libkcapi
libkcapi copied to clipboard
Published
20 hours ago •
smuellerDD
smuellerDD
Set key via keyfd crash system!
exec 10<${TSTPREFIX}gcm_key;
https://github.com/smuellerDD/libkcapi/blob/356bbd748b068c4ca047c117e0bb07f6672968ce/test/kcapi-enc-test.sh#L313
[ 86.632994] BUG: kernel NULL pointer dereference, address: 0000000000000008
[ 86.633071] #PF: supervisor read access in kernel mode
[ 86.633071] #PF: error_code(0x0000) - not-present page
[ 86.633071] PGD 20f5067 P4D 20f5067 PUD 20f6067 PMD 0
[ 86.633071] Oops: 0000 [#1] SMP
[ 86.633071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014
[ 86.633071] RIP: 0010:rb_insert_color+0x17/0x1a0
[ 86.633071] Code: f3 c3 31 c0 c3 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 48 8b 17 48 85 d2 0f 84 58 01 00 00 48 8b 02 a8 01 0f 85 7b 01 00 00 <48> 8b 48 08 49 89 c0 48 39 d1 74 54 48 85 c9 74 09 f6 01 01 0f 84
[ 86.633071] RSP: 0018:ffffb935001ffc40 EFLAGS: 00010246
[ 86.633071] RAX: 0000000000000000 RBX: ffff9b4a06027140 RCX: ffff9b4a02944988
[ 86.633071] RDX: ffff9b4a02944988 RSI: ffff9b4a02944a40 RDI: ffff9b4a06027148
[ 86.633071] RBP: 0000000057137340 R08: 336267786362696c R09: 666e6f632e336267
[ 86.633071] R10: ffff9b4a06027140 R11: 0000000000680102 R12: 000000002a6489b6
[ 86.633071] R13: ffff9b4a02944a40 R14: ffffb935001ffcb8 R15: ffff9b4a3686f050
[ 86.633071] FS: 00007fc1f4cfc700(0000) GS:ffff9b4a7dc00000(0000) knlGS:0000000000000000
[ 86.633071] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 86.633071] CR2: 0000000000000008 CR3: 0000000002939000 CR4: 00000000000006f0
[ 86.633071] Call Trace:
[ 86.633071] ext4_htree_store_dirent+0xbb/0xf0
[ 86.633071] htree_dirblock_to_tree+0xea/0x290
[ 86.633071] ext4_htree_fill_tree+0xb9/0x2d0
[ 86.633071] ? __alloc_pages_nodemask+0x182/0x320
[ 86.633071] ? kmem_cache_alloc_trace+0x3a2/0x3e0
[ 86.633071] ext4_readdir+0x718/0xa50
[ 86.633071] ? __mod_memcg_lruvec_state+0x1f/0x100
[ 86.633071] ? handle_mm_fault+0x11de/0x16c0
[ 86.633071] iterate_dir+0xf7/0x170
[ 86.633071] __x64_sys_getdents+0x87/0x120
[ 86.633071] ? compat_fillonedir+0x160/0x160
[ 86.633071] ? do_syscall_64+0x33/0x40
[ 86.633071] do_syscall_64+0x33/0x40
[ 86.633071] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 86.633071] RIP: 0033:0x7fc1f47da2bb
[ 86.633071] Code: fc ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 57 41 56 48 63 ff 41 55 41 54 b8 4e 00 00 00 55 53 48 89 f3 48 83 ec 08 0f 05 <48> 3d 00 f0 ff ff 77 55 4c 8d 2c 06 49 89 c4 4c 39 ee 73 33 90 0f
[ 86.633071] RSP: 002b:00007fff0222d550 EFLAGS: 00000206 ORIG_RAX: 000000000000004e
[ 86.633071] RAX: ffffffffffffffda RBX: 0000000000e4c160 RCX: 00007fc1f47da2bb
[ 86.633071] RDX: 0000000000008000 RSI: 0000000000e4c160 RDI: 0000000000000000
[ 86.633071] RBP: 0000000000e4c160 R08: 000000000000007c R09: 0000000000000076
[ 86.633071] R10: 00007fff0222d188 R11: 0000000000000206 R12: ffffffffffffffa0
[ 86.633071] R13: 0000000000000002 R14: 0000000000e4c130 R15: 0000000000000000
[ 86.633071] Modules linked in: fcoe libfcoe libfc scsi_transport_fc 8021q garp stp llc rdma_ucm ib_uverbs rdma_cm configfs ib_cm iw_cm ib_core ipv6 binfmt_misc dm_mirror dm_region_hash dm_log psmouse serio_raw e1000 drm_vram_helper drm_ttm_helper ttm drm_kms_helper drm fb_sys_fops sysimgblt sysfillrect syscopyarea sg i2c_piix4 sd_mod t10_pi sr_mod cdrom ata_piix
[ 86.633071] CR2: 0000000000000008
[ 86.652219] ---[ end trace 9edc79d698f4f962 ]---
Am Sonntag, dem 19.09.2021 um 03:20 -0700 schrieb Pavel Vasilyev:
exec 10<${TSTPREFIX}gcm_key;
https://github.com/smuellerDD/libkcapi/blob/356bbd748b068c4ca047c117e0bb07f6672968ce/test/kcapi-enc-test.sh#L313
[ 86.632994] BUG: kernel NULL pointer dereference, address: 0000000000000008 [ 86.633071] #PF: supervisor read access in kernel mode [ 86.633071] #PF: error_code(0x0000) - not-present page [ 86.633071] PGD 20f5067 P4D 20f5067 PUD 20f6067 PMD 0 [ 86.633071] Oops: 0000 [#1] SMP [ 86.633071] CPU: 0 PID: 1580 Comm: modprobe Tainted: G O 5.10.66-1.continent.x86_64 #1 [ 86.633071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 [ 86.633071] RIP: 0010:rb_insert_color+0x17/0x1a0 [ 86.633071] Code: f3 c3 31 c0 c3 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 48 8b 17 48 85 d2 0f 84 58 01 00 00 48 8b 02 a8 01 0f 85 7b 01 00 00 <48> 8b 48 08 49 89 c0 48 39 d1 74 54 48 85 c9 74 09 f6 01 01 0f 84 [ 86.633071] RSP: 0018:ffffb935001ffc40 EFLAGS: 00010246 [ 86.633071] RAX: 0000000000000000 RBX: ffff9b4a06027140 RCX: ffff9b4a02944988 [ 86.633071] RDX: ffff9b4a02944988 RSI: ffff9b4a02944a40 RDI: ffff9b4a06027148 [ 86.633071] RBP: 0000000057137340 R08: 336267786362696c R09: 666e6f632e336267 [ 86.633071] R10: ffff9b4a06027140 R11: 0000000000680102 R12: 000000002a6489b6 [ 86.633071] R13: ffff9b4a02944a40 R14: ffffb935001ffcb8 R15: ffff9b4a3686f050 [ 86.633071] FS: 00007fc1f4cfc700(0000) GS:ffff9b4a7dc00000(0000) knlGS:0000000000000000 [ 86.633071] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.633071] CR2: 0000000000000008 CR3: 0000000002939000 CR4: 00000000000006f0 [ 86.633071] Call Trace: [ 86.633071] ext4_htree_store_dirent+0xbb/0xf0
This is a crash in ext4, not in AF_ALG or the crypto API.
Ciao Stephan
This is a crash in ext4, not in AF_ALG or the crypto API. Ciao Stephan
Same on XFS
Can you please send me the precise invocation - including the input variables and data?