7)
>   CPU: 0 UID: 0 PID: 65 Comm: init Not tainted 6.12.9 #2
>   Hardware name: 9000/778/B160L
> 
>        YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI
>   PSW: 00000000000001000000000000001111 Not tainted
>   r00-03  0004000f 110d39d0 109a6558 12974400
>   r04-07  12a810e0 12a810e0 00000000 12a81144
>   r08-11  12a81174 00000007 00000000 00000002
>   r12-15  f8c55c08 0000006c 00000001 f8c55c08
>   r16-19  00000002 f8c58620 002da3a8 0000004e
>   r20-23  00001a46 0000000f 10754f84 00000000
>   r24-27  00000000 00000003 12ae6980 1127b9d0
>   r28-31  00000000 00000000 12974440 109a6558
>   sr00-03  00000000 00000000 00000000 00000010
>   sr04-07  00000000 00000000 00000000 00000000
> 
>   IASQ: 00000000 00000000 IAOQ: 110d39d0 110d39d4
>    IIR: baadf00d    ISR: 00000000  IOR: 110d39d0
>    CPU:        0   CR30: 128740c0 CR31: 00000000
>    ORIG_R28: 000003f3
>    IAOQ[0]: 0x110d39d0
>    IAOQ[1]: 0x110d39d4
>    RP(r2): security_sk_free+0x70/0x1a4
>   Backtrace:
>    [<10d8c844>] __sk_destruct+0x2bc/0x378
>    [<10d8e33c>] sk_destruct+0x68/0x8c
>    [<10d8e3dc>] __sk_free+0x7c/0x148
>    [<10d8e560>] sk_free+0xb8/0xf0
>    [<10f6420c>] unix_release_sock+0x3ac/0x50c
>    [<10f643b8>] unix_release+0x4c/0x7c
>    [<10d832f8>] __sock_release+0x5c/0xf8
>    [<10d833b4>] sock_close+0x20/0x44
>    [<107ba52c>] __fput+0xf8/0x468
>    [<107baa08>] __fput_sync+0xb4/0xd4
>    [<107b471c>] sys_close+0x44/0x94
>    [<10405334>] syscall_exit+0x0/0x10
> 
> Bisecting points to this commit which triggers the issue:
> 	commit  417c5643cd67a55f424b203b492082035d0236c3
> 	Author: KP Singh <kpsingh@kernel.org>
> 	Date:   Fri Aug 16 17:43:07 2024 +0200
> 	        lsm: replace indirect LSM hook calls with static calls
> 
> After more analysis it seems that we don't fully implement the static calls
> and jump tables yet. Additionally the functions which mark kernel memory
> read-only or read-write-executable needs to be further enhanced to be able to
> fully support static calls.
> 
> CONFIG_SECURITY_YAMA=y was one option to trigger the issue.
> 

Your configuration triggers the problem for me, but I do have
CONFIG_SECURITY_YAMA enabled in my configuration and don't see the problem
there. There must be something else, but I have been unable to figure out
what exactly it is.

Either case, this is better than crashing, so:

> As a temporary solution disable JUMP_LABEL functionality to
> avoid the crashes.
> 
> Signed-off-by: Helge Deller <deller@gmx.de>
> Cc: Guenter Roeck <linux@roeck-us.net>
> 

Reviewed-by: Guenter Roeck <linux@roeck-us.net>

Thanks,
Guenter